`
` Maxim Exhibit 2001 - Groupon, CBM2014-00090 Page 2001-001
`
`
`
`Page 2001—002
`244MAX032705
`244MAX032705
`
`Page 2001-002
`
`
`
`
`
`United States
`General Accounting Office
`Washington, DC. 20548
`
`
`General Government Division
`
`B—256737
`
`May 26, 1994
`
`The Honorable David Pryor
`
`Chairman, Subcommittee on Federal
`Services, Post Office and Civil Service
`Committee on Governmental Affairs
`United States Senate
`
`Dear Mr. Chairman:
`
`This report responds to your request that we review fraudulent postage
`meter activities. Your request followed the Postmaster General's public
`disclosure in 1993 that significant revenue losses had occurred as a result
`of meter fraud. You were interested in knowing (1) how long meter fraud
`had been occurring and whether it involved a specific type or brand of
`meter, (2) what conditions allowed the fraud to occur, and (3) what
`actions the Postal Service is taking to address the problem.
`
`
`
`Over the years, unscrupulous mailers have taken advantage of weaknesses
`in the metered mail program to avoid paying millions of dollars in postage.
`Since 1985, the Postal Inspection Service has closed more than 130 cases
`of meter fraud with documented losses totaling about $25 million. Another
`28 cases were being investigated as of December 1993, potentially
`involving at least an additional $11 million. The variety of fraud schemes
`that have been successfully perpetrated in the meter program—which
`brought in about $21 billion of the $45.7 billion total postage revenue in
`1993—and the significance of potential losses led the Postmaster General
`to state in September 1993 that revenue losses from fraud could be costing
`the Postal Service $100 million or more per year.1
`
`Revenue losses stem from criminal tampering with postage meters,
`counterfeiting of meter indicia, and criminal use of lost or stolen meters to
`produce meter indicia for which postage was not paid. There have also
`been cases involving criminal use of malfunctioning meters to produce
`meter indicia for which postage was not paid. 0f the 1.4 million postage
`meters in use as of November 1993, 636,000 meters (45 percent) made by
`Pitney Bowes and Ascom Hasler are vulnerable to tampering, according to
`the Postal Service.
`
`
`
`lThe Posml Service, in 1993, using available data on mail volume and revenue, estimated that its losses
`from meter fraud could be as high as $171 million annually. However, Postal officials have
`acknowledged that they do not have the data necessary to accurately determine total losses.
`
`Page 1
`
`GAOIGGD-94-l48 Risk of Significant Financial Loss
`
`1
`
`3
`.
`l
`
`;
`
`l
`i
`1
`
`;
`
`Page 2001—003
`244MAX032706
`244MAX032706
`
` -
`
`'
`Results In BI‘lEf
`
`Page 2001-003
`
`
`
`13-25673?
`
`
`
`
`
`The risk of revenue losses from meter fraud are high because of
`weaknesses in meter design and ineffective program controls. The
`physical control devices built into meters—ascending and descending
`registers, lead seals, and key locks—have been circumvented. Also,
`ineffective program controls relating to meter licensing, inspections, and
`management information are not capable of preventing and/or identifying
`fraudulent postage meter activities.
`
`Although the Postal Inspection Service initiated a number of meter fraud
`investigations on the basis of tips, and reported on problems in the late
`19805, Postal Service top management was slow in responding to the need
`for corrective actions. The responsible program office had not been
`adequately staffed, and postal officials said that top management, at the
`time, did not want to potentially hurt customer service by tightening
`controls over meters and metered mail. Postal officials also said that
`
`management did not feel a sense of urgency to make changes in the
`program because they believed the controls, at the time, were cost
`effective considering the few documented cases of meter fraud that
`involved significant losses.
`
`The Postal Service has relied on meter manufacturers to help ensure that
`meters are properly designed and controlled to prevent fraud. However,
`through its testing program, the Postal Service has traditionally placed
`greater emphasis on meter durability than security. Therefore, the
`incentive for meter manufacturers to upgrade security was not as great as
`the incentive to ensure durability.
`
`Recently, the Postal Service has undertaken a number of major initiatives,
`which, if properly implemented, have the potential to improve the meter
`program. For example, it established a high-level management team
`charged with cleaning up the meter program. That team has initiated a
`number of substantive changes and continues to develop other short- and
`long-term changes that will require management’s attention and support
`for many years to correct the problem. These changes range from
`decertifying and/or retrofitting problem meters to developing technology
`that would allow the Postal Service to match postage received with the
`volume of mail processed. Until those changes are fully implemented and
`operating effectively, the Postal Service will not be able to substantially
`reduce the risk of losing revenue to meter fraud.
`
`.
`E
`
`E
`
`E
`
`,
`
`g
`‘
`
`E
`
`E
`
`E
`
`E
`
`Page 2
`
`GAOIGGD-94-l48 Risk of Significant Financial Loss
`
`Page 2001—004
`244MAX032707
`244MAX032707
`
`Page 2001-004
`
`
`
`
`8-256737
`
`Background
`
`'
`
`Objectives, SCope,
`and Methodology
`
`Metered mail is the largest single source of revenue for the Postal
`Servicem-accounting for about $21 billion (46 percent) ofthe postage
`revenue in 1993 and 37 percent (55 billion pieces) of the total mail volume.
`When mailers purchase postage, meters with remote resetting capabilities
`are reset by the meter manufacturers, and meters without that capability
`are reset by postal clerks. Currently, four manufacturers lease Postal
`Service approved meters directly to mailers: (1) Pitney Bowes, (2) Ascom
`Hasler, (3) Friden Neopost, and (4) Postalia. Since the inception of the
`program in 1920, Pitney Bowes has been the dominant manufacturer,
`accounting for about 88 percent of the 1.4 million meters currently being
`used in the United States.
`
`The nature of meters—Le, the capability to print postage—whens always
`made them targets of opportunity for fraud. For this reason, a number of
`device and program controls have been used to help ensure the integrity of
`the meters. Despite these controls, meter fraud has occurred over the
`years.
`
`Additional background information on meters is presented in appendix 1.
`
`Our objectives were to (l) detemune how long meter fraud had been
`occurring and whether it involved a specific type or brand of meter,
`(2) examine the system of controls over meters that permitted the fraud to
`occur, and (3) identify management’s ability to oversee the meter program
`in the past and identify recent management initiatives to address meter
`fraud problems.
`
`To accomplish objectives one and two, we (1) researched the development
`of the postage meter program; (2) reviewed data from existing Postal
`Service audit and investigative reports, including automated files
`containing data on meter fraud investigations that have been closed since
`1985; (3) reviewed the investigative folders for 11 of the most significant
`closed meter fraud cases; (4) interviewed cognizant Postal Service
`headquarters officials; (5) observed metered mail operations at a large
`Postal Service mail processing center; (6) interviewed representatives
`from Pitney Bowes—the dominant manufacturer of meters currently in
`use; (7) interviewed Postal Service managers who are responsible for
`approving meters for use; and (8) interviewed Inspection Service officials
`at the Postal Service crime laboratory who are responsible for examining
`meters when tampering is suspected. To identify the Postal Service's
`corrective actions, we documented, reviewed, and discussed with postal
`
`Page 3
`
`GAO/GGD-94-l48 Risk of Significant Financial Loss
`
`;
`I
`
`=
`i
`'
`
`5
`3
`i
`1
`1
`
`:
`E
`
`i
`
`:
`
`Page 2001—005
`244MAX032708
`244MAX032708
`
`Page 2001-005
`
`
`
`3
`
`;
`i
`‘
`
`'
`
`E
`
`:
`
`3.256737
`
`
`officials and Pitney Bowes representatives the initiatives that the Postal
`Service has under way to address the meter fraud problem. We did not
`evaluate the effectiveness of any of the initiatives.
`
`We did our work from November 1993 to April 1994, in accordance with
`generally accepted government auditing standards. We did our work
`primarily at Postal Service headquarters in Washington, DC.
`
`We requested comments on a draft of this report from the Postal Service;
`Pitney Bowes; Ascom Hasler; Postalia, Inc.; and Friden Neopost. Written
`comments were received from the Postal Service; Pitney Bowes; Ascom
`Hasler, and Postalia, Inc, and are presented and evaluated at the end of
`this letter and reprinted in appendixes V, VI, VII, and VIII. The President of
`Friden Neopost stated he was not providing comments.
`
`
`Since 19gb, the Postal Inspection Service has documented losses totaling
`$25 million in meter fraud cases involving tampering, counterfeiting, using
`The POSta‘l_ SQI'VICG
`lost or stolen meters, and using malfunctioning meters to produce “free"
`Has Expenenced
`Revenue LOSSES From postage. Some cases involved large revenue losses that went undetected
`.
`for many years.
`Various Types of
`Meter Fraud
`
` -
`
`Tampering is typically accomplished by circumventing the key lock, lead
`seal, baffles, and other mechanisms designed to keep someone from
`manipulating a meter's internal mechanisms to print unrecorded “free“
`postage. The Postal Service has determined that mechanical meters are
`more susceptible to indiscernible tampering than electronic meters. The
`high-volume Pitney Bowes R-Line series of mechanical meters has been
`identified by the Postal Service as being particularly vulnerable to
`tampering.
`
`Counterfeiting involves creating a meter mark with anything other than a
`legitimate postage meter. For example, counterfeiting can involve making
`reproductions of legitimate meter marks or creating a die that could be
`used in a high—speed, high—volume mailing operation. An example of a case
`involving counterfeiting occurred in 1987. It involved the owner of a small
`business who used a stencil and duplicating machine to create counterfeit
`meter marks.
`
`Lost and stolen meters are a threat to the Postal Service because about
`
`83,000 meters are not accounted for and are no longer subject to
`inspection. A large-dollar case uncovered by the Inspection Service
`
`Page 4
`
`GAO/GGD-94-148 Risk of Significant Financial Loss
`
`Page 2001—006
`244MAX032709
`244MAX032709
`
`Page 2001-006
`
`
`
`
`13-25673?
`
`
`
`5
`5
`5
`
`3
`'
`5
`5
`
`3
`§
`f
`
`involved a commercial parcel and retail mail establishment that reported
`some meters either lost or stolen but then used those meters—which had
`not really been lost or stolen—in conjunction with parts from legitimate
`meters to print postage that had not been paid for. From 1982 to 1986, this
`scheme deprived the Postal Service of an estimated $2.9 million.
`
`Our review of the meter fraud cases in the Inspection Service’s database
`showed that the five largest cases closed since 1985 involved meter
`tampering. Two of those cases involved meters that were also reported
`lost or stolen. In four of the five cases, Pitney Bowes R—Line meters had
`been used to avoid paying postage totaling about $23 million. The fifth
`case involved another Pitney Bowes model that had been used to avoid
`paying about $1 million in postage.
`
`One case of tampering involved a scheme that went undetected for 17
`years—from 1972 until 1989. A company that had rented 10 R-Line meters
`from Pitney Bowes hired a former Pitney Bowes employee to illegally
`reset the postage value on the meters. The estimated loss for the entire
`period could not be determined, but the Inspection Service estimated that
`between 1984 and 1989, the company avoided paying $3 million in postage.
`
`Revenue losses also occur when meters malfunction. For example,
`sometimes meters reset themselves for the maximum amount of postage
`available on the machine.
`
`The Postal Service has not attempted to hold meter manufacturers liable
`for any portion of revenue lost because of tampering or meter
`malfunctions.
`
`A detailed discussion of meter fraud cases is presented in appendix II.
`
`
`
`MEter 091111.018 Are
`IREffeCthE
`
`An ineffective system of controls, coupled with increased postage rates
`and a growing number of meters in use, created an environment that
`provided both incentive and opportunity to commit fraud. Physical
`controls on the meters to prevent unauthorized access to internal
`mechanisms were often circumvented, and program controls were largely
`ignored or ineffective.
`
`Controls used to protect the integrity of the meters—( 1) ascending and
`descending registers that record used and remaining postage and (2) lead
`seals and key locks that limit access to the internal workings of the
`
`Page 5
`
`GAOIGGD-94-148 Risk 01’ Significant Financial Loss
`
`Page 2001—007
`244MAX032710
`244MAX032710
`
`Page 2001-007
`
`
`
`13—25573?
`
`meters—are no longer reliable control devices. The internal registers can
`be manipulated in a way that allows the mailer to get “free” postage and
`leave no readily identifiable signs that the meter has been compromised.
`
`The lead seals and key locks have also become obsolete. This was pointed
`out by both the Inspection Service and the metered mail task force that
`was established in 1991 to examine the metered mail program. Lead seals
`are available commercially and can be removed and replaced without
`detection. Also, the Inspection Service believes—on the basis of audits at
`57 post oflices in the New England area1 which showed that 92 of 285 total
`keys could not be accounted for—that a significant percentage of the
`129,000 keys that have been issued nationwide are missing.
`
`Postal Service program controls are also ineffective. The current licensing
`application process allows a customer to obtain a meter license without
`any comprehensive verification of the information stated on the
`application. Additionally, existing licensing procedures do not provide
`detailed information about the mailers, their businesses, or their mailing
`practices.
`
`Also, the Inspection Service and the metered mail task force have reported
`that the procedures for verifying the legitimacy of metered mail indicia are
`ineffective and/or widely ignored. These verification procedures call for
`visually inspecting a sample of metered mail quarterly. But this control
`cannot fulfill its intended purpose because visually identifying quality
`counterfeit meter marks is impossible, and meter indicia on the mail are
`often unreadable. In addition, the control cannot identify instances where
`indicia dies have been removed from legitimate meters and used on lost
`and stolen meters to print “free” postage. The effectiveness of the
`quarterly verification process is further compromised because data on lost
`and stolen meters are inaccurate.2
`
`The Postal Service’s efforts to manage the meter program have been
`further hindered by a lack of basic data necessary to identify how much
`revenue was received for a given volume of mail handled—Le, the Postal
`Service is unable to determine whether mailers have purchased sufficient
`postage to cover their mail. In addition, the Postal Service does not
`maintain data that identify high-risk mailers. That information must be
`obtained from the meter manufacturers.
`
`2On April 11, 1994, Postal officials informed us that they will discontinue using the quarterly
`verification process as a means for verifying the legitimacy of metered mail indicia In its place, the
`Postal Service will be statistically sampling metered mail and comparing itto an automated list of lost
`and stolen meters.
`
`i
`.
`i
`g
`
`l
`
`.
`
`'
`
`i
`
`i
`'
`
`Page 6
`
`GAOIGGD-94- 148 Risk of Significant Financial Loss
`
`Page 2001—008
`244MAX032711
`244MAX03271 1
`
`Page 2001-008
`
`
`
`
`
`3-256737
`
`;
`‘Z
`
`3 i
`
`g
`5
`g
`
`5
`
`;
`
`_
`.
`'
`
`1
`
`
`
`The overall lack of control over metered mail is no secret among mailers.
`In May 1993, the Chief Postal Inspector asked several major mailer
`associations to help identify ways the Postal Service could be cheated out
`of revenue. They identified meter fraud as one of the primary methods.
`
`A detailed discussion of the system of controls is presented in appendix
`[IL
`
`
`
`
`Management was slow in responding to problems identified by the
`Inspection Service and failed to establish an appropriate structure with
`Managemean—Ias
`sufficient staff to effectively oversee program operations. Recently,
`Recently 11111313,th
`ShOI't- and Longjl‘em however, the Postal Service began taldng numerous actions to deal with
`Progr
`meter fraud.
`am
`Improvements
`Begmm''ng in the mid-19805, serious shortcomings with the metered mail
`program began to surface, In 1985, the Inspection Service began
`systematically documenting the results of its meter fraud investigations.
`By the end of 1989, the Inspection Service had documented about 60 meter
`fraud investigations and had reported to management that the present
`system and procedures for controlling postage meters and metered mail
`revenue were not adequate or effective. In 1990, the Inspection Service
`also reviewed 24 of the largest mail processing facilities in the nation to
`determine the effectiveness of quarterly verifications of metered mail.
`They found that only 11 facilities, less than one-half, were doing the
`verifications as prescribed.
`
`Despite these warning signs and the substantial revenue at risk, Postal
`Service management was slow to act. It was not until 1991 that
`management began to examine the metered mail program by organizing a
`task force. That task force reported in 1992 that the management of the
`meter business at Postal Service headquarters was significantly
`understaffed and lacked the appropriate structure for effective oversight
`and program direction. The report noted that the day-to—day management
`of the multibillion dollar metered mail program was left to one director
`and five staff members, all of whom had other responsibilities.
`
`As of March 15, 1994, the Postal Service had taken some actions and was
`planning to take other actions to improve management and controls over
`the meter program. Other possible actions were also being considered at
`that time. Postal officials acknowledge, however, that many of the changes
`needed are expected to take many years to develop and implement
`
`Page 7
`
`GAOIGGD-94-1 48 Risk of Significant Financial Loss
`
`Page 2001—009
`244MAX032712
`244MAX032712
`
`Page 2001-009
`
`
`
`
`13-25673?
`
`
`
`The primary step taken by the Postal Service to improve the management
`of the meter program was to create, in early 1993, a high-level management
`action team. The team comprises two groups: an oversight group of vice
`presidents and a working group of managers. The team has developed
`some new initiatives to improve controls over the metered mail program
`relating to meter technology, meter licensing procedures, and lost and
`stolen meters. For example, the Computer Science School of Carnegie
`Mellon University is under contract to (1) explore new technologies for
`second-generation meters that would not be susceptible to tampering,
`(2) develop performance criteria that the Postal Service can use to
`evaluate future metering systems, and (3) evaluate the security of all
`models of electronic meters previously authorized by the Postal Service.
`
`Postal management is also taking steps to modify the 636,000 meters most
`susceptible to indiscernible tampering.3 The Postal Service is requiring
`that all these meters be modified, with top priority going to those meters
`operated in third-party mailer operations. Third-party mailers prepare
`mailings for other businesses. Modifications are expected to be completed
`within 4 or 5 years. In addition, Pitaey Bowes has been notified that its
`R-Line meters will no longer be certified for use after January 4, 1995.
`According to Postal officials, the meters could not be decertified
`immediately because of the time and money required for customers to
`convert to another metering system.
`
`Other key improvement initiatives being implemented include
`
`developing a new meter accounting and tracking system that would
`centralize record keeping and could ultimately be used in determining, for
`each individual meter, the volume of mail imprinted and the amount of
`postage paid;
`enlisting the services of Carnegie Mellon University to help in the technical
`evaluation of electronic meters;
`updating test specifications for the design and manufacture of meters with
`more emphasis on security;
`testing a new polycarbonate seal, which cannot, like lead seals, be easily
`removed from meters without detection;
`exploring with Carnegie Mellon new ways to secure postage meters using
`an electronic access system instead of keys;
`
`3
`
`E
`
`i
`'
`
`
`
`alndiscernible tampering is not detectable during routine periodic examinations and sometimes cannot
`be detected under laboratory analysis.
`
`Page 8
`
`GAOIGGD-94-l48 Risk of Significant Financial Loss
`
`Page 2001—010
`244MAX032713
`244MAX0327 1 3
`
`Page 2001-010
`
`
`
`M1
`
`3-25673?
`
`
`
`Conclusions
`
`- expanding the meter license application to provide more detail and
`making local post offices responsible for verifying applicant information;
`
`.
`
`revising the procedures manufacturers must follow in tracking down and
`reporfing lost and stolen meters.
`
`The Postal Service is also considering
`
`.
`
`imposing a number of administrative sanctions on meter manufacturers
`who fail to fully discharge their responsibiiities in producing secure
`meters or who fail to perform other administrative requirements, such as
`conducting periodic inspections and accounting for all meters, including
`those lost and stolen; and
`- holding the manufacturers financially responsible, in part or whole, for
`meter designs that are susceptible to tampering and that result in lost
`revenue to the Postal Service.
`
`A detailed discussion of the management of the meter program is
`presented in appendix IV.
`
`—‘—-------—--———-——-—-—H—
`
`Sustained management attention to establishing adequate control over
`metered mail is necessary to reduce the Postal Service’s exposure to the
`risk of substantial revenue losses. Metered mail represents about 46 cents
`of every dollar the Postal Service collects in postage. Meters are used to
`print postage, which is a marketable, liquid asset. However, much of the
`control over meter activities has resided with firms outside the
`
`government, namely meter manufacturers. The Postal Service recognizes
`that it needs to gain greater control over meters and is preparing to do so.
`The Postal Service is undertaking a number of short- and long-term
`initiatives, including improving various aspects of the meter program, such
`as meter technology, meter licensing procedures, and the identification of
`lost and stolen meters.
`
`Those initiatives and others, if properly implemented, appear to have the
`potential for improving the meter program in the long run. However, the
`effectiveness of the meter program will hinge on management‘s sustained
`attention to substantially reducing the risk of meter fraud. This includes
`maintaining accountability for meter program operations, ensuring that
`the technology and security employed in meters are effective, and working
`to establish and maintain an adequate system of controls for deterring and
`detecting meter fraud.
`
`Page 9
`
`GAOIGGD-94-l48 Risk of Significant Financial Lola
`
`,
`l
`
`1
`
`i
`
`:
`
`4
`
`Page 2001—01 1
`244MAX032714
`244MAX0327 14
`
`Page 2001-011
`
`
`
`
`
`15-25 6737
`
`-
`RECOIIlIflGIldathIlS
`
`Given that the Postal Service has many initiatives under way, we are
`making no recommendations at this time.
`
` L
`The Postal Service, in commenting on a draft of this report, acknowledged
`5
`Agency and Meter
`weaknesses in its meter program and expressed confidence that the broad
`§
`Manufacturers
`array of short- and long-term initiatives it is vigorously pursuing will
`2
`Comments and 0111'
`significantly strengthen the program. As we stated earlier in this report,
`the initiatives appear to have the potential for improving the meter
`program in the long run. The Postal Service’s comments are included as
`appendix V.
`
`Evaluation
`
`Pitney Bowes said that we reported facts without providing proper
`perspective or context. Pitney Bowes cited four specific points. First,
`Pitney Bowes stated that we had not put revenue losses from meter fraud
`into proper perspective. It indicated that the metered mail system is
`among the most secure revenue collection systems in existence, with
`known losses equating to less than 2/10th of 1 percent of total meter
`revenues collected. Considering the documented weaknesses in the meter
`program’s system controls, we believe it unwise to assume that the only
`losses are those that have been identified and that more effective controls
`
`are not needed unless more significant losses are identified. The present
`system of controls does not provide reasonable assurance that the
`objectives of the systems will be accomplished.
`
`Furthermore, known losses were not discovered by the system of internal
`controls; most were brought to the Postal Service's attention through
`outside sources—informants. Our report showed that the security of the
`metered mail program and the total revenue lost due to fraud could not be
`determined.
`
`Second, Pitney Bowes said that while the report noted that 555,000 of its
`meters are vulnerable to tampering, the report failed to point out that
`approximately 75 percent of those meters are operated by small
`businesses, in low-risk environments, whose average output is 20 letters
`per day. Pitney Bowes said these businesses lack the financial incentive to
`compromise the system because their metered mail averages less than
`$6.00 per day. Pitney Bowes further said that fewer than 2,700 of its meter
`customers fall into the “high-risk” category.
`
`As pointed out earlier in this report, producing meter indicia is done in the
`mailer's uncontrolled environment and without an audit trail. Therefore,
`
`Page 10
`
`GAOIGGD-94-l48 Risk of Significant Financial Loss
`
`Page 2001—012
`244MAX032715
`244MAX032715
`
`Page 2001-012
`
`
`
`15-25673?
`
`
`
`
`
`
`
`the Postal Service is heavily dependent on the physical integrity of meters
`to help ensure that revenues are not being lost through fraudulent
`activities. However, the Postal Service does not have that assurance with
`about half of the meters currently in use—those known to be susceptible
`to indiscernible tampering.
`
`We also disagree that small businesses, by definition, lack the financial
`incentive to compromise the meter system. In fact, most of the meter fraud
`cases documented by the Inspection Service involved small businesses.
`Additionally, fraud schemes in small businesses can be well concealed and
`difficult to detect because the number of individuals involved in the
`scheme may be few—perhaps only one person. We do not believe it would
`be prudent to assume that low-volume meter users are immune to fraud.
`All mailers using meters have financial incentive to reduce mailing costs,
`and the system has been inadequate in preventing meter fraud.
`
`Third, Pitney Bowes indicated that most of the meters on the lost and
`stolen list pose no serious threat to Postal Service revenue because a
`significant proportion of the entries on the list represent “record
`discrepancies” due to unprocessed paperwork or are reflective of meters
`that have been lost in fires, floods, or earthquakes. Pitney Bowes also
`pointed out that the population of lost and stolen meters is an
`accumulated total of more than 70 years of postage meter history.
`
`We believe the threat from lost and stolen meters should not be
`
`underestimated, even if some of the entries on the lost and stolen list
`represent “record discrepancies” or meters that were lost in fires, etc. For
`example, in one fraud case, six meters that were considered lost or stolen
`were used to defraud the Postal Service of more than $2.9 million.
`Potential losses from thousands of other unaccounted-for meters
`represent a substantial risk to the Postal Service. Also, of particular
`concern is the growth of the number of meters reported lost or stolen. In
`the last 5 years, more than 30,000 new entries have been added to the lost
`and stolen list. Furthermore, the Postal Service is so concerned about lost
`and stolen meters that it is considering financial sanctions against
`manufacturers who fail to meet Postal Service standards for tracking and
`reporting lost and stolen meters.
`
`Fourth, Pitney Bowes took issue with a statement in the draft which
`indicated that meter manufacturers lacked the same financial incentive to
`improve security as they did to improve meter durability. Pitney Bowes
`said its record bore evidence to its security commitment.
`
`Page 11
`
`GAO/GGD-94-l48 Risk of Significant Financial Loss
`
`,
`;
`5
`i
`
`!
`
`1
`E
`‘
`
`;
`
`Page 2001—013
`244MAX032716
`244MAX0327 1 6
`
`Page 2001-013
`
`
`
`—_______._._._.,_._._._._._______——__—.__——————u-_———-——w———
`13-25673?
`
`
`
`We do not doubt Pitney Bowes’ commitment to producing secure postage
`meters. However, because the Postal Service identified 555,000 of Pitney
`Bowes’ 1.2 million meters as susceptible to indiscernible tampering, we
`believe considerably more needs to be done to ensure the security of
`meters. Nevertheless, we revised our report to emphasize that the Postal
`Service, through its testing program, placed greater emphasis on meter
`durability than security. In turn, the Postal Service’s emphasis on
`durability did not provide the manufacturers as great an incentive to
`upgrade security as to ensure durability. Pitney Bowes' comments are
`included as appendix VI.
`
`Ascom Hasler said that it was essentially in agreement with the
`observations we made in the draft report. However, it said that there was
`another issue it believed needed to be discussed. It said that meter fraud
`
`is, to a great extent, the result of outdated meters, which do not employ
`new technology that would make tampering much more difficult. It said
`that a permanent solution to meter fraud lies with new technology meters
`“...armed with state-of-the—art fail-safe security devices..."
`
`Ascom Hasler also said that although new technology is well within the
`reach of meter manufacturers, it is not being adequately developed
`because of existing patents, which prevent the introduction of
`technological advances. Although our report concludes that the
`effectiveness of the meter program will depend on, among other things,
`effective meter technology, an examination of industry patent practices
`was outside the scope of our review. Ascom Hasler’s comments are
`included as appendix VII.
`
`Postalia also commented on problems caused by patents. It said that meter
`technology has not produced state-of-the-art security because existing
`patents restrict competition and prevent the marketing of more modern
`and secure systems. As previously noted, we did not review industry
`patent practices. Postalia's comments are included as appendix VIII.
`
`The President of Friden Neopost told us on May 3, 1994, that he saw no
`problems with the draft report and therefore would not be providing
`written comments.
`
`a
`
`i
`
`i
`
`As agreed with the Subcommittee, unless you publicly announce its
`contents earlier, we plan no further distribution of this report until 15 days
`from the date of this letter. At that time, we will send copies of this report
`
`Page 12
`
`GAO/GGD-94-l48 Risk of Significant Financial Loss
`
`Page 2001—014
`244MAX032717
`244MAX032717
`
`Page 2001-014
`
`
`
`3-256737
`
`
`
`to the Postmaster General; the President of Postalia, Inc; the President of
`Ascom Hasler, the President of Fn‘den Neopost; and the Vice President,
`Worldwide Postal Affairs, of Pitney Bowes and will make copies available
`to others upon request.
`
`Major contributors to this report are listed in appendix Di. If you have any
`questions about this report, please call me on (202) 5128387.
`
`Sincerely yours,
`
`Wj/imééére
`
`J. William Gadsby
`Director, Government
`Business Operations Issues
`
`’
`
`n
`g
`
`i
`
`5
`
`Page 13
`
`GAO/GGD—Qi—lfl Risk of Significant Financhl Loos
`
`Page 2001—015
`244MAX032718
`244MAX0327 1 8
`
`Page 2001-015
`
`
`
`
`
`Contents
`
`
`
`Letter
`
`
`.
`Appendlx I
`Background
`
`
`1
`
`
`16
`
`Appendix II
`"ce
`Th P tal Se
`I'Vl
`8 OS
`_
`Has Experienced
`Revenue Losses From
`Various Types of
`Meter Fraud
`
`:2
`AppendixIII
`1
`ff
`ti
`c 1111)
`'
`U d' Mte
`IIB 8C V8 on 0
`BVICBS Se 1n
`Meter 091111018 Are
`Ineffective Program Controls
`27
`Ineffectlve
`
`
`.
`.
`.
`.
`Inspectlon Semce Has Identified Four Categones of Fraud
`Some Fraud Cases Involved Large Revenue Losses and Went
`Undetected for Many Years
`
`e IS
`
`1: M t Fr
`tAtte ti
`M
`anagemen
`n on 0
`e er
`Initiatives to Improve Controls
`
`Appendix N
`ManagementHas
`Recently In1t1ated
`Short-and Long—Term
`Program
`Improvements
`
`
`
`(1
`
`au
`
`22
`22
`24
`
`31
`32
`
`a
`'
`
`E
`;
`g
`‘
`:
`E
`E
`E
`l
`
`E
`
`é
`
`l
`
`1
`
`;
`
`Appendix V
`Comments From the
`.
`Postal Servrce
`
`
`37
`
`Appendix VI
`Comment