A new report by Baltimore’s fraud watchdog found that a program aimed at helping juvenile offenders improperly released confidential records, and it accuses several contractors affiliated with that program of submitting fraudulent bills to the city.
Inspector General Isabel Cumming said the fraud cost taxpayers “thousands of dollars” and she referred her team’s findings to law enforcement.
The investigation
For months, Cumming has been investigating claims of fraud within SideStep, a now-defunct pilot program to help first-time juvenile offenders.
The city said SideStep ended in 2024.
The inspector general spoke to WJZ Investigates in January, outraged that the city abruptly cut off her access to records during this investigation.
The case has only heated up since then.
In her new report, Cumming alleges lax oversight of SideStep, which is part of the Mayor’s Office of Neighborhood Safety and Engagement, or MONSE, the mayor’s signature holistic crime-fighting plan.
Cumming found that taxpayers spent more than $694,000 on 15 contractors to help troubled youth, and at least two of those contractors committed fraud, overbilling Baltimore by thousands of dollars and faking invoices.
Cumming’s report stated her office “obtained the original invoices from the company shown on the receipt. The original invoices showed the actual cost was thousands less than the invoices that CBO 1 had submitted and received payment from MONSE.”
She said she found evidence that the contractor had altered original invoices and submitted them to receive a larger payment.
In her review of invoices by another contractor, the inspector general’s investigators could only verify one of several invoices.
“The company stated they had no records to support the other invoices,” the report noted. “Further, the company provided information that supports that several of the invoices submitted are fraudulent, which amount to thousands of dollars.”
The inspector general worries there could be more fraud, but said she cannot know for sure because the city redacted more than 200 documents she requested.
She declined to talk about the report on Tuesday, citing a lawsuit to regain the same access to information her office had for years prior to this investigation.
In January, Cumming told WJZ Investigates, “How could I possibly do my job? My job is to protect taxpayer dollars. I can’t follow the money anymore because it’s redacted.”
While Cumming has subpoena power, she said the city is treating her like any general member of the public who requests documents through the Freedom of Information Act.
“My office is based on transparency, accountability and integrity, so I’ve been kind of backed into a corner where transparency is what I have, so I wanted the public to know what the financial documents that I asked for looked like,” she said.
CBS News Baltimore
Breached juvenile records
The inspector general’s new report also alleges a MONSE employee improperly emailed a relative confidential information through a personal Gmail account. That included 701 names, most of them juveniles.
“In addition to juvenile names, the diversion table sent contained cases from 2018 to September 2022 with individuals’ date of births and charges,” the inspector general wrote.
Cumming noted under state law, the city is liable for the unauthorized release of protected data.
“This data breach is being referred to law enforcement entities for further investigation,” the report stated. “Diverted youth participating in City programs should receive the maximum protection of their information and assurances that there is oversight of the services being provided to them.”
This comes as MONSE is fighting to access more juvenile records in the General Assembly.
“The only people who would have access to the records are the handful of staff in my office who work on those specific youth cases. This would be maintained in an access-protected database,” MONSE director Stephanie Mavronis told a Maryland House committees on February 26.
In past comments, Baltimore Mayor Brandon Scott insisted the MONSE investigation and inspector general’s access to records are separate issues.
“What happened does not stop the inspector general from doing her investigations,” the mayor told WJZ last month.
Cumming wrote in her latest investigation, “…This report clearly shows why oversight and direct access to City records and emails are necessary to identify fraud and prevent liability to the City.”
MONSE responds
MONSE’s response criticized the inspector general for not providing more specifics about the thousands of dollars in fraud she uncovered.
“Unfortunately, the OIG’s report provides virtually no detail about the alleged instances of overbilling that MONSE could use to review or address the concern. The report does not include the organization’s name, the specific amount, the specific date, or any corresponding information, which is surprising given the OIG has referred this matter for criminal investigation,” Mavronis wrote.
Her response said the agency already began an audit and is working to recoup the funds and noted MONSE is “deeply concerned about the allegations raised in this report.”
The response stated, “This audit is ongoing, with completion expected by the end of the fiscal year. For all of our grant management efforts, we follow established protocol as a City agency in working with the City Law Department to facilitate strong oversight of our partnerships, including in those rare instances where we need to recoup funds.”
MONSE said the employee who allegedly provided the confidential juvenile records no longer works for the city and called the breach “completely unacceptable.”
The response stated, “We are confident that, given the isolated nature of the data-related incident outlined in this report and the improved case management protocols outlined in this and previous responses, there will be no outstanding concerns regarding MONSE’s future ability to access the information necessary to facilitate our work.”
Mavronis said the report’s “findings appear to be isolated incidents driven by individual actions that do not reflect broader systemic concerns with the agency’s work.”
Her memorandum said, “While previous OIG reports have ventured into subjective assessment of the value or success of certain programs or policies, these findings identify incidents of concern that would be difficult to uncover without the assistance of an oversight partner like the OIG. For that support, MONSE is grateful for the OIG’s work.”
Timeline
Cumming provided the following timeline of her office’s efforts to obtain information as part of the investigation:
- October 22, 2025: The OIG requested a list of SideStep program information from MONSE, which included policies, a list of SideStep youth, case plans and notes for youth, copies of completed youth assessments, diversion agreements, SideStep CBO contracts and submitted invoices.
- October 31, 2025: City Law Department responded that the State of Maryland Law makes it a crime for MONSE to release juvenile information to anyone outside of MONSE.
- November 3, 2025: OIG sent an amended request, explaining that the OIG understands the Maryland Code provisions that prohibit MONSE from identifying specific juvenile personal information, including name and date of birth. As a result, the OIG asked for the documents to use case identification numbers instead of any personal identifiable information and the redaction of limited information that would reveal the identification of the juvenile.
- November 4, 2025: City Law Department responded that their interpretation of the law was that any contents from police records MONSE obtained from BPD for the time-limited PILOT program cannot be released, even with a subpoena. DJS suggested the OIG could likely obtain the youth’s case plan information from MONSE with case identifier numbers in place of juvenile names so that no personal information was shared. However, the Law Department’s interpretation did not allow for that.
- November 5, 2025: OIG again amended the request based on the City Law Department’s interpretation. The OIG decided not to pursue the juvenile records further at this time. However, the OIG requested data related to the amount of documentation completed for the juveniles, which included the number of case notes and contacts/meetings per youth.
- December 19, 2025: OIG received MONSE’s answer to the November 5, 2025, data questions that the OIG requested.
- January 16, 2026: OIG received SideStep third-party contractor invoices with more than 200 pages of financial information redacted, including payments made to instructors and contractor employees. To support these redactions, the Law Department did not cite juvenile records as a reason for the redactions. The Law Department made redactions for health information and confidential personal financial information based on the Maryland Public Information Act (MPIA). Names of employees and payments made to individuals were redacted. The Law Department did include some supporting documents and invoices for payments made to companies that were not redacted which allowed the OIG to continue the investigation in a limited manner.
- January 20, 2026: OIG subpoenaed the redacted records from the Law Department. No response has been received to date from the Law Department, and the OIG has filed a lawsuit to enforce the subpoena.
More information
You can read the full response from MONSE here.
You can read the inspector general’s full report here.
