OIG Response:

  We acknowledge that almost none of the numberholders discussed in the 
  report currently receive SSA payments. However, SSA issued each of these 
  individuals a valid SSN and these SSNs could allow for a wide range of 
  potential abuse. 

  [...]

  We also note we initiated our 2015 review upon the receipt of information 
  that a man opened several bank accounts using SSNs belonging to 
  numberholders born in the 1800s who had no death information on the 
  Numident. In addition to being used to obtain employment or open bank 
  accounts, identity thieves can potentially use these SSNs to create 
  synthetic identifies, obtain credit, government benefits, or private 
  insurance.

You fix the system not because of the cost today but because the cost it will eventually cause.

Poor record keeping and bad policies about data validation tied to sending money to people if not today will eventually result in massive fraud.

Furthermore the notion you put forth is trash lazy thinking. Cost or no cost you do things the right way. But I don’t even buy you can calculate the cost of doing it wrong correctly to even have a sound conjecture that fixing it is more costly.

I think the problem they should be considering more acutely is, eventually the number of people trained in that specialized knowledge will go to 0, and they will then be paying the cost to either train more (and the increased risks of less familiar people) or replace the whole thing with no backup plan.

Given the age of the COBOL programmers I know, that window is rapidly shrinking...