Spotlight on Fraud

Imam Hoque, Chief Technology Officer for Detica NetReveal, talks about spotting claims fraud

What are some of the trends in claims fraud?
Fundamentally, it is still the same old frauds being committed – it’s just in slightly new ways. What I think we do see, though, is the way in which people perpetrate these crimes; how sophisticated they are. They make them look like perfectly normal claims. I think what we are seeing, unfortunately, is an impregnation of more organization into it. When you get to that organized level, what happens is you get people orchestrating it very carefully, you get all the learning being centralized and you get a much more sophisticated form of fraud, which looks even more normal so it becomes harder and harder to see what is abnormal. Effectively hiding what is an emerging industry in its own right with escalating volumes.

Is fraud migrating to different types of insured properties?
If you push down really hard on insurance fraud in one area, let’s say auto-based fraud, then it will pop up somewhere else. My prediction is that in the auto space area you are going to see a move toward fraud against commercial carriers. Private auto insurers have caught onto accidents between two parties, or one party, that are scams. If I’m a fraudster, I know the private insurer is looking out for this, so I choose to perpetrate it with a bus or a van or a delivery service. A delivery service driver might not be paying that much attention to what happens at the accident. Have commercial insurers got the same level of protections on their systems? No, probably not. I think this move from private into commercial is because the matching required to detect fraud is harder as soon as you introduce commercial entities. It might be a different driver in a different vehicle. There are so many variables.

Is identify theft playing a role in claims fraud?
One of the scams that we see with life insurance involves illegally extracting money from policies. How often do people really look at that policy? You just pay into it every year or every month and you expect 25-50 years later that you take out a cash sum or you convert it into an annuity. However, as an identity fraudster, what stops you ringing up the life insurance company claiming to be the person, making a change to the address, and then a few years later, (making) a change to something else and then notifying them of a new bank account and asking them to withdraw 20 percent of the policy? There are cases like that where the life insurance companies made that payment without even realizing it wasn’t the original policyholder. It was somebody else wearing their identity by obtaining rough details about this person through records or databases or through insiders. Now as the customer whose policy is being defrauded, I’m unlikely to notice this until I look at my life policy. It’s a time bomb situation. No one realizes it until years later.

Are there measures financial institutions can put in place to prevent identity fraud?
One method that is growing in popularity is to ask the kinds of questions an identity fraudster can’t possibly know from dumpster diving. Like an address from five years ago, a second named driver from years ago, a previously owned car. You think about the data the insurers have. Everything I just said, they’ve got. 

From a technology standpoint how do insurance companies keep up with the changes, keep up with the criminals?
The key is to keep updating the rules, models and systems for analyzing a claim. To know what the rules are you’ve got to know what the modus operandi is of the fraudster. If you can spot how they’ve changed their methods, that’s a great opportunity for you to improve your rules and models. Take staged auto accidents. There’s been a slight change in the modus operandi. It used to be staged accidents between two parties, both involved in the fraud. The big change that is happening – and insurers are literally just picking up on it – is that staged accidents are turning into induced accidents. In the induced accident, the actual policyholders themselves are not fraudsters; they are the unfortunate people that drive into the back of the vehicle that has suddenly stopped. So you’ve only got one fraudster here. The person who holds the policy is the person that the insurer has the most data on. The person who is making a claim because you – the victim – ran into the back of them is “the third party.” The insurer doesn’t typically see that detail before it is passed through a lawyer and the lawyer says my party has a claim for neck injuries, his name is “x” and a few details. You don’t get the full picture. So that very subtle change from staged to induced is a classic example of how insurers need new approaches to detect frauds. Your old rules will only find staged accidents. So spotting new emerging fraud is really about being on top of your game, being able to automatically build and score networks of relationships within the data and use network diagrams to rapidly understand what is going on.

How do policy and procedure changes affect the current and the future trends in claims fraud?
If there’s one thing I would advise an insurer to do (it) is to accurately capture the known outcomes and link these records into the network of customer data. Say I investigate a person and they turn out to be fraudulent or suspicious, but I don’t go any further because there wasn’t enough evidence. If that person is a fraudster and gets away with it, they will try the same thing again. After all, they have just worked out the boundaries of your system – and that you didn’t catch them. If you don’t capture your known outcomes, there’s no way of matching or linking this data with other customers and seeing if you’ve got that same person coming back. That’s one reason to build these records into matched and networked databases of customer data.

The second reason to capture known outcomes is because of the potential to use them in predictive analysis. If you don’t do it, you can’t train the predictive model to better predict which claims are fraudulent. Often, investigators don’t see the value in a known outcome. To get the value out of it, you’ve got to put it into the system so you can see how things fit together. For instance, you might be able to see everyone at a specific address and what issues have come up with their claims.

Is there anything an insurer can do before issuing a policy?
You definitely want to use predictive analytics to look at customers before they are insured – don’t leave it ‘til claim time. If you can check at policy inception, you save so much cost of writing a policy out and then canceling it later. Imagine the scenario where you may be just about to insure a person who is linked into a social network with two previous known fraud outcomes. It would be good if more insurers shared data – although that can be difficult. In the UK, we do it quite extensively, so it’s very powerful. Big insurers are not that keen on sharing the data because they think they have an advantage by having so much of the data, but I think as an industry if you don’t share data, the fraudsters just go from insurer to insurer without fear of getting picked up.

How does predictive analytics and automating the process of finding potentially fraudulent claims benefit business?
If you’ve got an automated system that can score a claim based on factors generated through predictive analytics, look at the full history for that customer and also analyze the social network this claim is connected to – by address, name, credit card information – you should be able to quickly figure out whether this claim can be paid. Particularly if you have captured your outcomes and known frauds are linked into these social networks. That is important for customer service. But you can only do that if you’re confident about your triage system not letting in frauds or bad guys, or claims linked in some way to frauds. So that triage system has to be the pinnacle of accurate scoring as far as the insurer’s concerned. In the UK, insurers are coming to a point where they pay claims literally on the phone as far as pushing the button and money’s going to appear in the customer’s account. The other aspect that benefits the business is pricing. The more fraud you can find, the more costs you can save; the more costs you can save, the cheaper you make the policies. If you can get your fraud down, you can set your prices lower than everyone else – and that wins business.

What are some innovations for creating reliable triage systems?
Text mining is definitely coming into its own. SAS already has the technologies and we’re rolling it into the first implementations we’re doing with Detica and SAS®. With text mining, you can’t do it in isolation, you need to analyze it and build a score. To look for fraudulent fender crashes, you might use text mining to look for scripted comments. It’s a little suspicious if everyone says the exact same thing. Scoring by geography is another factor. For instance, say you’re getting claims in for flood damage from an area hit by a hurricane and you get a claim in from someone. None of the neighbors, though, have made a claim. That would raise suspicions. We’ll see that kind of analysis increasing. Voice-stress analysis on audio is available, although that’s not cheap.

Information intelligence specialist Detica Group plc and SAS have teamed up to offer an advanced fraud management solution to US banks and insurers. SAS® Fraud Management: Network Investigation and Analysis powered by Detica NetReveal® is built on a foundation of SAS Business Intelligence platform, analytic software, Detica NetReveal® fraud detection and investigation solution, and the financial services and fraud management domain expertise of both partners.

The crime-busting capabilities of Detica NetReveal® grabbed headlines over the summer when the UK’s Insurance Fraud Bureau announced that the software had enabled it to expose organized insurance fraud networks leading to 74 arrests and a significant return on investment in the Bureau's first year. Detica NetReveal® is now being used by many of the UK’s largest banking and insurance companies, as well as leading government, law enforcement and telecommunications organizations, to detect and investigate organized fraud. Existing customers have seen a tenfold reduction in false alarms and a tripling in investigator efficiency.