Insurance involves the collection and processing of large amounts of data, and while regulations are evolving to curtail the potential for loss of business, much still needs to happen to reduce, with pressures on the management of risk and the execution of contracts.
Insurance business practices often involve complex interactions between stakeholders (consumers, insurers, reinsurers, brokers), a lack of transparency, a heavy dependence on human intervention to manage processes and a reliance on paper-based contracts. Added to this, are the time delays from the requirement to share data across multiple systems.
These conditions provide opportunities to defraud the industry.
According to the Insurance Information Institute, insurance fraud is a deliberate deception perpetrated against or by an insurance company or agent for the purpose of financial gain.
Common frauds include “padding” or inflating claims; misrepresenting facts on an insurance application; submitting claims for injuries or damage that never occurred; and staging accidents.
In 2020, about 18% of life insurance and personal lines policyholders fell victim to identity theft (account takeovers or application fraud).
Dev Dhiman, GBG managing director of Asia-Pacific (APAC), cites the example of a first-party fraudster submitting exaggerated (padded) claims with doctored documents for claims.
“Insurers can also be exploited by financial criminals who launder large sums of money by buying single premium policies and cashing them out ahead of maturity,” he added.
Joanna Wong, partner and Hong Kong insurance leader for Deloitte, says insurance claims fraud can be grouped into three categories: opportunistic, pre-meditated (or domestic) and network (syndicated or organised).
Opportunistic Fraud: This is the least serious type of claims fraud where the policyholder intentionally inflates or abuses a legitimate claim. For instance, overstating the true value of repair to damage in a claim. For some insurers, this is treated as leakage during doing business rather than fraud.
Pre-meditated (or domestic) Fraud: This is the purposeful claiming of improper insurance claim benefits by an individual, sometimes involving claims made for treatment or damage that did not occur.
Network (or organized/syndicate) Fraud: This is the most serious and sophisticated type of fraud where criminal activities are involved. A group of individuals working together in an organized manner to commit fraud, usually related to staged or fake accidents with activity spread across different insurers.
The ComplyAdvantage report noted that the top three things COVID-19 has put pressure on were increased fraud cases, risk appetite and operational processes.
Leslie Foo, director, core business operations, insurance sector for Deloitte noted that COVID-19 has exacerbated the propensity for fraud to be committed between the various parties.
“The wider impact of increased fraud cases is the disruption to processing of legitimate claims cases and the insurers' risk appetite,” he continued.
The LexisNexis’s 2021 True Cost of Fraud APAC study noted that in select sectors like retail, e-commerce and financial services, the cost per transaction of fraud has risen in 2020 (between US$3.51-US$3.84) compared to 2019 (US$3.40).
Dhiman added that beyond fraudsters exploiting the pandemic-induced economic uncertainty and psychological fears, financial institutions (FIs) in Asia have also reduced their investments in financial crime management tools to bolster their bottom line.
“They instead relied on outdated rule-based systems, with false-positive detection rates as high as 95%, and platforms that lack protection against new fraud typologies and patterns. Combined, these two factors have been driving additional pressure on FIs,” he elaborated.
Challenges to address rising fraud cases
Foo said one of the main challenges for many insurers is that the definition of fraud itself is ambiguous, and hence the handling/management of cases is sometimes ambitious as a result.
“Another challenge is to balance the adoption of technology-based solutions that can assist in identifying fraud red flags while reducing any disruption to the claims process, ensuring that client turnaround times are top of mind and that legitimate claims are not unnecessarily delayed,” he continued.
Dhiman believes that service providers will need to build capabilities to manage increased security challenges accompanying the rapid launch of new digital services like mobile banking and online onboarding.
He asserted that these organisations must also fend against increasingly sophisticated fraudsters who employ new malware for data exfiltration or highly believable phishing campaigns.
“Fragmentation within organisations also hinders real-time information sharing, impeding effective detection while allowing for repeated fraud attacks,” he opined.
Technology to the rescue?
Asked which technologies will likely offer the best assistance in mitigating these risks, Foo believes that effective predictive analytics and assessment are key technologies aimed at identifying fraud risk indicators that allow early flagging and response to any potential fraud incidents.
Dhiman cautioned that financial criminals today are more organised and resourceful than ever, plugged into a global network of seasoned hackers, human psychology experts, and stolen data and funds.
“Technology has a pivotal role in helping FIs stay ahead of fraudsters. With emerging capabilities like automation and self-learning algorithms, it’ll enable FIs to rapidly detect and defend against a large volume of new and complex fraud types,” he added.
But tech alone will not solve all fraud
The massive shift to work from home seen during the first half of 2020 opened new vectors of attack against all business sectors, including insurance. According to Emily Schultz, Senior Claims and Litigation Counsel at Reinsurance Group of America, “remote work brought on by COVID-19 has impacted fraud investigation in many ways as we move from traditional evidence to digital and alternative forms.”
She acknowledged that litigation takes a long time for the effects of these changes to bear out in case law and regulatory decisions.
“Our industry is evolving, and we need to be proactive in identifying and promoting reliable alternative forms of evidentiary truth as traditional forms become inaccessible. This will require educating judges, arbitrators, and regulators on these new forms of evidence,” she continued.
According to Deloitte’s Foo, identification and response to risks need to be driven by a consistent and effective process. This can be augmented through the effective use of technology.
“Coupling the technology with effective and experienced resources is essential in maximizing the levels of robustness in respect of deterring, preventing, detecting, and responding to incidents of suspected fraud. The value of technology would only be realized once the experienced professionals are suitably trained and proficient in the use of such technologies,” he elaborated.
GBG’s Dhiman added that user and customer education cannot be neglected either. He observed that despite employing more high-tech techniques, fraudsters are also increasingly tapping on low-tech, high-psychology tactics such as the use of human farms to launch more natural and seemingly legitimate phishing campaigns.
“As these scams ramp up across Asia, tricking even the digital natives, education remains a critical pillar in the fight against fraud,” he posited.
Best practices for curtailing insurance fraud in Asia
For Foo, it is about improving fraud detection and calling out leading insurers that have begun to invest in different ways to build up their internal capabilities. From the organizational perspective, special investigation units are set up to complement the skills and experience of the claims team.
From the process perspective, fraud detection has been built in as a discipline that is followed from claims submission to settlement. Some insurers may go as far as setting fraud targets or KPIs to ensure that the mindset is adopted by the claims organization.
From a technology perspective, a range of claims management systems enhancements is available for insurers from simple red flags to sophisticated predictive analytics. In some markets where industry-wide claims fraud databases are established, insurers may also adopt external data sources to strengthen the scope and granularity of detection.
Dhiman concurred adding that institutions need a platform that proactively detects financial crime and fraud across all their channels and customer touchpoints, while also providing scalability as application programming interfaces and cloud computing become commonplace in the industry.
Institutions using anti-fraud systems built and managed by in-house teams should evaluate their operating model and enhance their capabilities against the evolving fraud landscape.
Where considerations like time to deliver and customisations are prioritised, buying from, or engaging a fraud management vendor could enhance the robustness and drive efficiencies.
He also emphasised the need for institutions to remain aware of the fraud and cybersecurity trends in other parts of the world and even in other industries. Organisational exploits tend to migrate and spread. By being proactive in defending and mitigating up-and-coming risks, FIs in Asia can be better prepared.
What’s in store in 2022
How should insurers work alongside regulatory bodies to prevent rising fraud?
Deloitte’s Wong acknowledged that each insurer have its own commercial strategy and risk appetite, and many will have well-established fraud controls.
She warned, however, that unless all insurers and their partners pull in the same direction, fraud will simply shift around the market and prevail.
“Therefore, it is essential to combat fraud as an industry, working closely with regulatory and industry bodies who have cross-industry fraud detection and management initiatives and procedures in place,” she concluded.
Dhiman concurred noted that an established common goal to proactively deter fraud and financial losses will be the key to a successful partnership between financial institutions and regulators.
He cited an IDC study commissioned by GBG, we saw that fewer banks and FIs are planning to grow their compliance-related spending (a drop to 79.9% in 2022 compared to 85% in 2021). This is consistent with the observation that fewer FIs are expecting an increase in fraud losses this year (a drop to 58.8% in 2022 from 70.3% in 2021).
“Even as losses seem to decrease, financial criminals will continue to adopt novel and more sophisticated strategies and exploit new vulnerabilities. Banks and FIs must keep in close consultation with regulatory bodies to develop industry-wide frameworks and plans and work towards shared milestones in fraud detection and deterrence,” concluded Dhiman.