The insurance industry in its virtually endless battle againstfraudulent claims and other scams is increasingly relying on moresophisticated varieties of technology to winnow out crime, expertssay.

Insurers, according to industry professionals, are turning toclaims scoring technologies to evaluate potentially fraudulentclaims, and to predictive modeling to help identify in advance thetypes of claims that may be suspicious.

Front-end fraud detection tools, for example, will flag claimsat initial point of collection, then evaluate them based on ascoring mechanism early in the claims process, said Greg Powers,vice president of sales and business development for InnovationFirst Notice, based in Newton, Mass.

Such tools utilize a rules-based engine--a technology that givescarriers the capacity to automate a rule set (if x, do y), heexplained. One rule might specify that if the claim is filed within30 days of inception, it should be flagged and passed to theinsurer's special investigation unit.

"Or if the home address is a P.O. box, flag it; or put 30 or 40scenarios into a scoring module and set a threshold by account,jurisdiction, line of business, and let the application automatethe scoring of the claim," he added.

"At the end of the phone call, I will have a score," he noted."It happens automatically up front. If you set a fraud threshold ata score of 50 and you get 60, it will be routed to the SIU."

If a claim submitted via the Web is a fast-track claim and flagsare raised, that may automatically jog a company to make the phonecall to the applicant, Mr. Powers noted.

"If a claim is lighting up criteria that would lead to SIUattention, you may want to ask additional questions to furtherqualify referral to the SIU and to provide a potential warning tothe applicant that if this is a suspicious claim, it may be cutoff," he added.

Predictive modeling adds capabilities to the benefits ofrules-based engines, he noted.

"Modeling technology looks at more data sources and outsidetrends, as well as relationships and patterns among different datamarts," he said. "It's like a giant funnel [through] which you pourvariables into a system to take a closer look at the data, thenstatistically analyze it with algorithms that are not usually partof rules engine."

The "rub," he added, is that "you need to be constantly tuningthe data set, which needs to be updated by experts," noting thattypically there is a quarterly evaluation of SIUs that looks at"recovery dollars per referral" as well as rate of success.

Modeling based on historical claims is often effective, but itis not good at predicting future trends and can't adapt toreal-time changes in fraudster tactics, according to ScottFitzgerald, director of global business development for Austin,Texas-based Infoglide Software, which markets identity detectiontechnology.

"Claims scoring has the same problem," he noted. "The rules arebased on SIU experience and what they have seen. Claims analystsand SIUs have to be on top of what is happening in fraud, and theyhave to inform IT [information technology] in order to update thosetechnologies."

While these technologies have nonetheless "worked fairly well,"Mr. Fitzgerald pointed out that "as we have moved into the morerapid world of the Internet, there is less and less time to createmodels and react to what is happening." Insurers, he said, are"looking for ways to make better decisions, faster."

The key, said Mr. Fitzgerald, is that "insurers need to get moreinformation on who they are dealing with. We know less aboutcustomers than we once did." That situation, combined with theconvergence of companies and the buildup of data across silos andapplications in large insurance companies, has served to makeinformation gathering a more difficult task, he noted.

"You have to warehouse all that data in one place for analysis,and that is a huge undertaking," he stated. "There is a lot ofinformation insurers have in their databases that they don't evenknow they have."

As a result, he added, a company may take in customerinformation in one line of business without knowing aboutpre-existing information on the same customer in anotherrepository.

"Insurers need to look across all their data silos and find outall they know about this person," said Mr. Fitzgerald, adding thatthis is particularly important to screen for what he called"manipulations" of data with fraudulent intent.

"For example, today I am William Bradford and I live at 123 MainStreet. Tomorrow, I am Bill Bradley at 123A Main Road. It's easyfor a person who is trying to game the system to get three or fourpolicies and file multiple claims for the same incident," henoted.

If caught, such criminals could simply say that the companyheard them wrong when taking down the information, he said, addingthat "we must be able to identify manipulations--we have seen quitea bit of that."

In addition, changing one's name or address slightly may cause ared flag on a claim to "stop popping up," thus allowing apotentially fraudulent claim to proceed. "Companies are not able tolook back and see that the person has applied four times.Technology has to be able to detect those things," he stated.

Mr. Fitzgerald said such problems have given rise to thedevelopment of "identity resolution"--technology that helpscompanies identify "who's who and who knows whom."

Identity resolution, he added, "is being able to detect thosemanipulations and bring together all instances of this personacross data silos in the enterprise. You at least have to be ableto flag the information and present it to a human who can make ajudgment."

Insurers, he said, "don't really understand that this stuff isgoing on. They're still caught up in the identity theft problem.You have to establish someone's identity, but how much leeway areyou giving to variations of that identity? The variations could belegitimate, but the software should be able to understandthat."

According to Mr. Fitzgerald, "there is technology out there thatcan do identity resolution. It's just a matter of education andapplication by insurance companies."

Another important point, he said, is that it is unreasonable torequire insurers to extract and transform a lot of data, becausethey may lose forensic evidence in the process.

"You need to be able to leave everything in place but provide aservice within your IT environment that can look across databasesand identify possible manipulations," he explained.

Computer Sciences Corp. recently rolled out an antifraud productthat combines three "engines"--predictive modeling, ID searchingand business rules--according to Lewis Rogers, director of productdevelopment, based in Blythewood, S.C.

As claims come through CSC's "Fraud Evaluator," they areconverted into ACORD XML and run against a predictive modelingapplication that includes data on previous claims found to befraudulent, he explained.

The identity searching engine then compares the informationagainst multiple data sources, including Post Office boxes andwatch lists from other sources such as police organizations.

Next, the business rules engine, which is customized by theuser, comes into play. "We work with customers to get the rules setup within the system," he said. "We build the rules and attachscores to that. We're not relying on just one technology toidentify fraud, because people that commit fraud may know what toavoid or how to hide their identity or know what your rulesare."

Each engine enters a score, which is measured against athreshold that the company sets. If that threshold is exceeded,there would be an automatic referral of that claim to SIUs.Supervisors in the SIU can triage input using the scores and candrill down on information, explained Mr. Rogers.

"Any time something on the claim changes, it will be rescored. Ihave seen a claim rescored 78 times, then on the 79th time, itflagged a problem," he recalled. "If you're talking about a[criminal] ring being involved, someone could branch off and dosomething they're not supposed to, or use a vendor they're notsupposed to. Or maybe a vendor gets added to the watch list later.That will pop up."

When it comes to measuring the effectiveness of antifraudtechnology, Mr. Powers pointed out, people and processes are oftenimportant.

"Simply adopting these technologies and being public about theirdeployment will deter some [fraudsters]," he said. "Other carrierswill not [publicize their use of the technology], because they areafraid of being accused of being too aggressive in identifyingfraudulent scenarios.

"All of them will say they are ensuring a uniform and consistentobjective fraud screening process," he continued, "but there arealways exception cases that rely on the experience of theadjuster."

Mr. Powers added that many companies "are using no fraudtechnology whatsoever," instead relying on the intuition andinstincts of their claims handlers.

Mr. Rogers said he foresees a day when voice-stress analyzersmay play a role in fraud systems, "if you can find a way to scoreit to determine that they are not the person, or that they arelying."

Overall, he noted, "companies just need to be more diligent inentering valid data and keeping it clean. Don't skip data entry--itcould be a key. You can't score missing data. Better access todatabases out there is also a key."

According to Mr. Powers, "one huge opportunity is inevent-driven systems," in which the claim handler is alerted inreal time to any new data set or piece of information that couldhelp drive a decision on the claim.

"That's where the technology is trying to get to--real-timeevent notification," he said.