Part One began our discussion of insurance fraud, itsimpact on the industry, and how many insurers have begun tofocus specifically on claims fraud as part of their enterprise riskmanagement (ERM) strategy.

Today, we delve deeper into how risk professionals can moreaccurately gauge the potential for internal and external fraud inall departments and functional areas of their respectiveorganizations. Are the real risks of fraud being adequatelyaddressed? What are some opportunities forimprovement?

Better fraud risk management begins with awareness. Once anorganization has answered these preliminary questions, it canincorporate ERM techniques in the following ways to ultimatelyquell fraud:

Develop an enterprise-wide fraud strategy.Putting a defined strategy in place can help companies lower boththe frequency and severity of fraud incidents. An important “firststep” in the process is changing senior management perceptions offraud control efforts. Fraud prevention initiatives and technologyshould not only be addressed to isolated incidents within specificdepartments, but should be considered a longer term, coordinatedinvestment. Fraud-detection resources may need to be re-evaluatedas purely expense or a cost center, and re-cast as cost –savingsactivities. Ultimately, “avoided fraud loss” can be a significantpercentage of total revenue.

Invest in analytics. Expanding data analysisand analytics can be a significant move in expanding fraud fightingefforts and improving fraud risk detection and identification.Recent studies indicate that anti-fraud technology increasingly isviewed as integral to insurers' battle against insurance fraud, butmajor challenges remain for insurers to fully deploy technologysolutions beyond the claim department, according to a 2012 studyconducted by the CoalitionAgainst Insurance Fraud.

Many new software programs are available today which allowcompanies to go beyond “red flag tagging,” scanning not onlyvariances and anomalies in claim reporting and settlement patterns,but also detecting more accounting, payroll, underwriting orpoint-of-sale and vendor transaction fraud. Companies may alsobenefit from predictive modeling, social media relationship mining,geographic data mapping and other advanced analytics. While technology may never replace humanintuition, instincts and auditor or adjuster expertise, it canprovide more immediate feedback and data to speed and improve thequality of investigations.

Rework your SIU team. A practical next stepoffered by the Forrester Report is re-organizing specialinvestigative unit (SIU) teams to include more cross-functionalstaff, adding team members from all departments, and includingspecialized experts in audit and data analysis such asstatisticians. As noted by the Report, as insurance fraud requiresmore and more analytics, “anecdotal and rule-based systems won'tcut it moving forward. You need resources that can: 1) understandrequirements for fraud scoring of insurance cases; 2) work withfraud management vendors to internalize fraud management knowledgein the organization; and 3) update analytical fraud risk scoringmodels so that they are always effective at cutting fraudlosses.”

Centralize your data. In addition, as withother ERM program risks, monitoring internal and external losses ina centralized location, across departments, is crucial to botheducating management and staff about fraud, and developing bettercontrols over time. Again, an enterprise-wide approach to recordinglosses, tracking associated tasks, issues and actions taken by thecompany as a result of a fraud incidents, and capturing financialestimates of “near misses” can help the company predict future painpoints. It can also enable insurers to make more educated decisionsabout where and when to deploy resources.

Tracking External Fraud Trends

Tracking insurance fraud trends is another way to improve riskmanagement. In addition to state department of insurance websites,advocacy groups may provide news and resources for identifyingfraud trends, claim and non-claim.

The CoalitionAgainst Insurance Fraud also provides real-time examples ofuncovered and prosecuted fraud countrywide, which can help riskprofessionals evaluate trends in specific states or regions. TheCoalition is an anti-fraud alliance speaking for consumers,insurance companies, government agencies and others which provideeducational resources, research & data, services and insight asa “leading voice of the anti-fraud community.” Their news serviceoffers daily updates with concrete scenarios of fraud attempts andsuccessful schemes for which controls might be better designed.

In one recent example the coalition reported on a $4.5 millioncontractor fraud ring that had been discovered in Colorado.Disaster Restoration Inc. is a general contractor specializing inemergency insurance claim restoration. According to charges,Disaster Restoration was instructing their sub-contractors toinflate their estimates by 20 to 30 percent above actual projectedcosts, and then skimming the overpayments.

More on Risk Mitigation

Monitoring the news for these kinds of “real-life” fraudscenarios can also help a company identify areas for improvedcontrols and loss mitigation strategies. In looking at thisparticular case, the insurer might consider some of the followingideas for risk mitigation:

• Thoroughly audit repairs and bills. Conduct a moredetailed review and confirmation of sub-contractor estimates.
• Request a back-up subcontractor estimate.
• Have an independent examiner verify estimates.
• Increase on-site spot inspections by home office staff.
• Conduct internal claims-handler file reviews whileincreasing peer reviews or internal audits to ensure that thecarrier's own employees are not involved in fraud.
• Aggressively prosecute contractors and subcontractors, or suethem in civil court.

These published reports often include details of the actualdollar amounts of losses and fines, fees or penalties assessedagainst fraud perpetrators, which can help an insurer betterquantify the frequency and severity of its own potentiallosses.

Fighting Fraud Together

As with any other risk being evaluated by an ERM program, fraudrisk must be continually assessed thoroughly across all operations.In the process, both the traditional control environment—people andprocesses—and sophisticated information technology should beequally considered. The best first step in fight insurance fraud isto be proactive, and bring all functional departments together toexpand and coordinate fraud management, technology, monitoring andreporting efforts.