Criminal Minds

Fraud investigators are on high alert these days for increases in scams driven by the economy and what one industry analyst describes as a growing desperation among policyholders who are just hanging on by their teeth financially.

Some believe insurance fraud tends to spike during a troubled economy as people become anxious to escape their financial plight and resort to insurance crimes to make ends meet, explains James Quiggle, director of communications for the Coalition Against Insurance Fraud. "People are torching their vehicles in growing numbers around the U.S.," he says. "To a lesser extent, they also are torching their homes to try to escape foreclosure. Investigators in workers' compensation are watching for the warning signs of a spike in premium scams and bogus injury claims."

The healthcare industry is no less vigilant whether the stock market is up or down, according to Kyle Cheek, director of enterprise informatics for Health Care Service Corporation (HCSC). "Anecdotally, I think the evidence may lean to suggesting people are more freewheeling when times are good," he says. "People might be more cautious about being watched when times are tough."

Rick Adam, vice president of claims for High Point Auto Insurance, has seen an uptick in fraud referrals with his P&C company since the third quarter of 2008, especially under the homeowner line of business, but he indicates it's still a little early to tell whether that's a result of the depressed economy or a blip that could have happened anyway. "It bears close scrutiny, though," he says.

Quiggle agrees. "Claims that ordinarily might receive a modest review now are being scrutinized closely because the chances of scams are beginning to grow exponentially for some crimes," he says.

INTEGRATED APPROACH

For High Point, fraud detection takes an integrated approach with four components, states Adam, which begins with the first notice of loss. "We have a proprietary system called Smart First Report," he says, adding the system was built for service rather than fraud detection, but it does provide the ability to triage claims. "We believe one of the benefits of this system is rooting out fraud."High Point triages the claims from the outset based on complexity and severity. "When [a claimant] calls in and answers a number of questions as we take the first report, we have some built-in intelligence that will move claims to various people in our organization depending on how complex the claim is and how expensive we view it," says Adam. "We take claims somebody may perpetrate in terms of a homeowner theft, auto theft, or significant bodily injury claim and get [those claims] to the right people."

Another key aspect of fraud detection at High Point is the way the company has organized its claims department. "One of my beliefs always has been there are certain areas of the claim function you have to specialize and centralize," he says.

High Point did that with its specialized theft unit that handles homeowner and auto claims. Both areas have a higher propensity for fraud than some other claims. "We created this unit with dedicated claim reps and a dedicated supervisor who just focuses on thefts every day," says Adam.

In addition, the carrier has specialized adjusters who examine the recovered autos. "You need to recognize whether [the claim] is something perpetrated on us intentionally by an insured or whether it was another person stealing the car," says Adam.

The third component, continues Adam, is to have specific tools to fight fraud. "We use a link analysis tool as well as other [technology] tools that get at what we call organized crime rings," he says.

Finally, High Point employs specific techniques, such as on auto theft, the carrier uses a forensic locksmith to examine recovered vehicles.

According to Adam, the effectiveness of High Point's efforts depends on integrating all four areas. "You could be good at any one of those and still have fraud perpetrated against you," he says.

TECHNOLOGY ON THE CASE

HCSC reorganized its special investigations department almost six years ago. During that reorganization, Cheek explains, discussions went beyond staffing models, process, and mission statement. "We also put our software solutions on the table to take a good, hard look at them," he says. "One of the things we ultimately decided in the course of that review was we wanted to change fundamentally the focus of how we use technology resources to further our fraud detection efforts."

HCSC made a key switch from rules-focused fraud detection engines to a more analytical focus. "We did that because we thought that approach would give us much broader coverage of the massive volume of claims data we take in on a daily basis," says Cheek. "It doesn't give us as much specificity as the rules-based approach does, but it gives us broader and complete coverage of the claims data that comes in."

The broader approach enables HCSC to find patterns as they emerge, notes Cheek, rather than when [the patterns] are fully developed. "It gives us a fighting chance to find what we don't know to look for," he says. "When we used the rules-based approach, the only things we were finding were the things we were looking for. We've been able to leverage technology and the kind of technology we use, putting us in a better position to find things people try to do to us.

"Part of the review we undertook six years ago was a decision between a legacy system we had in place and SAS software with more analytic focus," says Cheek. "Ultimately what we decided to do was keep the legacy system in place because it does a lot of this claims aggregation work, but then we incorporated the heavy-duty data mining and analytics from SAS to build an integrated platform that handles both sides of the equation very well--the data prep and the analysis. It doesn't guarantee what we find is a case of healthcare fraud, but it gives us a manageable size of subset data to look at," he adds. "It's actually proven to be a more successful approach than we anticipated."

The idea behind the switch was to give the carrier a chance to find the worst of the worst cases before they became fully developed and terribly costly, indicates Cheek. "As we've deployed this approach and become more practiced at it, it's turned out to be more fruitful and a much higher quality of case to refer to our investigators," Cheek says. "The leads that come out of our data analysis are written up into lead referrals, and we have software in our SIU we route the workflow through. By the time a finding from our data analysis is written up, we're pretty confident something is there. Our investigators then conduct a field investigation and interviews to determine whether the fraud rises to the level of criminal prosecution or whether it is something we handle through provider affairs."

HOW IT WORKS

The HCSC antifraud program is managed out of the special investigations department, but Cheek reports the investigators have a good relationship with the claims processing area and with the provider network management area. Most of the carrier's work in fraud detection is based on a retrospective review of claims. "But if through our review we have found a provider who has been submitting fraudulent claims and continues to do so, we can refer that provider to the claims processing area for heightened scrutiny of those claims as they come in," says Cheek.

Much of what the carrier does in fraud detection is targeted to the provider level, Cheek reveals, because that's where a vast majority of claims are submitted. "A lot of what we do is aggregation across claims, but we do have to account for the fact a single claim does not represent a single episode of care," he says. "It's just a fragment of an episode of care."

A great deal of HCSC's claim aggregation takes place in the process of prepping data for analysis, points out Cheek. Once the data has been prepped, the carrier can begin the analysis, which ultimately leads to fraud cases.

While HCSC does some work to link claims, High Point's use of link analysis has helped the carrier discover more than 40 organized fraud rings with 2,700 subjects, 1,700 claims, and an exposure of $12 million, according to Adam. "We've had very good success finding fraud from an organized standpoint," he says.

As claims VP, Adam wants to go after every claim and every dollar that is fraudulent, but he admits you can't stop every fraud. "You really need to focus on organized fraud that can expose the company to financial disaster," he says. "It's like fighting a fire. You want to put every fire out, but if you pull up, and the house is on fire and the lawn is on fire, which one are you going to put out first? We focus on rings where there are multiple people presenting claims against the company for high exposures."

High Point has had success using the link analysis to find the organized fraud, but Adam adds the company also has achieved success with the help of individual claims reps coming across something suspicious and then applying link analysis to confirm their concerns. "We've had success proactively and reactively," says Adam. "I'm not sure one is better than the other."

UNSTRUCTURED DATA

One technology issue insurers have to deal with is the vast quantities of data stored in unstructured formats, such as claim logs and other formats. "You can make a good case far more data is unstructured and ignored and not properly used in the fraud fight," says Quiggle.

One claim might have hundreds of pages of adjuster notes, continues Quiggle. "Most of this data is just festering and is not being marshaled properly," he says. "Data mining, properly used, can open up the door to vast quantities of data that could reveal much more intelligence about schemes that are being perpetrated."

HCSC has a corporate initiative under way to organize its unstructured data, but Cheek reports the initiative has not been incorporated into the fraud detection area as yet. "The examples I'm more familiar with probably are in the P&C space where you find episodes that are self-contained in one claim," he says. "I think there potentially is huge value for us in the health space. If we ever get to a single format for electronic medical records, there is a vast amount of unstructured information that could be introduced in a meaningful way."

One of the big differences between health insurance fraud and property/casualty fraud is an episode tends to be contained in one claim in P&C, explains Cheek. In healthcare, though, insurers very seldom see an episode contained in a single claim. "A lot of what we have to do is piece claims together to build out an entire episode," he says. "We can't just look at one claim and see what the indicators are and whether fraud is being committed. We have to look at an individual claim in context of all the other claims that [fraud] attaches to."

Healthcare insurers are among the leaders in adopting sophisticated technology to combat fraud, points out Quiggle. "The dollars stolen are so vast it has driven insurers to dig deeper for solutions," he says. "Healthcare fraud dwarfs all other forms of insurance fraud. We're talking about tens of billions of dollars in any given year, and that figure is increasing as sophisticated crime rings see the dollar potential and are preying on health insurers."

PREDICTIVE PREVENTION

Much of the IT effort dealing with preventing fraud also encompasses predictive analytics, adds Quiggle. "That's the focal point for growing numbers of insurers to uncover complex crimes and shorten the time continuum from the moment of claim to the discovery of the suspected scheme," he says.

The price of predictive analytics software programs has become more reasonable and scalable for smaller insurers, Quiggle observes. "[Smaller insurers] may not be able to afford the lavish packages, but they can afford to implement less robust programs and yet still improve their fraud detection measurably," he says.

In addition, these tools can serve multiple purposes and can be used throughout an insurance company's operations to streamline its process and improve the accuracy of many core profit-making functions, he suggests.

The number of insurers using predictive analytics is beginning to grow, but Quiggle maintains the industry still is lagging in its adoption. "It is such a core technology it should become standard operating procedure in this day and age," he says. "There's no reason most insurers can't adopt at least one form of predictive analytics or another, depending on their budget and internal capabilities."

The value of analytics is well known throughout the insurance industry. Quiggle contends the obstacle for those insurers that have not adopted it involves making that intellectual leap from traditional fraud-prevention programs to deciding to enter into the lengthy and sometimes difficult process of implementing a predictive analytics solution.

"You don't just pull a package off the shelf, install it, and suddenly start rolling," he says. "You have to integrate it with your other antifraud programs and gear your stored data to be easily accessible and analyzable."

IDENTITY THEFT

With the proliferation of online services offered by insurance carriers, fraud protection is essential, asserts Matt Shanahan, senior vice president for AdmitOne Security. "With all the online services insurance companies are offering, all [fraudsters] need to do is get into your account, take your ID card, and sell that ID," he says. "It's pretty damaging to see what can be the result of this. For the company there is reputation risk and financial risk associated with the losses, and then there is personal risk as the person has their medical records destroyed."

The financial services industry was forced to guard against these issues through the Federal Financial Institutions Examination Council, Shanahan points out. Since the FFIEC regulations were introduced, fraudsters have found it more difficult to get money from bank accounts, so he feels their focus has shifted to attacks on insurance accounts. "The banks are getting harder to break into, and as a result, fraudsters are going to where it is easier to break in," he says, noting, for example, the insurance industry is lacking any extra form of authentication from online users, which makes it much easier to break into and steal users' credentials. "Friends and family fraud is much higher," says Shanahan. "It's very easy for a relative to come into your home and get one of your ID cards. More than half of all identity theft starts with somebody you know."

Insurance carriers need to perform a risk assessment to tally where the fraudulent claims have come from and how they occurred. "Oftentimes, a fraudster works from one PC," explains Shanahan. "If one PC is trying to get into a lot of different accounts, you need to shut off connection to that PC because it is probably a fraudster. You need to look at stronger forms of authentication to verify not only the password but the trusted device it is coming from."

SHARING INFORMATION

Sharing of information concerning fraud is important, but Adam acknowledges it can involve legal concerns. "My philosophy has been, except when it comes to fraud, a lot of what we do in the claims practice is proprietary, and we don't want to share that with other companies," he says. As for fraud, "you have to share that information for the greater good of everyone. That's one area you can't be proprietary. If you know where people are committing fraud and where the law allows [information sharing], you need to share that information."

Chris Loiodice, one of High Point's SIU investigators, believes insurers need to work closely with the state insurance department, and anything his staff finds suspicious is referred to the New Jersey insurance office.

"We are one of the carriers pushing for carrier-to-carrier immunity in fraud [investigations]," says Loiodice. "Right now, we have immunity through the Office of Insurance, so for anything we refer to [regulators] we are protected, but we want to take that a step further. A lot of states have moved to that, and we want to get to that platform where we openly can share information when it comes to fraud."

It is important those who commit fraud understand High Point will come after them if it discovers suspicious activity, Loiodice emphasizes. "We want to make sure the professional rings know we take this seriously and take the target off our back," he says. "The fact High Point has a low tolerance for fraud might mean they go someplace else. That's the message we want to send."

FINAL THOUGHTS

The insurance industry doesn't always move quickly to adopt the latest technology solutions, and fraud prevention is no exception. "[Insurance] often moves slowly and drags its heels," says Quiggle. "It lags way behind credit cards and banking in the adoption of truly sophisticated antifraud tools."

But Adam cautions there is no single method insurers can use to dig out fraud. "It's almost like a military operation," he sums up. "To say you could do it with just air power or ground power doesn't work--you have to apply everything." TD