BackFraud risk management: An urgent need to build the right frameworks
Inarguably, a robust fraud risk management framework can help insurance companies both anticipate and address the risk of various types of fraud, including the risk of cyber-attacks
PremiumInsurance companies have historically faced, and dealt with, several types of insurance frauds ranging from mis-selling of insurance products to leakages in commissions paid and inflated billing. Today, in addition to such frauds, insurance companies are faced with newer and more innovative fraudulent practices stemming from the pervasiveness of digitization. One such key risk that demands immediate attention is cyber security risk. Over the past few years, and especially in the aftermath of the covid-19 pandemic, the number of cyber attacks has grown dramatically. According to a Bank for International Settlements (BIS) bulletin, the financial sector has been hit relatively more often by cyber attacks than most other sectors since the pandemic with payment firms, insurers, and credit unions being especially impacted. This sharp growth in attacks comes on the heels of accelerated digital adoption in the insurance industry. As per a recent study on the Indian insurance industry, conducted by Deloitte, over 60% of survey respondents affirmed that they have witnessed a significant increase in fraud incidents in the last 2 years. Further, the top 3 reasons for an increase in fraud included increased digitization (70%) and remote working (50%), followed by weakened controls (30%).
As newer risks emerge, insurance companies must be ever vigilant to the possibility of cyber attacks and, therefore, need to be well-positioned to proactively identify and mitigate the impact of fraud while ensuring business continuity.
This brings us to the question, how do insurance companies achieve holistic coverage?
The answer lies in—‘Fraud Risk Management Framework’.
Inarguably, a robust fraud risk management framework can help insurance companies both anticipate and address the risk of various types of fraud, including the risk of cyber-attacks. To create an effective framework, there are six imperatives on which insurance companies must focus:
1. Tone at the top: To ensure that the framework is holistically adopted, it is imperative that leadership is actively involved in both the development and implementation process. Further, leadership should ensure that the roles and responsibilities of personnel at all levels of the organization are clearly defined, and periodic checks and balances are established.
2. Develop a fraud management strategy: The fraud management strategy should be well aligned with the company’s overall strategic goals. Further, it should be comprehensive and strike the right balance between attempting to limit losses through aggressive mitigation measures while ensuring that customer experience is optimized.
3. Align the operating model: In order to eschew a reactive response to fraud in favour of a proactive one, companies must align their operating model to the overall fraud risk management strategy and ensure that fraud prevention, detection, and response are carried out seamlessly.
4. Conduct detailed fraud risk assessments: Due to varying vulnerabilities and impact, it becomes imperative to identify and focus on the significant, recurring, and high impact fraud risks. This can be done through detailed and regular fraud risk assessments that identify vulnerable areas and the susceptibility to particular types of fraud while also guiding on the adequacy of measures taken to mitigate the specific fraud risks.
5. Improve information quality and access: There is an urgent need to create a holistic ecosystem that allows insurance companies to seamlessly share data and information (for example, information regarding false claims, individual claims’ history, list of unscrupulous entities and professionals, etc.), while ensuring that the privacy rights of individuals are well protected.
6. Promote tools for the effective detection of suspected fraud: Insurers should develop specific scenarios that, when triggered, suggest a higher risk of fraud. This should include scenarios related to policy holder and claims fraud and intermediary frauds. In the event that one or more indicators are triggered, the insurer should quickly ascertain the facts to determine whether further investigation and follow-up actions are warranted.
7. Respond to fraud allegations: Insurers must create a clearly articulated policy detailing how fraud allegations will be investigated and resolved. The policy should typically include procedures for preserving documentation and gathering evidence while also highlighting the responsibility of individuals or departments depending on the nature and risk of fraud.
Insurance fraud is a very real risk that needs to be proactively addressed by industry stakeholders, especially in the backdrop of a shape-shifting environment that is engendering newer types of risks. The way insurers harness new opportunities while optimally mitigating the risk of fraud will determine whether they thrive or simply survive in the future.
Sanjoy Datta is partner & financial services leader, Deloitte India. The views expressed in this column are personal.
Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!
