Fraud risk management: the right structure is urgently needed

As new risks emerge, insurance companies should always be vigilant about the possibility of cyberattacks and therefore should be well positioned to proactively detect and mitigate fraud while maintaining business continuity.

This brings us to the question, how do insurance companies achieve holistic coverage?

The answer lies in the Fraud Risk Management System.

Undoubtedly, a sound fraud risk management system can help insurance companies both anticipate and mitigate the risks of various types of fraud, including the risk of cyber attacks. To create an effective structure, insurance companies must focus on six imperatives:

1. Top tone: To ensure holistic acceptance of the framework, it is essential that management is actively involved in both the development process and the implementation process. In addition, management should ensure that the roles and responsibilities of staff at all levels of the organization are clearly defined and that periodic checks and balances are established.

2. Develop an anti-fraud strategy: The anti-fraud strategy should be well aligned with the overall strategic goals of the company. It also needs to be comprehensive and strike the right balance between trying to limit losses through aggressive mitigation measures and delivering an optimized customer experience.

3. Agree on the operating model: To move from being reactive to being proactive, companies must align their operating model with their overall fraud risk management strategy and ensure that fraud is prevented, detected and responded to seamlessly.

4. Conduct a detailed fraud risk assessment: Due to the various vulnerabilities and impacts, it becomes necessary to identify and focus on significant, recurring and potent fraud risks. This can be achieved through detailed and regular fraud risk assessments that identify vulnerabilities and exposure to specific types of fraud and determine the adequacy of measures taken to mitigate specific fraud risks.

5. Improve the quality and access to information: There is an urgent need to create a holistic ecosystem that allows insurance companies to seamlessly share data and information (for example, information about false claims, the history of individual claims, a list of unscrupulous individuals and professionals, etc.), while maintaining confidentiality. Individual rights are securely protected.

6. Promote tools to effectively detect suspected fraud: Insurers should develop specific scenarios that, when triggered, suggest a higher risk of fraud. This should include scenarios related to policyholder and claims fraud, as well as intermediary fraud. If one or more of the indicators is triggered, the insurer must quickly establish the facts to determine whether further investigation and follow-up actions are warranted.

7. Respond to allegations of fraud: Insurers should develop a clearly articulated policy detailing how allegations of fraud will be investigated and resolved. The policy should generally include procedures for retaining records and gathering evidence, as well as emphasizing the responsibilities of individuals or departments depending on the nature and risk of fraud.

Insurance fraud is a very real risk that needs to be actively addressed by industry stakeholders, especially in an ever-changing environment in which new types of risks are emerging. How insurers exploit new opportunities while optimally reducing fraud risk will determine whether they prosper or simply survive in the future.

Sanjoy Datta is a Partner and Head of Financial Services at Deloitte India. The opinions expressed in this column are personal.