Learn how to identify potential insurance fraud to protect your agency
- Insurance fraud totals more than $80 billion annually.
- Learn the most common types of fraud: online applications, transactional fraud, “ghost brokers” and check altering.
- View the basic steps you can take to prevent fraud, from additional bank tools to solid procedures.
It’s no surprise that insurance fraud has become a significant problem. Fraudsters target insurance carriers, brokers and policyholders, creating a large financial burden for all stakeholders.
Studies by the Coalition Against Insurance Fraud indicate $80+ billion of insurance fraud occurs in the U.S. every year. But because many forms of insurance fraud are going unchecked, the actual dollar amount of fraud loss is an educated guess at best.
Online accessibility increases fraud risks
As insurance customers use more types of mobile and other Internet-enabled devices to purchases insurance or access their insurance accounts, fraudsters have stepped up to either misrepresent information or act on behalf of legitimate customers without their knowledge.
The ability to identify both good and bad users is vital for online insurance transactions. The security processes and tools insurance providers use will impact not only fraud detection, but also their bottom line.
In 2021 1,862 data breaches exposed 18.5 million personally identifiable information (PII) records. These stolen identities are then used for a variety of fraudulent scams.
Transactional insurance fraud
“Moving money ― both incoming and outgoing ― poses the greatest risk of fraud for an insurance agency,” said Patricia Smith of InsurBanc in a recent Property Casualty 360 article. From collecting premiums and paying commissions, to paying bills, administering payroll and moving funds from or to depository accounts – all require strict procedural protocols and consistent monitoring to minimize the risk of transaction fraud.
“The higher the transaction volume, the greater the risk rises for fraud,” Smith adds. Transactions can be conducted by check, deposit, wire or electronic transfer – but risk is present in every instance.
Often insurance fraud is the result of a phishing attack on an independent agency, where a cybercriminal impersonates an agency executive or trusted vendor to gain access to funds or sensitive information. The criminal may request a wire transfer or ACH request to move money out of the agency. “ACH transactions are a rich target, because these transactions are how agencies move money from their account for payment to carriers and also collect payment from insureds. The stolen funds are often transferred to crypto currency wallets or out of the country, making it difficult to recover them,” the article explains.
In another phishing scheme, hackers penetrate an agency’s network to add a “keylogger” that allows cybercriminals to access agency software programs, including online banking. Once the funds leave the bank, they’re extremely difficult to recover.
Another insurance scam involves “ghost brokers” who falsely represent themselves as an insurance company employee who has special access to consumer discounts. They may even advertise on trusted sites.
According to Iovation, these ghost brokers act as self-appointed intermediaries between insurers and consumers, using bots to find the ‘right answers’ to insurers’ application questions (by filing 100–200 applications, all with slightly modified answers). Armed with those results, they’ll serve up the lowest-priced policy to the consumer, charge them for the policy, deliver the consumer’s legitimate policy documents, and then — without the consumer’s knowledge — cancel the policy and pocket the refund.
The unsuspecting victims have liability and financial exposure, all the while believing that they have insurance coverage. Iovation data shows this kind of online third-party application fraud is up 139% in a recent three-year period.
Altering checks: an old-school scam that still works
Counterfeit or altered checks are still a target for insurance fraud at agencies, says Property Casualty 360, including:
- Stolen checks. Mail theft of blank checks or written checks.
- Check-washing. With written checks stolen from the mail, criminals use household cleaning products to erase the name of the payee and replace it with their own name. Because the amount matches the bank statement, the fraud can escape notice until too late.
- Copying checks. In the same way, altering various information on a check, making a color copy and then with the bank’s mobile app, photographing that color copy as a real check is a more recent scam for fraudsters.
- Unauthorized check printing. Employees who have access to check printing within the agency have the opportunity to commit fraud.
More fraud schemes
Application fraud costs the insurance industry billions of dollars each year. Using machine learning, identifying applications associated with bad debt can provide insight to identify and mitigate these costly schemes.
The use of mobile apps has more than doubled in the past few years, providing yet another opportunity for fraud that requires close monitoring, whether it’s filling out an application or filing a claim.
The rise of aggregators introduces new potential risks insurers because there’s less data visibility and direct contact with the customers, and more instances of quote manipulation. Here’s what we mean: A potential customer may manipulate information, giving a false address or number of claimants to land a better quote. As mentioned earlier, applicants can request 100–200 quotes in a short timeframe using slight changes like how close a fire hydrant is for a homeowners policy, or where a vehicle is kept for an auto policy.
How can your agency battle insurance fraud?
According to Property Casualty 360, these are basic steps to help protect your agency:
- Train employees to recognize suspicious signs of online fraud.
- Solidify procedures to deal with access to funds and disbursement of funds.
- Establish strong procedures for fulfilling email requests to move money. Whether the request is made by someone in your agency or by a known vendor, you should confirm the request by calling the requester to validate the details before fulfilling the request.
- Replace paper checks with technological cash management options (online banking, ACH origination, bill pay and wire transfer).
- Use “Check Positive Pay” or “Positive Pay,” an automated fraud detection tool provided by your bank. It compares each check presented for payment against the agency’s check issue file and includes an ACH component for electronic transactions. By identifying checks or ACH transactions that don’t match, it helps the agency to stop fraud on their account. The agency can view the images of check or transaction exceptions before deciding which items to pay and which to mark as fraudulent.
- Safeguard your paper checks in a locked drawer, if you choose to continue using them. No lone employee should have absolute access to checks when paying accounts.
- Safeguard your original checks when using remote deposit. When the checks clear, shred them.
- Consider establishing a post office box at the local U.S. Postal Service branch to reduce mail theft and access to sensitive information, rather than having mail delivered to your location.