Antifraud framework

Comments

Transcription

Antifraud framework
Antifraud framework
Federica Troya, Italy Chief Risk Officer and Anti Crime Delegate
October 2014
Zurich Italy
CONFIDENTIAL
Agenda
The Italian context
• Fraud scenario
• Regulatory framework
Zurich Italy context
• Policies and guidelines
• Antifraud governance
© Zurich Insurance Company Ltd
Antifraud operational procedures
Fraud monitoring and reporting
Conclusions and next steps
CONFIDENTIAL
2
A brief overview of the Italian scenario
The context
 The impact of fraud in Italy, compared to other countries, is particularly
high, especially in the insurance environment
 The economic crisis over the lasts years acted as an accelerator of the
incidence of fraud in both underwriting and claims
 Companies, also fostered by the Regulator and the Italian Government,
© Zurich Insurance Company Ltd
increased their investment in this specific area with the aim to reflect positive
effect of this effort in their commercial proposition
Reducing fraud provides companies with the opportunity to be more
competitive either by improving their Combined Ratio or by reducing
insurance prices
CONFIDENTIAL
3
A brief overview of the Italian scenario
The official figures
 The Regulator published the fraud ratio (*) in motor insurance for the years 2010 and 2011.
According to ISVAP, the fraud ratio identified by the Insurance Companies would
amount to 2.42% in both years.
 However, industry studies estimate that the actual incidence of fraud in the Italian market is
© Zurich Insurance Company Ltd
around 10% (Source KPMG), of which the Companies have been able to detect only a
small percentage so far.
CONFIDENTIAL
(*) Fraud Ratio is the ratio between fraud claims compensation (not paid) vs. the total amount of motor claims compensation.
4
The Italian regulatory framework
Actors involved and main regulatory requirements
Companies can leverage Government and Regulator rules as well as the access
to external databases to strengthen their “weapons” against fraudsters:
DB
 Regulation n. 44,
August 9 2012
 Investigation on crime
 Criminal Code
(Artt. 485, 642, 640, 489)
 Civil Code
(Artt. 1892; 1901)
 ANIA
(Customer insurance position)
 PRA
(Vehicle and owner info)
phenomenon
© Zurich Insurance Company Ltd
 Private Insurance
 Claims data base
(banca dati IVASS)
Code
 Law Decree n. 27,
24/03/2012
CONFIDENTIAL
 C.C.I.
(Casellario Centrale infortuni)
 CRIFT
(Centrale rischi bancaria)
5
The Italian regulatory framework
Challenges and opportunities
From an insurance company perspective, regulatory requirements represent
both an opportunity and a challenge for fraud fighting:
 Strong pressure on anti-fraud coming
from the Regulator and the Italian
Government (i.e. yearly report to the
board and the Regulator )
 Insurance Mark dematerialization
process*
 New rules to avoid frauds in case of
 Rules for companies in the claim
settlement process
 Data privacy restrictions
 External databases not always
updated and reliable
 Justice timing
© Zurich Insurance Company Ltd
personal injuries claims
 Obligation to underwrite
CONFIDENTIAL
(*) Not yet in place: the expectation is that the upcoming insurance mark dematerialization will mitigate (potentially fully eliminate) the risk of
fake insurance contracts in the Motor line of business
6
The Italian regulatory framework
Reg. 44/2012: new focus on anti-fraud governance and results
Purpose of IVASS, with the Regulation 44/2012, is to check the status of the antifraud
initiatives within the insurance industry and monitor the results – in terms of loss
reductions – achieved through fraud fighting
Rule 44 Regulator’s requirements (Motor only)
Zurich 2013 report
 Provide information related to the antifraud
processes, systems and people in order to assess
the adequacy of the organization in preventing and
combating fraud
 Describe the Company antifraud policies and
guidelines
 Set out the Company antifraud objectives and
© Zurich Insurance Company Ltd
strategies
 Share consistent data to track the impact of
antifraud activities on Claims costs
 Track potential impact on customers in the form of
complaints / legal actions
CONFIDENTIAL
7
Agenda
The Italian context
• Fraud scenario
• Regulatory framework
Zurich Italy context
• Policies and guidelines
• Antifraud governance
© Zurich Insurance Company Ltd
Antifraud operational procedures
Fraud monitoring and reporting
Conclusions and next steps
CONFIDENTIAL
8
Zurich Italy context
The Antifraud culture
 Zurich Italy is exposed to risks due to illicit and fraudulent activities, which may arise
inside or outside the Company.
 Zurich Italy does not tolerate frauds or other crimes and is committed to take proactive measures to prevent, detect and investigate suspicious frauds and adopt
immediate and opportune actions to fight against these situations
 Over the last years, Zurich Italy has carried on a comprehensive antifraud program that
goes beyond the Regulatory requirements and specific market needs to drive a true
cultural transformation across all business areas.
 The mission of Zurich antifraud approach can be summarized as follows:
 Establish a new anti fraud culture
 Zero tolerance against fraudsters
© Zurich Insurance Company Ltd
 Preserve and recognize good customers
 Protect Zurich and customer assets
CONFIDENTIAL
9
Zurich Italy - Antifraud framework
Fraud
Control
Model
Antifraud
Organiza-tion
Loss Event
Report
Policy &
Guidelines
Antifraud
tools
Operational
Procedures
© Zurich Insurance Company Ltd
Antifraud
skills
CONFIDENTIAL
10
Antifraud governance
Policies and guidelines
Zurich Italy has adopted several policies and guidelines to define processes, controls and
behaviors standards to fight against crimes and frauds, internally and externally, committed
against the Company:
Zurich Risk Policy
• Section 10 – Operational Risk
• Appendix 18.10i - Global Security Standards
Zurich Basics
• Zurich Code of Conduct, articulating our basic values and the employees key rules of
conduct.
Compliance Policies:
© Zurich Insurance Company Ltd
• Conflicts of Interests and external Engagements
• Reporting Improper Conduct and Concerns” policy
Control Framework
• Former ICF / OKC / SOX controls
• “Organisation, Management and Control Model”, pursuant to Law-Decree n. 231/2001
CONFIDENTIAL
11
Antifraud governance
Organizational model (1/3)
Zurich Italy has adopted an integrated anti-fraud approach to ensure coordination among
all involved subjects across lines of business and Segments.
For this purpose, while the business remains the ultimate responsible for fraud prevention and
detection, specific antifraud responsibilities have been assigned to specialized antifraud
functions:
Risk office &
ACD
© Zurich Insurance Company Ltd
CEO Office &
Distribution
Control
UW & distribution
fraud
Distribution &
Quality Control
Legal and
criminal
procedures (UW)
AntiFraud Unit
ZIP Branch GI
Zurich
Investments
Life (ZIL)
Chief
Operations
Officer
Claims
HR
Others
Operations &
Customer
relationships
Claims fraud
Claims Counter
Fraud Unit (CCFU)
Internal Fraud
HR Operations
MFU, Legal, etc.
UW fraud
Quality
Underwriting Direct
Shared services supporting Zuritel / Life
CONFIDENTIAL
Zuritel
Life Customers and
Distribution
Dialogue
Life antifraud
coordinator
(LAC)
12
Antifraud governance
Organizational model (2/3)
 Anti-crime delegate (ACD, all companies): subject assigned to the coordination of anti-fraud activities in
compliance with the standards provided by the Zurich Risk Policy.
 Human Resources (all companies): function coordinating the anti-fraud activities related to internal fraud
cases, overseeing the investigations and possible disciplinary actions.
 Antifraud Unit (AFU, all companies): It is the unit assigned to verify the possibility to initiate civil or criminal
proceedings against the insured / fraudulent counterparty and to manage the same in case of GI Underwriting
and Life fraud*.
 Distribution and quality control (ZIP & shared services to Life): function responsible for UW and Distribution
fraud within GI, including: i) Agency inspections to identify irregularities and potential distribution frauds; ii) KPI
analysis to identify potential UW fraud committed by the customers; iii) targeted investigations on suspicious
cases; iv) Fraud reporting.
 Claims counter fraud unit (CCFU, ZIP & Zuritel): function responsible for the management of Claims fraud
cases, reported by the Claims function (Loss Adjusters Network and Quality Assurance) or signaled by DETICA.
This unit carries out the investigation, manages and authorizes the payment/rejection of the fraud alleged claims;
proceeds with civil and / or criminal action against the fraudsters as needed.
© Zurich Insurance Company Ltd
 Quality Underwriting (Zuritel only): function responsible for the definition and implementation of anti-fraud
controls, carrying out “ex post” investigative controls and management of anomalous or suspicious cases in the
customer on-boarding phase.
 Life Antifraud Coordinator (LAC, Life only): subject responsible for overarching coordination of Life antifraud
activities (including all types of external Life fraud: UW, Claims, Distribution), investigation and management of
suspicious cases and Life fraud reporting.
CONFIDENTIAL (*) Potential legal actions related to Distribution fraud are managed directly by the General Counsel.
Antifraud governance: an integrated approach
Organizational model (3/3)
In order to further strengthen the anti-fraud framework, Zurich Italy has established joint Committees
and regular meetings to ensure ongoing coordination among all the involved functions (antifraud
referents; Control functions; the Business)
 Anti Crime Delegate (ACD): coordinates the Company anti-fraud
activities in alignment with the ZRP. The ACD responsibilities include:
 Fraud Council: chair and organize the Fraud Council
 Reporting: maintain a regular Fraud report tracking all identified
fraud cases
Anti Crime
Delegate
 Fraud council: It is composed of: ACD, CFO, Head of HR, Compliance
Fraud Network
meeting
Distribution
irregularities
and Legal. The CEO Office & Distribution Control, the CCO and the COO
may be invited on a needed basis. The Fraud Council is responsible for:
 Internal Frauds: assess and define potential proceedings;
 Case management: manage fraud cases that require escalation
due to their complexity, size, involved subjects, other;
 Guidelines: discuss and agree on guidelines for specific cases
Specific Fraud Councils have been established within Zuritel and Life.
 “Distribution irregularities” Committee: It is composed of: ACD, CFO,
© Zurich Insurance Company Ltd
Fraud Councils
(Overall; Life;
Zuritel)
Head of Distribution. The Committee is responsible for analyzing
identified distribution irregularities (including potential fraud cases) and
agreeing on actions as needed.
 Fraud Network meeting: monthly meeting coordinated by the ACD, with
the participation of all the Antifraud referents. Objective of these meetings
is to ensure that main fraud cases, best practices, potential issues, etc.
are shared across all business areas.
CONFIDENTIAL
14
Agenda
The Italian context
• Fraud scenario
• Regulatory framework
Zurich Italy context
• Policies and guidelines
• Antifraud governance
© Zurich Insurance Company Ltd
Antifraud operational procedures
Fraud monitoring and reporting
Conclusions and next steps
CONFIDENTIAL
15
Anti-Fraud Governance: procedural steps
© Zurich Insurance Company Ltd
Prevention &
Detection: this phase
includes the controls
and activities aimed to
prevent and detect the
suspicious cases
Investigation:
collecting more
information that
permit to classify the
case as fraudulent.
This activity can be
a “desk
investigation”
(internet search;
analysis of external
database, etc.) or
“field investigation”.
Decision Making
defining how to handle
the identified case,
depending on the extent
of the fraud (qualitative
and quantitative
aspects).
It can result in: i) a
request to start a
criminal proceedings; ii)
other actions.
Execution:
execution of the decision,
also in order to recover
what had been taken illicitly.
Execution may imply, on a
case-by-case basis, Penal
proceeding or other actions
(e.g. disciplinary actions;
premium recalculation;
policy cancelation; claim
closed without payment;
etc.)
Cross Communication (*)
(*) Cross Communication: in parallel to the Fraud process, a periodic flow of information among the involved functions is assured
in order to understand possible gaps in the process or control system that led to the identified fraud and ensure that main fraud
cases, best practices, potential issues, etc. are shared across all business areas. The communication is supported by the
committees described above, by the shared folder for fraud cases and direct contacts among the functions.
CONFIDENTIAL
16
Antifraud processes - deep dives
a.
© Zurich Insurance Company Ltd
d.
CONFIDENTIAL
Fraud prevention and detection in UW:
Zuritel (Direct business)
b.
Fraud prevention and detection in UW:
ZIP Branch
c.
Fraud detection in Claims
Life antifraud: the checklist
17
A virtuous circle is the key success factor to
improve company AF barriers
 Information sharing across functions (Underwriting, Claims, Operations, Risk, Legal,
HR) and the development of a fraud culture within the Organization are key to prevent
and contrast fraudsters
Portfolio manag.
Dept.
Fraud
Council &
meetings
fraud
detection
Quality
Underwriting
Fraud
Contrast
Litigation
Pricing
© Zurich Insurance Company Ltd
Claims
prevention barrier
enhancement
CONFIDENTIAL
• Update AF scoring system
• Introduce new fraud
indicators (KPIs, checklists)
Quote &
buy
process
• Strengthen Back Office fraud Issuing
filters
process
18
Prevention and Detection in Underwriting (a)
A best practice in ZURITEL (1/2)
 We invested to improve our capabilities and effectiveness in the two UW antifraud
key areas:
– Prevention: identifying adverse risks during the quoting process for an
analytically control of the underwriting of possible fraudsters customers
– Detection: daily monitoring of the underwritten portfolio through customized
views to spot possible fraudulent behaviours
Prevention
Detection
© Zurich Insurance Company Ltd
Introduced the scoring model (SM) that marks quotes
through several combination of UW and customer data
(online since Feb 2014)
Online
Quot ing
CONFIDENTIAL
Fraud Risk
Quot e
Ant if raud
issuing process
OK Quot e
St andard
Issuing process
Introduced a Business analytics tool (Qlick View) that daily
monitors portfolio from an Antifraud perspective
SM
Illustrative
19
Prevention and Detection in Underwriting (a)
A best practice in ZURITEL (2/2)
© Zurich Insurance Company Ltd
Illustrative purpose only
CONFIDENTIAL
20
Antifraud processes - deep dives
a.
© Zurich Insurance Company Ltd
d.
CONFIDENTIAL
Fraud prevention and detection in UW:
Zuritel (Direct business)
b.
Fraud prevention and detection in UW:
ZIP Branch
c.
Fraud detection in Claims
Life antifraud: the checklist
21
Prevention and Detection in Underwriting (b.)
Optimization of Antifraud & Quality Control in ZIP Branch (1/2)
 The Distribution & Quality Control department has implemented a Dashboard that enables both

antifraud detection and a broader analysis of the quality of the portfolio.
The Dashboard, fully in production since January 2014, tracks 29 KPI’s at both Agency and
Customer level: 8 specific Fraud KPI’s + 21 Quality indicators
Antifraud analyst
© Zurich Insurance Company Ltd
Monthly analysis of
all fraud KPI’s
Direct investigation
on Agencies with
highest impact
CONFIDENTIAL
Inspectors
Quality
Controller
Analysis of 11 KPI’s
(mix of Antifraud and
Quality indicators) in
all the visited
Agencies
Analysis of all 21
Quality indicators (by
geography)
22
Prevention and Detection in Underwriting (b.)
Optimization of Antifraud & Quality Control in ZIP Branch (2/2)
Multipolicy
Claims in a different area
Multiple Claims
Multiagency customers
with claims ( Motor)
Car plates from other
Agencies
Report and documents
collection for legal proceedings
(as needed)
© Zurich Insurance Company Ltd
• Fraud KPI
Detailed analysis
• Agency inspection
• Antifraud investigation
Multiagency customers
with claims ( no Motor)
Change of maximum
exposure during the year
Life policy (foreign
policyholder)
• AFU Roma for legal proceedings and
inclusion on Loss Event report
• Operations office for policy cancellation ex art
1892 Italian Civil Code
• Underwriting for portfolio / policy review
• RAZ for disciplinary actions on the Agencies
• Communication to the Fraud Council as
needed
Disciplinary action on Agency
Portfolio clean up / Tariff review
Fraud monitoring & reporting*
CONFIDENTIAL (*) Monthly report shared with the Responsible of CEO Office & Distribution Control. Report shared with ACD and CEO on a bi-monthly
basis
23
Antifraud processes - deep dives
a.
© Zurich Insurance Company Ltd
d.
CONFIDENTIAL
Fraud prevention and detection in UW:
Zuritel (Direct business)
b.
Fraud prevention and detection in UW:
ZIP Branch
c.
Fraud detection in Claims
Life antifraud: the checklist
24
Fraud detection in Claims (c.)
Key goals for the management of fraud in insurance claims
Speed up the claims
settling process
 Reduce the number of
fraudulent claims
 Reduce the effort spent in
Enhanced
Cust omer
Service
Leverage
Global
on Group
Deployment
experiences
St rong
Count erf raud
Cult ure
managing fraud claims
30-100%
Improved
increase in
f raud
detected
det ect ion
fraud
claims and network
 Continuously improve and selflearn to anticipate the fraudsters
 Preserve honest customers
 Develop anti fraud culture and
attitude
© Zurich Insurance Company Ltd
Establish the anti
fraud Culture
 Preventively Identify fraudulent
CONFIDENTIAL
25
Fraud detection in Claims: DETICA (c.)
Advanced analytic tools implemented since 2010 (1/3)
Capture outcomes
and red flags
Policy &
Coverage data
?
?
?
?
NetReveal
Visualizer
Claim and
payment data
Customer
personal data
Involved party
data
Data
ingest
and
extract
entities
Create all
potential
links
Socially
bound
networks
with “Hard
Links”
Enhance
networks
with “Soft
Links”
Score
entities
and
networks
Social
Networks
Enhanced
Networks
Prioritized
High Risk
Networks
© Zurich Insurance Company Ltd
Injury data
• Review
alerts
• Take action
• Create
cases
Known frauds,
red flags and
risk lists
Employee data
(for insider or
collusive fraud)
CONFIDENTIAL
Single View
Linked
Soup
NetReveal
Workbench
26
Fraud detection in Claims: DETICA (c.)
Advanced analytic tools implemented since 2010 (2/3)
Example of a network, as visualized by Detica NetReveal
© Zurich Insurance Company Ltd
A
The red icons in the circle indicates two claims already managed by the CCFU, before
using Detica NetReveal
CONFIDENTIAL
27
Fraud detection in Claims: DETICA (c.)
Advanced analytic tools implemented since 2010 (3/3)
The tool shows further areas of investigations…
A
© Zurich Insurance Company Ltd
B
By the analysis of the network our fraud Intelligence Team found a connection to a group of 65 claims
linked by the same address. This is a typical case of fraud professionals
CONFIDENTIAL
28
Antifraud processes - deep dives
a.
© Zurich Insurance Company Ltd
d.
CONFIDENTIAL
Fraud prevention and detection in UW:
Zuritel (Direct business)
b.
Fraud prevention and detection in UW:
ZIP Branch
c.
Fraud detection in Claims
Life antifraud: the checklist
29
Life Fraud Red Flags
• Life has developed a check list to identify suspicions of possible claims fraud, which is
•
being implemented at the business level in order to enhance timely detection of fraudulent
cases.
Any case where we receive a tip-off, anonymous or otherwise, that the claim is fraudulent
must be referred to the Life Antifraud Coordinator (LAC).
Examples of red flags would include:
• The customer refuses to answer a question or provide a document that has been requested or refuses
to allow us access to certain records or a particular third party.
• There is definite evidence of past or current dishonesty. For example we may have significant
grounds to believe that the customer has made dishonest representations to ourselves or other parties
in the past or there are indications the customer may have been involved in fraudulent actions with other
parties.
© Zurich Insurance Company Ltd
• There are clear inconsistencies between sporting or social activities and the claimed disability.
• There are multiple concurrent claims.
CONFIDENTIAL
30
Agenda
The Italian context
• Fraud scenario
• Regulatory framework
Zurich Italy context
• Policies and guidelines
• Antifraud governance
© Zurich Insurance Company Ltd
Antifraud operational procedures
Fraud monitoring and reporting
Conclusions and next steps
CONFIDENTIAL
31
Fraud Monitoring
The Fraud Control Model
Losses incurred due to misuse of corporate
credit card, cash expenses, etc. for personal,
fraudulent gain.
Expense Fraud
Losses incurred by someone deliberately
assuming a customer, intermediary or employee
identity by forgery and/or impersonation (identity
theft, surrender fraud, check fraud, etc.)
Forgery /
Impersonation
Losses incurred by the purposeful revelation of
confidential information for the purposes of
criminal activity including reputational damage.
Disclosure of
confidential
information
Losses incurred due to deliberately not following
accounting procedures for either for personal or
company benefit.
© Zurich Insurance Company Ltd
Losses incurred by someone giving or receiving
gifts, incentives, bribes, kickbacks for the
purposes of fraudulent activity.
Losses incurred due to someone obtaining a
policy of insurance for a lesser than ordinary
premium or higher, specific coverage, usually at
the time of underwriting, by means of false,
incomplete or misleading information.
Fraud
Accounting
irregularities
types
Forgery /
Impersonation
(External)
Losses incurred by someone deliberately
assuming a customer, intermediary or employee
by forgery and/or impersonation including
identity theft, surrender fraud, check fraud, etc.
Premium or
policy fraud
(external)
Losses incurred due to someone obtaining a
policy of insurance for a lesser than ordinary
premium or higher, specific coverage, by means
of false, incomplete or misleading information
(e.g. previuos claims, medical history) .
Disclosure of
confidential
information
(External)
Losses incurred by the purposeful revelation of
confidential information for the purposes of
criminal activity including reputational damage.
Bribery and
corruption
(external)
Losses incurred by someone giving or receiving
gifts, incentives, bribes, kickbacks for the
purposes of fraudulent activity.
Distribution fraud
(External)
Losses incurred due to misappropriation of
customer payments, fraudulent
misrepresentation of new policies withholding
customer premium.
Procurement
fraud
Losses incurred due to a supplier deliberately
falsifying their bill, invoices paid without goods /
services being delivered, etc.
Bribery and
Corruption
Premium or Policy
Fraud
Other loss events
Losses or reputational damage incurred due to
fraudulent qualifications presented by staff.
CONFIDENTIAL
Internal Fraud
•
•
•
IT incidents
Safety and security incidents
Theft of assets
Recruitment fraud
External Fraud
Other loss events
32
Agenda
The Italian context
• Fraud scenario
• Regulatory framework
Zurich Italy context
• Policies and guidelines
• Antifraud governance
© Zurich Insurance Company Ltd
Antifraud operational procedures
Fraud monitoring and reporting
Conclusions and next steps
CONFIDENTIAL
33
Antifraud evolution
A new discipline for insurance companies
Today
© Zurich Insurance Company Ltd
Yesterday
CONFIDENTIAL
34
© Zurich Insurance Company Ltd
Thank you
CONFIDENTIAL
35