Given their myriad similarities, it makes sense that workers’ compensation insurance would draw on the experience and expertise of health insurance to learn better mitigation.
Fraud has always been a challenge in all lines of insurance.
It is no different with employee compensation.
While most worker compensation claims are valid, research shows that 1% to 2% are fraudulent. These fraudulent claims cost the insurance industry – and honest policyholders – $306.8 billion a year across all lines of business.
This enormous scale cannot be ignored.
And while insurance companies have teamed up with law enforcement over the years to fight fraud, the battle rages on. Technology is tipping the scales in favor of honesty as insurers find innovative ways to distinguish truthful claims from fraudulent ones.
A compelling panel at National Comp 2022 addressed this hot topic.
Four industry leaders participated in a multidisciplinary panel in Las Vegas on the first day of the show to discuss innovations in combating claims fraud.
The current status of employee compensation fraud
Given its obvious similarities to healthcare, the workers’ compensation industry can learn loss mitigation techniques from this adjacent industry.
Healthcare faces its own hurdles in fighting fraud; Some estimates put the cost of healthcare fraud at $105 billion annually, including costs related to Medicare and Medicaid fraud.
When lessons learned from managing and controlling health insurance fraud are transferred to other disciplines, the overall cost and impact of these systems can be reduced.
Panelist Jefferson Grace, Task Force Officer, FBI-LV Cybercrime Task Force with the Las Vegas Metropolitan Police Force; Bill Barbato, general manager and vice president, B2B payment solutions at Change Healthcare; Joe Paduda, director at Health Strategy Associates LLC; and Jennifer Cant, Corporate Payments Fraud Prevention Expert at Change Healthcare, presented the session “What the US Healthcare Industry Can Teach Us About Mitigating Claims Fraud” to a packed audience of claims adjustment and risk managers.
At the beginning of the panel, speakers highlighted fraud statistics to illustrate the scale of the problem. Metrics like the $9 billion workers’ compensation fraud and the $25 billion premium fraud affecting the industry show the need for change.
“Payment fraud is a reality. It’s not a question if; it’s a matter of timing,” Barbato began the session.
“We have seen a trend in the last 10 years. It is organized syndicates that perpetuate these [fraud] Crime. And they’re not after the small bucks. They are targeting millions of dollars in payments made by insurance companies to large hospital systems.”
Paduda spoke about the changing nature of fraud and described it as a dynamic business. Detective Grace described the ease with which criminals can obtain personal information via the dark web.
An example was the availability of social security numbers for purchase at a common rate of around $20. He went on to describe how crime can easily spread to different parts of the country, describing ransomware-as-a-service and now crime-as-a-service.
“The big ransomware groups sell their ransomware to other criminals as a service to others who can bully more people.” said grave.
“Now we’re looking for Crime-as-a-Service, a forum where criminals can come together and share information. Criminals can sell access to their exploits to various groups across the US, allowing them to further big plans.”
Fraud prevention is key
For the most part, speakers in their session focused on prevention, particularly payment fraud.
Echoing the healthcare industry, panelists warned of new cyber fraud schemes targeting payments.
Cyber criminals have successfully stolen healthcare payments through social engineering scams. Once the criminal has access to a patient’s personally identifiable information, they can steal healthcare payments by redirecting direct deposits or payee information.
In one extreme case, criminals stole $3.1 million by diverting healthcare payments to their own bank accounts instead of victims’.
Workers’ Compensation Payments could be the next target.
The speakers discussed various ways insurers can proactively protect themselves against the risk of payment fraud. In addition to core cybersecurity practices, such as using multi-factor authentication to verify user identities, panellists recommended keeping the team alert, up-to-date on trends, and aware of red flags specific to your industry through training and frequent communication are.
Other high-tech options for fraud prevention were also presented. Link analysis, which uses technology to find relationships across many different data points, can be a useful tool in the fight against claims fraud.
Many insurers have data stored in different systems – and technology can quickly find connections hidden in those data points and systems that people often find difficult to understand.
Best practice of working with industry consortia to combat fraud was also discussed.
Working with these consortia to share information and insights strengthens the group’s ability to act. Consortia data will only remain valid and resilient if insurers continue to contribute their insights. Therefore, the panel recommended joining and engaging with these industry consortia.
Grace spoke about building relationships with law enforcement agencies in addition to these industry consortia.
“If you’re dealing with any type of financial crime or fraud, you want to meet investigators beforehand. The FBI’s White Collar Crimes Unit has several squads. Find your local field office, call them, and make that connection before you have to call an investigator after something happens.” he said.
What’s Next for Claims Fraud Mitigation?
The final minutes of the presentation focused on concrete insights for the audience to act on.
Paduda outlined these four steps companies should take to mitigate the effects of claims fraud:
- Report the fraudulent activity and stop further payments or activities immediately.
- Communicate with the appropriate people inside and outside your organization. Set up a communication protocol before you need it.
- Ask your regular payees to notify you of any irregularities. If you e.g. For example, if you batch payments regularly, a regular payee might notice a problem before you do.
- Establish relationships with law enforcement and your local FBI office in advance. Prepare a network and plan before you need it.
Barbato spoke about establishing a watertight workflow before fraud is detected. And he reminded the audience of the possible (albeit embarrassing) possibility of an employee committing fraud.
“Everyone in the workflow has to take responsibility. We have a strict process that we go through when we detect fraud. It includes all people involved in the process. Don’t consider that you could have a rogue employee who sold credentials online, was the victim of a phishing attempt, or just scammed.”
Grace emphasized the importance of proactive intelligence for fraud prevention and mitigation: “Threat intelligence is important. When criminals attack a company using a specific scheme, they try others looking for the same vulnerability. It’s the same scheme over and over again, but for some reason it always works.”
To counter this, he recommended reconnaissance, threat intelligence, and talking to others to learn what active scams are continuing at any given time.
“Talking to others is the most important thing out there.” &