Fraud management teams are faced with a near impossible task. The methods used in fraudulent activities are quickly evolving and increasingly sophisticated. The adoption of digital transactions increases the pace at which fraudsters operate and the dollar amounts at risk. Unfortunately, fraud management budgets are getting smaller.
YOU HAVE A TEAM OF INVESTIGATORS AND ANALYSTS, BUT ARE YOU SEEING REAL RESULTS?
In this series of articles, we’ll look at the challenges you face and propose a comprehensive strategy to make your risk and fraud management more effective, efficient, and valuable. We’ll first diagnose the problem, we’ll prescribe solutions, and we’ll monitor the results.
To get where you want to be, you first need to know where you are. If you’re like most firms, you accept the conventional wisdom that fraudulent claims make up somewhere between 2 and 11 percent of your total. And you’re an optimist, so it’s probably closer to the 2 per cent.
It is almost certainly much worse. The “conventional wisdom” is based on unpublished work from nearly 50 years ago and is completely outdated. The number is likely much closer to 25 or 30 percent. But don’t take our word for it. Do the work to understand how many anomalous claims there are, where they seem to be concentrated, and what risk, financial and reputational, they represent.
Be sure to differentiate between fraudulent claims, abusive claiming patterns, and errors. When you know the extent of the problem, you can build a business case to improve it, and your organization as a whole can better allocate resources. Knowing the extent of potential fraud will crystallize the risks and the value your group can bring to the larger organization. Unfortunately, quantifying your risk is easier to describe than it is to do. Nevertheless, it is a huge opportunity.
IT IS TIME TO BRING OUT THE ANALYTICS.
As a first pass, ask what the hit rate is with claims your team is pulling. If it is 10 to 20 per cent, then they are not using analytics at all. If it is 30 or 40 per cent, then they are using them, but not effectively. Using analytics well - typically machine learning algorithms - should get your hit rate up to 80 or 90 per cent. Think about that. Your investigators should be finding suspect and actionable claims in at least 8 of every 10 they request from a provider.
You should expect this level of results when using analytics. And the good news is you don’t need to spend millions on high-powered software to get it. In fact, free tools will do the job just fine. The key is in the people using them and the processes in place to properly deal with them.
Do an assessment using proper analytical tools and technologies and determine exactly how much you have at risk. Don’t be surprised if it is 30 per cent or more. With this in hand, you are ready to move on to phase two: prescription.
ANALYTICS HELPS MORE THAN JUST DETECTION.
It will help your team focus on investigations that make a difference, not just those that are highly likely. Analytics will surface the providers and members that are the greatest risk to your business and to your clients. Well-designed models will even tell you what to look for during an investigation.
Furthermore, with some effort, algorithms can reduce your average investigation time. They can tell you which specific transactions to request documentation for. Your team will spend far less time fishing and you will build better relationships with your “good” providers.
To get the most out of this tool, you need to do some legwork. First, you need to have a clear understanding of how your objectives align with those in the rest of your organization. Take sales and marketing, for instance. Fraud management initiatives may reduce the set of providers you can offer to your clients. As you remove “risky” vendors, your clients’ choices will decrease and this will potentially impact your sales team’s efforts. This could be a source for conflict, or it could be an opportunity to market your products as lower risk or lower cost.
In any case, you need to connect with your stakeholders and discuss your different objectives. Talk to operations, IT, and finance about their goals and then discuss how enterprise fraud management can fit in the whole.
Pay particular attention to your data stewards - and not just the claims data. Often data from the CRM or billing will contain signals, which can aid fraud detection. If you are going to be successful, the IT group will need to be your friend.
Next up, you will need to tackle your organization’s philosophy with respect to risk. A zero tolerance fraud policy sends a stern message, but is it effective? We have found that in the long run, using a variety of options is a better way to deal with fraudulent and abusive claiming patterns. If your entire organization is geared around finding and proving fraud, you will quickly discover the high costs - in both time and effort - to reach that goal.
Having a range of response options allows you to balance the cost of taking action against the expected return on your investment of skilled resources. It also makes it easier to accommodate the expectations of the plan sponsor and the impact on the member experience.
FRAUD MANAGEMENT CAN'T BE LIMITED TO A DEPARTMENT.
It is an enterprise capability. Developing a wide-ranging set of options requires cross-department conversations, which we started above. If you think you need to drop a risky vendor, then you need buy-in from people outside your group.
But how risky does it need to be before you act? You need to determine the corporate risk appetite and risk tolerance. What is the threshold for fraudulent claims, abusive claiming patterns, and claiming errors? Recognizing that all of these are on a spectrum, you need to engage the entire organization to find the right balance.
An enterprise approach not only gives you more options, but it speeds up your response to suspicious claiming patterns. Knowing who is responsible for doing what in each response scenario is key to an effective corporate fraud management capability.
Once you have engaged the organization and developed a set of policies and guidelines, you are able to begin seriously addressing fraud. Be prepared to see huge benefits in this stage. Your team’s time will be used efficiently, suspect claims will be recovered, and your list of approved vendors will see a huge drop in risks. You may find the resulting claiming patterns save you tens or hundreds of millions.
Once you have engaged the organization and developed a set of policies and guidelines, you are able to begin seriously addressing fraud.
Be prepared to see huge benefits in this stage. Your team’s time will be used efficiently, suspect claims will be recovered, and your list of approved vendors will see a huge drop in risks. You may find the resulting claiming patterns save you tens or hundreds of millions.
Monitor & Respond
GET HELP. JUST DON’T BECOME DEPENDENT ON IT.
Fraud and abuse are human activities and, as such, they are not stationary. You can’t put a model in place and expect your worst offenders won’t adapt. You need an analytics team to constantly adjust to a moving landscape. As such, it is important you own your analytics capability. It is your data, your business, and your stakeholders. No analytics service provider or software vendor is going to understand your organization better than you.
INVEST IN YOUR PEOPLE MORE THAN YOUR TOOLS.
If you don’t have it already, then there is no need to invest millions to build in-house capability.
You can use no-cost and low-cost software and leverage existing in-house talent for much of your team. You may need consultants to help your team level up or to help you evaluate talent and toolsets. But you should be working towards independence and in-house capability in 18 - 24 months. Finally, it is worthwhile to view your fraud analytics initiatives through the lens of analytical maturity. You will quickly see it is about much more than tool sets and training. Analytics strategy, enablers (tools, data management, etc.), competencies, pervasiveness, and governance all contribute. You don’t need to be a superstar in all of these. You do need to be mature enough to meet your objectives as a business. Talk with your team and have them evaluate your group’s strengths and weaknesses. Talk to your management and get an understanding of where you need to be in each dimension. Then make a 2-3 year plan to get there. Finally, track your progress as you move toward your goal.
EXPECT SUCCESS. BE PRAGMATIC ABOUT THE TIMELINE.
Improving a fraud management capability is best undertaken incrementally and iteratively. Rome was not built in a day and your fraud analytics capability won’t be either. Look for quick wins to help you build momentum and then reinvest in your capacity and capabilities. Godspeed.