Emotional Intelligence & The Allure of Insurance Fraud

By Lowers & Associates,

Emotional Intelligence and the Allure of Insurance Fraud

By Neil Watson and Keith Gray

Insurance loss happens for many reasons.  For a business, common causes include armed robbery, theft, customer injury, floods, fires, and storm damage; but any natural disaster, large-scale event, or man-made act can bring about a claim.  When an event involves the loss of physical stock or damage to property, the loss is immediate, and it creates an urgent need for the business owner to settle the claim so that the business can resume operations and avoid further lost revenue.

This desire to quickly return to business as usual is a natural one, but in the wake of an event, it’s not uncommon for the resolution process to test the business owners’ resolve.  And while most claims post-incident are legitimate, from time-to-time, human emotions will complicate the process and create an environment that enables fraudulent activity, sometimes in unexpected ways.

Why Does Insurance Fraud Happen?

The Fraud Triangle provides all the insight required to answer this question.  Our team has written extensively on this, but Donald Cressey’s hypothesis in his book “Other People’s Money” says it all: Trusted persons become trust violators when they conceive of themselves as having a financial problem which is non-shareable, are aware this problem can be secretly resolved by violation of the position of financial trust, and are able to apply to their own conduct in that situation.”

It’s true that some fraudulent claims start out as legitimate but become ‘exaggerated’ during the claims process due to perceived opportunity.  In other cases, if the business is not doing well and is losing money, desperation can create enough pressure to commit fraud.  In rare cases, the fraud may involve large organized criminal gangs; these are often well-planned and involve multiple parties where the sole intent of the activity is a rational attempt to defraud an insurance provider.

It’s for these reasons that impartial guidance through the claims process is crucial.  As an insured, it is important to work closely with your insurance broker and the loss adjuster in preparing your claim and validating your losses.  Without this professional assistance and oversight, fraud can easily find its way into the conversation.

How Does Insurance Fraud Happen?

Below are a few examples of insurance fraud we’ve seen over the years at Lowers & Associates:

  • ‘Padding’ legitimate claims to increase the claim amount
  • Including losses from previous shortages or events within a big ‘single event’ claim
  • Manipulating inventory, possibly running two sets of books, to allow for the tracking of actual inventory versus the falsely reported inventory
  • Exaggerating the damage suffered as a result of a natural disaster (storm), or even causing some additional damage not caused by the original disaster
  • Committing arson
  • Staging accidents or thefts

The current COVID-19 situation globally, coupled with other localized events (recent looting losses in the U.S. or the extreme poverty facing certain areas in Brazil), is resulting in retail sales for certain sectors falling by over 50% and as much as 100%, which is clearly not sustainable.

In such unprecedented times as these, the possibility of a spike in fraudulent claims is a real concern. There is an increase in both the pressure and opportunity factors, resulting in an increased likelihood that potential perpetrators may rationalize their fraudulent thoughts and act on them as a result. For business owners, it can be hard to find consistency and understand what their default problem-solving steps should be.  When the Lowers & Associates team is presented with uncertainty, we often lean on process and procedure to identify a way forward in our work together with clients.  This path can always be informed by intuition, experience, and empathy, but for a business, without process and procedure to provide impartiality, the risk of insurance fraud increases significantly.

What Can You Do About It?

Ideally insurers would commission a pre-risk survey to establish security protections, stock levels, and standard operating procedures to satisfy themselves that the risk meets their requirements.  While this is recommended, it is not always feasible due to time or cost restraints.

Post-event, once a claim has been filed, relying on the findings of a law enforcement investigation may not be feasible due to timing or any related circumstances related to the event (especially if it’s large-scale or a natural disaster).  And even if law enforcement is doing an investigation on an event, it may not be a priority, creating an extended period of uncertainty.  Lastly, law enforcement may also be very hesitant to provide any info that they do have knowledge of, especially when it is an active investigation.

To manage this process, business owners and insurers need independent third parties that are flexible, have experience across multiple industries and can dedicate the appropriate time required to work through a claim (i.e. gathering facts, evidence and necessary documents) to support the basis of the claim.  For truly complex fraud matters, business owners and insurers should expect the third party to have a Special Investigations Unit (SIU) with extensive experience in technical surveillance countermeasures (TSCM) and counterintelligence that regularly work on international assignments.

With enterprise risk mitigation and insurance solutions that include UAV/UAS, special investigations, forensic accounting, loss adjusting and more, Lowers Risk Group stands ready to support our clients through the claims process with the speed, accuracy and dedication you’ve come to expect from over 30 years in the business.  To learn more, contact us.

About the Authors

Neil Watson brings nearly 30 years of insurance industry experience to Lowers & Associates, where he currently serves as Global Operations Director.  With key insurance industry relationships in both the London and International insurance markets, Neil’s primary responsibility is to grow all verticals and assist in building out L&A’s claims adjusting capabilities.

Keith Gray has been with Lowers & Associates for over 15 years and currently serves as the VP of Client Relations.  In his current role, Keith provides oversight with respect to program coordination, management of a nationwide team of industry professionals, investigation, and client communication.  Keith possesses a degree in Accounting and is certified as both a Certified Fraud Examiner (CFE) and Certified Anti-Money Laundering Specialist (CAMS).

  Category: Occupational Fraud
  Comments: Comments Off on Emotional Intelligence & The Allure of Insurance Fraud

Due Diligence: Your Lucky Day?

By Tom Dolan,

Due Diligence: Your Lucky Day?

Imagine your business is being asked to partner with the trendiest new luxury goods distributor. They have a strong presence throughout Europe, are establishing a growing network of suppliers, and come backed by some significant capital. Wow! It MUST be your lucky day!

Or is it?  A quick look into the distributor’s leadership reveals that the principal supplying that capital is best known for stepping down as the founder and CEO of his previous business after multiple Lacey Act violations, including unethical sourcing and the sale of dangerous, toxic products. These violations cost his previous company millions in criminal penalties.

Not to ruin the fantasy here, but this is the real world (and a true story).  Proper due diligence saved the business from this bad partnership before it could happen.  It truly was their lucky day.

This positive outcome is less common than you might think. Fraud is everywhere, but just a small amount of basic due diligence can help a business avoid it or other unnecessary risks. From a small-town pawnbroker that lost his business after hiring a friend whose felonious past was only revealed after a six-figure theft, to a multinational corporation that lost millions in fraudulent payments to a duplicitous supply contractor living well beyond his means, there are countless stories demonstrating the steep price paid by companies that trusted before verifying.

What is due diligence?

Due diligence is a specific but flexible process performed by qualified experts to identify and obtain disparate information to form a complete picture.  In the above example, the research would have included the history and business filings of the company (as well as those of the principles, owners or key management) and any actual or perceived affiliations, to name a few.

Why do businesses need it?

New personnel or new partners can shape the future of your business.  Whether it’s a college coach, a board member or a supplier, the whole story matters and should include:

  • Investigation of Character
  • Investments
  • Acquisitions
  • Mergers
  • Assets identification (for debt enforcement and recovery)
  • Location

What else should I know about due diligence?

It’s always important to understand who you’re working with to eliminate the potential for fraud. When doing your due diligence, here are some best practices to consider:

  • Access to public records. A subject’s criminal record (or lack thereof) is of prime importance, but equally significant may be history of litigation or bankruptcy. Even seemingly minor issues like traffic infractions may be indicative, especially when a subject has tallied dozens.
  • Complete and comprehensive history. The most thorough background investigations can reveal the truth of what’s been put forward in a resume or MOU and what may have been deliberately omitted.  Ask the questions that illuminate the answer.
  • Asset verification. Before entering into any formal arrangement, understand and confirm a potential partner’s claimed resources and reveal when things don’t add up.  Don’t underestimate the power of pressure in the Fraud Triangle.
  • Social media review. Despite its prevalence, not everyone uses it wisely. A review of both personal and corporate profiles can identify some of the most egregious red flags.  Consider recurring sweeps to mitigate or uncover your exposure.

BONUS: Red Flags

Incompetence is often much more apparent than criminal activity.  When evaluating a person or vendor, does your due diligence evaluation include the following?

  • History of mismanagement
  • Jumping from job to job
  • Living beyond perceived means
  • Having a history of “start-ups” or serial entrepreneurial ventures
  • Relocation, either town to town, or state to state
  • Longer and undefined timeframes with no employment

If your business is struggling with due diligence or would like to set up a consultation in-person or remotely, please reach out to us.

  Category: Due Diligence
  Comments: Comments Off on Due Diligence: Your Lucky Day?

COVID-19 and the Fraud Triangle

By Lowers & Associates,

COVID-19 and the Fraud Triangle

In our work in high risk industries, we routinely uncover fraud and asset misappropriations. While it may seem counterintuitive, with the US and global economy currently at a standstill due to COVID-19 shelter at home directives, organizations should be on high alert for occupational fraud during this time. The Fraud Triangle provides a framework for explaining why this is.

Formulated in 1953 by criminologist Donald Cressey, the Fraud Triangle theorizes that fraud occurs when the fraudster feels financial pressure, they are presented an opportunity, and/or the person can rationalize the theft.

With record numbers of Americans filing for unemployment and organizations operating with skeleton crews, the circumstances are ripe for fraud to take place.

A “Perfect Storm” of Conditions

Today, with organizations shut down to outside visitors (including, in some cases, outside auditors) as well as many employees, we are seeing a virtual petri dish for fraud. Two corners of the Fraud Triangle – opportunity and rationalization – are getting bent pretty hard. The third corner, incentive, in the form of extreme pressure, is bent even further. People have less supervision, more opportunity, and way more financial pressure.

So while you’re dealing with this pandemic and the resulting disruption, now more than ever is the time to be vigilant.

Opportunity

The coronavirus pandemic has driven unprecedented change in the workplace. Many employees are either laid off, have taken a pay cut, and/or are working remotely. Those who remain, whether at the workplace or from home, may be working with less supervision than before. In fact, we are seeing many instances where key risk management procedures like dual controls have been weakened or suspended entirely. For example, instead of having two or more employees independently evaluate and compare financial records, now only one employee may be responsible. Or, that supervisory signature normally required on certain transactions? It’s no longer practical given our remote locations, so we’ll just “do it this way” in the interim.

Sound familiar? The problem in these scenarios is that one small transgression that goes unnoticed has a way of snowballing into full-blown fraud.

Rationalization

When opportunity and incentive exist, people are better able to rationalize their fraudulent behavior. That couldn’t be more true than during this pandemic.  “I have to do this to provide for my family. I’ll pay it back later. My employer deserves it for laying me off.” These are some of the underlying rationalizations that turn a fraudster’s underlying thoughts into an actionable theft.

Incentive/Pressure

Financial difficulties are at the top of the list in terms of the pressures that can motivate people to commit acts of fraud. At no other time in modern history have so many people been under such financial strain as they are today.

At the highest of levels of unemployment following the 2008 financial crisis, there were 15.3 million jobless Americans. By the third week of April 2020, 26.5 million workers had filed jobless claims as a result of the coronavirus. An estimated 33 million people are currently unemployed, representing nearly 21 percent of the workforce and the highest unemployment level since 1934. Many who remain employed have agreed to accept pay cuts, work reduced hours, or take unpaid furloughs.

While the $2 trillion stimulus bill, Coronavirus Aid, Relief, and Economic Security Act (CARES), provided some short-term relief, it is likely not enough to stem the extreme financial worry being felt by many who don’t know how they’ll pay next month’s mortgage or cover their car insurance premium.

The pressure is extreme.

The Takeaway? Stay Vigilant

It may be tempting for organizations to be complacent when the world seems at a standstill, but the time to be diligent is now. Businesses should be on “high alert” and taking measures to ensure they’re keeping their operations secure. That includes double checking that access to IT systems and software has been blocked for furloughed employees or that virtual private networks (VPNs) have been created for remote workers. Internal controls should also remain in place, even if they have to be modified temporarily. For example, regularly scheduled phone calls or video conferences send the message that you’re still monitoring employees’ activities. Finally, if you haven’t already done so, it’s a good time to do an updated risk assessment for the entire organization. Asking your team where new vulnerabilities might exist, whether internal controls are still functioning as intended, and what gaps have been created are all part of mitigating the risk potential associated with the Fraud Triangle.

If you’d like help conducting any of these assessments, please reach out to us.

5 Places Where the Human Element of Risk Rears Its Ugly Head

By Lowers & Associates,

5 Places Where the Human Element of Risk Rears Its Ugly Head

A perfect storm of human errors — six of them to be exact — caused the biggest nuclear accident to date, the Chernobyl disaster in 1986. An IT mistake prompted 425 million Microsoft Azure users to experience 10.5 hours of downtime. Lack of communication between maintenance crews caused what would have been a simple fix to, instead, lead to the crash of a 1.4 billion dollar stealth bomber.

While there are many sources of enterprise risk, probably the most dynamic and difficult to contend with are those driven by or otherwise impacted by human capital — that is, people. The fact is, most risks start and end with people. The decisions people make, how they perceive situations, how closely they follow policies and procedures… these and other human-driven factors can significantly influence how risks are identified, managed, and addressed.

In our work in the realm of human capital risk, we see many areas where people have the potential to positively or negatively impact the organization from a risk management standpoint. Unfortunately, when people fail, they sometimes fail in big ways. Here are some of the places where human capital risk can rear its head, causing damage to people, brands, and profits:

1. Cybersecurity

Staying secure goes beyond technology (think servers, network, firewalls, etc.); it requires the aid of humans to maintain that secure digital environment. And while most employees get some degree of IT security awareness training in the course of their jobs, mistakes still happen.

IBM estimates the average number of records lost to data breaches annually to be 25,575, and the average cost per breach of USD $3.92 million. Social engineering, malware, and phishing attempts continue to pay dividends for the fraudsters who deploy them. We all know we’re not supposed to click on that link or divulge sensitive information over the phone, but still, people do it. Lapses in judgment, failure to follow a process, having a sense of overconfidence or the feeling that it won’t happen to them, whatever the reason, humans have the ability to sidestep even the strongest cybersecurity protocols.

2. Occupational Fraud

Risk doesn’t always stem from human error; sometimes it’s the result of deliberate actions by employees. Common types of occupational fraud include asset misappropriation, corruption, and financial statement fraud. In 2017, these types of fraudulent activities resulted in $7 billion in losses, according to ACFE’s 2018 Report to the Nations.

When the workplace lacks internal controls, fails to have separation of duties, or neglects to invest in data monitoring and technologies that could flag anomalies, unscrupulous employees see their opening.  Bookkeepers set up fictitious employees in payroll systems in order to cut checks, executives find ways to alter records and financial statements, and line workers take home company property for personal use. These incidents have a median per-loss cost of $114,000, as noted in the ACFE Report.

3. Physical Security

Check with most workplaces and you’ll find they have certain security protocols in place or at least policies that address physical security. Visitors may be asked to check-in at a front desk, employees might be required to wear ID badges, and doors might be required to be locked at all times.

Unfortunately, over time, employees become complacent and policies become outdated. People forget, or simply choose to ignore, the basics they’ve been taught. They leave doors propped open, inviting strangers to come in the building. They neglect to report a broken lock or missing lightbulb. They forget to keep up their annual emergency exit drill schedule. Or, they fail to log off a computer just as someone else decides it’s okay to let a guest circumvent the front desk sign-in because they “know this person.”

These small, but meaningful, errors in judgment often mean the difference between a workplace that remains physically secure and one that opens itself to the risks of theft, data breaches, or even active shooter situations.

4. Workplace Violence

Workplace assaults resulted in 18,400 injuries and illnesses and 458 fatalities in 2017. Assaults range in severity from threats and verbal assault to stabbings, rape, and intentional shootings. In fact, mass shootings at workplaces, schools, and public venues have become the new norm with an average of at least one happening per day in the United States.

We can’t always know which employees are at high risk for engaging in workplace violence, but experts have begun to identify the behaviors that often precede events like these. They include the inability to focus, crying, social isolation, threatening behavior, concerning posts on social media, or complaints of unfair personal treatment. A sudden change in behavioral patterns, or in the frequency or intensity of these behaviors, is also a red flag.

5. Negligent Hiring and Retention

Exercising due diligence in hiring is the best line of defense against negligent hiring and retention lawsuits. Background checks, of course, are the first course of action in rooting out applicants who might disproportionately introduce risk into the workplace. Gathering criminal background records, doing drug testing (as appropriate), and verifying references and credentials are all critical to mitigating your hiring risks.

Beyond background checks, organizations need to have effective fraud detection methods in place. This is particularly relevant considering 96 percent of fraud perpetrators had no prior fraud conviction, and fraudsters who were employed for more than five years stole twice as much, $200,000 vs $100,000 for newer employees! They need to understand the elements of human risk that can be an early indicator of fraudulent activity, including employees who live beyond their means, are experiencing financial difficulties, or have an unwillingness to share job duties.

Manage Your People, Manage Your Risk

Humans are, well, human. They introduce a spectrum of risk into any workplace, from purposeful criminal behavior on one side to unintentional, garden-variety mistakes on the other.

Managing those risks is an ongoing challenge, particularly when it’s difficult to pinpoint the precise human factors that contribute to failures. If you’d like help identifying those areas in your organization that are most susceptible to the human element of risk – whether it’s your cybersecurity program or your hiring processes — request a meeting with a risk management professional.

 

  Category: Risk Management
  Comments: Comments Off on 5 Places Where the Human Element of Risk Rears Its Ugly Head

7 Must-Haves for Occupational Fraud Prevention

By Lowers & Associates,

7 Must-Haves for Occupational Fraud Prevention

As the ACFE’s 2019 Fraud Awareness Week comes to a close, it’s a good time to create your plan for fraud prevention in the year ahead. These seven fraud prevention strategies, drawn from the 2018 Report to the Nations by the Association of Certified Fraud Examiners (ACFE), will go a long way in fortifying your organization against the conditions that can facilitate occupational fraud at the workplace.

1. Tone from the Top

A robust anti-fraud program that is embraced from the top of the organization to the bottom creates a culture of honesty and fairness. A solid program starts with a code of ethics, signed by all employees, and continues with anti-fraud policies, training, internal controls, and periodic employee surveys which help gauge the extent to which employees believe management acts with honesty and integrity. Many organizations also include fraud prevention objectives as a part of their employee performance goals.

2. Anti-fraud Training

Practical, hands-on training that educates employees on how to detect fraud, what to look for, how internal controls work, and how to report fraud are instrumental to any anti-fraud program. For instance, make employees aware of the research that demonstrates how fraudsters attempt to conceal their activities, such as through the creation of fraudulent documents, altered accounting transactions, or fraudulent journal entries.

3. Clear Reporting Methods

Fifty-three percent of fraud cases in the ACFE’s 2018 Report to the Nations were reported by employees, and the research also revealed that hotlines were effective in encouraging such reporting. So, whether you create a dedicated fraud hotline, or rely on emails, web forms or in-person reporting, do be sure that all employees know their options for reporting suspected fraud.

4. Proactive Detection

Commit to having anti-fraud efforts remain at the forefront of your organization. This means sending out regular messages to the team, conducting surprise audits, performing regular account reconciliation, and implementing continuous monitoring software to detect anomalies. Organizations with proactive detection methods like these caught fraudulent activities months earlier than those with passive detection. For example, frauds detected actively by IT controls tended to last five months and cause a median loss of $39,000, compared to schemes detected passively (e.g., through notification from law enforcement), which tended to last two years and cause a median loss of almost $1,000,000. If you’re not sure where to start, begin with a fraud risk assessment to identify and mitigate any vulnerabilities you find.

5. A Strong Auditing Team & Internal Controls

The one-two punch of a strong auditing team and solid internal controls will mean the difference between sleeping well at night or potentially having massive losses. Your auditing team should have adequate resources and authority to operate effectively and without undue influence from senior management. In addition, the ACFE’s 2018 study found that weaknesses in internal controls were responsible for nearly 50 percent of all fraud cases! Anti-fraud controls are paramount to preventing or detecting fraud. Here are a few of the most important controls:

  • External audits of financial statements
  • Internal audit department
  • Management certification of financial statements
  • External audit of internal controls over financial reporting
  • Management review
  • Reporting hotline
  • Code of ethics and anti-fraud policy
  • Proper separation of duties
  • Job rotations

6. Diligent Hiring Practices

Background checks should always be a part of any hiring practice, and attention to criminal history, credit reports, and reference checks are particularly important in the context of preventing fraud. However, since 96 percent of fraud perpetrators in the AFCE study had no prior fraud conviction, the next step is understanding the behavioral red flags associated with fraudsters. Eighty-five percent of perpetrators displayed at least one of these red flags: living beyond means; financial difficulties; unusually close relationship with vendor/customer; control issues, unwillingness to share duties; divorce/family problems; and a “wheeler-dealer” attitude.

7. Employee Support Programs

Employee support programs are valuable for a variety of reasons, but in the context of occupational fraud, they can help address some of the underlying issues that present themselves as “red flag behaviors.” An open-door policy that welcomes employees to speak freely about financial, family or addiction pressures can help alleviate them before they become acute or lead to destructive behaviors.

The most cost-effective way to limit fraud losses is, of course, to prevent fraud from occurring. With these strategies in-hand, your organization will be off to a strong start. If you’d like an experienced team to help create an anti-fraud program or investigate suspected fraud, please reach out at any time.