Antifraud framework

Fraud scenario Regulatory framework Zurich Italy context Policies and guidelines Antifraud governance ... Zurich Italy - Antifraud framework 10 Antifr...

0 downloads 88 Views 2MB Size
Antifraud framework Federica Troya, Italy Chief Risk Officer and Anti Crime Delegate October 2014 Zurich Italy

CONFIDENTIAL

Agenda The Italian context • Fraud scenario • Regulatory framework

Zurich Italy context • Policies and guidelines • Antifraud governance

© Zurich Insurance Company Ltd

Antifraud operational procedures

Fraud monitoring and reporting Conclusions and next steps CONFIDENTIAL

2

A brief overview of the Italian scenario The context

 The impact of fraud in Italy, compared to other countries, is particularly high, especially in the insurance environment

 The economic crisis over the lasts years acted as an accelerator of the incidence of fraud in both underwriting and claims

 Companies, also fostered by the Regulator and the Italian Government,

© Zurich Insurance Company Ltd

increased their investment in this specific area with the aim to reflect positive effect of this effort in their commercial proposition

Reducing fraud provides companies with the opportunity to be more competitive either by improving their Combined Ratio or by reducing insurance prices CONFIDENTIAL

3

A brief overview of the Italian scenario The official figures  The Regulator published the fraud ratio (*) in motor insurance for the years 2010 and 2011. According to ISVAP, the fraud ratio identified by the Insurance Companies would amount to 2.42% in both years.

 However, industry studies estimate that the actual incidence of fraud in the Italian market is

© Zurich Insurance Company Ltd

around 10% (Source KPMG), of which the Companies have been able to detect only a small percentage so far.

CONFIDENTIAL

(*) Fraud Ratio is the ratio between fraud claims compensation (not paid) vs. the total amount of motor claims compensation.

4

The Italian regulatory framework Actors involved and main regulatory requirements Companies can leverage Government and Regulator rules as well as the access to external databases to strengthen their “weapons” against fraudsters:

DB

 Regulation n. 44, August 9 2012

 Investigation on crime

 Criminal Code (Artt. 485, 642, 640, 489)

 Civil Code (Artt. 1892; 1901)

 ANIA (Customer insurance position)

 PRA (Vehicle and owner info)

phenomenon

© Zurich Insurance Company Ltd

 Private Insurance  Claims data base (banca dati IVASS)

Code

 Law Decree n. 27, 24/03/2012

CONFIDENTIAL

 C.C.I. (Casellario Centrale infortuni)

 CRIFT (Centrale rischi bancaria)

5

The Italian regulatory framework Challenges and opportunities From an insurance company perspective, regulatory requirements represent both an opportunity and a challenge for fraud fighting:

 Strong pressure on anti-fraud coming from the Regulator and the Italian Government (i.e. yearly report to the board and the Regulator )

 Insurance Mark dematerialization process*

 New rules to avoid frauds in case of

 Rules for companies in the claim settlement process

 Data privacy restrictions  External databases not always updated and reliable

 Justice timing

© Zurich Insurance Company Ltd

personal injuries claims

 Obligation to underwrite

CONFIDENTIAL

(*) Not yet in place: the expectation is that the upcoming insurance mark dematerialization will mitigate (potentially fully eliminate) the risk of fake insurance contracts in the Motor line of business

6

The Italian regulatory framework Reg. 44/2012: new focus on anti-fraud governance and results Purpose of IVASS, with the Regulation 44/2012, is to check the status of the antifraud initiatives within the insurance industry and monitor the results – in terms of loss reductions – achieved through fraud fighting Rule 44 Regulator’s requirements (Motor only)

Zurich 2013 report

 Provide information related to the antifraud processes, systems and people in order to assess the adequacy of the organization in preventing and combating fraud

 Describe the Company antifraud policies and guidelines

 Set out the Company antifraud objectives and © Zurich Insurance Company Ltd

strategies

 Share consistent data to track the impact of antifraud activities on Claims costs

 Track potential impact on customers in the form of complaints / legal actions CONFIDENTIAL

7

Agenda The Italian context • Fraud scenario • Regulatory framework

Zurich Italy context • Policies and guidelines • Antifraud governance

© Zurich Insurance Company Ltd

Antifraud operational procedures

Fraud monitoring and reporting Conclusions and next steps CONFIDENTIAL

8

Zurich Italy context The Antifraud culture  Zurich Italy is exposed to risks due to illicit and fraudulent activities, which may arise inside or outside the Company.

 Zurich Italy does not tolerate frauds or other crimes and is committed to take proactive measures to prevent, detect and investigate suspicious frauds and adopt immediate and opportune actions to fight against these situations

 Over the last years, Zurich Italy has carried on a comprehensive antifraud program that goes beyond the Regulatory requirements and specific market needs to drive a true cultural transformation across all business areas.

 The mission of Zurich antifraud approach can be summarized as follows:

 Establish a new anti fraud culture  Zero tolerance against fraudsters © Zurich Insurance Company Ltd

 Preserve and recognize good customers  Protect Zurich and customer assets CONFIDENTIAL

9

Zurich Italy - Antifraud framework

Fraud Control Model

Antifraud Organiza-tion

Loss Event Report

Policy & Guidelines

Antifraud tools

Operational Procedures

© Zurich Insurance Company Ltd

Antifraud skills

CONFIDENTIAL

10

Antifraud governance Policies and guidelines Zurich Italy has adopted several policies and guidelines to define processes, controls and behaviors standards to fight against crimes and frauds, internally and externally, committed against the Company:

Zurich Risk Policy • Section 10 – Operational Risk • Appendix 18.10i - Global Security Standards

Zurich Basics • Zurich Code of Conduct, articulating our basic values and the employees key rules of conduct.

Compliance Policies:

© Zurich Insurance Company Ltd

• Conflicts of Interests and external Engagements • Reporting Improper Conduct and Concerns” policy

Control Framework • Former ICF / OKC / SOX controls • “Organisation, Management and Control Model”, pursuant to Law-Decree n. 231/2001

CONFIDENTIAL

11

Antifraud governance Organizational model (1/3) Zurich Italy has adopted an integrated anti-fraud approach to ensure coordination among all involved subjects across lines of business and Segments. For this purpose, while the business remains the ultimate responsible for fraud prevention and detection, specific antifraud responsibilities have been assigned to specialized antifraud functions:

Risk office & ACD

© Zurich Insurance Company Ltd

CEO Office & Distribution Control

UW & distribution fraud Distribution & Quality Control

Legal and criminal procedures (UW) AntiFraud Unit

ZIP Branch GI

Zurich Investments Life (ZIL)

Chief Operations Officer

Claims

HR

Others

Operations & Customer relationships

Claims fraud Claims Counter Fraud Unit (CCFU)

Internal Fraud HR Operations

MFU, Legal, etc.

UW fraud Quality Underwriting Direct

Shared services supporting Zuritel / Life

CONFIDENTIAL

Zuritel

Life Customers and Distribution Dialogue

Life antifraud coordinator (LAC)

12

Antifraud governance Organizational model (2/3)  Anti-crime delegate (ACD, all companies): subject assigned to the coordination of anti-fraud activities in compliance with the standards provided by the Zurich Risk Policy.

 Human Resources (all companies): function coordinating the anti-fraud activities related to internal fraud cases, overseeing the investigations and possible disciplinary actions.

 Antifraud Unit (AFU, all companies): It is the unit assigned to verify the possibility to initiate civil or criminal proceedings against the insured / fraudulent counterparty and to manage the same in case of GI Underwriting and Life fraud*.

 Distribution and quality control (ZIP & shared services to Life): function responsible for UW and Distribution fraud within GI, including: i) Agency inspections to identify irregularities and potential distribution frauds; ii) KPI analysis to identify potential UW fraud committed by the customers; iii) targeted investigations on suspicious cases; iv) Fraud reporting.

 Claims counter fraud unit (CCFU, ZIP & Zuritel): function responsible for the management of Claims fraud cases, reported by the Claims function (Loss Adjusters Network and Quality Assurance) or signaled by DETICA. This unit carries out the investigation, manages and authorizes the payment/rejection of the fraud alleged claims; proceeds with civil and / or criminal action against the fraudsters as needed. © Zurich Insurance Company Ltd

 Quality Underwriting (Zuritel only): function responsible for the definition and implementation of anti-fraud

controls, carrying out “ex post” investigative controls and management of anomalous or suspicious cases in the customer on-boarding phase.

 Life Antifraud Coordinator (LAC, Life only): subject responsible for overarching coordination of Life antifraud activities (including all types of external Life fraud: UW, Claims, Distribution), investigation and management of suspicious cases and Life fraud reporting. CONFIDENTIAL (*) Potential legal actions related to Distribution fraud are managed directly by the General Counsel.

Antifraud governance: an integrated approach Organizational model (3/3) In order to further strengthen the anti-fraud framework, Zurich Italy has established joint Committees and regular meetings to ensure ongoing coordination among all the involved functions (antifraud referents; Control functions; the Business)  Anti Crime Delegate (ACD): coordinates the Company anti-fraud activities in alignment with the ZRP. The ACD responsibilities include:  Fraud Council: chair and organize the Fraud Council  Reporting: maintain a regular Fraud report tracking all identified fraud cases

Anti Crime Delegate

 Fraud council: It is composed of: ACD, CFO, Head of HR, Compliance

Fraud Network meeting

Distribution irregularities

and Legal. The CEO Office & Distribution Control, the CCO and the COO may be invited on a needed basis. The Fraud Council is responsible for:  Internal Frauds: assess and define potential proceedings;  Case management: manage fraud cases that require escalation due to their complexity, size, involved subjects, other;  Guidelines: discuss and agree on guidelines for specific cases Specific Fraud Councils have been established within Zuritel and Life.

 “Distribution irregularities” Committee: It is composed of: ACD, CFO,

© Zurich Insurance Company Ltd

Fraud Councils (Overall; Life; Zuritel)

Head of Distribution. The Committee is responsible for analyzing identified distribution irregularities (including potential fraud cases) and agreeing on actions as needed.

 Fraud Network meeting: monthly meeting coordinated by the ACD, with the participation of all the Antifraud referents. Objective of these meetings is to ensure that main fraud cases, best practices, potential issues, etc. are shared across all business areas.

CONFIDENTIAL

14

Agenda The Italian context • Fraud scenario • Regulatory framework

Zurich Italy context • Policies and guidelines • Antifraud governance

© Zurich Insurance Company Ltd

Antifraud operational procedures

Fraud monitoring and reporting Conclusions and next steps CONFIDENTIAL

15

Anti-Fraud Governance: procedural steps

© Zurich Insurance Company Ltd

Prevention & Detection: this phase includes the controls and activities aimed to prevent and detect the suspicious cases

Investigation: collecting more information that permit to classify the case as fraudulent. This activity can be a “desk investigation” (internet search; analysis of external database, etc.) or “field investigation”.

Decision Making defining how to handle the identified case, depending on the extent of the fraud (qualitative and quantitative aspects). It can result in: i) a request to start a criminal proceedings; ii) other actions.

Execution: execution of the decision, also in order to recover what had been taken illicitly. Execution may imply, on a case-by-case basis, Penal proceeding or other actions (e.g. disciplinary actions; premium recalculation; policy cancelation; claim closed without payment; etc.)

Cross Communication (*)

(*) Cross Communication: in parallel to the Fraud process, a periodic flow of information among the involved functions is assured in order to understand possible gaps in the process or control system that led to the identified fraud and ensure that main fraud cases, best practices, potential issues, etc. are shared across all business areas. The communication is supported by the committees described above, by the shared folder for fraud cases and direct contacts among the functions. CONFIDENTIAL

16

Antifraud processes - deep dives

a.

© Zurich Insurance Company Ltd

d.

CONFIDENTIAL

Fraud prevention and detection in UW: Zuritel (Direct business)

b.

Fraud prevention and detection in UW: ZIP Branch

c.

Fraud detection in Claims

Life antifraud: the checklist

17

A virtuous circle is the key success factor to improve company AF barriers  Information sharing across functions (Underwriting, Claims, Operations, Risk, Legal, HR) and the development of a fraud culture within the Organization are key to prevent and contrast fraudsters Portfolio manag. Dept.

Fraud Council & meetings

fraud detection

Quality Underwriting

Fraud Contrast

Litigation

Pricing

© Zurich Insurance Company Ltd

Claims

prevention barrier enhancement

CONFIDENTIAL

• Update AF scoring system • Introduce new fraud indicators (KPIs, checklists)

Quote & buy process

• Strengthen Back Office fraud Issuing filters process 18

Prevention and Detection in Underwriting (a) A best practice in ZURITEL (1/2)

 We invested to improve our capabilities and effectiveness in the two UW antifraud key areas: – Prevention: identifying adverse risks during the quoting process for an analytically control of the underwriting of possible fraudsters customers – Detection: daily monitoring of the underwritten portfolio through customized views to spot possible fraudulent behaviours Prevention

Detection

© Zurich Insurance Company Ltd

Introduced the scoring model (SM) that marks quotes through several combination of UW and customer data (online since Feb 2014)

Online Quot ing

CONFIDENTIAL

Fraud Risk Quot e

Ant if raud issuing process

OK Quot e

St andard Issuing process

Introduced a Business analytics tool (Qlick View) that daily monitors portfolio from an Antifraud perspective

SM Illustrative

19

Prevention and Detection in Underwriting (a) A best practice in ZURITEL (2/2)

© Zurich Insurance Company Ltd

Illustrative purpose only

CONFIDENTIAL

20

Antifraud processes - deep dives

a.

© Zurich Insurance Company Ltd

d.

CONFIDENTIAL

Fraud prevention and detection in UW: Zuritel (Direct business)

b.

Fraud prevention and detection in UW: ZIP Branch

c.

Fraud detection in Claims

Life antifraud: the checklist

21

Prevention and Detection in Underwriting (b.) Optimization of Antifraud & Quality Control in ZIP Branch (1/2)  The Distribution & Quality Control department has implemented a Dashboard that enables both



antifraud detection and a broader analysis of the quality of the portfolio. The Dashboard, fully in production since January 2014, tracks 29 KPI’s at both Agency and Customer level: 8 specific Fraud KPI’s + 21 Quality indicators

Antifraud analyst

© Zurich Insurance Company Ltd

Monthly analysis of all fraud KPI’s Direct investigation on Agencies with highest impact

CONFIDENTIAL

Inspectors

Quality Controller

Analysis of 11 KPI’s (mix of Antifraud and Quality indicators) in all the visited Agencies

Analysis of all 21 Quality indicators (by geography)

22

Prevention and Detection in Underwriting (b.) Optimization of Antifraud & Quality Control in ZIP Branch (2/2)

Multipolicy Claims in a different area

Multiple Claims Multiagency customers with claims ( Motor) Car plates from other Agencies

Report and documents collection for legal proceedings (as needed)

© Zurich Insurance Company Ltd

• Fraud KPI Detailed analysis

• Agency inspection • Antifraud investigation

Multiagency customers with claims ( no Motor) Change of maximum exposure during the year Life policy (foreign policyholder)

• AFU Roma for legal proceedings and inclusion on Loss Event report • Operations office for policy cancellation ex art 1892 Italian Civil Code • Underwriting for portfolio / policy review • RAZ for disciplinary actions on the Agencies • Communication to the Fraud Council as needed Disciplinary action on Agency Portfolio clean up / Tariff review Fraud monitoring & reporting*

CONFIDENTIAL (*) Monthly report shared with the Responsible of CEO Office & Distribution Control. Report shared with ACD and CEO on a bi-monthly basis

23

Antifraud processes - deep dives

a.

© Zurich Insurance Company Ltd

d.

CONFIDENTIAL

Fraud prevention and detection in UW: Zuritel (Direct business)

b.

Fraud prevention and detection in UW: ZIP Branch

c.

Fraud detection in Claims

Life antifraud: the checklist

24

Fraud detection in Claims (c.) Key goals for the management of fraud in insurance claims

Speed up the claims settling process

 Reduce the number of fraudulent claims

 Reduce the effort spent in Enhanced Cust omer Service Leverage Global on Group Deployment experiences St rong Count erf raud Cult ure

managing fraud claims 30-100% Improved increase in f raud detected det ect ion fraud

claims and network

 Continuously improve and selflearn to anticipate the fraudsters

 Preserve honest customers  Develop anti fraud culture and attitude

© Zurich Insurance Company Ltd

Establish the anti fraud Culture

 Preventively Identify fraudulent

CONFIDENTIAL

25

Fraud detection in Claims: DETICA (c.) Advanced analytic tools implemented since 2010 (1/3) Capture outcomes and red flags

Policy & Coverage data

? ?

? ?

NetReveal Visualizer

Claim and payment data

Customer personal data

Involved party data

Data ingest and extract entities

Create all potential links

Socially bound networks with “Hard Links”

Enhance networks with “Soft Links”

Score entities and networks

Social Networks

Enhanced Networks

Prioritized High Risk Networks

© Zurich Insurance Company Ltd

Injury data

• Review alerts • Take action • Create cases

Known frauds, red flags and risk lists

Employee data (for insider or collusive fraud)

CONFIDENTIAL

Single View

Linked Soup

NetReveal Workbench

26

Fraud detection in Claims: DETICA (c.) Advanced analytic tools implemented since 2010 (2/3) Example of a network, as visualized by Detica NetReveal

© Zurich Insurance Company Ltd

A

The red icons in the circle indicates two claims already managed by the CCFU, before using Detica NetReveal CONFIDENTIAL

27

Fraud detection in Claims: DETICA (c.) Advanced analytic tools implemented since 2010 (3/3) The tool shows further areas of investigations…

A

© Zurich Insurance Company Ltd

B

By the analysis of the network our fraud Intelligence Team found a connection to a group of 65 claims linked by the same address. This is a typical case of fraud professionals CONFIDENTIAL

28

Antifraud processes - deep dives

a.

© Zurich Insurance Company Ltd

d.

CONFIDENTIAL

Fraud prevention and detection in UW: Zuritel (Direct business)

b.

Fraud prevention and detection in UW: ZIP Branch

c.

Fraud detection in Claims

Life antifraud: the checklist

29

Life Fraud Red Flags • Life has developed a check list to identify suspicions of possible claims fraud, which is •

being implemented at the business level in order to enhance timely detection of fraudulent cases. Any case where we receive a tip-off, anonymous or otherwise, that the claim is fraudulent must be referred to the Life Antifraud Coordinator (LAC).

Examples of red flags would include:

• The customer refuses to answer a question or provide a document that has been requested or refuses to allow us access to certain records or a particular third party.

• There is definite evidence of past or current dishonesty. For example we may have significant grounds to believe that the customer has made dishonest representations to ourselves or other parties in the past or there are indications the customer may have been involved in fraudulent actions with other parties.

© Zurich Insurance Company Ltd

• There are clear inconsistencies between sporting or social activities and the claimed disability. • There are multiple concurrent claims.

CONFIDENTIAL

30

Agenda The Italian context • Fraud scenario • Regulatory framework

Zurich Italy context • Policies and guidelines • Antifraud governance

© Zurich Insurance Company Ltd

Antifraud operational procedures

Fraud monitoring and reporting Conclusions and next steps CONFIDENTIAL

31

Fraud Monitoring The Fraud Control Model Losses incurred due to misuse of corporate credit card, cash expenses, etc. for personal, fraudulent gain.

Expense Fraud

Losses incurred by someone deliberately assuming a customer, intermediary or employee identity by forgery and/or impersonation (identity theft, surrender fraud, check fraud, etc.)

Forgery / Impersonation

Losses incurred by the purposeful revelation of confidential information for the purposes of criminal activity including reputational damage.

Disclosure of confidential information

Losses incurred due to deliberately not following accounting procedures for either for personal or company benefit.

© Zurich Insurance Company Ltd

Losses incurred by someone giving or receiving gifts, incentives, bribes, kickbacks for the purposes of fraudulent activity.

Losses incurred due to someone obtaining a policy of insurance for a lesser than ordinary premium or higher, specific coverage, usually at the time of underwriting, by means of false, incomplete or misleading information.

Fraud Accounting irregularities

types

Forgery / Impersonation (External)

Losses incurred by someone deliberately assuming a customer, intermediary or employee by forgery and/or impersonation including identity theft, surrender fraud, check fraud, etc.

Premium or policy fraud (external)

Losses incurred due to someone obtaining a policy of insurance for a lesser than ordinary premium or higher, specific coverage, by means of false, incomplete or misleading information (e.g. previuos claims, medical history) .

Disclosure of confidential information (External)

Losses incurred by the purposeful revelation of confidential information for the purposes of criminal activity including reputational damage.

Bribery and corruption (external)

Losses incurred by someone giving or receiving gifts, incentives, bribes, kickbacks for the purposes of fraudulent activity.

Distribution fraud (External)

Losses incurred due to misappropriation of customer payments, fraudulent misrepresentation of new policies withholding customer premium.

Procurement fraud

Losses incurred due to a supplier deliberately falsifying their bill, invoices paid without goods / services being delivered, etc.

Bribery and Corruption

Premium or Policy Fraud

Other loss events Losses or reputational damage incurred due to fraudulent qualifications presented by staff.

CONFIDENTIAL

Internal Fraud

• • •

IT incidents Safety and security incidents Theft of assets

Recruitment fraud

External Fraud

Other loss events

32

Agenda The Italian context • Fraud scenario • Regulatory framework

Zurich Italy context • Policies and guidelines • Antifraud governance

© Zurich Insurance Company Ltd

Antifraud operational procedures

Fraud monitoring and reporting Conclusions and next steps CONFIDENTIAL

33

Antifraud evolution A new discipline for insurance companies

Today

© Zurich Insurance Company Ltd

Yesterday

CONFIDENTIAL

34

© Zurich Insurance Company Ltd

Thank you

CONFIDENTIAL 35