A web of fraudulent details
By Paul J Davies
Published: August 11 2010 22:25 | Last updated: August 11 2010 22:25
Imam Hoque types a name into his keyboard, a dot appears in the centre of a huge white screen and rapidly sprouts several tiny grey lines. These lead to other dots that, in turn, sprout more lines.
EDITOR’S CHOICE
Trio accused of Ritz sale bid fraud - Jun-08
Within seconds, a kind of elongated spider’s web forms and Mr Hoque, the founder and chief technology officer of Detica NetReveal, starts to enlarge and reshape a network of what turn out to be neat graphic icons for people, addresses, phone numbers, cars, bank accounts and insurance policies.
Detica, a subsidiary of BAE Systems, specialises in security intelligence and analysis. The company initially developed its software for national security work – for example, in detecting terrorist cells. But the software has more recently been commercialised as a frontline weapon for use by banks and insurers to spot fraud and money laundering.
“In the past, fraud was seen as a cost of doing business – it was put into premiums and passed on to customers, but this has been changing rapidly,” Mr Hoque says.
“With online comparators and with the economic situation, insurance is becoming ever more about price. So, fraud becomes a competitive issue and companies are increasingly looking to prevent fraudulent claims and to avoid insuring fraudulent people in the first place.”
Detica is one of a handful of businesses transforming the ways in which companies mine and manipulate existing data on customers. Through mapping the connections between customers, the software creates web-like snapshots of social networks of potential fraudsters, money launderers and terrorists. While such tools are currently being used by company and government departments to combat crime, their creators believe they have the potential to be effective in marketing.
Fraud has become increasingly costly for the financial services industry, particularly in the UK, US and Canada. The AA, the UK roadside assistance and insurance broking company, says fraud is currently driving up rates of car insurance at their fastest rate ever – prices were up more than 30 per cent since January last year. RBS, the UK bank, has been particularly hit by the rise in claims for injuries.
While some of the increase is from organised crime, most fraud, says Raphael Lawson, head of fraud at CPP, a company that specialises in insuring bank cards and mobile phones, is due to “everyday customers being pushed into a position they wouldn’t normally consider because of the recession”.
The fight against fraud is likened by Andy Haste, chief executive of RSA, the UK’s biggest listed general insurer, to an arms race where you always have to try to stay one step ahead of the fraudsters.
Using specific fraud software, including Detica’s, has helped RSA save about £9m ($14m, €1.2m) by spotting fraudulent bodily injury claims last year, he says.
Indeed, the industry in general is becoming more adept at spotting fraud. The Association of British Insurers said last month that 122,000 fraudulent claims worth £840m were uncovered in 2009, which was up 14 per cent on the figure for 2008.
“However, fraud remains a disease that both industry and government need to find a long-term cure for,” Mr Haste adds.
Technology triggers temptation
Developments in personal technology are increasing the temptation to commit insurance fraud, says Raphael Lawson, head of fraud at CPP.
First, it makes fraud easier to accomplish. Computers make it relatively straightforward to falsify proof of purchase or other documents.
Second, people claim for new gadgets. IPhones, he says, account for 50 per cent of claims at CPP. However, these false claims are usually relatively easy to detect. Many people do not realise that the first three digits of a serial number tell you a phone’s make, says Mr Lawson. So it is easy to spot when people make a claim for an iPhone but give you the number for, say, a Nokia.
While software can identify such false claims, Mr Lawson says, technology will never replace people. He cites the example of a document purporting to be from the head of security at a golf club where the claimant’s locker had supposedly been broken into. “We rang up the golf course and discovered the person just didn’t exist.”
If finding a “cure” seems optimistic, Detica at least is one of a few technology groups supplying a reasonably powerful treatment for the symptoms.
In a heavily secure and expensively high-technology demonstration suite within an anonymous and shabby concrete building in central London, Mr Hoque explains the system.
Firstly – and critically, Mr Hoque says – it cleans up the data that an insurance company provides about all its policyholders by “collapsing”, or matching, names or addresses that share other links such as phone numbers, bank accounts, cars or prior claims that mean they have a high probability of being the same person.
The system also runs through various possible spellings of a name. Using his own name, he says, the software would identify policies taken out by Imam Hoque, Imam Haque and Mr I. Hoque, through which a fraudster could make multiple claims and might previously have been undetected by insurers.
It then uses a mathematical technique known as social network analysis. This searches for “closely bound behaviour” – such as shared addresses, car crash counterparties, anyone a car was sold to – in the links between the data represented by the icons in the web.
When you look at your network, you can also spot soft links, Mr Hoque says – for example, the same date of birth for different names is a classic sign of a false ID.
But it also looks for similar patterns of behaviour by various policyholders. A huge problem for insurers is repeated staged car crashes, which have been leading to increasingly large claims for bodily injury, especially to third parties. “Say there are three whiplash claims: if the other victims involved are also policyholders with the same company, which they often are, then it is very likely the software will spot previous similar claims,” he says.
The technology might uncover a pattern of claims for soft-tissue injuries. “Now, in terms of a social network, a taxi company and an accident ring might look very similar in terms of linked people, shared addresses and so on,” he says.
“For a taxi company, the ratio of soft tissue injuries to car repairs is about 0.3 – but for the accident ring the soft-tissue injury ratio would be about three. Also, the rate of growth of the network would look different – a taxi company would grow at the rate of a normal business, whereas accident rings and other insurance frauds tend to see activity spike suddenly higher.”
More than busting large accident rings, however, the tool is meant to speed up decision making on whether to pay a claim or investigate further and could help insurers avoid writing insurance for a potential fraudster linked to an existing costly group.
“People share the quality of being ‘accident prone’,” he says, raising an eyebrow, “or likely to make claims.
“But the bad guys are quite clever, they have spotted that commercial vehicles are insured on block policies, which makes it harder to gather data. So they are inducing accidents with commercial vehicles.”
The technology does, however, have its limitations as it represents only a statistical view, which gives answers with a high probability of being true. The social network analysis assigns scores for certain indicators – for example, the rate of growth of the network, shared elements, collapsed names or the time to file claims since taking out a policy.
Only an investigation undertaken by real people can establish that links in a network are genuine.
At CPP, they use a piece of software similar to Detica’s called iBase from i2, a US company that is also involved in national security work. Mr Lawson says it increased CPP’s fraud detection by 40 per cent. Nonetheless, he says, most bogus claims are still found out through old-fashioned leg-work and training staff in how to question claimants.
“The best way to detect fraud is to do it manually,” he says. “Intelligence gives you a heads-up, but people detect fraud.”
He believes his claims staff are more important in identifying fraud. “Most methods are very simple and very effective,” he says. “People delay in answering or parrot back the question to buy themselves time.”
Copyright The Financial Times Limited 2010. You may share using our article tools. Please don't cut articles from FT.com and redistribute by email or post to the web.
Comments