Business Rules Alone are not Enough to Fight Insurance Fraud

(ALM | PropertyCasualty360) - For as long as there has been insurance, there has been insurance fraud.

And for as long as there has been insurance fraud, insurance companies have tried to fight it.

From what was once the domain of individuals with gut instincts arose technology solutions designed to help insurance professionals spot a greater number of suspicious claims with greater accuracy. These legacy approaches to technology aided fraud detection often centered on the use of business rules, which have long reigned as the first-line solution for insurers to support their fraud mitigation strategies.

While rules engines can be a helpful tool, their effectiveness tends to diminish over time as fraudsters identify thresholds under which they can pass undetected. As such, the insurance industry has begun adopting artificial intelligence (AI) to build on their use of business rules in an effort to mitigate more fraud, more effectively and more efficiently.

But how did we get here? Let’s look at the evolution of technology use in the fight against insurance fraud.

Rules-based fraud detection

A business rule is part of a framework, constructed using what is formally known as a rules engine. It may state something along the lines of “IF [situation occurs], THEN [perform action].”

For example, IF a certain insurer receives a claim for over $10,000, THEN it will automatically forward the claim to the special investigative unit (SIU) for review and/or investigation. This rule may not necessarily indicate that the claim is suspicious, but rather indicate that it is valuable enough to warrant at least a second look by professionals who are trained to spot fraudulent activities.

As a system, business rules typically formalize and automate policies that were previously written on paper. The employee handbook for claims adjusters may also have a rule about claims over $10,000, for example, but business rules apply this policy in an immediate and uniform manner, without exception.

Applying business rules to insurance claims has a lot of benefits — especially compared to the alternative, which is assigning claims manually based on an initial scan, made under time pressure, that may rely heavily on experience and intuition.

Key benefits of business rules:

  • Faster than manual assignment;
  • Minimizes the potential for errors;
  • Avoids subjective reasoning; and
  • Reduces some training needs.

In short, business rules help employees spend less time deciding what they should do, and more time doing what they should do — all while helping to make sure they’re doing the right thing.

Exceptions diminish effectiveness

The biggest problem with a rules-based approach to fraud detection is that it can easily be manipulated by those who want to take advantage of it. The simplest way, of course, is to identify the insurer’s thresholds and never file a fraudulent claim that exceeds it.

But why stick to simple when you can be clever?

Let’s take a closer look at our earlier “$10,000 Rule” deployed in the real world. We know that rules are most effective when they are applied evenly and without exception. Yet, exceptions will inevitably occur. In practice, applying more rigorous review to claims exceeding $10,000 is simply good business if most claims fall under this threshold. At the same time, this universal rule may not be applicable to a significant number of the policies the insurer writes.

For example, an insurer that writes policies covering high-value vehicles or homes may find itself referencing a significant number of legitimate claims exceeding $10,000 to the SIU. This results in a significant workload increase for the SIU without mitigating any additional fraud. So, the business creates an exception to their business rule: “IF claim value exceeds $10,000, THEN claim referred for investigation, UNLESS claim associated with a high-value vehicle.”

The rules structure weakens with every exception. Here’s how:

  • Larger attacks surface: Each exception to a business rule represents an area where bad actors can potentially submit fraudulent claims. In the example above, a fraudster could establish a policy covering a high-value vehicle then submit fraudulent claims without fear of exceeding the threshold triggering automatic investigation.
  • More effort: Business rules aren’t typically quickly self-configurable. Claims administrators need to work with the IT department to implement new rules. Depending on the IT workload, it can take a period of time for implementation. Fraud can continue unexamined in the interim.
  • Less flexibility: Insurance fraud isn’t static. If bad actors switch to a new form of fraud, the rules written to prevent it will no longer apply and false negatives will result. In some cases, adaptations to rules can also flag legitimate claims as false positives, driving up workloads for investigators and impacting the policyholder experience.

As time goes on, the rules written to protect the organization become less clear, less efficient, and more vulnerable to exploitation. As important, updating rule sets to match evolving business requirements is most often costly and time consuming.

AI solutions bolster business rules

AI solutions aren’t necessarily a replacement for business rules. Instead, they build on existing foundations to provide the flexibility and efficiency that rules can lack on their own. Most AI solutions start with existing scenarios in which fraud has been identified and create new scenarios that catch evolving forms of fraud. The algorithms driving AI-based fraud detection can use a variety of data types to look at components of a claim individually, in combination, and most importantly in context to develop a more realistic understanding of what exactly happened and what the remedy should be. Fundamentally, AI helps insurers implement fraud detection strategies that are more accurate, easier to use, and provide more nuanced detection capabilities.

For example, let’s return one last time to the “$10,000 Rule” we started with. Here, instead of forwarding the claim directly to the SIU, the business rule triggers review and analysis by AI.

Here, the AI solution acts as an extra analytics layer for the business rule. The solution can examine the factors that comprise a claim — such as the age of the policy, the nature of the damage, and the claimants involved — to make a more accurate analysis on whether a claim is likely to be fraudulent. This helps investigators make more accurate, informed, and ultimately faster decisions on whether to pursue a claim.

In the case of a high-value policy, the size of the claim becomes significantly less important and an indicator of probable fraud. The AI is now looking for a number of different things associated with the claim that will either mark it as likely legitimate or suspicious and in need of further investigation. That’s because the solution has been trained on billions of insurance claims previously, and it knows that high-value claims aren’t more likely to be fraudulent just because they’re larger.

AI: Learning to spot fraud on its own

Perhaps the biggest benefit of using AI in the fight against fraud is that unlike traditional business rules it has the capability to learn and evolve.

Over the course of time the AI will discover fraud scenarios of its own. These scenarios are generated independently; no intervention is necessary to “tell” the AI that claims fitting certain characteristics are more likely to be fraudulent. Once these scenarios are identified, they can be implemented at the discretion of the insurer.

In effect, the AI solution is creating its own dynamic rules to detect fraud schemes that not even the insurer is aware of. These are decisioning rules as they were meant to be — low touch, aware of nuance, and capable of evolving with changing circumstances.

Business rules aren’t obsolete, but they need augmentation to remain relevant. That relevance comes with artificial intelligence. With AI solutions, insurers can create a significant improvement to business rules, but without the manual effort that business rule implementation usually requires. This results in a fraud detection workflow that is much more aligned to the goals of the insurer — and actually increases in effectiveness as time passes.

By Kamala Wedding
February 22, 2023

Kamala Wedding is the head of Customer Success for the America’s at Shift. She oversees the close working relationship with customers to provide ongoing support and guidance around business strategy and transformation topics to ensure overall customer satisfaction, and successful product adoption. She has spent her career fighting fraud, managing large operations and developing anti-fraud strategy for all lines of business. Kamala is an international speaker, subject matter expert and is certified in Change Management. Prior to joining Shift she spent twenty years at Farmers Insurance most recently as the Director of SIU.

Popular

More Articles

Popular