Breaking the under-reporting habit

Global Director, Counter Fraud Analytics and Insurance Solutions, BAE Systems Applied Intelligence Read time: 4 mins
In order to solve a problem, we need to accept that it’s there. This principle is common sense – and it certainly applies to insurers’ fight against financial crime, says Dennis Toomey.
The Financial Crime Insider ThreatFraud perpetrated against insurers by outsiders was, until relatively recently, a dirty secret that most kept to themselves. Organisations were reluctant to admit falling prey to fraudsters for fear of both attracting more criminal attempts and causing irreparable reputational damage. 
But as the prevalence of fraud across the industry grew, professionals began tentatively sharing their experiences with peers. With the fact that this was actually an industry-wide problem laid bare, the fightback began.
This evolution is well exemplified in the cash-for-crash phenomenon in the UK. What began as a collection of anecdotal evidence grew to give a picture of a wider problem, with the accompanying realisation that the industry was under consistent and often coordinated attack. 
The next step was to start sharing relevant data – and from that came the determination to coordinate a comprehensive response. The result was the birth of the Insurance Fraud Bureau (IFB) in 2006.

Insider Fraud

Fraud perpetrated by outsiders is only part of the industry’s criminal problem, however. The under-reporting of internal fraud would suggest that the lessons of the past have not always been learnt. 
Although there are occasional cases reported in the media, industry insiders believe that the problem is much more prevalent than these infrequent reports would suggest. 
This is despite the fact that insider fraud is almost certainly another facet of the wider organised fraud problem, with individuals being placed as employees or existing staff being recruited by criminal gangs to facilitate fraud from within. 
With insider fraud, it appears, the same reputational fears are preventing insurers from speaking openly about what is a market-wide problem. 
And the pattern of under-reporting appears to be repeating itself in the realm of cyber crime.
Only 54 per cent of IT security departments did or would report a ransomware attack to law enforcement, according to a 2016 global survey by IT security firm SentinelOne. Indeed only 61 per cent were even willing to report an incident to their own board.

Under-reported types of financial crime

It is widely accepted that cyber attacks are among the most under-reported types of financial crime. And it would appear that reluctance to report them stems from a fear of drawing attention to weaknesses in an organisation’s defences and thus potentially invitingfurther attacks. Here again there is fear of reputational damage, with insurers concerned that admitting to cyber attack could make customers reluctant to entrust their finances and data.
A cyber equivalent of the IFB may not be straightforward or even conceivable, but the fact remains that to strengthen the fightback against financial crime, it is first necessary to admit the extent of the problem.
The IFB is just one model from around the world showing that reporting crime and collating data works. Insurers must now join all the dots to reveal the complete picture of the criminal threat. This means overcoming the instinctive reaction, based on misplaced fear and shame, to sweep the problem under the carpet.

To find out more, get access to our full research of future-proofing insurers:

Future-Proof Insurance

The fight-back starts here: Future-proofing insurers against financial crime

The most successful insurers tomorrow will be those that identify and attack future challenges now. Fraud is one of the biggest challenges the industry faces, yet insurers often only offer piecemeal, incomplete defences.
Find out more
Dennis Toomey Global Director, Counter Fraud Analytics and Insurance Solutions, BAE Systems Applied Intelligence 26 September 2019