Insider Fraud – Post 2
In our last post on insider fraud (IF), we explored what insider fraud is, who is likely to commit it, and took a brief look at how insider fraud can affect the banking and insurance industries.
In today’s post, we’ll take a look at how insider fraud can connect to first-party fraud, some of the specifics of IF and why it’s so hard to identify and stop.
Insider Fraud’s Connections to First-Party Fraud
In the banking industry, organized first-party or “bust-out” fraud occurs when an organized group of individuals applies for credit cards, loans or other unsecured credit lines and then uses them to make purchases. These criminals initially look like any other customers but have no intention of ever paying the bank back – they hold onto accounts for some time, then ramp up spending activity and disappear before the banks can act.
In the insurance industry, a first-party case happens when a policyholder or insured customer files a fraudulent claim. A customer may make a claim for the loss of high-dollar property such as jewelry, cars, or other valuables, or for damages caused due to an accident (which might never have taken place).
In both industries, a person or small team on the inside of the organization is often connected with parties/criminals who are not employed by the bank or insurance company – hence the connection to insider fraud. For instance, a bank teller can use his/her access to assist account holders on the outside, or an insurance agent can help push through funding for a faulty claim made by a policy holder.
Some Examples of Insider Fraud
In the insurance industry, employees (and often, their connections on the outside) commit IF by falsifying policy payments and/or claim settlements. For instance, a false claim can be initiated by an employee and their outside connection (the insured), and settlement payments are made by the insurer directly to a bank account which the employee can access.
Other IF examples in the insurance industry include false payments (where an apparently legitimate payment to a supplier is made against a legitimate claim, but is directed to an employee); supplier kickbacks to an employee in return for preferential treatment; or undisclosed conflicts of interest, where business is done with a supplier in which an employee has a private interest. In addition, there are also more complicated fraud schemes involving collusion in the settlement process and/or with policy holders.
Why Insider Fraud is so Hard to Detect and Block
Unfortunately for banks and insurance companies, insider fraud is difficult to detect by traditional anti-fraud measures. Why? There are numerous reasons.
First, as noted in our previous post [link], bank and insurance employees are often given access to sensitive data as part of their jobs, and it’s difficult for employers to watch all activity and know who’s acting responsibly and who’s not. Unlike a hacker on the outside, an employee doesn’t have to steal passwords or find a way into the company’s secure network. Employees are usually aware of their company’s security and anti-theft measures, so they find ways to get around them.
The pace of insider fraud also makes detection difficult, since money is often taken gradually and in small amounts. Instead of taking a huge sum all at once, which would quickly gain attention, an insurance employee could siphon off a portion of premium payments each billing period, or a bank employee could make small withdrawals over a period of months or years.
For example, in 2012 in San Antonio, TX, a Compass Bank employee was charged with fraud for embezzling $97,000. In this case, Anthony Regalado, who was the boyfriend of bank teller Angela Salinas, opened an account at Compass, and then paid other people to open accounts which he controlled. Over time, Salinas used her position to issue bank credit deposits to those accounts.
Finally, experts agree that employees are less likely to attempt to steal if they know they’re going to get caught, but unlike cases of identity theft, banks and insurance companies tend to keep insider fraud cases quiet for fear of damaging their reputations.
Unfortunately, if a company fires an employee for theft and fails to report it to the authorities, there’s an added risk of another institution in the industry hiring the person in the future – and without an arrest, the crime would never show up on a background check.
What to do?
The good news is that criminals do leave clues as they commit these crimes – and with new software technology, banking and insurance companies can quickly put together pieces of the puzzle that will lead them to the perpetrators.
In the next post in our series, we’ll take a look at Infoglide’s Social Link Analysis (SLA) software and how it can be used as a weapon in the fight against fraud.