How can you build fraud resilience within your …...•Financial weakness and expectation to show strong results can push businesses to manipulate other information Fraud risk –Key

How can you build fraud resilience within your organisation?

6 August 2020

How can you build fraud resilience within your organisation? © 2020 Deloitte LLP. All rights reserved. 2

Welcome and introduction


Forensic

[email protected]

+44 20 7303 2905

Peter MaherJules Colborne-Baber — Partner

Insurance Regulation & Strategy

[email protected]

+44 20 7303 7706

Peter MaherAdam Knight — Partner

Forensic

[email protected]

+44 20 7303 5993

Peter MaherPeter Hawkins — Director


[email protected]

+44 20 7007 4983

Peter MaherFaith Hammond — Manager

Forensic

[email protected]

+44 20 7007 1135

Peter MaherStephen Nicholls — Director


Agenda for the session

Welcome

1The current environment

2Fraud risks in insurance

3

5Summary and close

4

Responding to cyber-enabled fraud

Building fraud resilience


The current environment

Presentation title[To edit, click View > Slide Master > Slide Master]

Copyright © 2020 Deloitte Development LLC. All rights reserved 5 5

In terms of scale, complexity and impact,the challenge we face today is different to what has come before.

Our defense and response has to change too.


Lloyd's of London recognises that the pandemic has presented unique challenges for the firm in terms of fraud and cyber threat landscape and the cost of failing to protect customers, society and the business has never been higher

The current environment - what is the challenge?

Business Interruption small businesses in the UK pursuing legal action against insurers for non-payment of BI insurance

Disturbed control environment Any weakness in the control environment will be exposed by the crisis

Fraud opportunityIncrease in phishing attempts with COVID-19 as the hook

The Brydon Report Recommends new reporting duty on directors and auditors

External factors


The recent views of key participants highlight the connection between economic shock to firms, employees and policyholders and increased internal and external fraud risks in the sector

The current environment - how is the industry responding?

“Insider fraud is something we are going to have to consider and look at […because…] there is going to be economic

hardship on absolutely everybody as a result of COVID-19.”

Ben Fletcher, director at Insurance Fraud Bureau and chief customer officer at the Motor Insurers’ Bureau Apr 2020

“When the country becomes economically stressed, so do people. The lines between right and wrong are easily

blurred. The need to raise cash as a business or private household

may prove to be a strong motivator for insurance fraud.”

Ahmed Esat, head of investigations at Davies Group

Lloyd’s of London chief executive, John Neal

“What makes COVID-19 unique is the not just the devastating continuing human and social impact, but also the economic shock.

Taking all those factors together will challenge the industry as never before.”

“COVID-19 uncertainty could have 'significant impact' on some insurers’ capital positions.”

Charlotte Gerken and Anna Sweeney PRA executive directors


Lloyd’s Managing Agents and Brokers are faced with public and regulatory pressure to pay COVID-19 claims promptly, but may have less ‘boots on the ground’ to conduct robust investigations

The current environment – the regulatory context

• The FCA has stated that insurers should not change their risk appetite to address operational challenges

• Lloyd’s in its update to the 2020 Market Oversight Plan recognises the impact of fraud risks, and has re-prioritised its thematic fraud review

• London market insurers have seen a reduction in the value of their investments which they use to pay claims

• Lloyd’s prohibits usage of the automatic cancellation clause after 60 days of premium non-payment for consumer/SME policies

Regulatory focus

Environmental

Pressure

• New insider threats from opportunistic employees who exploit a weaker internal risk control environment and reduced headcount

• Financial weakness and expectation to show strong results can push businesses to manipulate other information

Fraud risk – Key drivers

Opportunity

Incentives and pressures

RationalisationFraud

Triangle


Fraud risks in insurance


Potential areas in which a weakened control environment may be exploited

Fraud risk factors in insurance – key areas of impact

Policies and procedures may no longer be fit

for purpose


COVID-19 is both heightening the fraud risks faced by insurers whilst also putting under strain key controls for detecting, preventing and mitigating it

Deep-dive: Internal and external fraud in insurance (including cyber)

The pandemic and resulting market and societal dynamics have presented a number of risks and challenges for insurance firms that it is key that they are able to respond to proactively and effectively.

Control environment

Segregation of duties

Call monitoring and surveillance

QA coverage

Payment controls

Workplace management

IT systems capacity

Duplication of claims payments

Inflation of reporting of expected premium

Invoice redirection

Corruption (e.g. abuse of position)

Ineffective loss adjustment of claims

Manipulation and misrepresentation

Cyber attacks and phishing emails

Identity fraud to claim benefit scheme

Scam calls from bots, automated textsand clone claims management firms

Invoice misrepresentation

Malware and ransomware

Employee account takeover

Internal fraud External fraud


Responding to the challenges of cyber-enabled fraud


Fraudsters are maximising the opportunities that exist in the uncertainty of the COVID-19 situation. As a result, the National Fraud Intelligence Bureau reports that COVID-19 related fraud is scaling and diversifying rapidly

Cyber-enabled fraud threat landscape

Given the scale of global situation, we are seeing a wide range of fraud attacks and scams continuing to target individuals and businesses:

• Authorised push payment fraud

• Service and product scams

• Phishing attacks

• Application fraud

• COVID-19 related funding fraud

Source: Avanan

1 in every 99emails is a phishing attack

94%

of malware todayoriginates in the inbox

Source: Darktrace Email Security Threat Report 2020

COVID-19The related fraud threat


Synthesis between anti-moneylaundering and fraud domains

• Consolidating transaction monitoringcapabilities (data, technology, people, processes), to drive significant effectiveness and efficiency uplifts, especially in the AML domain

• Leveraging customer data assets collected at point of on-boarding for KYC purposes to inform post-application fraud detection models

• Consolidating disparate AML and fraud processes into a single customer acceptance decision at on-boarding

COVID-19 has highlighted the synthesis between cyber risk and traditional financial crime domains. By addressing both domains, firms are developing a more robust control environment. Insurers can learn lessons from other sectors

What does this mean for firms?

Cyber AML

Fraud

Synthesis between cybersecurity and fraud domains

• Aligning domain-specific incidentresponse teams, sharing resources and expertise and executing cross-domain processes and playbooks

• Incorporating HR, cyber and physical security-related data sources (employee networks, access logs, etc.) into internal fraud detection analytics and modelling

External collaboration• Peer-to-peer intelligence sharing

• Shared KYC databases and managed services

• Multi-bank and multi-insurer transaction monitoring solutions

• Public-private partnership models, such as between law enforcement and institutions

Synthesis across all domains

• Integrating intelligence teams andsupporting third party providers, creating intelligence and delivering timely insight on criminal actors and emerging threats

• Sharing access to existing data assets, underlying infrastructure, and analytics tooling and expertise –enabling new approaches to be applied across a wider dataset to identify potentially criminal activity


Building fraud resilience


Understand and identify:

• Unrealistic to think that all processes and procedures will remain the same

• In order to keep businesses going, need to accept that some departures from the norm are inevitable. Need to identify embrace these

• Focus on understanding the changed risk landscape given disruption to business structure and operations in light of the likely risks arising from COVID-19 and more broadly

• Perform and document an enhanced fraud risk assessment

Protect and monitor:

• Identify, document and agree new procedures/changes to existing procedures

• Communicate and train as required around risks and processes

• Consider enhanced/alternative monitor procedures that may be effective

• Record decisions and departures from BAU procedures, to allow a retrospective review as required

Respond:

• As required, respond to red flags and issues as they arise to ensure facts and circumstances are understood/investigated and procedures can be enhanced as required

FRAUD RISK RESPONSE(AREAS TO CONSIDER)

Brokers, Managing Agents and ultimately the Council of Lloyd’s need to revisit their fraud risk plans in light of COVID-19, with an emphasis on governance and management of the heightened risk of fraud as businesses recover

Building fraud resilience - how you can respond to these heightened fraud risks?


Building fraud resilience - how can an effective fraud control framework account for the COVID-19 impact?

Fraud assurance activity

Material controls

Fraud risk impact assessment

IT systems

Considerations and questions you may want to ask of your fraud controls and framework:

Level of maturity

IDENTIFICATION & SCREENING

Identification and verification, and

employee, customer and supplier

screening

AUTHENTICATION& AUTHORISATION

Access and enhanced authentication,

authorisation and notification

DETECTION & ANALYTICS

System and data integration, model and rule management and

intervention

INVESTIGATION, RESOLUTION &

RESPONSE

Investigation, remediation and

resolution, control implementation,

reporting and exit

FRAUD RISK MANAGEMENT

Informed by threat intelligence and risk

assessment

VISION & STRATEGY

Shaped by risk appetite, enabled through policy and

assurance

GOVERNANCE & OVERSIGHT

Ethics and culture, organisation design,

training, and whistleblowing

PEOPLE & ETHICS


Summary and close


Summary and close


3But, there are practical steps you can take to mitigate the risks• Effective governance, fraud risk assessments, monitoring and surveillance will help to prevent and detect any such issues• Understanding how well prepared your third parties are for managing this changing risk landscape is key

1The risk landscape has changed• COVID-19 has brought with it increased pressure, opportunity and rationalisation for internal and external fraud• Policies, systems and processes may no longer be fit for purpose and a weakened control environment may be exploited

2There is increased scrutiny by regulators on both consumer protection and fraud matters• Regulators have been vocal around their expectation, and test cases on business interruption may create further stress• Management and the board have a crucial role to play in the prevention and detection of fraud


Questions


Forensic

[email protected]

+44 20 7303 2905

Peter MaherJules Colborne-Baber — Partner


[email protected]

+44 20 7303 7706

Peter MaherAdam Knight — Partner

Forensic

[email protected]

+44 20 7303 5993

Peter MaherPeter Hawkins — Director


[email protected]

+44 20 7007 4983

Peter MaherFaith Hammond — Manager

Forensic

[email protected]

+44 20 7007 1135

Peter MaherStephen Nicholls — Director

This publication has been written in general terms and we recommend that you obtain professional advice before acting or refraining from action on any of the contents of this publication. Deloitte LLP accepts no liability for any loss occasioned to any person acting or refraining from action as a result of any material in this publication.

Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London, EC4A 3HQ, United Kingdom. Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms.

© 2020 Deloitte LLP. All rights reserved.

Documents

How can you build fraud resilience within your …...•Financial weakness and expectation to show strong results can push businesses to manipulate other information Fraud risk –Key