Processing Claims does not FWA Management make

Dr Simon Peck

At a recent meeting, one of our clients said that many people do not understand the difference between Claims Processing and FWA (Fraud Waste and Abuse) management. We thought the distinction between the two would be an interesting subject for this bulletin.

Let me start by illustrating this with a couple of case studies from my own experience.

Example 1: Smoke and Mirrors from the US to the Middle East

One of the largest frauds I have seen involved groups of individuals based in North America who set up bogus companies that appeared to be trading in the Middle East. The fraudsters took out expatriate insurance policies in the USA and the UK to insure fictitious employees of these companies. They also set up websites for non-existing clinics and hospitals in the Middle East which did not exist although some had similar names to real providers.

The fraud was perpetuated carefully and professionally and claims were made against fictitious policies for treatment in bogus hospitals. All policies were loss-making over the medium term, but the perpetrators were not greedy – they extracted a consistent low level of proceeds from the scheme, and never too much to raise serious red flags with claims assessors.

In fact, when looking at a single claim or small groups of claims together, there was almost no pattern to them. Despite knowing of the existence of this fraud we did not uncover the full extent of it until a very switched-on claims assessor became suspicious of a claimant who was unable to remember his “wife’s” name and called the fraud team.

Once we started to dig deeper, over 100 fake policyholders and several bogus hospitals were uncovered. Site visits by local investigators in the Middle East confirmed that the hospitals did not exist. Identity checks suggested that the policyholders did not exist. Passports which we subsequently requested were confirmed by the passport office to be counterfeit. When we sent an investigator to inspect Dubai-based office of one of the insured companies, we found that the “office” in question was a construction site!

Geolocation of electronic communications with the fraudsters revealed all electronic communications from both hospitals and employees originated from a single IP address and whose location we were able to pinpoint. Despite a total lack of police interest in all three countries involved, my team were able to shut down the fraud with full confidence and after minimum losses, by simply cancelling policies and denying all claims and refusing to refund premiums without proof of identity.

I have since witnessed the same scam in other companies who were not able to act as quickly and decisively. Losses in some reached hundreds of thousands of dollars or more as they struggled to work out what to do. Many continued to pay claims they knew or strongly suspected were bogus. Institutionally, they either lacked the evidence or the confidence to rely on their evidence, as ultimately the kept on paying these claims as the fraudsters pressed them for payment. One company shelled out over GBP 2 million.

Example 2: Fake Debt Collections in the UK

Another example I saw early in my career was a debt collection firm which targeted health insurers for payment of non-existent debts. The claims were made very aggressively and included threats of court action and adverse publicity. Astonishingly, many companies were easily intimidated. They would rather make a payment than make a fuss.

My employer at the time decided to stand their ground.

When our fraud team received the referral from customer services, we declined all offers of settlement and assigned an investigator who quickly pulled apart the entire scam. She demonstrated that not only were the debts invalid, but the consumer credit license and VAT number on the debt collection firm’s headed paper were made up too. The debt collector did not receive the money he expected – instead he ended up with a conviction and a criminal record. Sadly the case is spent under UK law and because of the Rehabilitation of Offenders Act I cannot give specifics.

What’s the point, Doc?

I know – I’ve been accused of being wordy. The point is that in both of the above cases, insurance companies were well aware of FWA, or in the above cases pure F(raud). However, even though the FWA had been duly assessed and the offending claims identified, the companies carried on paying the claims anyway.

Claims assessors are the first line of defence against FWA. But for their findings to be actionable, the entire FWA management pipeline needs to work together (prevention, detection, investigation, recovery). That is why claims assessment does not equal FWA management.The latter includes the former, but is much wider in scope.

Not many companies understand this.

As a result of this misunderstanding, much actionable FWA is allowed to persist. It is clear that astute claims assessors and assessment processes play an important role in spotting FWA – if we think of FWA defences as like the layers of an onion, the claims assessors are the outer layer. But they are only able to do so when appropriate support services in the fraud team are available to help them.

However, there is some FWA that can neither be detected nor managed at the claims assessment stage. It is important to understand that the mindset and role of a claims assessor differs from that of a fraud manager in a number of key areas.

Assessors and Investigators: Apples and Oranges

Assessor: the Analyst

A claims assessor typically looks at the information in front of them, determines whether it meets the criteria for payment and makes or denies payment accordingly. Whilst all claim assessors should have the possibility of FWA in mind, their role is not that of investigator. It is essential to understand that successful fraudsters quickly learn to bill “correctly”, and invoice in a manner which does not trigger any alerts or concerns. This was captured very well in an article by Michael Clarke writing in the British Journal of Criminology who stated,

“insurance frauds share the common characteristic that they are not self-disclosing. […] Their essence is to appear normal and to be processed and paid in a routine manner” (1)

In other words, the fraudster designs their fraud so it will easily pass through claims assessment.

To briefly digress for a moment, this is a particular risk with automatic adjudication. Once a fraudster learns how to create a transaction that does not trigger alerts it is possible to repeatedly use the same strategy to steal large sums of money whilst remaining under the radar. I cannot state this strongly enough: relying on automated controls alone is a mistake which many organisations make. Any rigid rule-based system can be gamed and fraudsters are experts at doing so.

Another important difference between assessors and investigators is that a claims assessor generally assumes that the information they have is correct, provided in good faith and that any anomalies are the result of error. They may ask for additional information for example a medical report but again they work on the assumption that the report when received will be factually correct. This process is appropriate for the vast majority of cases; however, it does not work well where there is an intention to deceive. Fraudsters fabricate information to assist claims being paid.

Investigator: Question Everything

In contrast to a claims assessor, a fraud investigator starts from the position that information may or may not be true. They neither automatically trust nor do they automatically distrust information, instead, they seek to corroborate and validate information wherever possible using objective secondary sources. Although I would not wish to give away too much in a public post, my favourite sources of objective information were copies of correspondence with third parties or results of investigations and tests. On one or two occasions I have even examined patients to document and photograph scars which were inconsistent with the surgery claimed.

Since claims assessment processes often focus on a single claim at a time, they often do not factor in the wider context, or or the previous conduct of the parties concerned. For normal claims these things do not matter, but in investigations they can be important as some things which may be credible in an individual claim are much less so if they are repeated.

Let’s look at some examples.

It is common for pathology tests for be billed in medical claims. They are

  1. high-volume
  2. individually low-value
  3. very common
  4. included in most claims
  5. rarely challenged

However, even though most pathologies are low-cost, in aggregate they can be a source of significant loss. (See our March 2022 bulletin for details on pathology).

Computer-powered Analysis: from Single-Claim to Aggregates

The assessors and investigators are an essential component of a functional FWA management pipeline. However, they can be further empowered by leveraging a specialist FWA analysis software. In particular, software assist the human actors in identifying complex patterns or behavioural FWA that is often not visible by looking at single claims in isolation. Specialist software can also help pinpoint areas of further investigation, something that is of particular value to investigative teams.

Computer Analysis Example #1: Frequency Analysis of Pathology

Let’s consider blood tests ordered in a private general practice. As a general rule, the pattern of blood tests performed is very predictable over time. Patterns vary by speciality but common tests (full blood count, electrolytes, liver function, HbA1C) are very common and the frequency of other tests falls off rapidly. In any one patient, additional tests may be justifiable, but repeated deviations are much less likely to be genuine. Any deviations from the pattern will be visible in long-term behavioural analysis only. Spotting these patterns requires advanced analytic tools and is not possible at all by looking at any single claim in isolation.

Example: the following data was generated from a sample of 2,000 claims made by a single provider. Each pair of red-yellow corresponds to a different test. The red column is the expected. The yellow are the tests carried out by the provider. Visually comparing the two instantly tells us that the provider’s behaviour deviates from the expected.

Frequency analysis example. Each red-yellow pair represents a different test (full blood count, electrolytes, liver function, HbA1C etc) – red: expected, yellow: actual

Computer Analysis Example 2: “Oh, the shark has pretty teeth, dear”

To take another example, we recently processed data for dental treatments. The software found some implausible claims histories in the data. One patient for example had claimed for 5 extractions and restorative dentistry on 29 other teeth. Humans only have 32 teeth, and his particular treatment pattern was anatomically impossible! It was soon apparent that this was part of an organised fraud scheme as similar patterns were repeated in other patients.

In both of the above cases, this discovery of FWA was only possible by advanced behavioural software that allows analysis of multiple claims over time, rather than considering each claim isolation.

Beyond Technical Analysis

Apart from the technical analysis we’ve considered (assessors, investigators and specialist analytics software), there are other important considerations that are needed for a solid FWA management pipeline. This is a complex subject but here are a few of them:

Rules and Contracts

Rules and contracts set out the terms of business and what is expected. It is very difficult to manage FWA if the company does not have clear and comprehensive rules and contracts to fall back on. A fraudster loves an insurer that operates with unclear rules, vague terms of business and poorly drafted contracts. Every loophole is a gift that allows unscrupulous individuals to operate with inpunity.

Ideally the fraud team should have an input into the creation of contracts and rules because they are far more fraud aware than the average person and most people do not appreciate the creativeness of the entrepreneurial fraudsters who find and exploit loopholes. In my insurance career I was often consulted on such matters and became quite adept at anticipating future scams.

Sometimes we all get surprised and the following case surprised even me. Years ago, some companies in the PMI market suffered losses on policies sold on cashback sites. The company which set up the marketing scheme was not asked to put controls in place to limit payments of cashback to the bank account from which premiums were collected.

The result was that thousands of bogus polices were set up with direct debits set up using stolen bank account details. Insurance premiums were charged to charities, utility providers and private individuals. We were contacted by several individuals and companies asking why we were debiting their bank accounts and I personally confess to initially dismissing a number of such calls.

It took a while before we put the pattern together and the penny dropped. Most of the cash back was lost. Hardly any of the policies sold via this route turned out to be genuine. One insurer even found direct debits for premiums charged to its own bank account!

The clearer the rules and contracts, the fewer the loopholes, restricting the opportunities available to the entrepreneurial fraudster.

Clinical and Service Codes

Having proper clinical and service codes is also key. In most systems, payments are made by purchasers to providers based on service codes which they put on invoices. If service codes are vague or poorly thought out this opens the door to abuse. In the UK private sector payments are made using CCSD codes. One of the most abused CCSD codes in the UK is code W0300 which carries the slightly ridiculous narrative:

“Multiple procedures on forefoot distal to and including the tarsometatarsal joints which involves at least two procedures not intrinsic to each other.”

This is in fact one of my pet hates in CCSD. The verbose description so vague as to be unenforceable. It makes no attempt to clarify what a procedure is. If I had a pound for every time a combination of minor or negligible podiatry procedures was billed at inflated rates using this code, I would be as wealthy as some of the people who exploit it.

Summa Summarum

To pull all of this together, claims assessment processes are an important part of FWA management but claims assessment is not fraud management on its own.

In addition to claims assessment, a good FWA management pipeline needs many components such as:

  1. pre-payment processes
  2. competent investigators & audit function
  3. specialist computer-assisted analytics
  4. solid non-technicals (contractual/legal etc)

All of the above are complimentary. There is overlap in places but the key functions are very different. The ability of a company to successfully manage FWA depends on multiple factors. It’s like having £3,000 carbon fibre fork and calling it a bicycle. The fork might be the best in the market but without the rest of the components it won’t get you very far.

This bulletin leaves plenty of scope to be covered (especially pre-payment processes and audit which we have not had the space to discuss at all here). Future bulletins will explore all of these in more detail.

About Kirontech

Kirontech are best known as a provider of FWA detection and anti-fraud software to clients in the healthcare industry. Our software detects hidden patterns in data and reveals FWA in complex sets of claims. The software-generated results are communicated to our customers in a way that is actionable and clear, in plain English and using the codeset of your choice.

We are very aware that fraud detection alone is not enough for many clients. That is why our software solution is supported by our in-house team of medical experts and fraud specialists. Our subject matter experts work with our customers to assess their existing FWA management processes and help build a holistic strategy to minimise losses. We help our customers build knowledge and capability, enhance and enrich data, and most of all, to empower their employees with state-of-the-art analytics and cutting-edge data access tools.


  1. Michael Clarke, THE CONTROL OF INSURANCE FRAUD: A Comparative View, The British Journal of Criminology, Vol. 30, No. 1 (Winter 1990), pp. 1-23

Dr Simon Peck, Chief medical Advisor, Kirontech UK Ltd