Immediate Vault Immediate Access

Identifying and Preventing Provider Fraud in Workers Comp Cases

Claimant fraud and premium fraud are two of the most well-known types of workers compensation fraud. In these cases, a worker may intentionally fake an injury (claimant fraud) or a business owner may misrepresent their employee headcount or incorrectly classify employees to obtain lower insurance premiums. Now, a lesser-known type is occurring with greater frequency: provider fraud.

Provider fraud occurs when a professional other than the injured worker or employer accepts a bribe or illegal kick-back in exchange for patient or client referrals. The circle of potential culprits includes lawyers, translators, doctors, chiropractors, nurses, and telehealth professionals. Opportunity, incentive and rationalization—the “fraud triangle”—are key factors that go into a person’s decision to commit insurance fraud. These factors have been exacerbated in recent years, due in large part to the pressures presented by the global pandemic and the growing reliance upon remote services.

Most schemes involve knowingly billing for medical goods and medical and legal services that are unnecessary or not provided at all. A chiropractor, for example, conducted illegal medical evaluations and billed these evaluations, claiming that he was approved as a medical legal evaluator. In another example, an attorney named his daughter as the owner of a translation services company, while in reality he maintained ownership of the business. Each time the attorney was hired, the translation business was also engaged and billed its services. Provider fraud is increasingly prevalent in California and Florida due to each state’s workers comp rules. For instance, in California, a provider can file their own lien with the Workers’ Compensation Appeals Board, even if the bill was denied. California is the only state that allows providers to file their own adjudication. At a higher rate than in other states, healthcare providers in California and Florida are sometimes found billing for services that were never rendered, billing for more expensive services than were actually provided, ordering unnecessary tests or procedures, and providing kickbacks to referring physicians.

So, how can we pin down provider fraud?

  • Review Provider Invoices and Reports: Risk professionals can spot potential fraud cases and fraud trends by closely reviewing provider invoices and reports and scrutinizing those invoices that are close to, but not at the top of, typical billing charges. In the workers compensation system, there are typically five levels of a doctor evaluation: Level 1 is the cheapest while Level 5 is the most expensive. Fraud often occurs in Level 4 billings since Level 5 would be too obvious. Providers who consistently bill at Level 4 could be a red flag for fraud.
  • Shine a Spotlight on Supplementary Services: Insurers sometimes overlook that provider fraud can occur with supplementary services such as translation and transportation companies, copy services, medical equipment suppliers and pharmacies. It is not uncommon for insurers to discover that these schemes may involve a criminal enterprise (possibly a referral network) orchestrated by individuals who are not medical or legal professionals. While claimants can be complicit, often they are unwittingly involved and potentially subject to treatment that is unnecessary or even harmful. 
  • Consider Emerging Tech to Pinpoint Provider Fraud: Artificial intelligence and machine learning are game-changers for fraud investigations. Through the analysis of historical claims data and insurance adjuster notes, some technologies can help professionals discover fraudulent claims faster. For instance, AI can be particularly effective at the entity level when a doctor or hospital that is identified as fraudulent can be added to a “bad actors” list for review in future claims. If you do not have a fraud feedback loop, start gathering information now. As risk and insurance professionals, we rely on business rules and claims adjusters to catch all the details of a claim and then form a cohesive narrative to investigate. While business rules work, the fraud feedback loop is necessary to effectively train machine learning models to detect patterns and flag anomalies.

Workers compensation insurance provider fraud has become a multi-billion-dollar industry that is bad for business. It is costly for insurance companies to identify and prosecute, it inflates costs for goods and services that honest business owners rely on, and it stokes consumer apathy and distrust in the insurance system. Risk and insurance professionals need to be aware of the warning signs so they can work diligently to detect and prevent it.

Spending Risks Shift as the Pandemic Continues

When Twitter offered permanent work-from-home status to all of its 4,600 employees in response to the COVID-19 pandemic, it did so with a $1,000 stipend per employee to furnish and set up functional home office spaces.

For many organizations, such a sweeping move would carry higher risk as more employees, especially those not trained in company spending policy, would be expensing items. During COVID-19, enterprises of all sizes contend with the changing financial implications of adjusting business practices.

Data scientists at Oversight—a global leader in spending management technology—saw out-of-pocket spending increase 17% from April to May and expected this number to rise further in June as more employees without a corporate card make COVID-related expenses. These findings are published in the company’s Spend Insights Report, which analyzed information derived from customer interviews, market observations and Oversight data.  

Several Oversight clients reported finding big-screen TVs and soundbars on expense reports for work-from-home setups. Any of these could ultimately be for personal use or resold for personal gain. One client found that one of its employees spent $7,000 in corporate funds to set up a new home office space.

The months since COVID-19 forced employers everywhere to pivot their office strategies and open expensing capabilities to a broader subset of the employee base. As a result, the fundamental assumptions about spending and risk management in finance operations no longer apply.

New patterns of risk are emerging from these new transactions. However, finance operations teams that take the time to analyze these patterns can develop best practices.

Five key lessons enterprises should understand about spending risk in the 2020 business environment are:

1. Good and Bad Spending Have Reversed Roles

When the rapid shutdown of normal business operations forced the global workforce to shelter in place, travel discontinued abruptly. Airline and transportation activity plummeted in both March and April, as did hotel spending. But purchasing activity was higher than expected in the high-risk categories of mail/phone orders and miscellaneous stores (including merchants such as Amazon, Best Buy and Apple), while out-of-pocket expenditures in the name of business continuity increased dramatically. The result was a business scenario in which much of the historically “good” spending, like travel expenses, was suddenly deemed wasteful to the organization. In contrast, much of the traditionally categorized “bad spending” was now necessary.

2. The Pattern of Risk is Shifting, As is Mitigation Collaboration

Because the risk looks significantly different than it did before the pandemic, finance operations teams are applying more scrutiny to employee spending, and collaborating more. Operations teams are engaging more than ever with counterparts in forecasting, tax and audit to navigate the nuances of risk during the crisis, creating a new best practice that makes identifying and mitigating spending risk easier.

3. Rising Miscellaneous and Out-of-Pocket Costs Cause Payment Platform Risk

Third-party payments increased 40% year-over-year in April according to the Spend Insights Report, as the pandemic drove a significant increase in online shopping activity. That shift to online—as reflected in rising miscellaneous and out-of-pocket spending—was often processed using third-party payment platforms like PayPal and Stripe. When employees spend using these platforms, organizations are exposed to greater risk due to limited visibility into transaction and vendor data.

4. New People Spending is New Risk

Regardless of COVID-19’s impact on an organization, one good rule is that risk is a function of people. According to Oversight data, 70% of employees are good stewards of corporate funds. An additional 25% may make errors or act out-of-policy in certain circumstances, but these individuals are not intentionally involved in waste or fraud. The remaining 5% of employees could use opportunities like COVID-19 to spend maliciously or otherwise act outside of corporate compliance guidelines. Every organization’s goal should be to engender visibility into the 5% of bad actors, while simultaneously seeking to better inform the remaining 25% about the steps they can take to adhere to policy. 

5. Align your Teams and Tools to Ensure Visibility into Spending

By quickly understanding as an organization what employees are spending on today, and at what frequency, leaders will be better suited to manage and mitigate risk. While the profile may be different than before the pandemic, the same tools that guided visibility into spending and risk are available to help organizations understand and analyze spend in the new business climate.

The situation at most organizations is fluid. The essential take-away is to develop a framework and process for near-real-time awareness of employee spending and the associated risks. By recalibrating your sense of the necessary expenditures now, organizations can ultimately ensure continuous control over risks as they emerge.

Mitigating Payment Fraud Risks

For businesses that thrive on person-to-person transactions, cash is quickly being replaced by cards, as well as tap-to-pay systems, mobile wallets and QR-based payment systems. These technologies will continue to dominate the market in the near future, but the long-term future of the payment card industry will likely be shaped by the impact of blockchain and artificial intelligence. These developments will eventually also impact risk management, marketing and financial planning, as they present opportunities for serious risks, including fraud. Hence, it is imperative for risk management professionals to plan for these short- and long-term changes in the industry.

Strong risk monitoring requires proactively assessing threats and planning mitigation measures to minimize risk impact on the company or organization. To help mitigate payment fraud risks, businesses can take the following steps:

Train your Employees Regularly

The more regularly you train your employees, the more likely are they to spot suspicious behavior, no matter what payment technology the business uses. Repeated and regular trainings are essential because employees tend to forget what they have learned with time. These training workshops should teach the workers to never accept damaged cards from customers, confirm customer identities, and never enter a card number manually.

Use Contactless and EMV-Enabled Terminals

As payment technology changes, businesses must evaluate what options are safest and least prone to fraud. Currently, businesses should use EMV (short for Europay, Mastercard and Visa), which involves chips embedded into payment cards—a significant step in making transactions safer. The introduction and adoption of EMV-enabled secure terminals, particularly when using PIN and EMV security together, has helped merchants and customers prevent fraudulent transactions.

Contactless smartcards such as chip and magnetic stripe cards use contactless payment, which can present another secure way to process transactions. Most EMV terminals are also enabled with contactless payment. At such terminals, a fast and secure transaction is possible using Near Field Communication (NFC) or Radio-Frequency Identification (RFID) via smartcard or smartphone. If a merchant chooses to use contactless payment without PIN, they can put a limit to the amount spent on each contactless transaction to further minimize risk.

Beware Uncommon Transactions

Transactions that involve unusually large purchases could be a sign of potential fraud. Businesses should examine such transactions closely and confirm the identity of the customer. Similarly, if several purchases are made with a card in a short timeframe, it could indicate that the card was stolen and being used by someone other than the owner.

Maintain Online Security

As merchants and consumers shift to contactless and EMV-enabled point of sale terminals, risk has shifted towards online transactions. To mitigate this risk, it is important for online businesses to use the Address Verification Service (AVS), which verifies that the billing information matches the one registered with the card issuer. Vendors should also ask for Card Verification Value 2 (CVV2) to verify that the user has the card in hand when placing the order. Another important check is to put a limit on an IP address for the number of cards it can use for online transactions.

Prevent Employee Fraud

Employee fraud is always a major concern for risk management professionals.  Businesses should remember to keep an eye on credit card activity, particularly returns, as employee theft often shows up in fake discounts or returns. Companies should create alerts that set limits on returns at stores and notify management any time those limits are exceeded.

Strategies to Prevent Internal Fraud

As employees can be key perpetrators of fraud, creating and implementing best practices with regard to insiders is a key part of an enterprise’s everyday risk management procedures. For example, developing internal controls that involve multiple layers of review for financial transactions, and arranging independent reviews of the company’s financial records can prevent malfeasance, detect ongoing fraud and prevent it from continuing. In fact, according to Kroll’s 2019 Global Fraud and Risk Report, businesses discovered insider fraud by conducting internal audits 38% of the time, through external audits 20% of the time and from whistleblowers 11% of the time.

Technology solutions provider Column Case Investigative recently examined five common types of fraud that businesses face, including employees falsifying their timesheets to steal money from the company, taking intellectual property or passing off counterfeit items as genuine, funneling money away from vendors to themselves, or soliciting favors or compensation from clients or vendors for preferential treatment. These tactics can impact a company’s profits and expose it to possible litigation, but also pose risk to its reputation with customers and partners, as well as its competitiveness.

To best mitigate these risks, the provider recommended that companies do their due diligence in the hiring process to detect any warning signs that applicants may have a motive to commit fraud. To limit intellectual property theft and misuse, they should limit access to important information and materials. Enterprises can also create clear ethical standards for employee conduct and a positive culture in which workers are happier, more committed to the company and more comfortable reporting fraud when they see or suspect it happening.

Check out the infographic below for more best practices to mitigate employee fraud risks: