Whenever an investigation begins it is only natural to jump on the Internet and do a Web search for any relevant material that is publicly available.
The Web is an ideal starting point, but there are many more data sources available to intrepid investigators. In this blog we will look at five ways to garner more information for an investigation, and how the results will help you deliver a more comprehensive result.
1. Specialist Web search engines
When people search the Internet they think of Google, but there are many more specialist search engines which focus on certain niches, or verticals.
These include alternative general search engines and forums and portals which focus on specific topics. Your investigation might relate to the aviation sector, so log onto aviation forums and look (and ask) for information which might be helpful.
There are also many localised search engines which focus on particular geographies, which could help your investigation if there are elements relating to non-English speaking regions.
2. Social networks
Your investigative work is made easier if the people you are investigating are happy to share their private live with the world.
A person’s profile can be reviewed and information can be gathered from it, and from there it will depend on how it fits into the wider case and whether it can be used to bolster the investigative process.
Like search engines, the Web is awash with social networks of all shapes and sizes. Facebook won the war for the most popular social network, but again there are plenty of niche options to include in your investigative work.
Take the time to look at any niche social networks which might give new light to the investigation.
Some OSINT providers will perform detailed social media searches for you, and Polonious integrates with a number of leading providers.
3. Government databases
In addition to open data sources like search engines and social networks, there are more shielded information repositories, such as government-controlled databases which can be used during an investigation.
These databases house public records, but often require some form of application or payment to be searched.
Examples include company records; births, deaths and marriages; estates and wills; and other regulated industry data. If the case involves a criminal or civil court matter, then there will be records available for searching.
Such data can give your investigation the boost it needs by revealing interests and relationships not contained in public repositories.
The person you are investigating might be very private, but their associates might not be.
Today’s connected Web can reveal a lot about a person, even if they didn’t consent to having the information about them shared.
By using a combination of search, social and other data sources your investigation can easily reveal a lot about a person, or organisation, by proxy.
Including relations and associates is now an important factor in getting the most amount of information available.
5. Work history
Another source of information for your investigation is work history. Like government data, this might not be immediately available for free, but can be sourced specialist sources such as financial records.
LinkedIn is the go-to social network for professionals and from there someone’s work history can be investigated.
While looking into work history, don’t forget co-workers. People who have worked together know a lot about each other and this information can be readily shared online.
The amount of open source information available to investigation teams extends well beyond a regular Google search. Look at the numerous free and paid-for data sources which might give your investigation the edge.
There are also support services available which focus on the many different databases containing personal information.
As 2021 draws to a close, it is time to reflect on another very different year and look ahead to the promise 2022 brings.
Despite the ongoing challenges of the pandemic, 2021 was a busy year for the Polonious team and I’m delighted with the progress we made during the past 12 months.
Commitment to customers
Our customers always come first and this year we helped them improve their processes and drive innovation.
We saw our portfolio of customers across diverse sectors, including insurance, banking and education use Polonious to meet regulatory requirements and improve their end customer service, which is always welcome.
Another important step forward was that many customers got more use out of the product. Polonious is a feature-rich application and can be configured for any number of business cases or processes – without the need for custom code.
Please ask the team for advice on how to improve your workflow and customer service with Polonious and we’ll be more than happy to assist.
Exciting product development
As always, this year was a busy one for product development.
The Polonious application was enhanced with more features, improved usability and has kept up with the raft of regulatory compliance changes. These will be officially released in our 22.1 release early next year – stay tuned.
Need something added to help your business? Please do let us know what’s on your wish list and we will take a look at making it happen in future product releases.
More resources for investigators
In an exciting development, we’ve invested a lot more over the past 12 months to give investigators more independent resources to help them in their role.
We’ve published guides on the insurance industry code of practice changes, key metrics for special investigation units, and how Polonious compares with other technology options available to investigators.
These assets are designed to help investigators keep abreast of regulatory compliance mandates and improve the efficiency of their processes.
We also launched the new Polonious News e-mail newsletter this year, which is already seeing a great response from our customers and partners.
The monthly newsletter will deliver relevant and informative content straight to your inbox and keep you up to date with industry developments.
See you in 2022
To all our customers and partners, the Polonious team wishes everyone a safe and enjoyable holiday season and we’re looking forward to seeing you (in person!) again in 2022.
From all of us at Polonious.
Alastair Steel and Stuart Guthrie Polonious Founders and CEOs
During the International Association of Special Investigation Units (IASIU) conference held virtually on September 14 and 15, 2020, Polonious ran a panel discussion with some of the world’s leading investigation professionals. Investigation Insights contains new research into the performance, effectiveness and challenges of special investigation units, and communicates how better insights can drive improvements in productivity. You can download the full report here.
In this blog, we will review how referrals are garnered and why it is important to vet them properly.
When respondents were asked how cases were referred to them for investigation their responses were somewhat predictable. Most SIUs (85%) get referrals from claims units. Beyond that, other methods of sourcing referrals were reasonably evenly spread.
Figure 3: How cases are referred for investigation
Automated tools such as analytics engines using predictive analytics, machine learning, artificial intelligence and rules-based algorithms are employed by 50 per cent of organisations, 60 per cent use fraud hotlines, and 65 per cent said they seek out cases proactively. It is important to note though, that we did not ask what proportion of cases are referred from each of these sources.
A big surprise for us was that around half (52.63%) of respondents did not record the number of false positive referrals they receive — those that, on first glance from an experienced investigator, are clearly not going to go anywhere — from either an analytics tool or their claims unit.
Figure 4: Keeping track of false positives
A smaller but still significant percentage (38.89%) told us that when they did receive a false positive they did not feed the information back to the analytics tool in order to improve referrals.
There will always be claims that legitimately warrant suspicion but, upon investigation, turn out to be valid. Where you want to draw the line on level of suspicion is a matter for each SIU. You may only want to investigate “slam dunks”, or those with a 100 per cent strike rate, but risk a lot of potential fraud slipping through. Or you may want to investigate every possible case, but end up spending a lot of time on claims that turn out to be valid.
This triage process might not take a long time — but even if it takes about five minutes per case, after 100 false positives, you have lost a whole day of work. In SIUs with high case volumes, this adds up. And in SIUs with low case volumes, there is likely not much budget to waste on spinning wheels. At a minimum, reporting on raw numbers can identify some inefficiencies before putting pressure on investigators.
Compare this to the SIUs that did record false positives. About a sixth of those respondents had between 21 and 40 per cent of referrals as false positives, while a full quarter reported that between 41 and 60 per cent of their referrals turned out to be false positives.
Figure 5: What percentage of referrals are false positives
While this was just a quick questionnaire with a small sample size (only 12 respondents for this question), if the numbers are representative of the wider industry there is a big proportion of SIUs where around half their cases should not even have been referred to them for investigation. What’s more, around half of them would not even know a referral was a false positive.
As mentioned above, of the units that track false positives, almost 40 per cent are not feeding these back into the detection tool, so we would hope that these are not the units receiving 41 to 60 per cent false positives.
Figure 6: Proportion of organisations feeding results back into fraud detection tools
Analytics tools work by learning the flags for fraud — either through AI or through analysts updating the rules as they receive data. If false positives are not being fed back into these tools, they cannot update the rules, and they are going to keep sending you bad cases.
If you are getting 50 per cent false positives, you are paying investigators to read case details and not provide value. And if these results are not being used to enhance your detection systems, you are going to be doing that every quarter.
Many organisations end up relying on SaaS and other project management apps to handle their case and investigation management.
In the race to collaborate quickly, project managers offer an easy way to start a case management journey, but fall short when it comes to the complexity of properly dealing with investigations.
Let’s take a look at how project management apps fail to offer the features and compliance of an investigation management system.
Starting from scratch
If your team is tasked with managing projects that relate to customer case and investigations then SaaS project management apps like Trello and Basecamp look like great starting points.
Teams realise they need something that is online and collaborative, and all members need to work together. They also realise that it is a case management and workflow challenge they are facing, which are often not met by office documents.
Project management apps often have complete to-do lists, the ability to record statuses, and can add participants in an ad-hoc manner: All of which are key attributes you need in an investigation system.
Many also allow you to collect artifacts like images, videos and documents.
SaaS project managers are generally available and people will use them because they require little, if any, procurement process. They are used throughout the business for general things like customer support, which can morph into “case management”.
This is how organisations typically end up using SaaS project managers for case and investigation management.
Discovering the drawbacks
While easy to procure, and offer some positives, there are numerous disadvantages with project management apps for investigation management.
What they generally lack is rigour. One of the key things in investigations is understanding how you arrived at the conclusions you make.
At numerous steps along the way key decisions have to be recorded as to whether you proceed or don’t proceed and how you proceed in an investigation. And the people making those decisions and their reasoning have to be auditable.
Project managers generally follow a predefined process, but those processes are not designed to ensure procedural fairness, regulatory compliance or track provenance of evidence collected.
They also lack the detailed compliance requirements and controls which would have to be added into the system and maintained separately.
For example, project managers often enable users to delete comments and documents without having a full audit trail, or the ability to recover those documents.
But I’m already using a project manager for investigations…
If you are already using project management apps for investigations then you need to be wary of the pitfalls.
At their core project managers address some of the requirements for investigation management, but they lack the focus of an investigation management tool miss many of the features you would find in a dedicated application.
The reality is there are not many benefits to using a project tool for investigation management as they quickly struggle with the intended purpose and often lack the ability to cross reference entities that are involved in multiple cases.
For example, simple things like sharing documents and applying security often results in you having to apply this to every case which requires a lot more manual work.
Moving up to dedicated investigation management
If you find yourself using a project manager for investigations look at moving to a purpose built system to avoid a lot of headache and compliance problems in the future.
A big problem is getting the case data out of the SaaS project management app and then being able to use it for better investigation management, so be wary of that if your team is starting to rely more on project managers.
Another thing to note is separating the cases that have more compliance requirements, these are likely to demand proper investigation management as you grow.
Additional steps to take include:
Identify the key risks that need to be managed within the process such as the ID of vulnerable people, protection of whistleblowers, regulatory reporting requirements.
If you need to conduct cases within a legislative framework.
Getting the right stakeholders. Are the right people in your organisation seeing the case data and what should be deemed an investigation?
It is rare that a project management tool has the ability to share data well outside the project team.
Polonious can share data with all of the participants involved appropriately whether they are working as part of the team; line managers or senior management; or external suppliers and vendors; and even participants in the process such as claimants and customers.
With proper investigation management you can be transparent without exposing restricted data outside those who should have access.
Australia’s insurance industry is undergoing the biggest regulatory and compliance changes in its history, and these changes will significantly impact investigation teams.
The Insurance Council of Australia (ICA) has released a new General Insurance Code of Practice, and all insurers were required to implement the changes by July 1, 2021. The changes are legally binding and, as of July 1, 2021, organisations can be fined for non-compliance. These fines can amount to hundreds of thousands of dollars.
To avoid penalties and compliance headaches, insurers will need to change their business to comply with the new regulations, which must be met in their entirety, as opposed to a piecemeal approach. The new Code is a result of a two-year review by the ICA, which invited input and recommendations from various organisations.
Australia’s insurance industry leaders must act now to bring their investigation teams, and the wider organisation, in line with the changes. Investigation teams will be pressured by the more detailed compliance requirements, but this does not mean there are no business imperatives.
I this blog, we will look at what changes for investigation teams.
Teams must adapt immediately
The Insurance Council’s Code of Practice changes will have an immediate impact on investigation teams and how they conduct their work, including much more detailed measurements of the actions being taken.
An extensive summary of the Code of Practice can be downloaded from the Web site. The many changes to the Code of Practice will apply significant pressure on insurers’ investigation units, including:
Stricter requirements in relation to actions being taken by the investigators (e.g. 90-minute time limits For investigation interviews)
More mandated regulation which will override any self-regulation, with penalties for non-compliance
A push for more transparency for claimants
To cite a simple, but profound, example, there will now be a cap of 90 minutes on the length of an interview that an investigator can undertake. Previously, there was no time limit. Moreover there is a total limit of four (4) hours during the complete course of the investigation.
Changes such as these will apply a degree of pressure on insurers to get the information they need within that timeframe so they don’t fall foul of the requirements.
Having an unlimited amount of time previously meant that investigators did not need to worry about the pace of the interview. Now, if they go over that allotted time, they will need to explain why, and justify it.
Collecting all the necessary details to make a determination of a claim in 240 minutes of allowed interview time will be challenging in complex cases, so investigators will need to be better prepared in order to meet those strict requirements.
Should they need more time, the investigator will need to ask permission from insurers to extend the interview time and will need to record the agreement and the reasons behind it.
In another example, Part 15 of the new Code speaks to the claims investigation standards. In paragraph 73 it states, “If we appoint someone to investigate your claim, then within 5 business days, we will inform you of their appointment and what their role is”.
These are just a few of many requirements specified for investigation teams in the new Code.
What triggered the changes?
The changes come after the Insurance Council of Australia identified a number of failings in the investigation industry which have resulted in claimants being treated in an unfair manner. And little has been done to address this, despite many opportunities to do so in recent years.
Previously, the industry was self-regulated, which didn’t lead to the changes the industry needed. Neither did it bring any well-defined rules. It remains to be seen if existing investigation units will be capable of meeting the new requirements as insurers typically have thousands of investigations running at any given time.
The reforms are also designed to create more openness and transparency for the claimant, with clearly defined processes requiring strict compliance. Investigators not informing the claimant of the progress of their claim, or their obligations around the investigation, can lead to many people dropping out of a claim. If the process drags on indefinitely, many people just want it to end and will withdraw the claim.
SIU Insights report 2021How do you compare to other SIUs?
Check out some interesting results from our SIU management survey. Submit below form to receive the download link and related updates going forward.
GICOP changes 2021Download the GICOP whitepaper and stay compliant.
Our whitepaper covers all aspects you need to know to stay compliant with the latest GICOP changes coming into effect in 2021. Submit below form to receive the download link and related updates going forward.