Developing an in-house investigation management app? Here are the DIY challenges and risks

Developing an in-house investigation management app? Here are the DIY challenges and risks

How Polonious compares to DIY investigation management apps

How Polonious compares to DIY investigation apps

When enterprise and government organisations develop their own applications it is usually in response to a lack of an off-the-shelf product to meet a business need. Investigation management is a specialised requirement which can lead to many types of custom processes and software – from spreadsheets to Web applications.

In this blog we will take a look at the challenges and risks of going it alone for your investigation management needs.

Starting small looks promising

A typical approach organisations take when it comes to developing in-house investigation applications involves finding someone known, the “spotty nephew”, and asking them how much it would cost to build a simple system to manage investigations.

The developer then finds a database, or existing app, which looks simple to manipulate and starts adding fields and linking them to other pages with more fields. And in the end you’ve got a case management system.

But cobbling together different systems (client system, CRM, projects, etc) and calling it an investigation management system involves a lot of custom code or custom integrations, which is problematic, even in the immediate term.

This is typical of the mid-market where there is often a mature IT team. Their challenge will not be what is required to build an investigations management system, but to prioritise that above the core requirements of the business they service.

The developers could write a great case management system, but if they are supporting the day to day business of an enterprise they will have constant conflict between the project and their core business. When they need to ask “what do we do?” the focus will always be drawn to the main business.

DIY carries challenges and risks

Many organisations have had no end of trouble with custom-developed software and a DIY investigation management system is even more of a challenge.

Some of the challenges and risks of a DIY approach organisations might not consider include:

  • Total cost. It is easy to underestimate the TCO of a custom app, including the initial development cost and support. Including time spent finding the right technology platform that will actually work.
  • Maintenance. The maintainability of the code or system must be considered. For example, what happens when something needs to be upgraded or reaches end of life?
  • Skills. You need to hire the best people to continue to develop and maintain it and good people are hard to find and keep.
  • Security. There is also ongoing effort for security maintenance, including the security implications of poor practice, vulnerabilities, and compromises. You also need to ensure regular penetration tests and certifications are maintained.
  • Compliance. Underestimating the depth and breadth of what is required for compliance with regulations like the General Insurance Code of Practice. Can DIY keep up with a constantly changing regulatory environment? Yes, but it’s very hard and it is continuous.
  • Emerging tech. DIY requires you to update the platform over the years as technology is always changing. The system will need to keep up with emerging technologies, including mobile, IoT and cloud.
  • Knowledge management. Investigators have a wealth of knowledge, but is this being translated into the DIY product? You need to have everyone involved in the process on board with the product at all times.
  • Data integration. A good investigations management system will collate data from multiple sources and this needs to be factored into a DIY app. See this blog for more on Polonious’ integrations journey.
  • Usability and acceptance. You also need to ensure staff are able to use the product and get business value out of it.

Replace customisation with configuration

Polonious helps organisations that might need a customised app or process for a unique requirement by enabling configuration throughout our application.

We avoid code level “customisation” and focus on configuration, which is the ideal middle ground. If you have custom requirements then you can configure Polonious to meet the need without time consuming and expensive code changes.

Polonious has a common code base that services all customers, from which many customers have configured Polonious to meet their specific business requirements. However, Polonious is constantly adding new features, with further configurability, in response to customer demand and can also deploy new code as required.

For example, Polonious uses the SAME methodology to build out the business requirements of each customer, whether it is for insurance, banking, fraud or complaints. All of the processes are broken down into their basic elements and built up to be compliant with the appropriate regulation.

We enable customers to immediately focus on the desired product, whether it’s case reports, briefs of evidence, end of month or year reporting, and ensure that the data required is collected as part of the business process.

In summary, it is not a question of if an organisation can or cannot develop their own investigations system, but the time and materials required and ongoing investment often far outweighs any benefit. Failing to keep up with regulatory requirements is also a continual risk.

This blog has some more information on what you will need to build an investigations management application:

Buy or Build Investigation Management Systems

Worried about theft by staff? Start with these 5 steps

Worried about theft by staff? Start with these 5 steps

There are steps you can take to deal with theft in the workplace

There are steps you can take to deal with theft in the workplace

Theft by staff can be a problem for many organisations, particularly those with tempting things available to people.

Ideally, employee relations are at a level where theft is not a problem, but from time to time rogue staff can take advantage of their trusted position.

In this blog we will take a look at five immediate steps you can take in the event of stealing by staff members.

1. Is it really stealing?

First, make sure the act committed by the staff member is actually theft and not something they expect is available to them. For example, stationery items might be freely available to staff, but if limits are exceeded then there is a case for theft. Be sure to communicate to all staff what is free and what is not.

If you are working with material or information that is open to theft, then communicate this to staff and indicate there are serious punishments, including when there is collusion or a cover up by more than one staff member. The more transparent you are the less likely you are to have to deal with theft in the first place.

In fact, think twice about using the word “theft” as it implies criminality and you don’t want to have that label stick around if the accusation turned out to be false. Use terms like “violating company policy” instead of “theft”.

2. Have a policy

Like most things that involve a dispute, it is best to have a policy so managers have a clear understanding of the course of action to take.

Don’t think employee theft matters will be clear cuts, or should be handled in an ad-hoc way. Have a consistent policy for dealing with theft and make sure the policy template is recognised, and can be applied by, all the key stakeholders.

Theft cases can result in dismissal, so it is important you follow a proper process that is consistent with what is expected of staff rights.

3. Gather the evidence

If you suspect employee theft then it is vital to have evidence to support it. Falsely accusing someone of theft and taking action without proof are themselves risky and can expose the organisation to litigation.

Gather as much evidence as possible and look for a clear motive for theft. In most cases there will be a path you can follow and a theft incident is probably not isolated.

Evidence can be in the form of a video recording or audit trail of a data transfer. And sudden changes in an employee’s behaviour, or sudden a departure, can also raise red flags for theft. Polonious specialises in case management and helps organisations ensure there is a clear trail of evidence that can be reviewed by all stakeholders.

4. Act swiftly

If you have strong evidence theft was committed then don’t delay notifying the employee of their contract termination. The longer you delay the more opportunity there is for further theft.

During the termination make sure all of the employee’s contractual rights are adhered to and follow your company’s policy. When dealing with a difficult situation the last thing you want is for it to become messier and expose your organisation to any counter claims.

Moreover, don’t withhold or deduct anything from the employee’s termination pay, or do anything to “punish” the person on the way out. As part of your policy, have a processing for dealing with terminations due to misconduct and make sure you are covering any potentially difficult contracts or third-party notifications.

5. Assess any police involvement

Depending on the severity, many theft cases result in the employee being terminated without further action.

In the event of a severe case of theft – particularly those involving company data or other asset that can land the organisation in hot water – then assess escalating it to the appropriate authorities.

A police report might also be needed if you are pursuing an insurance claim relating the incident. If you do need to get the police involved, keep it quiet to avoid concerning other staff and risking any reputation damage.

With the right work culture you can avoid troublesome incidents like theft, but if you do have to act on it, it is important to have the right processes and tools to support your side of the dispute.

Keep your CRM for customer management, not fraud investigations

Keep your CRM for customer management, not fraud investigations

How Polonious compares with CRM tools

How Polonious compares with CRM tools

In part four of this blog series, counting the benefits of dedicated investigation systems, we will look at why company CRM systems are best used for customer relations and not fraud investigations. Customers are invariably involved in any investigation, but CRM systems are not designed, and lack the supporting information for, proper investigation management.

Let’s take a look at the typical challenges organisations face with CRMs for investigations and the steps you can take to move to a purpose-built application like Polonious.

 

First stop, the CRM

Organisations typically end up using CRMs for case and investigation management because investigations involve customers and the CRM is already available, either as part of an existing application portfolio or as a SaaS app.

On the surface, a CRM seems a fairly natural fit for case management as you can collect a lot of information relating to a customer, including: communication records; personal data; organisation data; notes; and to some extent documents. Where CRMs do not fit is with managing complex processes and compliance matters, which are very specialised to investigations management.

 

The investigative limits of CRMs

What are the main drawbacks of using a CRM for investigations? The first is CRMs lack investigative focus. CRMs are people focussed and, although people are central to most investigations, they are not the centre of the investigation itself.

In contrast, process is the centre of all investigations: The why, when, who, what, where and how and the evidence to prove all these elements are the centre of an investigation.

In addition, the investigative process needs to be fair and compliant, which is already well beyond what can be achieved in a CRM

Another problem arises when CRMs and investigations management are attempted to be used together.

A customer is definitely one role in an investigation, but the subject and all the witnesses are too, and they all need to be treated according to law, not the customer’s wishes.

 

Don’t count on customisation

CRMs can be customised, so why can’t you just add onto, or customise, your CRM for investigations?

The problems with customisation include:

  • Industry knowledge: It takes time and experience to gather the right information needed to conduct an investigation properly.
  • Skills: Customising a CRM will require the skills to do it properly.
  • Maintenance: Any technical or process changes, including compliance, must be continuously maintained, which can be a huge time and cost burden in the long term.

We’ll also cover more problems with customisation and the DIY approach in another blog.

 

Moving up to dedicated investigations management

Organisations can take steps to migrate to case and investigation management from a CRM, and benefit from a more structured and purpose-built application like Polonious.

These include:

  1. Map out your processes from start to finish
  2. Overlay these with all the regulatory requirements that need to be met
  3. Then include the reporting requirements and evidential requirements

Then your teams will start to see why a dedicated investigation management solution is a far superior option than trying to work with a CRM.

Polonious also provides all the CRM needs in relation to your customer, whether they are external or internal. And Polonious can help you report back to customers on KPIs as required.

It is also important to ensure the investigative activities undertaken are within the required legal or regulatory requirements and that all actions and evidence collected is available for future reference. Polonious does this as well.

Investigation management has elements of CRM in it, but conducting a proper and compliant investigation is vastly different when you consider the task more holistically.

New View Layout Builder

New View Layout Builder

Our new View Layout Builder, which was introduced in Polonious version 20.1 got additional capabilities with the recent 20.2 release, which we are introducing in this blog post.

The embedded video showcases how to configure a couple of widgets in the new view layout builder. This is an introduction to the ‘What You See Is What You Get’ configuration functionality being rolled out wherever possible across the system.

We have a number of very cool widgets available which we explain in a full instructional video we have available on request. However, for now we want to demonstrate the process of configuration with two basic widgets.

An important note on the new case view builder is that you can create a different view per case type. So you can e.g. show more photos on a surveillance case, fewer photos but more data on a factual or forensic case, and so on.

We believe your team can take on the task of building their own case views into a powerful, at-a-glance summary of the information most relevant to any particular case type.

So how does this help your team?

  • Easier configuration of case views – drag and drop widgets.
  • More flexible case views – move any info, anwhere.
  • More specific case views – more relevant info on cases.

 

Drag and drop view builder

Drag and drop configuration.

New View Intro Case View Page

In addition to being easier to build, the new Polonious view is much more flexible, and much cleaner.

So, what did we just see?

In an 8 minute video we added the main case data. In real life, you’ll do more building but less talking, so it’s very quick to build a whole view.

Different widgets have slightly different configuration, but it all follows roughly the same process. The more detailed widgets add more complexity, but it is still very easy.

We believe you can do this task now with no IT involvement required. This is a big saving in doing time, turnaround time and internal costs.

So what did we just see in terms of Polonious case view configuration?

You can easily select the case data you need to display for any particular case type.

It’s easy to lay it out in a neat, informative way that looks good in the new Polonious view.

You got a glimpse of the array of widgets available – please get in touch if you’d like to know more.

What else can we do with this new capability? What are the other possibilities?

With this new approach, and with the underlying functionality built out, it’s easier to add new widgets to further improve what you can do with the new case view.

We’ve also made it easier to upload new CSS to change the underlying look and feel in terms of background colours, logos, etc.

We hope you enjoy our new 20.2 release. We really look forward to seeing what your team are able to put together with this new capability.

If you have any questions or improvement suggestions, we are very keen to hear from you. Thank you.

Transcript

Hello it’s Nicholas from Polonious here with a quick introductory video to our new case layout feature. So this feature allows you to move everything around the page and lay it out whatever way you want, and it’s a new ‘what you see is what you get’ drag and drop tool that will allows you to completely change the layout of the case. We do have an instructional video on that coming but it is a 30-45 minute long video so not really good for an introduction. It has all of the details on how to set it up so if you’d like that, please get in touch with us, but for now we’re just going to give you a quick introduction.

So here, as you can see, is the old case view if you’re familiar with it, so on this there’s a lot of things that are fixed, it’s not movable and so what we’re going to do is just take some of this information here so you know what we should be seeing and then go just configure a couple of what we call widgets on the new case view. We won’t put all of this information on here just enough to show you how it works and then if you would like to get a breakdown of more of the widgets or things like that, or how you can replicate this case view then please get in touch with us for the instructional video.

So the first thing I’m going to do is enable a case view here so we’re going to make it the layout view, which is the new view, and we don’t have anything in here yet. I’ve selected this one so if we refresh this case it should go to the new view now, but there’s nothing on here because we haven’t set anything up, but you can see what was supposed to be on there before. So just to give you an example of this we’re just going to drag across say two field lists that kind of replicate that data that was at the stop at the top of the case and then just a table with a little bit of data in that.

So what we’ll do here is on this field list we’re going to grab some basic case data like the case number, a couple of organization levels, maybe a description, notes and a status and that should do us in this one for now. We’re going to select that we want the labels on the left, so this is just the names of each field that will be next to the values that tell you what it is. We’ll grab the details now, they can be left as they are and they will display like this or you can change them – so most of this is okay except this one doesn’t look particularly user friendly so we will just call that case status – and here you can change the number of rows, font size, formatting to make the labels look different, this is just the labels for now, and then we can also name the whole field. So this is to make sense of it in this view you can just name it as that and leave it with no heading or you can give it a heading and actually make it surface on the case view as well. Then you can justify that heading similar to what you can do with the details here, and then lastly we’re going to give it a size.

So everything in the new view the sizes are in fractions and that’s because the new view is responsive as well, so we don’t want to say it’s x number of pixels because then if you move between a big screen and a small screen and a mobile device it’s going to end up looking really strange with a lot of blank space or spilling over and having to scroll. So here you just set it out in rows that represent you know a kind of a full screen width or a couple of screens in length and then you set out a fraction so they space themselves according to the size of the screen, and if you’re on something really small like a mobile they’ll line up and down so that you can scroll through and it works better on a mobile. So for here we’re only doing two widgets on this line so we’ll make it a half. We’ll grab this one and just call it dates and financials and we’ll just grab a couple of dates here, allocated and completed is good enough for an example, labels on the left again, details we’ll leave as they are, and  we’ll call this dates and financials and give it a heading, make it half again. So that’s your basic field list widget that lets you pick data and just basically display the data as is with the label on the left and the value on the right.

Underneath that we’re going to show you a table which is useful for surfacing things like people, entities, and assets. We’ve got specific widgets for those as well where they will display a card with more detail on it, but this is a useful view for summarizing people attached to a case and things like that. So it depends on how you want to view that information as to whether you use this or the specific widget. So we’re going to drag a couple of details across here, this is a new thing where you can combine the last and first name – they’re separate fields in the database but we can join them and we’ll just call it last name-first name – and that’s just handy for display here. We’ll call this people and give it a heading and then the size, we’ve got one on that row so we’ll just make it a full width. 

So then we have a number of other widgets under here which I won’t go into now, but I do explain more in the full video that we’ve got, and so we’ve got a number of graphs that you can show on the case, you know useful things like radar charts good for QA, time series is good for budgets and things like that we’ve got a media viewer so for example if you’ve got a surveillance case you may want to surface photos or an accident case you may want to surface accident photos, cctv, things like that so you can surface that on the front of the case now rather than needing to go into doc preview, but for now that’s enough for our little intro.

So we will click away here and go back to this view and just refresh and you can see this data’s come up now, we’ve got half width for these here and we’ve got a table there and then we can go you can see that it’s pretty much what you see is what you get so we’ve laid it out like this and we’ve got a full width to half widths we can also move things around and so you can see that it’s a very easy drag and drop repositioning through some of those details that I showed you before. You can also change things like font size font color, things like that.

It’s very easy to reposition everything around here and it allows you to put anything where you want it, so it is a lot more powerful than the old case view and it’s a lot more configurable. The other important feature of this is that you can set a different one per case type so for example if you’re a private investigation firm and you have some factual cases and some surveillance cases you may want to put those photographs on a surveillance case but they might not be as important on a factual. So you don’t have to surface those on a factual, you can have more of those data fields where you fill out information that you found. So as I said, we have a longer video available if you want to know how to do this, for now it’s just telling you that it exists and that it’s pretty cool so I hope you like it and please get in touch – thanks.

Successful Polonious and Instinct Integration at Suncorp Bank

GBG Integration Partner

Suncorp have been a Polonious customer since mid-2019, where one of our use cases is supporting the investigation of external fraud. In late 2019 they approached us to expand to their Applications team. The use case was straightforward – the applications team conducts preliminary checks of potentially fraudulent applications – and similar to the existing workflows. However, the new use case required integration with GBG’s ‘Instinct’ platform.

Both Polonious and GBG have significantly improved their integration capabilities recently by adding APIs for case creation and case updating, including adding actions within Polonious. While Suncorp prepared the security infrastructure, Polonious and GBG did some preliminary work feeling out the connection requirements in several test environments. Once the infrastructure was ready, we had an approach worked out and were able to implement using our standard API.

This is not to say the project wasn’t without its challenges – they all have their quirks. The infrastructure security design changed a few times as it contacted reality, and needed to change again quite late in the project as a conflict was discovered with an IP range we had already been using in the production system without issue. After a bit of scrambling, we managed to make it work without fundamental changes to the already implemented infrastructure.

Despite the challenges, we delivered on time and on budget. We’ve made a few tweaks and improvements since going live, to handle unexpected data and different user styles. In the five (5) months since going live, the team continue to manage cases in Polonious.

The key benefits for the team have been:

  • Single view of all anti-fraud activities in their area
  • Ability to link cases to each other
  • Ability to link multiple cases to a single party
  • Accurate reporting
  • Ability to drag and drop documentation into the case file
  • Ability to have a clear timeline of events
  • Polonious allows for a summary report of any case to be extracted at any time, making it easy for Detection to provide to stakeholders, managers etc should they require additional information about a particular case.

Polonious Helps Investigation Startup Grow to National Heights

At Polonious World in May 17, Paul York shared some thoughts about his firm, the Fraud industry and his company’s adoption of Polonious.

The use of Polonious has helped with everything from investigators in the field to administration staff and monthly reporting for all project managers

When Surefact Australia launched its national investigation services four and half years ago, the company had a good opportunity to procure a modern case management tool and avoid a collection of disparate apps.

Surefact’s target market is large organisations, including government agencies, insurers and corporate entities. The company offers services on both sides of the investigation fence, from factual point of views and surveillance.

Surefact Australia director, Paul York, says the company has been able to focus on building up a strong reputation as a premium investigations firm and started using Polonious from the outset.

“I still recall, only a couple of weeks after we commenced Surefact as an entity, speaking with Polonious representatives,” York says. “So really the entire time since Surefact was born, Polonious came into our business.”

Polonious started in a small capacity at Surefact and has grown with the business and has been tailored to the operations.

Efficiencies from case management to admin and reporting

Polonious has delivered numerous efficiencies within Surefact and is used extensively throughout the business.

“I couldn’t actually bear to think about business not using Polonious,” York says. “The use of Polonious has helped us with everything from our investigators in the field, to our administration staff, right through to our monthly reporting for all our project managers.”

The company is also reaping many financial benefits from Polonious, including the reduction of labour costs in regards to data entry and efficiency, which York says has “really been profound within our business”.

“To give it an actual figure, it would be difficult to say, but I can guarantee that it has reduced our labour costs with the efficiencies of everything from online reporting right down to not having data storage within our own servers – we’re putting them all in the cloud.”

Tell us about your firm?

Surefact Australia is a national investigation firm. We look at large organisations, government organisations, insurers and large corporate entities. We’ve been live 4 and a half years, going along getting an appropriate? reputation in the industry. We have a big push on from both sides of the investigation – factual point of view and also surveillance, so we’re fairly close to 50/50.

How long have you been using Polonious?

I still recall, only a couple of weeks after we commenced Surefact as an entity, speaking with Andrew Simpson so really the entire time after Surefact was born, Polonious came into our business. We started in a very small scale and I suppose Polonious has grown with our business and suited / tailored to our business as well.

What does Polonious do for you?

It gives us great efficiencies within our business. I couldn’t actually bear to think about business not using Polonious. The use of Polonious has helped us with everything from our investigators in the field, to our administration staff, right through to our monthly reporting for all our PMs

Have you seen any Financial Benefits from using Polonious?

I believe we have, the reduction of labour costs in regards to data entry and efficiency have really been I suppose profound within our business. To give it an actual figure, it would be difficult to say but I can guarantee that it has reduced our labour costs with the efficiencies of everything from on-line reporting right down to not having data storage within our own servers, we’re putting them all in the cloud.

How are you enjoying the conference so far?

The conference is great today, it’s great to see everyone from the industry here and also to hear from our friends in IAG New Zealand. I’m really looking forward to the rest of the day to see how our competitors and also other people in our industry use Polonious.

[.$?*|{}() 0=”%91″ _i=”1″ _address=”1″ /][^; _i=”2″ _address=”2″ /][1 _i=”3″ _address=”3″ /]

GICOP changes 2021Download the GICOP whitepaper and stay compliant.

Our whitepaper covers all aspects you need to know to stay compliant with the latest GICOP changes coming into effect in 2021. Submit below form to receive the download link and related updates going forward.

SIU Insights report 2021How do you compare to other SIUs?

Check out some interesting results from our SIU management survey. Submit below form to receive the download link and related updates going forward.