Benefits of Moving to AWS

Benefits of Moving to AWS

Polonious offers a number of hosting options, primarily focused on AWS but including self-hosting by clients as well as hosting on Polonious’ own co-located servers. However, over the last few years most new clients have signed up for our AWS hosting option, and Polonious has successfully migrated many companies into the AWS cloud.

This is often requested in order to meet ever-increasing security and compliance requirements. Technical requirements such as stronger network security, encryption in transit and at rest, and secure log retention as well as operational requirements such Business Continuity and Disaster Recovery, where AWS offers multiple levels of redundancy versus co-located servers, and especially versus self/on-premises hosting. Polonious’ Knox Grade infrastructure is easy to implement on AWS and, together with AWS’ own security setup, provides ISO27001 certified levels of confidentiality, integrity and availability.

For these reasons, many organisations are moving computing services to the cloud, not just case management. With deep AWS product knowledge and close working relationships with clients, Polonious can help you implement a secure, robust cost-effective cloud solution.

This blog will help you understand the benefits AWS brings to our clients, to help you determine which solution works best for your organization.

This blog will address:

  • What is AWS (Amazon Web Services)
  • Benefits of AWS
  • How we can help

What is AWS

AWS stands for Amazon Web Services, the world’s “most comprehensive and broadly adopted cloud platform”. AWS helps millions to:

  • Lower their business costs, by only paying for cloud services and storage they need
  • Become more agile, offering systems you can access from anywhere in the world
  • Innovate faster, removing time spent worrying about in-house servers and software

Amazon Web Services (AWS) provides a reliable, scalable and low-cost infrastructure platform powering businesses in 190 countries around the world. It can help streamline fragmented processes, speed up project delivery, and reduce company costs. 

AWS encompasses many services, including everything from databases to machine learning. Popular services include AWS RDS (reliable database services), AWS S3 (simple, secure storage) and AWS EC2 (scalable compute capacity). Polonious uses all those services for our AWS hosting option.

According to Yahoo Finance, Amazon Web Services are trusted by some of the world’s largest companies, including Unilever, Intel and Dropbox. However, Amazon’s cloud service is a good choice for virtually every type of company, no matter how big or small. From a start up to a Fortune 500 company, every business has the option to customize a spot for themselves on the cloud.

Benefits of AWS

Data Protection and Encryption

All data on the AWS network is automatically encrypted including data in transit and at rest. With AWS, you can control where your data is stored, who can access it, and what resources your organization is consuming at any given moment. Fine-grain identity and access controls combined with continuous monitoring for near real-time security information ensures that the right resources have the right access at all times. 

Point-in-time recovery and continuous backup

Polonious on AWS offers detailed backup and recovery options, with daily snapshots of the database and backups of the transaction logs for 35 days (created in 5 minute intervals). This transaction log can be used to roll back data to any day and time within the last 35 days and allows a RPO of only 5 minutes. Additionally nightly snapshots of the database are created and stored for 10 days.

Governance, Risk and Compliance

Given the gravity, complexity, and growing number of risks that organizations face, the regulatory/compliance landscape is rapidly evolving. AWS supports more security standards and compliance certifications than any other offering, including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, helping satisfy compliance requirements for virtually every regulatory agency around the globe. Enhanced data security ensures compliance with relevant regulatory requirements. Take a look at the AWS compliance programs.

Performance

One of the key benefits of AWS migration is enhanced performance. Using the AWS cloud platform you could easily deploy, manage, and monitor your applications. Thus bringing better alignment between application utilization and business performance. 

Enhanced Security

Data theft and cybersecurity are an increasing risk to many companies; learn more about the nature of these crimes in: Workplace Fraud: 3 Common Data Theft Schemes. AWS offers way more security as compared to a company’s own hosted website or storage. AWS has redundant data centers in all major jurisdictions around the globe.  This allows for sophisticated failover solutions that are hard to implement on-premise or via co-located server centers.

How Polonious can Help

Polonious has led multiple migration projects which allows our clients to enjoy the benefits of enhanced security, compliance and performance. Using our technical and legal expertise, we help organizations through all the phases of migration projects from discovery to execution. Polonious offers a multi-stage approach to transformation: diagnosing the state of your current hosting solution, creating the best AWS migration strategy for you, then transitioning your instance. We take the time to ensure that your cloud migration goes smoothly and is in-line with your company goals.

Polonious’ Knox Grade infrastructure is ISO27001 compliant, meaning it meets internationally recognised security standards. This infrastructure comes with intrusion and threat detection, secure web application firewalls, and detailed backup and point-in-time recovery. Additionally, it is regularly penetration tested and drilled against various disaster recovery scenarios. The Polonious Case Management Software offers an opportunity to take advantage of better methodologies, technology and workflows to integrate compliance and customer service into everyday processes.

Our team is experienced in large-scale AWS migrations, having led many successful migration projects.

AWS is 'Amazon Web Services', one of the leading cloud hosting providers.

AWS is ‘Amazon Web Services’, one of the leading cloud hosting providers.

Benefits of migrating to AWS include improved backup, recovery, and availability options, as well as easier installation of our Knox Grade security options.

Benefits of migrating to AWS include improved backup, recovery, and availability options, as well as easier installation of our Knox Grade security options.

Migrate to AWS Now

Are you an existing co-located or on-premise hosted customer? Or a new customer who would like to explore secure case management hosted on AWS? Contact us today.

Investigation insights: How to take hold of referral sources

Investigation insights: How to take hold of referral sources

Polonious_Investigation Insights Study Cover

During the International Association of Special Investigation Units (IASIU) conference held virtually on September 14 and 15, 2020, Polonious ran a panel discussion with some of the world’s leading investigation professionals. Investigation Insights contains new research into the performance, effectiveness and challenges of special investigation units, and communicates how better insights can drive improvements in productivity. You can download the full report here.

In this blog, we will review how referrals are garnered and why it is important to vet them properly.

When respondents were asked how cases were referred to them for investigation their responses were somewhat predictable. Most SIUs (85%) get referrals from claims units. Beyond that, other methods of sourcing referrals were reasonably evenly spread.

 

Figure 3: How cases are referred for investigation

 

Automated tools such as analytics engines using predictive analytics, machine learning, artificial intelligence and rules-based algorithms are employed by 50 per cent of organisations, 60 per cent use fraud hotlines, and 65 per cent said they seek out cases proactively.
It is important to note though, that we did not ask what proportion of cases are referred from each of these sources.

A big surprise for us was that around half (52.63%) of respondents did not record the number of false positive referrals they receive — those that, on first glance from an experienced investigator, are clearly not going to go anywhere — from either an analytics tool or their claims unit.

 

Figure 4: Keeping track of false positives

 

A smaller but still significant percentage (38.89%) told us that when they did receive a false positive they did not feed the information back to the analytics tool in order to improve referrals.

Triaging referrals

There will always be claims that legitimately warrant suspicion but, upon investigation, turn out to be valid. Where you want to draw the line on level of suspicion is a matter for each SIU. You may only want to investigate “slam dunks”, or those with a 100 per cent strike rate, but risk a lot of potential fraud slipping through. Or you may want to investigate every possible case, but end up spending a lot of time on claims that turn out to be valid.

This triage process might not take a long time — but even if it takes about five minutes per case, after 100 false positives, you have lost a whole day of work. In SIUs with high case volumes, this adds up. And in SIUs with low case volumes, there is likely not much budget to waste on spinning wheels.
At a minimum, reporting on raw numbers can identify some inefficiencies before putting pressure on investigators.

Compare this to the SIUs that did record false positives. About a sixth of those respondents had between 21 and 40 per cent of referrals as false positives, while a full quarter reported that between 41 and 60 per cent of their referrals turned out to be false positives.

 

Polonious SIU Metrics Report Figure5

Figure 5: What percentage of referrals are false positives

 

While this was just a quick questionnaire with a small sample size (only 12 respondents for this question), if the numbers are representative of the wider industry there is a big proportion of SIUs where around half their cases should not even have been referred to them for investigation. What’s more, around half of them would not even know a referral was a false positive.

As mentioned above, of the units that track false positives, almost 40 per cent are not feeding these back into the detection tool, so we would hope that these are not the units receiving 41 to 60 per cent false positives.

 

Figure 6: Proportion of organisations feeding results back into fraud detection tools

 

Analytics tools work by learning the flags for fraud — either through AI or through analysts updating the rules as they receive data. If false positives are not being fed back into these tools, they cannot update the rules, and they are going to keep sending you bad cases.

If you are getting 50 per cent false positives, you are paying investigators to read case details and not provide value. And if these results are not being used to enhance your detection systems, you are going to be doing that every quarter.

The huge cost of insurance fraud: $40B a year in the US alone

The huge cost of insurance fraud: $40B a year in the US alone

Polonious is a market leader when it comes to helping insurance companies combat insurance fraud and other forms of malpractice. What does this mean for insurance companies? Quite a lot it seems. While it is difficult to know exactly how much fraud costs the insurance industry, we do know it is big business.

In the US, the FBI estimates the total cost of insurance fraud (non-health insurance) is estimated to be more than $US40 billion per year, which translates to between $400 and $700 per year in the form of increased premiums for the average family. With more than 7,000 companies collecting over $1 trillion in premiums each year in the US, the size of the industry provides more opportunities and bigger incentives for committing illegal activities, according to the FBI.

In Australia, the Insurance Council of Australia reports the most common form of insurance fraud to be the exaggeration of personal claims, or “opportunistic fraud”. In contrast, premeditated, or planned, frauds are usually committed by the professional fraudster and often by organised criminal gangs. According to the ICA, while the total cost of insurance fraud is difficult to estimate with precision, in 2017 insurers detected $AU280 million in fraudulent claims across all insurance classes, excluding those relating to health insurance or personal injury (CTP, Government run Workers compensation etc). With this figure the amount of detected insurance fraud, the amount that goes undetected is likely to be much higher.

According to the Insurance Information Institute (III), common types of fraud activity include “padding”, or inflating claims; misrepresenting facts on an insurance application; submitting claims for injuries or damage that never occurred; and staging accidents.

Customer service quality also plays some part in the fraud prevention cycle as some level of fraud committed by consumers can be driven by “revenge” or “retaliation” for a personal service exchange which they think is unfair.

Checking the types of insurance fraud

According to the III, the types of fraud insurance firms must work to combat include:

  • Auto insurance fraud: Auto insurance fraud ranges from misrepresenting facts on insurance applications and inflating insurance claims to staging accidents and submitting claim forms for injuries or damage that never occurred, to false reports of stolen vehicles.
  • Healthcare fraud: Although healthcare insurance is generally outside the purview of property/casualty insurance, healthcare fraud affects all types of property/casualty insurance coverage that include a medical care component, such as medical payments for auto accident victims or workers injured in the workplace.
  • Workers compensation fraud: Employers who misrepresent their payroll or the type of work carried out by their workers to pay lower premiums are committing workers compensation fraud. Some employers also apply for coverage under different names to foil attempts to recover monies owed on previous policies or to avoid detection of their poor claim record.
  • Property fraud: When disasters strike some individuals or groups see an opportunity to file claims that are either exaggerated or completely false. Some even intentionally damage property after a disaster to receive a higher payout.

For these reasons it is important to have a canonical audit trail of activity to identify and prevent fraud before it happens.

Polonious Co-CEO Alastair Steel, says insurance fraud can be dramatically reduced with more timely and accurate information that tracks all of the many moving parts of a claim or investigation. As we have discussed in other blogs, merely identifying potential fraud will not reduce the cost of the identified fraud. Simply adding notes to the claims system or customer files will not adequately manage a complex fraud investigation. Lastly, if you’re not tracking the amounts you save versus the costs of the investigation, you can’t be clear on on the value you’re providing.

A dedicated case management system is the hub that brings all of your monitoring and insights together – insights from your claims handlers looking at files and insights from your analytics engines running over your data – and helps your investigators turn them into strong briefs you can use to deny fraudulent claims or recover those already paid. Lastly, all of your reporting can be used to identify trends and feed back into analytics, to help you identify more fraud.

With GICoP now in force, download our free compliance guide

With GICoP now in force, download our free compliance guide

With GICoP now in force, download our free compliance guideAustralia’s insurance industry is undergoing the biggest regulatory and compliance changes in its history and Polonious is at the forefront of tracking the changes.

To help you keep up, we have prepared a report detailing how the changes directly impact insurance companies.

The guide, New General Insurance Code of Practice: A reference guide to how changes will impact fraud investigations, outlines the penalties for non-compliance and shows how you can not only meet the compliance requirements, but improve your business as a result.

Download your free copy now to:

  • Make sense of the new legally binding investigation rules as they apply to investigators
  • Learn how compliance can help you avoid heavy financial penalties
  • Avoid breaches being escalated to AFCA and ASIC
  • Use the changes as an opportunity to streamline your business
  • Improve investigation information management with new technology
  • Boost customer satisfaction and relationships, and increase referral marketing

Keep ahead of compliance

The guide also helps you quickly locate the 42 points in the new code that affect insurance investigations with its included summary.

If you would like a printed copy, ask us and we will get one mailed to you. Also, If you would like guidance in managing the new General Insurance Code of Practice, contact Polonious Systems today.

Since 2005, Polonious Systems has provided scalable workflow management and risk assessment software to businesses of all sizes. We are committed to staying ahead of technological advancements and providing advice and support with IT capabilities across insurance investigation, banking, private investigations, and education. We’re renowned for our wealth of experience, professional conduct, and willingness to support our clients comprehensively.

If you would like assistance in managing and understanding the new General Insurance Code of Practice, contact the Polonious Systems team and find out what we can do for you.

Why office apps, word processors and spreadsheets fail the investigation management test

Why office apps, word processors and spreadsheets fail the investigation management test

How Polonious compares with office tools for investigation management

How Polonious compares with office tools for investigation management

In part three of this blog series, counting the benefits of dedicated investigation systems, we will look at why every day office apps like word processors and spreadsheets are not up to the task for real-world investigation teams.

Let’s take a look at the typical challenges organisations face with office tools and the steps you can take to move to a more structured and purpose-built application like Polonious.

 

The office approach

With office tools – either Web-based, desktop, or mobile – being readily available to most insurance professionals there is little to no barrier to using them for investigations management.

Once started, teams can easily get caught up in a complex web of documents and calculations which is neither scalable or transferable.

When it comes to doing case and investigation management with office tools, organisations are typically taking a mixed approach where different solutions are used for different parts of the process.

For example, case intake is often done via email and, although this is easier than picking up the mail in the morning, some 15 per cent of all current email is unencrypted so personally identifiable information (PII) data is potentially exposed during routine email (and document attachment) transmissions.

With email at the centre of the workflow, teams then typically tag emails in some way for future reference.

Next cab off the office rank is some form of file storage, either local or in the Cloud, which then becomes a second source of truth for the team. Then data is often stored in spreadsheets to track the case’s progress and reporting on completion.

 

Problems with office tools

As a cursory review of how office tools are typically used shows, there are many moving parts and siloed information sources, and this only gets worse as case and investigation complexity increases.

The main drawbacks with using office tools for investigations is there is no single source of truth. To understand what has happened, many systems need to be accessed and, adding to the problem, there is no single security framework.

Are there any benefits, or use cases, for office tools for investigations? In most cases, word processing is still a requirement, as is accounting, but they should only be used where they add value.

Once used, the documents should be converted to a more permanent format, such as a PDF and (in the case of the word document) the original destroyed. The same should be done for spreadsheet data for reporting.

Spreadsheets rarely have direct links to the source data and can easily be manipulated over time.

Don’t forget security is an ever increasing concern and using disparate solutions increases that risk across an organisation.

 

Going from office tools to a proper investigations system

If you have stretched the limits of what is possible with office tools and are starting to experience the fundamental problems with them, Polonious can help you move on to our dedicated case and investigations management platform.

Office tools have uses, but Polonious ensures there is a single framework that controls the workflow, security, reporting and audit requirements necessary for every investigation.

Steps you can take to “graduate” from office tools to a more structured and purpose-built application like Polonious begin with mapping out all the steps and systems you currently use; and working toward automating all, or at least the majority, of those in a single solution. You can start by clicking here to have a chat with Polonious staff about your needs.

There are also challenges and risks of office tools not keeping up with a constantly changing regulatory environment.

Office tools are terrible at ensuring compliance as they rely heavily on checklists and manually-entered dates.

Move up from disparate office tools and give your case and investigations management capability the edge with Polonious.

Investigation Insights: Download our new research report into the effectiveness of SIUs

Investigation Insights: Download our new research report into the effectiveness of SIUs

The team at Polonious is pleased to announce the release of our new research report, Investigation Insights.

Investigation Insights contains new research into the performance, effectiveness and challenges of special investigation units, and communicates how better insights can drive improvements in productivity.

During the International Association of Special Investigation Units (IASIU) conference held virtually on September 14 and 15, 2020, Polonious ran a panel discussion with some of the world’s leading investigation professionals.

Prior to the panel a short survey was conducted with 24 of the investigation professionals about approaches to performance management within SIUs, and the results were remarkable.

  • Almost a third of respondents do not have a system for measuring the effectiveness of the SIU, and about a third of those that do measure effectiveness are not allocating costs.
  • Around half of respondents do not record the number of false positive referrals regardless of source — whether they come from claims teams or from automated tools.
  • Limited tracking and reporting of false positives has a detrimental effect, because processes cannot be improved without this information.
  • Around 80 per cent of respondents measure performance of the SIU by the number of referrals. Number of referrals in isolation limits the ability for the SIU to improve customer service or identify opportunities for automation and must be seen in the context with other measures — especially considering the number of false positives and rejected claims.
  • A significant measure of the contribution an SIU makes to the organisation is ROI — costs versus savings on claims — but few respondents are tracking those reliably.
  • Many respondents are taking indirect measures such as training to improve SIU performance.
  • In terms of productivity, most organisations are using broad measures such as cycle time, but not looking at more granular indicators like time per stage.
  • Looking more closely at productivity can identify faults in the investigation process and improve overall performance of the SIU.
  • Less than half of respondents measure the quality of investigations, which means more than half are leaving themselves vulnerable if findings are disputed.
  • Less than half of respondents apply measurements of productivity and performance to the vendors they use.

The research uncovered a generally low level of detailed performance measurement and Polonious recommends detailed performance information being fed back to managers to improve referrals and find efficiencies that will drive value for SIUs. You can download the report from our website here.

SIU Insights report 2021How do you compare to other SIUs?

Check out some interesting results from our SIU management survey. Submit below form to receive the download link and related updates going forward.

GICOP changes 2021Download the GICOP whitepaper and stay compliant.

Our whitepaper covers all aspects you need to know to stay compliant with the latest GICOP changes coming into effect in 2021. Submit below form to receive the download link and related updates going forward.