Modern Insurance Magazine Issue 65
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Jonathan Drake<br />
IMPROVING AGILITY,<br />
MAINTAINING INTEGRITY<br />
Technology continues to improve our lives in many ways.<br />
It makes many tasks infinitely easier; we have access<br />
to exponentially more data than ever before, and the<br />
demarcation between reality and virtual reality seems to<br />
be ever decreasing.<br />
Consumer expectation has changed; our customers rightfully expect<br />
greater transparency, and a high standard of service delivered to<br />
them quickly. Exciting new tools help us to build capabilities that<br />
deliver what the customer expects, but is fraud getting worse, or<br />
are we just getting better at stopping it? I am frequently asked<br />
this question, often followed by queries asking how we are using<br />
technology to stop fraudsters in their tracks.<br />
For me, there is some truth in the quote ‘the more things change,<br />
the more things stay the same’. At a basic level, all fraudsters<br />
take a genuine process and exploit that for their own gain. Whilst<br />
the methods and tools they use have clearly become far more<br />
sophisticated, the basic premise remains unchanged. And while<br />
it may be convenient to think of fraud as a problem that can be<br />
solved, given the earliest reported frauds occurred circa 300B.C.,<br />
the likelihood of even the best technology stopping the problem<br />
altogether is very low.<br />
We see cyber-enabled fraud and risks increasing, but volume isn’t<br />
the only indicator. With methods changing, we are also finding<br />
and reporting on more cases than ever before. Complexity is also a<br />
measurement, and cyber enablement arguably makes it easier for the<br />
would-be fraudster to do many things, such as creating a fake alias,<br />
altering an image, or even stealing data.<br />
However, it’s not all bad news, and we need to remember the<br />
fact that most people are still genuine. Whilst technology creates<br />
opportunities for fraudsters, it also enables the industry to build<br />
multiple layers and controls. This not only helps to identify fraud,<br />
but more importantly, it helps the business to achieve its goals and<br />
protect its honest customers. The ever-increasing blend of human<br />
expertise and machine intelligence means that trends and issues can<br />
be identified in record time.<br />
Our key areas of focus lie around…<br />
Agility. The world of fraud is changing faster than ever before. We<br />
must monitor and respond to those trends very quickly, whether<br />
that means re-training machine learning models, or introducing new<br />
controls.<br />
Integrity. Whilst fraudsters are not bound by law and regulations, we<br />
are. It is therefore essential to maintain expected standards, whether<br />
that relates to the tools we use, the way we process data, or the<br />
outcomes we deliver to customers.<br />
People. Our people are one of our greatest strengths in fighting<br />
fraud, and we are always introducing new technology to support<br />
them. Automating basic tasks frees their time for complex issues,<br />
improving our agility whilst maintaining our integrity.<br />
Ben Fletcher,<br />
Head of Financial Crime, LV= General <strong>Insurance</strong><br />
FIGHTING MALICIOUS<br />
INSIDER THREATS<br />
Today’s digital world presents businesses with an<br />
ever-evolving list of threats to navigate, but ‘Insider Risk’<br />
is one that has been with us since the start, and it will never<br />
go away.<br />
But what is it? Well, if you need to ask, then you’re probably not<br />
doing enough to guard yourself against it! Insider risk is a threat<br />
to a firm that comes from its people. These can be employees,<br />
former employees, contractors or business associates – essentially<br />
anyone who has insider information. We all want to think the best of<br />
the people we work with, but it’s important to remain vigilant and<br />
protect yourself, your brand and your customers. Today, I’ll focus on<br />
what I consider the most pertinent form of insider risk; ‘malicious<br />
insider’ threats.<br />
A malicious insider is an individual who intentionally seeks to<br />
harm their organisation by stealing data or sabotaging systems, as<br />
opposed to an individual who makes an error or becomes a victim<br />
through naivety. An effective mitigation strategy combines technical<br />
controls, organisational policies, and behavioural monitoring.<br />
Outside of this, it is obviously preferable for businesses to mitigate<br />
against insider threats at source, by conducting thorough background<br />
checks during the hiring process to identify any red flags that may<br />
indicate potential for malicious behaviour. There are now several<br />
online tools, including our own Profile Finder+, which can link<br />
contact information to social media accounts, leaked datasets and<br />
hidden profiles. By vetting employees in this way, and conducting<br />
appropriate and thorough due diligence, your firm can better avoid<br />
the bad actors who pose the biggest threat.<br />
Of course, screening and background checks won’t mitigate against<br />
any unforeseen issues that arise in an employee’s personal and<br />
professional lives. Employee Assistance Programmes and regular staff<br />
surveys can go a long way towards addressing underlying issues with<br />
an individual before they consider resorting to malicious actions.<br />
Josh Bonser,<br />
Analyst Team Lead, NetWatch Global<br />
MODERN INSURANCE | 43