Fraud and surge events: the dangers when there is a need for speed

The Public Accounts Committee today (17 November 2021) published its report into fraud and error in the benefits system as part of the DWP Accounts 2020/21. In this report we recognise many problems faced by insurers when managing surge events and new/emerging risks.

The PAC reports that:

• The surge in demand on the benefits system and the need to respond to the societal need meant that fraud controls were not able to keep pace.
• Fraud and error in the benefits system doubled in 2020/21 – and that was from a level that was already the highest on record.
• DWP overpayment arising from fraud and error stands at £8.3 billion – 7.5% of the DWP benefit expenditure.

In this post we have regularly commented on how fraud attacks (and thrives on) weak process (see previous blogpost).

The scale of the process, and the range of users that a process needs to account for, will inevitably create more opportunities for fraudsters to exploit. Furthermore, the pressure on any process created by a surge will significantly increase the challenge of fraud prevention. For the DWP the nature of the challenge posed by the COVID-19 pandemic created a surge in claims that put more pressure on those processes. This additional pressure inevitably exposed more weaknesses.

We predicted this in 2020 in both our Fraud and COVID-19 report and in our webinar series.

For the DWP the first two months of the pandemic brought 100,000 people per day into the benefit system. Clearly most people were genuine claimants in need of help as the economy was being shuttered to stem infections. There was an understandable need to get the job done, but fraudsters were coming in too.  This included opportunistic fraudsters and organised groups taking advantage to make financial gain, as well as errors enriching people who took the opportunity to profit from this unintended good fortune. The report details some of the impacts and consequence of the fraudulent behaviour:

• £68 million was lost to organised crime groups perpetrating fraud by identity theft.
• This also caused 10,000 genuine claimants having benefits stopped and/or receiving demands to repay, which in turn causes additional stress for those claimants and on the DWP processes which then need to unpick the problem.
• There is little to no prospect of the losses incurred to fraud being recovered by the DWP.
• Trust in the process is eroded – both by the users and by ministers and tax paying public that manage and pay for the system.

And the above is an echo of fraud in insurance. The erosion of trust in insurers and the claims process. The burden placed on consumers through increased premiums. The leakage of money to organised crime that funds other criminal activity.

For insurers, the problem of surge events is encountered in claims and can happen for many reasons, from a sudden event causing many losses, to regulatory change deadlines forcing action, to a reduction in claims staff putting pressure on resources to manage claim volumes or the development of an emerging area of risk.

When this happens, it is our experience that it is vital to be on the front foot in thinking about fraud. The focus is understandably on meeting the genuine customer need and ensuring processes and teams are equipped to manage the extra workload, but it is (as the Public Accounts Committee report highlights) impossible to shut the door once the proverbial horse has bolted. Fraud prevention does not happen well after the fraud has occurred.

Here is our action plan for building fraud resilience into your surge event:

1. From the first meeting/discussions in responding to your surge event, give your fraud specialists a seat at the table.
2. Think about ensuring fraud prevention costs are built into any budgeting assessment to respond to the fraud event.
3. Recognise and be open to the fact that in needing to respond to increased demands on your service that you will be creating opportunity for fraud.
4. Look at where temporary fraud mitigation can be implemented.
5. Categorise scenarios which require a high priority response above others. Be open to creating a temporary tiered system that loosens fraud controls in those special categories but maintains them in other categories thereby limiting areas of vulnerability.
6. Ensuring fraud prevention and processing notices are built into the upfront communication with your customers/service users.
7. Review fraud detection processes, systems, etc. and update them quickly.
8. Don’t forget internal fraud awareness messaging. Your people will be busy and redeployment training will often focus on the technical requirements, but find a place for fraud in any retraining being delivered.
9. Seek to understand the drivers of the surge – both causes and the main players. Understanding the who and the why can help in devising strategies to deter and defend the claims.
10. Record where fraud controls are being relaxed in the short term and plan for them to be reintroduced at the earliest opportunity.
11. What gets measured doesn’t get forgotten; ensure you are tracking and measuring fraud and potential fraud.
12. Plan to revisit potential fraud after the surge is controlled. Look at fraud recoveries as a means of mopping up fraud leakage that may have occurred.

Surge events demand a need for speed; but don’t drive off without putting on your fraud prevention seat belt.