In accordance with the Insurance Fraud Monitoring Framework, dated January 21, 2013 (hereinafter referred to as “the Framework”), SHAI is required to have in place an Anti-Fraud Policy (hereinafter referred to as “the Policy”), duly approved by the Board of Directors.
Further, as laid down in the “Guidelines on Insurance e-commerce” dated March 9, 2017, an Insurer is required to have a pro-active Anti-fraud policy for insurance e-commerce activities, which is to be approved by the Board of Directors.
Also, Corporate Governance Guidelines for Insurance Companies dated May 18, 2016 issued by IRDAI, requires insurance companies for formulation of an Anti-Fraud policy and framework for effective deterrence, prevention, detection and mitigation of frauds.
This Policy has been further devised to ensure that the anti-fraud framework is in line with the requirements as laid down under the regulation/guidelines, as well as it recognizes the principle of proportionality and reflects the nature, scale and complexity of the business of the Company and risks to which it is exposed. The Policy shall also provide guidance with respect to prevention, detection, mitigation and investigation into fraudulent activities.
Effective deployment of controls which will aid in the identification, detection, prevention and investigations of frauds reported. SHAI is dedicated to conducting business in a fair and honest manner, and will work to eliminate fraud from all activities. SHAI has a “Zero-Tolerance” stance to fraud and will not tolerate any dishonest or fraudulent behavior on the part of internal or external stakeholders.
This policy covers the following aspects:
- Provide systems and adequate system-based controls to identify proactively potential fraud areas, assess these and provide a framework of people, process, and technology-based controls of processes to prevent fraud
- Ensure that management understands the risk of fraud to the organization and establish a sound control environment through policies, procedures and controls to detect, monitor and mitigate occurrences of finds within various functions of SHAI that are vulnerable to the fraud risk
- Create ongoing awareness among all stakeholders including employees, clients and other parties having business relation with SHAI to deter them from indulging in fraudulent activities and measures to be taken by them in case they suspect any fraudulent activities.
- Provide a set of measures and procedures to respond adequately and quickly to frauds.
- Lay down procedures to report frauds to board, senior management and regulator and exchange of information on fraud and framework for reviewing the procedures from time to time
Applicability / Scope
This Policy applies to any fraud or suspected fraud involving employees as well as shareholders, consultants, vendors, contractors, outside agencies doing business with SHAI and/or any other parties having a business relationship with SHAI including insurance advisors/ brokers/ corporate agents of SHAI. The policy would also be applicable to policyholders and beneficiaries. Any investigation activity required will be conducted irrespective of the suspected wrongdoer’s length of service, position/title, or relationship to SHAI.
Zero Tolerance Policy
SHAI does not tolerate any unethical or dishonest behaviour, even if the result of the action benefits SHAI itself. Action as deemed fit will be initiated including termination and referring the case to appropriate government authorities.
Illustrative List of Frauds
Broadly, the potential areas of fraud include those committed by the officials of SHAI, SHAI’s agent/corporate agent/intermediary/TPAs and the policyholders/their nominees. Some of the examples of fraudulent acts/omissions include, but are not limited to the following:
a. Internal Fraud: Fraud / misappropriation against the insurer by its Director, Manager and/or any other officer or staff member (by whatever name called):
- Misappropriating funds
- Fraudulent financial reporting
- Overriding decline decisions so as to open accounts for family and friends
- Inflating expenses claims/over billing
- Paying false (or inflated) invoices, either self-prepared or obtained through collusion with suppliers
- Permitting special prices or privileges to customers, or granting business to favoured suppliers, for kickbacks/favours or misrepresentation of customer
- Forging signatures
- Removing money from customer accounts
- Falsifying documents
- Selling SHAI’s assets at below their true value in return for payment.
- Intentional concealment
- Collusion or nexus with concerned stakeholders
- System Fraud
b. Policyholder Fraud and Claims Fraud: Fraud against the insurer in the purchase and/or execution of an insurance product, including fraud at the time of making a claim:
- Exaggerating damages/loss
- Staging the occurrence of incidents
- Reporting and claiming of fictitious damage/loss
- Medical claims fraud
- Fraudulent Death Claim
- Non-Disclosure of Pre Existing Disease (PED) illness before taking policy
- Suppression of facts
- Duplicate or false claims
c. Intermediary Fraud: Fraud by Insurance Agents, Brokers, POSP, IMF, Corporate Agents
- Premium diversion-intermediary takes the premium from the purchaser and does not pass it to SHAI
- Inflates the premium, passing on the correct amount to SHAI and keeping the difference
- Non-disclosure or misrepresentation of the risk to reduce premiums
- Commission fraud – insuring non-existent policyholders while paying a first premium to SHAI, collecting commission and annulling the insurance by ceasing further premium payments.
- Collusion or nexus with concerned stakeholders
- Document Tampering, falsification of records and policy churning by the intermediaries to their advantage
The above list is illustrative and not exhaustive. To protect its e-commerce business, the company will also oversee the adoption of proactive fraud detection measures in conjecture with IRDAI Guidelines on insurance e-commerce.
1.1 Roles and Responsibilities
a. Appointment of Nodal Officer
- Every Zonal/Area office shall have a Nodal Officer at the level of Manager. Officer-in-Charge not below the level of DGM shall be the Competent Authority to appoint the Nodal Officer for these Offices. In Corporate Office there shall be a Nodal Officer not the below the rank of GM appointed by Executive Director who will act as overall coordinator of the entire organisation.
- Competent Authority concerned will notify the name and designation of link Nodal Officer who will discharge the duties and responsibilities of nodal officer during his/her leave.
- Nodal Officer(s) shall share the responsibility of prevention and detection of fraud and for implementing the “Fraud Prevention Policy” of SHAI. It is the responsibility of all Nodal Officer(s) to ensure that complete mechanism in respect of Fraud Prevention Policy is in place within his/her area of control to:
- Familiarise each employee with the measures to be taken for prevention and detection of fraud.
- Create a whistleblowing culture whereby employees are encouraged to report any fraud or suspected fraud which comes to their knowledge, without any fear of victimization. Promote awareness among the employees of ethical standards.
- Creating awareness among employees / intermediaries / policy holders to counter insurance frauds.
- Coordinating with the Vigilance Dept. to investigate the complaints of fraud and secure necessary documentary evidence
- Liaise with Human Resource Management, marketing, claims department to take disciplinary action against employees / intermediary under Conduct, Discipline and Appeal (CDA) Rules if they are found to have been involved
- Furnishing various reports on frauds to the Authority as stipulated in this regard and Furnish periodic reports to the Board for its review.
- The Nodal Officer shall implement the modules suggested by the Fraud Risk Mitigation Committee (FRMC) to create awareness among the employees and officers in fraud detection and mitigation.
- Employees and officers at every level, in every function, at all offices of SHAI and at all the locations have a responsibility to speak up when they believe that they have knowledge or suspect that fraud is being committed. As soon as it is learnt that a fraud or suspected fraud has taken or is likely to take place, they should immediately apprise the same to the concerned party as per the laid down whistleblowing policy in place.
Procedure for Fraud Monitoring
Internal Audit and Inspection Department and Vigilance Department operating in the organizational set up will have the primary responsibility to identify, detect, and report insurance frauds. While the Audit and Inspection Dept. will monitor fraudulent activities during their exercise, the Vigilance Department will carry out the exercise during their surprise inspection of offices from time to time.
SHAI will have well defined procedures to identify, detect, investigate and report frauds. The risk management, fraud monitoring department and Information technology will develop/ manage systems and framework and analytical tool methodologies to identify potential fraud areas/ red flags.
Identification and reporting of frauds
Reporter shall promptly communicate any concerns about unethical behaviour and report any actual or suspected incident of fraud or violations of the company policies on a confidential basis.
SHAI offers several channels for reporting any actual or suspected incident of fraud. Reporting entities are encouraged to use the channel with which they are most comfortable, starting with their manager or supervisor. Other reporting channels include:
- Whistle-blower reporting at email@example.com| firstname.lastname@example.org | WhatsApp No.7824877444
- Risk Team at email@example.com
- Another Manager or Supervisor
- The Chief Compliance Officer
- The Chief Risk Officer
- The Chief Human Resources Officer
- The Head of Internal Audit
- The Chief Executive Officer; and
- The Chairperson of the Audit Committee.
Address: Chairman, Audit Committee, Star Health and Allied Insurance Co Ltd, No.1, New Tank Street, Valluvar Kottam High Road, Nungambakkam, Chennai- 600034
Any whistle-blower who suspects dishonest or fraudulent activity shall notify the above mentioned party/s immediately, and should not attempt to personally conduct investigations or interviews/ interrogations related to any suspected fraudulent act.
All fraud investigation and related information will be treated confidentially. Investigation results will not be disclosed or discussed with anyone other than those who have a valid business need to know. This is important in order to avoid damaging the reputations of persons suspected but subsequently found innocent of wrongful conduct.
Security to Individuals
SHAI strongly encourages individual to report fraudulent activity. Any employee of SHAI making a report in good faith, can do so in the knowledge and confidence that the Board of Directors / senior management of SHAI will ensure that the act will not lead to the employee facing any recrimination, punishment or victimization.
However, any abuse of this protection (e.g. any false or bogus allegation made by an individual knowing them to be false or bogus or with a mala fide intention) will warrant action as deemed necessary by SHAI.
Based on the investigation findings, staff and intermediary accountability and complicity disciplinary measures will be decided. Efforts will be made to recover the loss amount fully. Based on the nature of the fraud, an internal committee may decide on suitable penal action as per the grid (disciplinary action matrix) defined or pursue the matter with other law enforcement agencies for appropriate action against the concerned person(s). An employee, intermediary and agent shall be subject to disciplinary action, including the termination of their employment, if the employee fails to cooperate in an investigation, or deliberately provides false information during an investigation.