Insider Fraud on the Rise
Insider fraud is on the rise, but the good news is that the problem can be addressed with concrete steps by risk specialists.
The latest “2015/2016 Annual Global Fraud” survey commissioned by Kroll and carried out by the Economist Intelligence Unit, polled 768 senior executives worldwide across a broad range of industries from January through March of 2015.
Not only did three-quarters of respondents say their companies experienced fraud in the last year, but 81 percent of those companies said the scheme in question was perpetrated by an insider. That’s up from 72 percent in the previous year’s survey.
“Of those companies that experienced fraud where the perpetrator was known, four in five suffered at the hands of at least one insider.” — Kroll 2015/2016 Annual Global Fraud
Also, sixty-nine percent of those surveyed worldwide said the fraud they suffered resulted in a financial loss, up from 64 percent in the previous survey.
“The greater long-term threat to a company [today] is internal, specifically from corrupt employees who have access to private data, such as trade secrets, customer lists, proprietary software and the like, and the authority to spend money through the purchase of goods and services,” said Daniel Karson, Kroll’s chairman.
The survey clearly states that the biggest fraud threat to companies is the result of insider fraud.
“Of those companies that experienced fraud where the perpetrator was known, four in five suffered at the hands of at least once insider,” the survey revealed.
More than 36 percent of victims experienced fraud at the hands of their own senior or middle management; 45 percent by a junior employee; and 23 percent by the conduct of an agent or intermediary, the report stated.
So, what can risk managers do to mitigate the exposures Karson described?
Kroll’s report found that the most effective methods of preventing fraud were whistleblowers (representing 41 percent of uncovered frauds), external audits (31 percent), and internal audits (25 percent).
Karson said risk specialists should audit the cost they’re charged for goods and services so they know they’re paying market price and not being overcharged.
“That goes to [potential risk] of simply overpaying for goods and services as well as kickbacks paid to employees buying goods and services,” he said.
Beyond this, Karson recommended several other steps risk specialists should take on behalf of their organizations.
An employee code of conduct that’s enforced and reinforced through continued training is critical, he said. Also critical is a code of conduct developed for and agreed to by vendors.
“Can a company detect a kickback or bribe if it is paying 5 percent to 10 percent more for office supplies, or selling its goods to a foreign government? In most cases, it can’t without solid evidence. Its best defense is to deploy integrity tools that will have the same impact as a firewall.
“This is comprised of a comprehensive employee code of conduct, a vendor code of conduct, pre-employment background investigations, vendor screening, ethics training, whistleblower policies, a hotline, and the periodic audit of both purchase prices and tests to confirm that its vendors are bona fide companies,” Karson said.
“Together these are the tools that will reduce a business’s risk of internal fraud.
“Fraud thrives in an environment where rules are not in place, or where there is a perception that rules won’t be enforced, that audits are perfunctory, and that misconduct won’t be punished,” Karson said.
Gregory Bangs, chief underwriting officer of global crime at XL Catlin, agreed, pointing out that the U.S. and U.K. have been relatively successful in combatting the upswing toward insider crime.
“Unfortunately, employee fraud and third-party crime are on the increase around the world, so although we can point to the U.S. and the U.K. as the countries that have had the most success in limiting this increase, no country has been able to halt or reverse this trend,” he said.
“The most effective measure that companies can employ to aid in the fight against fraud is the implementation of an employee and third-party ‘hotline’ for reporting suspected employee theft,” said Bangs.
“Its efficacy is due to the anonymous nature of the reports, as individuals are far more willing to report suspicious activity if there are no potential negative repercussions for doing so.
“Another useful tool is the adoption of a ‘master vendor file’ that lists pre-approved vendors that employees are authorized to transact business with, which can help to limit the largest area of employee crime — vendor fraud,” Bangs said.
(Bangs writes about fighting vendor fraud here.)
“In one form or another, the specter of fraud arises in virtually every business relationship,” Karson added. “What our report drives home is that fraud is often an `inside job’ and that companies must address both internal and external relationships if they are to most effectively protect their money, property and private data.”
While Bangs agreed with the Kroll survey’s finding that approximately 80 percent of fraud against companies is committed by employees, he said risk specialists must also be on guard against the rising tide of computer crime involving third-party hackers.
Countering Counterfeit Drugs
We have all received them – spam emails offering cheap Viagra or other such male enhancement drugs.
Chances are that they’re one of the millions of counterfeit drugs that flood the pharmaceutical market every year.
The World Health Organization (WHO) estimates that at least half of all drugs sold today on illegal websites that conceal their physical address are counterfeit. While counterfeit drugs account for only 1 percent of all medicines sold globally, that still amounts to $200 billion, according to the International Institute of Research Against Counterfeit Medicines.
Law enforcement agencies across the world have seen a huge increase in the manufacture, trade and distribution of counterfeit, stolen and illicit medicines in the last 10 years, with the WHO estimating that worldwide sales have increased by about 90 percent since 2005.
“Counterfeit medicines affect all types of legitimate drugs and threaten the entire health system by creating mistrust.” — Cyntia Genolet, associate manager, regulatory and health policy, International Federation of Pharmaceutical Manufacturers & Associations
“Counterfeit medicines affect all types of legitimate drugs and threaten the entire health system by creating mistrust,” said Cyntia Genolet, associate manager, regulatory and health policy at the International Federation of Pharmaceutical Manufacturers & Associations (IFPMA).
“They can be fake versions of patented, generic or over-the-counter medicines, and exist in all therapeutic areas.”
Counterfeit drugs not only put at risk the lives and health of millions of patients who believe that their prescription medicines are both safe and effective; they also cost the pharmaceutical industry billions of dollars in lost revenue every year and leave companies exposed to a host of reputational and liability risks.
Increasingly complex global supply chains, the rise of internet pharmacies and new advancements in technology have all made it far easier for criminals to produce and sell counterfeit drugs.
“We are seeing a geographical intensification of counterfeiting which is no longer focused on one or two parts of the world, but is now global, largely because of the internet,” said Geoffroy Bessaud, associate vice president of anti-counterfeit coordination at Sanofi.
Risk to Human Health
The main risks of taking counterfeit drugs are that they may contain the wrong ingredients, or they may contain too little, too much or no active pharmaceutical ingredient or API (which is what makes the drug effective) at all, according to Matthew Bassiur, deputy chief security officer at Pfizer.
That means patients are not receiving the therapeutic value they need and may suffer adverse effects of taking the wrong ingredients, ultimately putting their health, and lives, at stake.
“It really becomes a game of Russian roulette because you have no way of knowing what it is you’re ingesting,” Bassiur said.
In some cases, these drugs have been found to contain toxic substances such as leaded highway paint, floor polish, brick dust, antifreeze and even rat poison, often because they are being manufactured in unsafe and dirty conditions, he added.
“Counterfeit medicines are being produced in some of the most deplorable and unsanitary conditions imaginable,” he said. “So it’s no surprise that you find these kinds of contaminants in these bogus drugs.”
Worse still, in the case of treatment for infectious diseases with antibiotics or anti-malarials, some diseases can develop drug-resistance if the wrong dose of API has been administered.
To give an idea of the scale of the problem for human health, in 2008 the FDA recorded 81 deaths and about 600 allergic reactions resulting from a batch of counterfeit Herapin, a drug used to prevent blood clots.
“Counterfeit drugs raise significant public health concerns because their safety and effectiveness is unknown.” — Howard Sklamberg, deputy commissioner for global regulatory operations and policy, FDA
“Counterfeit drugs raise significant public health concerns because their safety and effectiveness is unknown,” said Howard Sklamberg, the FDA’s deputy commissioner for global regulatory operations and policy.
Supply Chain Problems
The problem of counterfeit drugs is made worse by an increasingly complex global supply chain network.
With almost 40 percent of all drugs that Americans take being made overseas, according to the FDA, the opportunity to infiltrate the supply chain with counterfeit drugs is far greater than before.
The fact that these drugs are imported also means they may have been mishandled, adulterated or counterfeited before entering the country.
“Patients expect the supply chain to work properly and if there’s a flaw in that chain it’s not only a potential risk to their own health, but also the reputation of the company making and selling that drug,” said Jim Walters, managing director of Aon Risk Solutions’ life sciences and chemical group.
Ned Milenkovich, principal and co-chair of the health care law practice at law firm Much Shelist, said that globalization was a key factor in the surge in counterfeit medicines.
“On the whole, the situation is worse internationally than in the U.S., where at least we have some safeguards to prevent these drugs entering the market,” he said.
The majority of counterfeit drugs are manufactured outside the U.S., in largely unregulated markets such as China and India, according to the FDA.
Because of the relatively low production costs and the ease of transportation, as well as lighter penalties compared to other crimes like narcotics, they have become a magnet for international organized criminal gangs.
The markups are also far greater. For example, based on an investment of $1,000, the estimated profit from counterfeiting a blockbuster drug can be as high as $500,000 versus $20,000 for heroin.
“The criminal world has recognized the margins that can be made from counterfeit medicines and it is much easier to copy these kinds of drugs than it was five to 10 years ago,” said Aon’s Walters.
Counterfeiting is also closely linked to money laundering, drug trafficking and terrorism, said Robert Lane, global practice leader at Willis Resolutions and executive vice president at Willis Global Solutions.
“Terrorism is at the core of this,” he said. “There is a lot of money involved and because of advances in technology, criminals are able to create counterfeit products and maintain a relatively low profile in the process.”
Advances in Technology
Advancements in technology and the internet have also made it easier for criminals to sell their counterfeit drugs online, many of which are a fraction of the price of the original and are dispensed without prescriptions.
Many use sophisticated marketing techniques or fraudulent web storefronts to sell their wares, according to the FDA.
And because of increased technological sophistication, counterfeiters are often able to pass off fake medicines as the real thing, said Bassiur.
“The real danger in ordering these medicines over the internet is a complete lack of transparency and intentional deception, which is a big problem in developed nations where patients are increasingly turning to online to source their medicines,” he said. “However, there are places that people can safely buy prescription medicine online.”
While a patient’s health can be compromised by counterfeit drugs, manufacturers and pharmaceutical companies can suffer a huge financial loss in terms of sales.
It can also infringe on their patent and trademark rights, as well as damage their brand reputation as a result of the negative publicity.
“Essentially what is happening is that your drug is being hijacked,” said Lane.
“There’s infringement across the board in every context and the reputational and financial hit you take as a result can be substantial.”
A company stands to lose not only the benefit of its investment in research and development and advertising that drug, but also the expense of hiring outside experts to look into the problem, according to Dan Torpey, partner in EY’s fraud investigation and dispute services.
“Essentially, someone else is getting the benefit of all your work and effort off the back of sales of a counterfeit product,” he said. “Unfortunately, because a lot of these counterfeiters are rogue individuals or small groups there’s not much recourse for recovery other than enforcement.”
Laura Sunderlin, life sciences underwriter at Beazley, said that the bigger problem is for those companies in the supply chain who buy the drug without knowing it is counterfeit.
“The worst case would be a large distributor buying a big quantity of the drug and then it being passed on down the supply chain to the end consumer and the potential [repercussions] that could bring,” she said.
Tackling the Issue
The pharmaceutical industry has had some success in the fight against counterfeit drugs. In 2012, 79 arrests were made and $10.5 million worth of potentially lethal medicines was seized in Interpol’s Operation Pangea V, targeting illegal online pharmacies.
In November 2013, President Obama signed into law the Drug Supply Chain and Security Act. The act was designed to protect the public from exposure to counterfeit, stolen or otherwise harmful drugs by enabling the monitoring of certain prescription drugs as they move through the supply chain.
Many drugs companies have also implemented new technologies such as radio frequency identification (RFID) chips and tags to track and trace their products.
They also work with governments, regulators and bodies such as the IFPMA to combat the problem and to raise public awareness, as well as their own operations.
Sanofi, for example, has a dedicated team of experts who search for counterfeit drugs on the internet and has set up a central anti-counterfeit laboratory to analyze suspect products.
Walters, however, was a bit more skeptical about the problem. “While across the board there are lots of ways that companies are tackling the problem, conceivably there is no way that you are going to be able to monitor every single pill or capsule,” he said.
Provided that there was no intent to defraud and they were unaware that they were buying and passing on counterfeit drugs in the first place, most companies in the supply chain will be covered by professional and product liability and errors and omissions insurance, said Sunderlin.
However, she said that the problem would continue until an international standard is brought in for monitoring all drugs.
“Until there is an international, required standard of protection for technologies used in legitimate drug packaging which would track a product from manufacturer to consumer, and would make it difficult and very expensive to try to counterfeit, there will be an increasing number of counterfeits introduced and sold around the world,” she said.
Bassiur added: “Counterfeiting is a multibillion dollar enterprise. Large profits, combined with little risk of meaningful penalties in many countries, fuel this illicit industry.
“At the end of the day, the counterfeiter doesn’t care about your health and safety or whether you live or die, they only care about getting your money and lining their own pockets.”
7 Questions to Answer before Choosing a Captive Insurance Domicile
Risk managers: Do your due diligence!
It seems as if every state in America, as well as many offshore locations, believes that they can pass captive legislation and declare, “We are open for business!”
In fact, nearly 40 states and dozens of offshore locations have enabling captive insurance legislation to do just that.
With so many choices how do you decide who is experienced enough to support the myriad of fiscal and regulatory requirements needed to ensure the long term success of your captive insurance company?
“There are certainly a lot of choices,” said Mike Meehan, a consultant with Milliman, an actuarial firm based out of Boston, Massachusetts, “but not all domiciles are created equal.”
Among the crowd, there are several long-standing domiciles that offer the legislative, regulatory and infrastructure support that makes captive ownership not only a successful risk management tool but also an efficient entity to manage and operate.
Selecting a domicile depends on many factors, but answering these seven questions will help focus your selection process on the domiciles that best fit your needs.
1. Is the domicile stable, proven and committed to the industry for the long term?
The more economic impact that the captive industry has on the domicile, the more likely it is that captives will receive ongoing regulatory and legislative support. The insurance industry moves very quickly and a domicile needs to be constantly adapting to stay up to date. How long has the domicile been operating and have they been consistent in their activity over the long term?
The number of active captive licenses, amount of gross premium written in a domicile and the tax revenue and fees collected can indicate how important the industry is to the jurisdiction’s bottom line. The strength of the infrastructure and the number of jobs created by the captive industry are also very relevant to a domicile’s commitment.
“It needs to be a win – win situation between the captives and the jurisdiction because if not, the domicile is often not committed for the long term,” said Dan Kusalia, Partner with Crowe Hortwath LLP focused on insurance company tax.
Vermont, for example, has been licensing captives since 1981 and had 589 active captives at the end of 2015, making it the largest domestic domicile and third largest in the world. Its captive insurance companies wrote over $25 billion in gross written premiums. The Vermont State Legislature actively supports an industry that creates significant tax revenue, jobs and tourist activity.
2. Are the domicile’s captives made up of your peer group?
The demographics of a domicile’s captive companies also indicate how well-suited the location may be for a business in a particular industry sector. Making sure that the jurisdiction has experience in the type and form of captive you are looking to establish is critical.
“Be among your peer group. Look around and ask, ‘Who else is like me?’” said Meehan. “Does the jurisdiction have experience licensing and regulating the lines of coverage for other businesses in your industry sector?”
3. Are the regulators experienced and consistent?
It takes captive-specific expertise and broad experience to be an effective regulator.
A domicile with a stable and long-term, top-tier regulator is able to create a regulatory environment that is consistent and predictable. Simply put, quality regulation and longevity matter a lot.
“If domicile regulators are inexperienced, turnaround time will be slower with more hurdles. More experience means it is much easier operating your business, especially as your captive grows over time,” said Kusalia.
For example, over the past 35 years, only three leaders have helmed Vermont’s captive regulatory team. Current Deputy Commissioner David Provost is one of the longest tenured chief regulators and is a 25-year veteran in the captive insurance industry. That experienced and consistent leadership enables the domicile to not only attract quality companies, but also to provide expert guidance on the formation process and keep the daily operations running smoothly.
4. Are there world-class support services available to help manage your captive?
The quality of advisors and managers available to assist you will have a large impact on the success of your captive as well as the ease of managing the ongoing operations.
“Most companies don’t have the expertise to operate an insurance company when you form a captive, so you need to help build them a team,” Jeffrey Kenneson, a Senior Vice President with R&Q Quest Management Services Limited.
Vermont boasts arguably the most stable and experienced captive infrastructure in the world. Many of the leading captive management companies have their headquarters for their Global, North America and U.S. operations based in Vermont. Experienced options for captive managers, accountants, auditors, actuaries, bankers, lawyers, and investment professionals are abundant in Vermont.
5. Can the domicile both efficiently license and provide on-going support to your captive as it grows to cover new lines of coverage and risks?
Licensing a new captive is just the beginning. Find out how long it takes for the application to get approved and how long it takes for an approval of a plan change of your captive’s operations.
A company’s risks will inevitably change over time. The captive will need to make plan changes which can include adding new lines of business. The speed with which your domicile’s regulatory branch reviews and approves these plan changes can make a critical difference in your captive’s growth and success.
The size of a captive division’s staff plays a big role in its speed and efficiency. Complex feasibility studies and actuarial analyses required for an application can take a lot of expertise and resources. A larger regulatory team will handle those examinations more efficiently. A 35-person staff like Vermont’s, for example, typically licenses a completed application within 30 days and reviews plan changes in a matter of days.
6. What are the real costs to establishing and managing your captive?
It is important to factor in travel costs, the local costs of service providers, operating fees, and examination fees. Some states that do not impose a premium tax make up for it in high exam fees, which captives must be prepared for. Though Vermont does charge a premium tax, its examination fees are considered some of the least expensive options in the marketplace.
It is also important to consider the ease and professionalism of doing business with a domicile in the ongoing operations of your captive insurance company.
“The cost of doing business in a domicile goes far beyond simply the fixed cost required. If you can’t efficiently operate due to slow turn-around time or added obstacles, chances are you have made the wrong choice,” said Kenneson.
7. What is the domicile’s reputation?
Make sure to ask around and see what industry experts with experience in multiple domiciles have to say about the jurisdiction. Make sure the domicile isn’t known for only licensing certain types of captives that don’t fit your profile. Will it matter to your board of directors if your local newspaper decides to print a story announcing your new insurance subsidiary licensed in some far away location?
Are companies leaving the jurisdiction in high numbers and if so, why? Is the domicile actively licensing redomestications — when an existing captive moves from one domicile to another? This type of movement can often be a positive indicator to trends in a domicile. If companies of a particular size or sector are consistently moving to one state, it may indicate that the domicile has expertise particularly suited to that sector.
Redomestications made up 11 of the 33 new captives in Vermont in 2015. This trend is a positive one as it speaks to the strength of Vermont. It reinforces why Vermont is known throughout the world as the ‘Gold Standard’ of domiciles.
Asking the right questions and choosing a domicile that meets your needs both today and for the long term is vital to your overall success. As a risk manager you do not want surprises or headaches because you did not ask the right questions. Do the due diligence today so that you can ensure your peace of mind by choosing the right domicile to meet your needs.
For more information about the State of Vermont’s Captive Insurance, visit their website: VermontCaptive.com.
This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with the State of Vermont. The editorial staff of Risk & Insurance had no role in its preparation.