Catching the Little Fish That Got Away

Protect yourself against small-time frauds by insured subscribers.  

When it comes to healthcare fraud, most Special Investigations Units (SIUs) within insurance companies focus on the recipients of the largest benefits: the healthcare providers. Scams committed by this faction often are serial and result in huge monetary losses. As fraud examiners, we intrinsically "follow the money."

But what about the patients, or insured subscribers, who defraud the system? These perpetrators typically swindle smaller amounts of money and are one-time offenders. Because the monetary losses typically are minimal and the cases often cost more to resolve than what will be recovered, many fraud examiners place these cases on "the back burner" in favor of the larger, serial crimes of the crooked providers. But there's a flaw in this approach. Consider the following analogy.
Bream fishing is a popular activity across much of the country and one that I particularly enjoy. Sometimes, as fast as you can put the bait in the water, the little fish will jerk your line downward and nibble away at the bait. What you want, however, is the larger fish that swim at the bottom of the lake, so you pull up your empty hook and bait it again, hoping to sneak past the less-rewarding catch the next time around. Over time, you manage to hook a few more of these little fish, but you throw most of them back without giving them much thought. They're not worth your time.

When you left the bait shop, you had about 100 crickets. You expected this to last most of the day, but before you know it, you have no more crickets and only a couple of large fish. You begin to understand that all those little fish you've dismissed have caused real damage.

Does this sound familiar? Are you responding to insured subscriber fraud only after the fraud has become significant? Many wayward subscribers defraud insurance companies only once to fulfill an immediate or short-term need, but sometimes individuals find it too easy to make quick cash and they become serial offenders. That's when these small "fish" become embarrassingly large. As SIUs, we need to consider ways to catch these menacing minions before they get away.
Sometimes it's a happenstance discovery of a serial case that makes you reconsider your approach to insured subscriber fraud. As you read the following case example, consider what policies your SIU has in place right now to detect this type of activity. Could this happen to you?

Jenny was no stranger to fraud. She had served time in prison for insurance fraud and had become even savvier about the crime while there. Back on the streets, she immediately put her newfound skills to work and began making money the easiest and quickest way she knew how.

Jenny created Ax-C-Dent Rehabilitation Center Inc. Ax-C-Dent shared a physical address with a dress shop, but Jenny opened a post office box as the billing address. From experience, she knew that the insurance company wasn't likely to check the physical address of her business, because insurance was built on trust. Also, Ax-C-Dent wasn't open to the public; Jenny only needed to appear legitimate on paper.
To set her plan in motion, Jenny needed health insurance, so she obtained a contract under her maiden name and began paying her premiums. Then, posing as Ax-C-Dent's office manager and using her married name, Jenny contacted her insurer and enrolled her shell company with the insurance company's provider networks. She used the names of several area physical therapists, without their knowledge, to legitimize the company.

Jenny then went to a medical doctor and complained of pain. The doctor gave her a prescription for physical therapy. Now she was halfway there. She took the physical therapy receipt and had it photocopied, being careful to remove the date entry so she could use it again. Jenny then visited a physical therapist and obtained a receipt for her visit. She now had what she needed. From the physical therapist's receipt, she had the medical procedural codes to make her false claims look valid. She had this receipt photocopied as well (without the date), so she could attach it to her fraudulent claims.

Jenny stayed in business for more than a year; she was careful not to bill her false invoices on Sundays and holidays. After a year, however, Jenny decided that Ax-C-Dent had made too much money to remain undetected. She consequently changed her shell company's name and address. I.M. Crooked & Associates would be her new moneymaker.
Jenny continued to file false claims and receive money for another year. All her claims looked alike: same procedural codes and same charges. Only the dates differed. But one day she made a grave error: Jenny filed too many claims at once and it prompted the claims processor who handled the account to comment on his workload to another employee. Coincidentally, this employee knew Jenny and was familiar with her shady past. The company's SIU was alerted and a fraud examination commenced. Sometimes, coincidence can be essential to a fraud's detection.

It didn't take long for the SIU to determine what had occurred. Both companies had only one patient for I.M. Crooked & Associates: Jenny - the same Jenny who was also the office manager and the person cashing the checks. Her luck finally ran out, but not before she netted more than $250,000! Jenny pleaded guilty to healthcare fraud, and, because of her prior record, she received a 46-month sentence in prison.

The Frontline Defense
When focusing on systematic and complex provider schemes, you can gather historical data on multiple suspect patients and perform trend analyses and peer comparisons to uncover fraud. However, detecting insured subscriber fraud requires a different approach.

Perpetrators of insured fraud simply lack the procedural coding, medical terminology and claim-filing knowledge to orchestrate the long-term frauds committed by providers. Consequently, trying to detect these scams through historical data and trend analyses is nearly impossible. To catch frauds committed by subscribers, it's best to train your "frontline" claims processors simply to recognize red flags, or fraud indicators, on submitted claims. Providing a list of fraud indicators as a desktop reference for your claims handlers (see Exhibit 1: Signs of a Suspicious Claim) is an effective tool. Consider what you define as suspicious activity and then train your claims processors how to recognize those signs. You could have the processors circle the applicable suspicious activity on their reference sheets and then forward that paperwork along with the original claims to the SIU. Be sure to emphasize, however, that the suspect claims must be submitted absent of any marks or notations. You want the processors to recognize red flags, not perform diligent investigations. This method usually will generate a substantial amount of suspicious claims to the SIU - some of them valid, others merely false alarms. However, it's a constructive first step in fighting potential insured subscriber fraud. A frontline defense was successful in detecting the following case.

Susie was a kindhearted woman who loved her friend John. When John was diagnosed with terminal cancer, Susie vowed to stay by his side until the end. She visited John every day in the hospital and continued to stay with him when he went home to die. She changed his bedding, cooked his meals and took him to the doctor. The day finally came when John succumbed to his sickness. Susie was devastated and she grieved.

Then Susie got greedy. She decided that her services to John were no different than the services of a valid home-health agency, and she was due compensation. Susie found a way to obtain an insurance claim form, and she filed home-health services for $10,000.

An alert processor, who had received in-house fraud prevention training and was given a suspicious claims indicator desk reference tool, noticed that Susie's claims contained several red flags, including:

• Susie wasn't listed in the network database as a provider;
• Susie used abbreviations to describe her services rather than recognized procedural codes;
• John was receiving legitimate home-health services while simultaneously receiving Susie's "services"; and
• John was in the hospital when Susie rendered most of her "home" services.

With the aid of a state fraud examiner posing as an insurance company representative, the SIU interviewed Susie and obtained a confession. She pleaded guilty to insurance fraud. The judge ordered two years of probation, a fine, and an assignment to write an essay stating why it's wrong to steal.

Ad Hoc Reporting
Because providers are the customary recipients of direct payments from insurance companies, it's worth examining cases in which the insured subscriber receives large amounts of direct payments. An ad hoc report that identifies direct payments to insured subscribers can highlight potential abuses when monitored over time.

Ad hoc reports are extremely useful because they not only identify potential fraud but any activity that may result in erroneous payments. For example, an ad hoc report identifying providers and insured subscribers with the same name could identify providers treating themselves or family members - a practice usually excluded in healthcare coverage.

An ad hoc report detected the scheme in the next case study. The insured subscriber had been committing this scheme long before the ad hoc report was created and would probably still be carrying it out if not for the report.

Bob worked as a pharmacy technician for a small pharmacy, where he regularly had access to the computers that stored transaction records. At night, Bob worked at a neighborhood bar owned by his friend Tom.
Tom had Hepatitis A. He had been given a prescription to treat this condition, but the medicine was expensive at more than $1,000 a vial. Tom didn't have this kind of money, but he did have insurance. He soon came up with an idea. What if he filed claims for the medicine but never actually received it? There would be no out-of-pocket expenses, so Tom could make straight profit. He even could enlist Bob's assistance and pay him a kickback.

Tom contacted Bob, who immediately began providing fake receipts for Tom's medicine. Tom attached these receipts to his claim forms and submitted them to the insurance company. The money soon started rolling in.

Bob knew, however, that the Drug Enforcement Agency (DEA) routinely audited records, and if he reported Tom's drugs as being dispensed, the inventory wouldn't match. To throw off detection, he created a dummy account and recorded all the fake prescriptions in this account. However, the DEA would never see these records. Only if the insurance company called to verify services would these papers come in handy.

What Bob didn't know, however, was that the insurance company had implemented an ad hoc report to identify insured subscribers who received substantial amounts of benefits. Tom instantly topped the report. The insurance company auditors visited Bob and asked him to verify the services and Bob gave them the falsified account records. What Bob didn't realize was that these "auditors" were actually undercover fraud examiners, and they had many questions about Tom's claims.

Instinctively, the fraud examiners felt Bob was too accommodating during the interview, and they found it strange that the other pharmacist at Bob's work knew nothing about Tom, yet Bob seemed to know everything. A few weeks later, the fraud examiners decided to visit Bob a second time to retrieve the invoices to support the receipts. Bob stalled the fraud examiners but assured them that he could produce the records.

Unbeknownst to Bob, at this point, the fraud examiners already knew the drugs never were purchased. They had been working with law enforcement officials and the pharmacy's suppliers. They played Bob's game anyway and left the pharmacy. They hoped Bob would build upon each lie until he was buried too deep to get out.
With the auditors and investigators hanging around, Bob and Tom knew that their luck was running out, even though they had succeeded in avoiding detection for two years and had netted $250,000. The pair knew they had to think of another plan - and quickly. Because Bob couldn't produce the requested invoices, they decided the pharmacy would have to burn in a fire, forever destroying the documents in question.

The crooked pair looked for a "torch," or arsonist, to set the blaze and they soon found one. To their demise, however, the torch also happened to be a local snitch. And that's exactly what he did.
With the snitch's information, law enforcement agents were able to obtain an expedited search warrant. They raided the pharmacy and seized everything, including Bob and Tom. Now, instead of living on easy street, the two crooks faced charges of insurance fraud, money laundering and theft.

Detection tools can bring to light suspicious activity, identify potential losses, and serve as predication for initiating fraud examinations. It's important, however, to realize that we must still rely on our skills and expertise as fraud examiners. Had the fraud examiners in the last case ignored their instincts, they might have taken Bob's faked records at their apparent value and ended the investigation. The ad hoc report tool identified a suspicious activity, but it was the fraud examination that confirmed the fraud.

Recovery from insured subscriber fraud is small, but isn't that the best justification for early detection? If you can't recover the money, then you should be concerned with stopping it from ever leaving. Do you add more value to your function as an SIU by stopping a $1,000 loss from occurring or by identifying a $100,000 loss you never may recover? To borrow from the proverb, remember, "An ounce of prevention is worth a pound of cure."

Paul D. Kimball, CFE, is a senior auditor consultant with Blue Cross Blue Shield of Louisiana, where he has been employed since 1997. In addition to conducting audits, investigations and reviews, he provides management with recommendations to better manage risks, strengthen internal control, and deter or recover losses due to fraud and abuse. Previously, he was a police officer for the City of Baker Police Department in Louisiana. 

Exhibit 1: SIGNS OF A SUSPICIOUS CLAIM
This is a reference guide to determine whether a claim should be forwarded to the Special Investigations Unit. If a claim contains any of the following characteristics, highlight those that apply and attach to the original claim. Forward this page with the original claim to the SIU. Do not make any marks or comments on the original claim. Continue to process the claim using a photocopy.

• Alterations, erasures or corrective fluid
• Different inks and/or print styles used on same claim form
• Entirely handwritten claim (in lieu of proper claim form) without supporting bills
• Photocopies instead of originals of requested documents or entire claim is a photocopy
• Name or date of birth for patient different from those on company record
• Doctor and patient have same address or last name
• Address changes, especially to post office boxes
• Claims with special mailing instruction for payments and Explanation of Benefits (EOB) statements
• Benefits not assigned to hospital
• Identical claims for same patient with only date of service differing
• Identical claims for different patients on same contract
• Different diagnoses on multiple claims for one patient from same provider
• Medical services billed on Saturday, Sunday, or holiday
• No CPT4 code on a subscriber payable claim
• Out-of-country (foreign) claims
• Drug list submitted without receipt, pharmacy stamp, or signature of pharmacist
• Uneven dollar charges for services (i.e., $36.95), excluding lab, supplies and prescription drugs
• Tax(es) added to the bill for professional charges
• Consecutively numbered receipts from the same provider
• Misspelled medical terms
• High dollar amount payable to subscriber
• No provider signature on subscriber-payable claim
• Provider's name signed with no credential listed (i.e., M.D., D.D.S.)