OJK SUPERVISION RELATED TO FRAUD Ahmad Nasrullah Director Of Insurance and BPJS Kesehatan Supervision Bali, 13 Oktober 2017
FRAUD IN INSURANCE Fraud means a deviating act or purposeful neglect undertaken in order to deceive, cheat, or manipulate insurance company, policy holder, the insured, and participant, that occurs inside insurance company and/or using insurance company s facilitiy so as to cause insurance company, policy holder, the insured and participant to suffer a loss and/or cause the fraudster gain a benefit, both directly and indirectly (The Financial Services Authority Circular Letter Number 46/SEOJK.05/2017) Black s Law Dictionary Fraud is defined by Black s Law Dictionary as a knowing misrepresentation of the truth or concealment of a material fact to induce another to act to his or he detriment embezzles premiums or contributions, claim fraud, forges document, abuse of authority, provide misleading information Insurance company, manager, employees, broker, accounting, auditor, consultant, adjuster, intermediary, policy holder, etc 2
CAUSES FOR THE FRAUD IN INSURANCE Fictitious Information/Data In The Insurance Policy Age or other experiences may be incorrectly recorded. For instance, the quality of the car driven in terms of model and vehicle age is recorde wrongly Multiple Contracts An agreement with several companies on the same insurable interest item may lead to several compensations for the same injury or accident False Claim Typically, pre-existing injuries and damages are included in the claim. Those injuries and damages were not reported previously not to be moved to a worse category. The insured may also present a claim for falsely orchestrated theft or property or motor vehicle
THE FACTORS THAT PUSH PEOPLE TO FRAUD Opportunities An opportunity to commit fraud, to conceal it and to avoid being punished is the second critical factor that pushes people to commit fraud against an insurer. Factors that enhance opportunity vary from weak internal controls to failure to discipline perpetrators Motivation This is where pressure or incentive motivates an individuals (employee, consumer, intermediary) to behave illegally againts the insurer. Pressure comes in the following forms financial pressures, vices, work related pressures, and othe pressures such a desire for a materian possesion that reflects their more affluent counterparts Rationalizations A typical feature of insurance fraud is the lack of feelings or the indifference expressed by offenders steaming from a series of excuses or rationalization to rid themselves of the guilt arising from deviant behavior. People justify the fraud they commit againts the insurer with their own opinionated feelings or beliefs
SCOPE OF SUPERVISON 1. Management Risk 2. Governance Risk 3. Strategic Risk 4. Operational Risk 5. Asset and Liability Risk 6. Asset and Liability Valuation 7. Funding Support Risk 8. Insurance Risk 9. Public Disclosure 10. Consumer Protection 11. Monitoring of Systematic System, and 12. Another aspect which is the function, task and authority of OJK based on legislation Assessment is based on the existing criteria in the legislation In the case of criteria not yet regulated in the legislation, the criteria used refers to the standards, principles and practices of general insurance business practices
METHODS OF SUPERVISION Methods Of Supervision Onsite Supervision Onsite examination frequency is stipulated by OJK based on the risk based supervisory plan. Scope of onsite examamination are the whole non bank financial services institution s business activities or towards certain aspects form the non bank financial services institution business activities. Onsite examination conducted by the examination team at least consist of 2 (two) persons. Examiner team could consist of: OJK officers which assigned to conduct the onsite examamination Other parties which appointed by OJK A combination between OJK officer and other parties appointed by OJK Offsite Supervision Analysis of reports submitted by insurance company to OJK. Analysis of reports submitted by other parties to OJK. Analysis of macroeconomic impact
Regulation Related To OJK Supervision Article 1 and Article 6 Law Of The Republic Indonesia Number 21 Of 2011 OJK Performs its regulatory and supervisory duties over : Financial services activities in the Banking sector Financial services activities in the capital market sector Financial services activities in the sectors of Insurance, Pension Fund, Financing Institution, and other Financial Services Institution Article 70 Law Of The Republic Indonesia Number 40 Of 2014 The Financial Services Authority has the power to impose administrative sanctions to every person committing violations to the provisions in this law and its implementing regulations. Article 74 Paragraph (1) Law Of The Republic Indonesia Number 40 Of 2014 Any member of the board of directors, of the board of commissioners, or the equivalent to a member of the board of the directors or the board of commissioners, in legal entity in the form of cooperative or mutual company, or any member of the sharia supervisory board, company actuary, internal auditor, controller, or the employee of an insurance related company who deliberately provide report, information, data, and/or document that are incorrect, fake, and/or misleading to The Financial Services Authority shall be subject to criminal sanction of imprisonment for a maximum periode of 5 (five) years and criminal fine of maximum Rp10.000.000.000,00 (ten billion rupiahs). Article 74 Paragraph (2) Law Of The Republic Indonesia Number 40 Of 2014 Any member of the board of directors, of the board of commissioners, or the equivalent to a member of the board of the directors or the board of commissioners, in legal entity in the form of cooperative or mutual company, or any member of the sharia supervisory board, company actuary, internal auditor, controller, or the employee of an insurance related company who deliberately provide report, information, data, and/or document that are incorrect, fake, and/or misleading to a concerned party about financial position, financial performance, and the insurance company risk shall be subject to criminal sanction of imprisonment for a maximum periode of 5 (five) years and criminal fine of maximum Rp20.000.000.000,00 (twenty billion rupiahs).
Dasar Hukum Pengawasan OJK.. (2) Article 75 Law Of The Republic Indonesia Number 40 Of 2014 Every person who deliberately fails to provide information or who deliberately provide incorrect, fake, and/or misleading information to policy holder, the insured, or participants shall be subject to criminal sanction of imprisonment for a maximum period of a 5 (five) years and criminal fine of maximum Rp5.000.000.000,00 (five billion rupiahs) Pasal 76 Law Of The Republic Indonesia Number 40 Of 2014 Every person who embezzles premiums or contributions shall be subject to criminal sanction of imprisonment for a maximum period of a 5 (five) years and criminal fine of maximum Rp5.000.000.000,00 (five billion rupiahs) Pasal 77 Law Of The Republic Indonesia Number 40 Of 2014 Every person who embezzles by transferring, mortgaging, collateralizing, or utilize the asset, or performing any other action that may reduce asset or lower the value of asset of an insurance company, sharia insurance company, reinsurance company or sharia reinsurance company without the proper right and power shall be subject to criminal sanction of imprisonment for a maximum period of a 8 (eight) years and criminal fine of maximum Rp50.000.000.000,00 (fifty billion rupiahs) Pasal 78 Law Of The Republic Indonesia Number 40 Of 2014 Every person who forges documents of an insurance company, sharia insurance company, reinsurance company, or sharia reinsurance company shall be subject to criminal sanction of imprisonment for a maximum period of a 6 (six) years and criminal fine of maximum Rp5.000.000.000,00 (five billion rupiahs) 8
Dasar Hukum Pengawasan OJK.. (3) Article 79 Law Of The Republic Indonesia Number 40 Of 2014 Any member of the board of directors and/or any party that signs a new policy from an insurance company or sharia insurance company that is currently being sanctioned with limitation of business activities shall be subject to criminal sanction of imprisonment for a maximum period of a 5 (five) years and criminal fine of maximum Rp15.000.000.000,00 (fifteen billion rupiahs) Article 3 Government Regulation Of The Republic Indonesia Number 73 Of 1992 The organizational structure of insurance company and reinsurance company shall at least contain risk management function, financial management function, and services management function. Article 72 Regulation Of The Financial Services Authority Number 69/POJK.05/2016 In the framework of controlling risk of fraud, insurance company and sharia unit are obliged to implement anti fraud control function and implement an effective anti fraud strategy Financial Services Authority Circular Letter Number 46/SEOJK.05/2017 In the circular letter referred to the provisions on the implementation of fraud control, the implementation of anti fraud strategy and anti fraud strategy report
INSURANCE CORE PRINCIPLE (ICP) 1. SUPERVISORY POWERS, RESPONSIBILITIES AND FUNCTION ICP 1 Objectives, Powers and Responsibilities of the Supervisor ICP 2 Supervisor ICP 3 Information Exchange and Confidentiality Requirements ICP 4 Licensing ICP 5 Suitability of Persons ICP 6 Changes in Control and Portfolio Transfers ICP 9 Supervisory Review and Reporting ICP 10 Preventive and Corrective Measures ICP 11 Enforcement ICP 12 Winding-up and Exit from the Market ICP 23 Group-wide Supervision ICP 24 Macroprudential Surveillance and Insurance Supervision ICP 25 Supervisory Cooperation and Coordination ICP 26 Cross-border Cooperation and Coordination on Crisis Management 2. PRUDENTIAL REGULATION AND REQUIREMENTS FOR INSURANCE ICP 7 ICP 8 Corporate Governance Risk Management and Internal Controls ICP 13 Reinsurance and Other Forms of Risk Transfer ICP 14 Valuation ICP 15 Investment ICP 16 Enterprise Risk Management for Solvency Purposes ICP 17 Capital Adequacy ICP 18 Intermediaries ICP 19 Conduct of Business ICP 20 Public Disclosure ICP 21 Countering Fraud in Insurance ICP 22 Anti-Money Laundering and Combating the Financing of Terrorism Bali Rendevous 12 Oktober 2017 10
ICP 21 (Countering Fraud in Insurance) Number Title Comments 1. ICP 21 The supervisor requires that insurers and intermediaries take effective measures to deter, prevent, detect, report, and remedy fraud in insurance. 2. Standard of ICP The supervisor has a thorough and comprehensive understanding of the types of fraud risk to which insurers and intermediaries are exposed. The supervisor regularly assesses the potential fraud risks to the insurance sector and requires insurers and intermediaries to take effective measures to address those risks. The supervisor has an effective supervisory framework to monitor and enforce compliance by insurers and intermediaries with the requirements to counter fraud in insurance. The supervisor regularly reviews the effectiveness of the measures insurers and intermediaries and the supervisor itself are taking to deter, prevent, detect, report and remedy fraud. The supervisor takes any necessary action to improve effectiveness. The supervisor has effective mechanisms in place, which enable it to cooperate, coordinate and exchange information with other competent authorities, such as law enforcement authorities, as well as other supervisors concerning the development and implementation of policies and activities to deter, prevent, detect, report and remedy fraud in insurance.
ICP 21 (Countering Fraud in Insurance) Number Title Comments 3. FSAP Result OJK has Law Of The Republic Indonesia Number 40 Of 2014 on Insurance about specifies the types of action that are considered as fraud and sanction for both criminal and criminal fine sanction. OJK requires the insurers to have an administrative system that fulfils the internal control function, and to have a data management system that produces accurate information that can be relied on in decision-making. An appropriate internal control system could record and detect fraud. OBSERVED With Risk Based Supervision (RBS), OJK assess fraud risks as part of operational risks, and if the risks fraud is considered high, OJK give recommendation to take action for mitigated risk properly. OJK only reviews the effectiveness of the measures insurers and intermediaries by doing regular analysis on insurers and intermediaries reports and regular off-site and on-site examinations. OJK has signed MOU with the Police Department, Corruption Combating Commission (Komisi Pemberantasan Korupsi / KPK), Bank of Indonesia (BI), the Indonesian Financial Transaction and Analysis Centre (Pusat Pelaporan dan Analisis Transaksi Keuangan / PPATK). The cooperation is in the form of sharing information and or working together as necessary. 12
REGULATION OF ANTI FRAUD IN INSURANCE Article 72 Regulation Of The Financial Services Authority Number 69/POJK.05/2016 on Business Implementation For Insurance Companies, Sharia Insurance Companies, Reinsurance Companies, and Sharia Reinsurance Company In the framework of to controlling risk of fraud, insurance company is obliged to implement anti fraud control function and implement an effective anti fraud strategy Function of control the risk of fraud consist of aspects: a) Management s active supervision; b) Organization and accountability structure; c) Control and monitoring; and d) Education and training. In the framework of to implement control and monitoring aspect, insurance company is obliged to implement anti fraud strategy. Anti fraud strategy has 4 (four) pillars as follows: a) prevention; b) detection; c) Investigation, reporting, sanction; and d) monitoring, evaluation, and follow up. Insurance company is obliged to submit anti fraud strategy report to Financial Services Authority 13
FRAUD CONTROL PILAR 1 Management s Active Supervision Board of directors and board of commissioners are obliged to nurture anti fraud culture and awareness at all level of insurance company organization The preparation of ethical code and supervision of ethical code implementation in fraud prevention for all level of insurance company organization The preparation and supervision of anti fraud strategy implementation Board of directors developing of human resources quality especially to increase of awareness and control of fraud Monitoring and evaluation of fraud case and determination of follow up The development of an effective communication channel to ensure that all levels of insurance company organization understand and comply with the policies regarding fraud control Monitor regularly of fraud control 14
FRAUD CONTROL PILAR 2 ORGANIZATION AND ACCOUNTABILITY STRUCTURE Insurance company is obliged to establish a unit or function that has the task of handling the implementation of anti fraud strategy The establishment of unit or function should be supplemented with clear authorities and responsibilities. This unit or function shall be directly responsible to the president director as well as has direct communication and reposrting lines to the board of commissioners The human resources of the unit or function must have competence, integrity and independence 15
FRAUD CONTROL PILAR 3 CONTROL AND MONITORING Insurance company is obliged to have anti fraud risk control policies and procedure Insurance company is obliged to have a controlling procedure by conducting regular reviews related to the implementation of anti fraud strategy by management and internal audit Insurance company is obliged to have policies related to controlling of human resources (rotation policy and mutation policy) The established of function that implement of insurance company activities at all levels of the organization such as there is a seperation of functions between the part of the process of acceptances, claims, and finances Controlling information systems that support the processing, storage and security of data electronic to prevent potential fraud Other controls in the framework of fraud control such as physical asset control and documentation 16
FRAUD CONTROL PILAR 4 EDUCATION AND TRAINING Insurance company should implement education and training periodically at least 1 (one) time in 1 (one) year Education and training can be conducted by internal parties of the company and invite resources persons from external company 17
ANTI FRAUD STRATEGY P R E V E N T I O N Anti Fraud Awareness, at least with: 1. Preparation and sosialization anti fraud statement (Zero Tolerance) 2. Employee awareness by organizing seminars dan discussions, publications abaout the forms/types/typlogy of fraud periodically 3. Customer awareness (policy holders/the insured) Vulnerability Identification, at least with: 1. Identification and analysis of any activities potentially to have negative impact 2. Documentation and inform to related parties in the insurance company 3. Update information on high risk activities Know your employee, at least with: 1. Insurance company have recruitment procedurs 2. Selection system with proper qualification (promotion and mutation in position with high risk fraud 3. Compulsory leave 18
ANTI FRAUD STRATEGY D E T E C T I O N Insurance company has whistleblowing policy, at least contains: 1. whistleblower protection and identity confidentiality 2. Fraud reporting system by internal and eksternal parties (procedure, media, follow up procedure) Audit policies and procedures on unit or function at high risk of fraud (Surprise Audit) Surveillance System (to test the effectiveness of anti fraud policy) Investigation technique based on the observation of physical fact, activities and movements which are through to be part of fraud
ANTI FRAUD STRATEGY I N V E S T I G A T I O N R E P O R T I N G S A N C T I O N Insurance company is obliged to have investigation standard, at least contains: 1. The authorities are investigating 2. Investigation procedure to follow up of detection results 3. Is a fraud suspect needs to be investigated or not Insurance company is obliged to have policy that regulates the fraud incident reporting prcedure to the internal company to be followe up by the board of director Insurance company is obliged to have policy related to sanction, at least contains: 1. Procedure of sanction (board of directors by commissioners, employees by directors) 2. Person has the power to impose sanction 20
ANTI FRAUD STRATEGY M O N I T O R I N G E V A L U A T I O N F O L L O W U P Insurance company is obliged to have monitoring follow up with notice to insurance policies There is a recapitulation of data on fraud events (type, date of occurrence, location, parties involved, chronology, follow-up, loss) Insurance company is obliged to have follow up procedure for incidence of fraud, at least contains: 1. The corrective mechanism related to weakness 2. Mechanisms for strengthening control systems 21
REPORTING Anti Fraud Strategy Report Not later than April 30 of the following year Each fraud that is estimated to have significant impact on the insurance company Not later than 3 (three) working days since director signs fraud document Name of the fraudster Type of fraud Time of incident Location of incident Cronology of incident Indication of loss 22
Bali Rendevous 13 Oktober 2017 23