What you need
Data sources
- Claims management system — Current and historical claim records, claimant profiles, and claim payment history
- Policy administration system — Policy inception dates, coverage changes, and premium payment history
- External watch lists (if available) — Industry fraud databases or shared fraud registries
Knowledge spaces
- Fraud indicator reference — Upload your fraud detection criteria, red flag definitions, and investigation thresholds
- SIU procedures — Investigation protocols and escalation criteria for the Special Investigations Unit
| Component | Name | Definition |
|---|---|---|
| Object | Claim | Maps to the claims management system. Represents a claim with all details needed for fraud screening |
| Object | Claimant Profile | Maps to claimant records with full history. Includes prior claims, denied claims, and address history |
| Metric | Fraud Risk Score | Weighted score based on the number and severity of detected fraud indicators, scaled 0-100 |
| Metric | Indicator Count | Total number of fraud indicators detected on a single claim |
| Dimension | Risk Level | Classifies claims as low risk (0-30), medium risk (31-60), or high risk (61-100) |
| Dimension | Indicator Type | Groups fraud indicators by category: timing, financial, behavioral, documentary |
Agent setup
Create the agent
Go to Agent Space > New agent.
| Field | Value |
|---|---|
| Name | Fraud Detection Analyst |
| Role | Fraud pattern identification specialist |
| Goal | Flag suspicious claims for investigation before payout |
Set the description
You review claims for fraud indicators. Compare claim details against known fraud patterns: duplicate claims, inconsistent timelines, inflated values, staged losses, and suspicious claimant histories. Present findings as a risk score with supporting evidence for each indicator. Use precise, objective language — never state that fraud occurred, only that indicators were detected. Always recommend a clear next step: approve, flag for investigation, or request additional documentation. Cite the specific indicator from the fraud reference for each finding.
Scope data access
Grant access to:
- Claims management system data source (current and historical claims)
- Policy administration system data source (policy details and payment history)
- External watch lists data source (if available)
- Fraud indicator reference knowledge space
- SIU procedures knowledge space
- Claim and Claimant Profile objects in the semantic layer
Add skills
Run fraud indicator check
Run fraud indicator check
Trigger: Claim flagged for review or user requests a fraud screening
- Pull the claim details including loss description, claimed amount, date of loss, and policy information.
- Pull the claimant’s full history: prior claims, denied claims, claim frequency, and address changes.
- Check for known fraud indicators: multiple claims in a short period, inconsistent dates between the loss report and supporting documents, claimed amounts significantly above comparable losses, prior denied claims, recent policy changes before the loss.
- Cross-reference the claimant against external watch lists if available.
- Assign a weighted risk score from 0-100, with each indicator contributing based on its severity weight from the fraud reference.
- List each detected indicator with the specific supporting data point and its weight.
- Recommend a disposition: approve (score 0-30), request additional documentation (score 31-60), or escalate to SIU (score 61-100).
Analyze fraud trends
Analyze fraud trends
Trigger: User asks about fraud patterns across the book of business
- Pull all claims processed in the specified period with their fraud risk scores.
- Group by indicator type and count occurrences.
- Identify any indicator that has increased in frequency compared to the prior period.
- Break down high-risk claims by region, claim type, and claimant profile characteristics.
- Present a trend report with indicator frequency, period-over-period change, and top affected segments.
Automation
Playbook: Batch fraud screening
Set the trigger
Schedule the playbook to run twice daily at 7:00 AM and 3:00 PM, or trigger it on each new claim creation event.
Build the workflow
The playbook screens new claims against fraud indicators, scores each one, and routes high-risk claims to SIU.
- Query step — Pull all new claims submitted since the last run that have not yet been fraud-screened.
- Query step — For each claim, pull the claimant’s full history from the claims management system.
- Python code step — Run each claim through the fraud scoring model. Check all indicators, apply severity weights, and calculate the composite risk score (0-100).
- Condition step — Route based on score: 0-30 (approve, no action), 31-60 (flag for additional documentation), 61-100 (escalate to SIU).
- Action step — Update the claim record with the fraud risk score and detected indicators. For SIU escalations, create an investigation case.
The Python code step uses a Python code block to implement the fraud scoring model. Each indicator has a configurable weight, and the composite score is the weighted sum normalized to a 0-100 scale. You can customize indicator weights, add new indicators, and adjust routing thresholds.
Configure delivery
For SIU escalations, send an email to the SIU team with the claim summary, risk score, and detailed indicator breakdown. For documentation requests, send an automated letter to the claimant specifying what is needed.
What’s next
Document classification
Automatically identify and categorize uploaded claim documents.
All insurance use cases
See the full list.