Faster Fraud Investigations with Neo4j

The Challenge

Zurich Switzerland began automating fraud detection early on. The insurer relies on rule-based software that analyzes cases according to defined criteria and assigns them a risk score. At a certain level, the case is passed on to a team of 25 field investigators, who examine the suspected case as part of the triage process.

However, the automated reports soon became almost impossible to check manually and cost the internal team of investigators a lot of time. “We were surprised by the flood of data ourselves,” explained Paul Kühne, head of fraud prevention at Zurich Switzerland. “It was not always comprehensible for our investigators why the alert occurred or how the risk score was derived. In addition, there was a lack of context. Cross-references to bank accounts, addresses, customer data, and policies had to be researched separately using other systems.“

To triage cases efficiently, the field investigators needed to be able to see the connections in the data. In his search for a solution, Christof Aschwanden, Senior Project Manager, came across the Panama Papers – and thus Neo4j. “After the first tests, it was already clear to us: This is exactly what we need,” said Aschwanden. “Not only can claims be displayed holistically in the graph, but new information is automatically linked, which ensures that data is reconciled in real time.“

The Solution

Zurich Switzerland triages potential fraud cases using data stored in Neo4j, visualized in Linkurious. Investigators switch directly from the rule-based risk tool to the graph-based application and open all relevant data in a single view. Zurich stores about 20 million nodes and 35 million relationships in the graph.

Claims reports are linked to data from insurance policies, customer information, insured property (e.g., vehicles), and payment and financial data. External data from national databases, blacklists, and economic data (e.g., creditworthiness, ownership) is added.

“At first glance, mapping standard relationships in a graph may seem trivial. But as new data is added and the network of nodes and edges continues to unfold, it’s like magic,” says Aschwanden. “Often, the goal is not necessarily to detect complex patterns or large fraud networks. Rather, Neo4j helps us sift through and rapidly identify issues in the flood of information we receive.”

An unobstructed view of all data is crucial for triage. It often becomes immediately clear whether a reported suspicious case actually needs to move to special fraud processing. “In the graph, I can see the context, view the particular claim, compare it with past reports, consider the people involved, and get a much better picture,” said Kühne.

The majority of claims are not suspicious and are processed and settled normally. But some are also clearly criminal activities, for example, traffic accidents staged in a “crash for cash” scheme. Investigators must be able to quickly answer key questions. Who are the vehicle drivers, owners, and policyholders really? Are there any suspicious similarities between those involved in the accident (for example, residing at the same address)? And do different claims payments flow into the same bank account?

Download Case Study