Open to Remote · Phoenix, AZ

Protecting carriers
from fraud—
without adding
friction.

Forensic accountant and fraud investigator with federal-level case experience. SAR/BSA reporting, healthcare fraud detection, chargeback strategy, and trust-first SOPs — partnering across Ops, CX, Finance, Legal, and Engineering to reduce loss while keeping good customers moving.

View Case Studies SAR Reporting
LinkedIn ↗ · amandawilson9130@gmail.com · 480-241-2197
DOJ Federal Collaboration SAR / BSA Reporting Healthcare Fraud Detection Chargeback Strategy Forensic Accounting Expert Witness
Core Competencies

Skills & Tools

Fraud detection & investigation · Healthcare fraud · DOJ & federal program collaboration · SAR / BSA / AML reporting · Chargeback strategy · ATO recovery · Forensic accounting · Zendesk case ops · KYC & order reviews · OSINT investigation · Risk analytics & dashboards · SOPs & training · PCI · GDPR · CCPA · Kount / Sift / Riskified · SQL · Excel / Power Query · Expert witness testimony

🔍
Investigation

Fraud Detection & Forensic Accounting

End-to-end fraud program leadership: SOPs, playbooks, QA. QuickBooks audit log deep-dives, vendor fraud, ghost payroll, wire review. Expert witness testimony for civil litigation.

🏥
Healthcare

Healthcare & Federal Program Fraud

Medical billing fraud detection across HRSA Uninsured Program, Medicaid, and Medicare Advantage. Identity manipulation pattern recognition, intake documentation audits, federal program compliance.

📋
Regulatory

SAR Filing & BSA Reporting

Drafting FinCEN-compliant Suspicious Activity Reports. BSA threshold identification, tiered escalation workflows, 5-year documentation protocols, OFAC cross-referencing.

⚖️
Disputes

Chargeback Strategy & Recovery

Standardized evidence packs by Visa/Mastercard reason code. Pre-dispute alert enrollment (Ethoca/Verifi). Win-loss tracking. Ratio held ≤ 0.65% for 3 consecutive cycles.

🛡️
Identity

ATO Recovery & Account Protection

Risk-based step-up authentication, credential stuffing mitigation, device fingerprint allow-listing, empathetic compromise comms. ~45% ATO reduction with stable CSAT.

🕵️
Intelligence

OSINT & Pattern Recognition

Open-source intelligence for subject identification, asset tracing, and social engineering detection. Commission reconciliation across 8+ carriers to surface ghost chargebacks.

Selected Work

Case Studies

Federal healthcare fraud, multi-million-dollar embezzlement schemes, multi-carrier commission reconciliation, and operational fraud queue redesigns — selected for the patterns they reveal.

⭐ Federal · DOJ

Healthcare provider · COVID-era · 2020–2021

Federal Healthcare Fraud Detection — DOJ Coordination

Problem

A multi-service investigations firm I worked for stood up a COVID testing operation that began legitimately as employee return-to-work testing. Over time the operation expanded into Medicaid and federal HRSA Uninsured Program billing — and claims were getting denied for unclear reasons. I had medical billing experience and stepped in to help work the denials.

Actions

While reviewing denied claims, I spotted a pattern: multiple claims with the same date of birth but slightly different name spellings. I went deeper into the federal HRSA submissions. HRSA didn't require ID uploads — but it did require providers to keep intake sheets on file documenting each patient encounter. When I went looking for those intake sheets, none of them existed. The encounters being billed had never happened. I documented the scheme, quantified the exposure, and reported it to the U.S. Department of Justice.

$100K+ in fraudulent federal HRSA claims identified and reported. Case fed into the broader DOJ COVID-19 healthcare fraud enforcement effort.
Forensic / Legal

Multi-entity business · 18+ months

$700K+ Embezzlement Detection & Expert Witness

Problem

Unexplained cash shortfalls across a multi-entity training organization. Prior audits had failed to surface the pattern.

Actions

Deep QuickBooks audit log analysis, vendor relationship mapping, identification of ghost payroll entries and duplicate disbursements. Full evidence chain documented for civil litigation. SAR-style narrative documentation prepared for regulatory coordination. Coordinated with outside counsel and forensic auditors.

$700K+ in fraudulent activity detected and documented. Served as expert witness. Fraud-resistant controls implemented to prevent recurrence.
Commission Fraud

Insurance agency · Ongoing

Commission Reconciliation & Agent Fraud Prevention

Problem

Ghost chargebacks and payout discrepancies totaling tens of thousands of dollars. Unauthorized commission claims from a terminated agent creating regulatory exposure.

Actions

Multi-tab Excel reconciliation across 8+ carriers (UHC, Humana, Aetna MA, Aetna Supplement, Wellcare, Cigna, Heartland). Built carrier-specific parsers handling Humana XML, Aetna multi-sheet Excel, and UHC commission transactions. Identified ghost chargeback patterns and inflated claims; prepared regulatory inquiry documentation and cease-and-desist correspondence.

$22K+ in false chargebacks and 434 phantom policies identified across carriers. Repeatable reconciliation workflow established.
Fraud Ops

DTC brand · ~90 days

Zendesk Fraud Queue Overhaul

Problem

Mixed fraud and CX tickets caused slow escalations, inconsistent outcomes, and zero auditability.

Actions

Built triage macros and forms, created abuse categories, defined SLAs by risk tier, added QA sampling, and established clean handoffs to Finance and CX.

~30% faster time-to-decision, improved auditability, and cleaner handoffs.
Dispute Recovery

E-commerce · ~4 months

Chargeback Playbook & Evidence Library

Problem

Inconsistent dispute submissions; ratios approaching Visa/Mastercard network thresholds.

Actions

Standardized evidence packs by reason code, automated order and device signal retrieval, win-loss tracking dashboard, pre-dispute alert program enrollment.

$250K+ recovered across 400+ chargeback investigations with an 85%+ success rate. Ratios held ≤ 0.65% for 3 consecutive cycles.
ATO / Identity

Retail · ~6 months

Account Takeover (ATO) Recovery

Problem

ATO spike from credential stuffing; overly aggressive rules caused a false positive surge affecting good customers.

Actions

Risk-based step-up authentication, device fingerprint allow-listing, empathetic compromise comms templates, and behavioral signals to separate bad actors from legitimate anomalies.

~45% fewer ATO incidents. Stable CSAT. FP rate measurably reduced without increasing fraud losses.
Compliance & Regulatory

SAR Filing & BSA Reporting

Suspicious Activity Reports (SARs) are filed with FinCEN under the Bank Secrecy Act when transactions suggest money laundering, fraud, or other financial crimes. A strong SAR program — with tiered escalation, complete narrative writing, and proper record retention — protects the organization, its customers, and its regulators from further exposure.

What I bring to SAR programs

  • Identifying BSA-triggering thresholds ($5K structuring, $10K CTR) and escalation triggers
  • Drafting complete FinCEN-compliant SAR narratives: who, what, when, where, why, and how — with supporting transaction data and chronology
  • Building tiered escalation workflows with defined roles, SLAs, and documented outcomes at each level
  • Maintaining SAR filing logs with 5-year record retention protocols
  • Training front-line staff on red flag recognition and mandatory reporting obligations
  • Cross-referencing OFAC watch lists and sanctions databases during investigations
  • Coordinating with compliance counsel, compliance officers, and federal regulators
  • Integrating SAR workflows into Zendesk and custom case management systems

SAR trigger typologies I monitor

  • Structuring — deposits just under reporting thresholds across multiple accounts
  • Rapid cycling — funds in and immediately out with no apparent business purpose
  • Ghost vendors / shell activity — no legitimate service delivered, invoice discrepancies
  • Payroll anomalies — ghost employees, altered direct deposit routes, off-cycle disbursements
  • Healthcare fraud — phantom encounters, missing intake documentation, federal program abuse
  • Identity manipulation — duplicate DOBs across name variations, synthetic identity signals
  • Commission fraud — inflated claims, duplicate submissions, unauthorized rate modifications
  • Credential misuse — agent impersonation, unauthorized access, shared login detection
1
Detect

Rules engine alerts, queue triage, anomaly flags, audit review, or tips surface suspicious activity.

2
Document

Preserve evidence chain-of-custody — logs, records, screenshots — timestamped and unaltered.

3
Analyze

Forensic accounting review, audit log mining, behavioral pattern mapping, and data correlation.

4
Escalate

Route to compliance, legal, law enforcement, or FinCEN per tiered protocol. Every decision documented.

5
Remediate

Close control gaps, update SOPs and detection rules, deliver findings report, prevent recurrence.

Pattern Recognition

Fraud Typology Reference

A working reference of the fraud types I investigate, the indicators I look for, the detection methods that surface them, and the response protocols that contain them.

Type Key Indicators Detection Response Risk
Healthcare / Federal Program Fraud Duplicate DOBs across name variations, missing intake sheets, phantom encounters, overseas billing Pattern audit of submitted claims, federal documentation requirement verification Federal referral (DOJ/HHS-OIG), evidence preservation, regulatory disclosure Critical
Embezzlement Off-hours transactions, split approvals, vendor concentration, missing invoices Audit log review, duplicate payment analysis, vendor clustering Access suspension, forensic imaging, counsel, SAR if BSA threshold met Critical
Friendly Fraud High dispute-to-order ratio, "not received" on confirmed deliveries, repeat buyer Order match, device fingerprint, carrier proof Evidence pack, repeat offender block, pre-dispute alert enrollment High
Account Takeover New device/IP, password reset surge, rapid address or payment update Velocity rules, device fingerprinting, step-up auth triggers Risk hold, re-verification, compromise notification, session invalidation Critical
Commission Fraud Inflated enrollment counts, duplicate submissions, unauthorized rate changes Carrier statement reconciliation, agent login audit, timestamp analysis Commission hold, carrier notification, agent termination, regulatory disclosure Critical
Structuring Deposits just under $10K, multiple same-day transactions, split payments Threshold monitoring, frequency analysis, pattern clustering SAR filing within 30 days, monitoring hold, compliance escalation Critical
Synthetic Identity SSN/DOB mismatch, no credit history, inconsistent KYC data KYC verification, bureau thin-file check, document authenticity Enhanced due diligence, manual ID review, SAR if confirmed, closure High
Refund / Promo Abuse Multiple accounts from same device/IP, unusual return velocity Cross-account linkage, return reason code analysis, promo clustering Account flag, manual hold, promo revocation, blacklist Medium
Vendor / Invoice Fraud New vendor large invoice, altered bank details on known vendor Vendor master audit, invoice matching controls, callback verification Payment hold, verify via known contact, forensic audit log review Medium
Work History

Experience

2025 – PRESENT
Future First Advisors
Medicare insurance agency · Remote

Commission & Financial Operations Analyst

  • Investigate commission discrepancies across 8+ carriers; cross-reference platform data against carrier statements policy-by-policy
  • Identified $22K+ in false chargebacks and 434 phantom policies across UHC, Humana, Aetna, Wellcare, and Cigna
  • Built carrier-specific reconciliation parsers (Humana XML, Aetna multi-sheet Excel, UHC commission transactions)
  • Developed and deployed FFA Policy Hub — internal source-of-truth replacing third-party platform with documented data integrity issues
  • Present investigative findings to leadership; drove migration off compromised vendor platform
2022 – 2026
ProofAndFit (Contract)
E-commerce / Retail · Remote

Forensic Accounting & Chargeback Appeals Manager

  • Conducted forensic accounting reviews and chargeback investigations across complex multi-party transactions
  • Recovered $250K+ across 400+ chargeback investigations with an 85%+ success rate
  • Identified systemic fraud trends and reduced repeat chargebacks by 30% through pattern-based detection
  • Established standardized investigative procedures, improving case throughput by 40%
  • Built case-level evidence packages including transaction timelines, IP and device analysis, behavioral indicators
2023 – 2025
California Crane School (Contract)
Multi-entity training · Remote

Forensic Accountant / Financial Investigator

  • Led independent forensic investigation uncovering a $750K concealment scheme involving diverted funds
  • Reconstructed transaction histories from incomplete and altered financial records to identify concealment patterns
  • Produced detailed investigative reports supporting recovery actions and subsequent civil litigation
  • Strengthened internal controls through audit findings and recommended process improvements
  • Served as expert witness; SAR-style narrative documentation prepared for regulatory coordination
2020 – 2021
Multi-Service Investigations Firm
Healthcare billing & investigations · Remote

Background Investigator → Medical Billing & Federal Fraud Detection

  • Initially hired as a background investigator; stepped into medical billing during the firm's COVID testing pivot to help work denied Medicaid claims
  • While working denials, identified pattern of duplicate dates of birth across slight name variations in submitted claims
  • Verified federal HRSA Uninsured Program documentation requirements; confirmed required intake sheets did not exist
  • Documented and quantified $100K+ in fraudulent federal healthcare claims
  • Reported findings to the U.S. Department of Justice; case fed into broader DOJ COVID-19 fraud enforcement effort
2018 – PRESENT
Independent Practice
Remote

Fraud Investigator & Forensic Accountant

  • Investigate suspicious financial activity for small businesses and legal cases; deliver actionable forensic reports
  • Deep-dive reviews of QuickBooks audit logs, wire transfers, vendor fraud, and payroll anomalies
  • Commission reconciliation across multi-carrier insurance environments (8+ carriers)
  • Expert witness testimony; advise on internal control design and dispute strategy
  • OSINT investigations in support of civil and regulatory matters
Amanda pairs strong judgment with empathy. Losses went down, customer trust went up.
— Head of Operations
Qualifications

Credentials & Toolbox

🎓

Education & Certifications

  • B.S. Criminal Justice Management — Union Institute & University (2022)
  • Forensic Accounting & Fraud Analysis Certificate — West Virginia University (2023)
  • Continuing education: fraud prevention, OSINT, privacy & compliance
  • BSA / AML awareness training (ongoing)
📈

Reporting & KPIs

  • Fraud rate · Chargeback ratio
  • SAR filing log & BSA threshold monitoring
  • False positive rate · ATO/reactivation trends
  • Time-to-decision · QA sampling results
  • SOP adherence · Escalation SLA compliance
  • Commission reconciliation variance reports
🛠️

Toolbox

  • Zendesk (fraud queue architecture)
  • Excel / Power Query (reconciliation)
  • QuickBooks (audit log forensics)
  • Kount · Sift · Riskified (familiar)
  • SQL · Looker Studio · Airtable · Firebase
  • OSINT tooling · Python parsers