Countermeasures to AML/CFT Risks in the Insurance Sector

Since the first anti-money laundering regulations were issued, both international and national, the insurance sector, like the credit sectors that include the activities of banks and financial firms, has been formed from the outset as a compulsory subject to regulatory compliance and procedural checks to counter AML/CFT threats. 


With the Covid-19 pandemic period, the need to ensure one's life against uncertainty and instability led citizens to take greater responsibility for protecting their health, economic integrity of assets, savings, and investments. This has resulted in insurance supervisors issuing new specific indicators. 


The insurance world is mainly divided into different lines of business and different types of insurance: Life insurance and non-life insurance. It is an economic activity to all intents and purposes based on legal and contractual terms on the insurance contract. The value of the policy, such as the premium to be paid and the amount ceded to the beneficiary (if the insured event occurs), is established by specific regulatory indicators and mathematical calculations that allow for fair compensation or indemnification when the damaging event occurs. 


The insurance world requires constant review and vigilance towards internal processes all the time. Well-known are non-life insurance frauds for injuries or accidents in which compensation is claimed for a harmful event that never occurred. The Compliance (Risk Management) function that examines all these risks also considers the Anti-Money Laundering and Counter-Terrorism (AML/CFT) risk. 


The insurance sector has changed over time. From the first 'classic' forms of savings and pre-mortgage, the insurance market has evolved by offering insurance covers such as single capital investment life products, savings on bond and equity market funds, and pension funds, which unlike policies that only provide temporary covers such as car insurance or accident insurance have a greater risk of being proceeds from illegal criminal activities committed by third parties or, less infrequently, by the policyholder himself. 


The players in the insurance market are many and varied. They are registered in a special register after passing an examination and then registering in a state register. The term broker is commonly used to mean intermediary, but insurance intermediaries work on their accounts and insurance intermediaries who work for a company. The insurance regulations governing AML/CFT risk have very stringent measures: for example, the prohibition of using cash when paying monthly, semi-annual and annual premiums for life, savings, and investment covers allows for non-life business only and a maximum of €600-800 per year. Furthermore, the traceability and financial monitoring system oblige policyholders to use traceable payment instruments such as cheques bearing the indication non-transferable, consenting to payment by bank transfer, and POS (point of safe) payment systems. On the other hand, the use of the Crytpovalute Blockchain for certain insurance services (non-life) is currently being studied and approved by financial regulators. These regulatory peculiarities in themselves reduce the potential riskiness of the insurance industry. In addition, the regulation requires that whenever one of the parties to the insurance contract (policyholder, beneficiary, insured) changes, customer due diligence takes place. The AML/CFT risk arises in particular for those clients who have taken out insurance cover in the investment, pension fund, savings, and pre-mortgage lines of business; therefore, during the credit disbursement phase, a whole series of personal, economic, and fiscal checks are carried out on the beneficiaries and sometimes SAR's are also sent. 


Insurance services are not only provided directly by insurance companies but also by post offices, banks, and financial institutions. However, it is essential to pay attention to and distinguish between the different categories of insurance intermediaries in terms of compliance with due diligence requirements: 


- Banks distributing insurance products have all the information (which they have to make available to the companies) necessary to assess the consistency between the number of premiums paid and the economic situation (in the case of recurrent premiums) or capital situation (in the case of single premiums) of the policyholder, consistency being one of the crucial factors to be taken into account when defining the risk profile of each client; 


- Agents and brokers, on the other hand, may rely only on the information (more or less general) provided by the customer when subscribing to the product, even though firms are required to identify the cases (thresholds of significant amounts, other higher risk factors such as the performance of specific activities, etc.) in which intermediaries must ask customers for additional documentation (e.g., bank statements) to verify the integrity of the information provided by the subscriber on the economic or financial situation.


We must never forget that criminals choose weak or complacent spots to use the financial system for money laundering or illicit purposes. This is why 'open eyes' are necessary.


The KYC regulation is essential because the advisor, the broker, surveys all the parties involved in the insurance contract, the owner, the policyholder, the beneficiary, and the insured, which is not always the same person. This activity, knowledge of one's client, has two implications: the first is a complete knowledge of one's own client, which allows for greater loyalty between client and consultant (insurance company) by offering more solutions to the client's daily needs, and the second is to be able to carry out AML checks without great difficulty. 

Companies are called upon through "active cooperation" with the supervisory authorities to build and properly operate a robust structured process to uniformly collect from the network of insurance intermediaries they use all the information necessary to develop a "meaningful" risk profile for each customer and then they must be able to intelligently read the data collected. 


Sometimes simple profiling is ineffective since the inadequate customization of risk factors used by companies' applications tends to generate not only high numbers of 'false positives' but also 'false negatives, which is more severe because it undermines active collaboration. It should be emphasized that the prerequisite for effective dynamic partnership - which is the cardinal principle of the legislation - is precisely a robust process of adequate verification DDC - Client Due Diligence. 


- Before opening a new ongoing relationship, refrain from proposing or concluding insurance contracts concerning which the customer refuses to provide information from the outset (theoretical case) or, more realistically, provides incomplete or contradictory information and documents that do not prove the truthfulness of the information given; 


- Subsequently, identify relationships/transactions which are characterized - following the envisaged constant monitoring - by indicators of higher risk or potential anomaly to be assessed for possible reporting to the competent financial reporting authorities.


Written by Dimitri Barberini

Previous Post
The FinCEN Files Fallout | Why is This Leak Different?
Next Post
Singapore and Virtual Assets Regulations
×