In part one of this two-part blog series, we discussed how compliance within the insurance industry has become more stringent. Here, in the second part, we explore the AML challenges insurance companies face.
An increased focus on anti-money laundering and countering the financing of terrorism (AML/CFT) regulations in the insurance industry has led to specific guidelines for different types of insurance based on the level of risk. The risk associated with each insurance type determines the controls and processes that the provider needs to have in place. High-risk businesses such as life and marine insurance, for example, will need more stringent controls.
The local regulatory landscape also impacts compliance requirements. In APAC, regulators such as the Monetary Authority of Singapore (MAS), Insurance Authority of Hong Kong, and Insurance Regulatory and Development Authority of India have established AML/CFT regulations specifically for the sector.
In the U.S., the Department of the Treasury determined that all parties involved in a trade transaction should bear responsibility for AML/CFT oversight. This led to a global advisory on illicit shipping that provides guidance on how different parties involved in trade, including insurance companies, should conduct their due diligence. With 80 percent of global trade involving maritime transportation, the advisory covers the importance of automatic identification system (AIS) tracking, vessel history/ownership, vessel monitoring throughout the entire transaction lifecycle and supply chain due-diligence.
Since 2007, the Financial Action Task Force (FATF) has published risk-based approach (RBA) guidance for different sectors, including life insurers. The main objectives of the guidance are to help companies understand overall customer risk, implement AML controls commensurate with the risk and allocate resources effectively.
Insurers should start by establishing an organisation-wide AML framework with policies based on both international and local regulations. By addressing the three main risk factors: customer type, customer geographic distribution, and the products and services offered, insurers will be able to apply the RBA to identify vulnerabilities.
Although the risk factors vary depending on the type of insurance and who the insurers are doing business with, the techniques to identify customer risk are similar.
Identification and Verification of Involved Parties
Prior to engaging in a business relationship, insurers need to perform know your customer (KYC) checks, a fundamental backbone of AML due diligence. This begins with identifying the involved parties and the ultimate beneficial owners (UBOs). If insurers are able to accurately collect this information – which is usually provided by customers along with supporting documentation – subsequent KYC tasks will be easier.
For life insurance, information is typically collected on policyholders, insureds and beneficiaries. For marine insurance, it includes forwarding agents, exporters, importers, vessels, beneficiaries and banks. If insurers are onboarding a corporate customer, associated parties such as directors, shareholders and UBOs have to be collected as part of the KYC process as well. It is also critical to understand the purpose of the relationship and the source of funds.
Once the involved parties are identified, insurers need to verify them by conducting background checks. This includes checking if any parties are sanctioned entities, politically exposed persons (PEPs), have been subject to enforcement actions, or are connected to any adverse media. Insurers should ensure they have access to updated watch list databases and proper screening solutions in order to identify these entities. Depending on the insurance product and geographical location, an RBA approach can be applied by identifying which parties would need to be screened against which relevant watch list.
Screening Solution Considerations
One of the biggest challenges in selecting and implementing a screening solution is that names can be common, leading to high a false-positive rate. The most effective solutions use methodologies to accurately identify sanctions, PEPs and adverse media without triggering a flood of false positive alerts. Solutions that prioritise risk based on severity of the exposure and likelihood that the potential match is a true hit bring greater efficiency to an insurer’s operations.
Certain parties can be repeated in multiple policies, so reducing duplicate screening is also crucial to avoid operational bottlenecks. KYC is not a static process— it has to be conducted on an ongoing basis to capture changing risk, especially with transactions or trades. This is to ensure that insurers do not service or pay out to illicit actors.
Marine insurance firms have additional areas to consider. They must assess goods and vessels, which includes checking for prohibited goods, country of origin, destination, vessels and UBOs to identify potential risk. Risk arises when a vessel has frequent visits to high-risk ports, or turns off its AIS (i.e., going dark). Insurers should look for a flexible solution that can be configured to their risk appetite. For example, only sending alerts when the goods or vessels are entering a high-risk port.
In addition to screening for high-risk entities, case management and audit trails are an important part of the KYC process. With proper case management tools, insurers can design appropriate review and escalation processes within the solution. This provides the compliance team with an overview of how the matches are handled by each reviewer. More importantly, it offers a centralised audit trail to ensure that every match and decision is explainable to regulators to demonstrate due diligence.
Seeking the Right Solution
Each insurance business has a different risk that requires a different strategy and approach to screening. When searching for a screening solution, insurers should keep the following in mind:
- Effectiveness of the screening solution
- Minimising of duplicate efforts
- Flexibility of case management
- Completeness of audit trails for explainability
- Efficiency of the end-to-end process
Accuity offers advanced screening solutions and dependable watch list data. If you would like to review your current process to achieve greater effectiveness in complying with regulations and better operational efficiency, please contact us for more information.