Why insurers must get to grips with due diligence and financial crime

Insurers might assume financial criminals such as money launderers do not have them in their sights, but there is no room for complacency. It is true that they represent a less direct means to legitimise dirty money and to pursue suspicious transactions; unlike banks, which provide an ongoing service, insurers tend to sell products in one-off interactions. However, bad actors are continually on the look out for new opportunities, particularly where they think their endeavours will be less obvious.

In fact, research conducted by PwC suggests fraud and financial crime against insurers has been spiking upwards in recent times. Its 2018 Global Economic Crime Survey found 62% of global insurers had been exposed to fraud or financial crime over the previous 24 months, up from 37% in 2016 and 35% in 2014.

Groups such as the Financial Action Task Force are increasingly worried. The FATF, an intergovernmental agency that promotes international cooperation in the fight against money laundering, warns certain insurance products are increasingly attractive to the criminals. Two-thirds of insurance sector cases worldwide relate to life insurance, the FATF says, but general insurance still poses a risk. Insurance brokers, often unaware of the risks, are often easy targets it suggests.

To take just one example, criminals have used dirty money to buy high-value items that they then take out insurance for; they’ve then made fraudulent claims and received reimbursement from insurers, securing legitimate funds in the process. In the life sector, there have been examples of money launderers seeking to buy annuity contracts, swapping a large sum of suspicious cash for a regular payment from a legitimate financial services business.

Stepping up the fight

Against this backdrop, insurers that do not take due diligence seriously are putting themselves at substantial risk. At the least, they may suffer serious reputational damage when a problem comes to light; but they are also increasingly at risk of regulatory sanction, with authorities in many jurisdictions now taking much more aggressive and wide-ranging action on money laundering and corruption.

In the UK it’s easy to be lulled into a false sense of security by the fact that in most cases, the insurance sector is not subject to the Money Laundering Regulations regime. However, insurers absolutely do have responsibilities under the Proceeds of Crime Act to report suspicious activities, and there are swingeing penalties for companies and individuals who fall foul of the law.

For this reason, it’s vital that insurers have systems and controls that will prevent financial crime. Those without such controls will be at risk of committing money-laundering offences. And regulators take this seriously – since 2009, the UK’s Financial Conduct Authority has taken enforcement action against four wholesale insurance intermediaries for failure to adequately manage corruption risk.

Moreover, in a global marketplace, insurers must recognise that due diligence compliance regimes vary across different jurisdictions.

In the US, for example, certain insurance contracts have come within the remit of anti-money laundering (AML) regulation for more than a decade. Regulators are particularly focused on permanent life insurance policies and annuity contracts. In the European Union, regulators have also made it clear they are determined to strengthen regulation wherever necessary. All around the world, authorities are attempting to tighten the net against financial criminals – and making more demands of those in a position to help, including insurers.

Get to know your customers

What this means is that insurers must embrace the principles and best practices of know-your-customer (KYC) regulation, even where they are not specifically covered by such statute. As a first step, this means being certain customers are who they say they are using basic data such as name, date of birth and address. But it also makes sense to go further – for example, by screening against databases such as World-Check for politically exposed persons (PEPs) in positions of influence who may present a higher risk for bribery and corruption. These will require enhanced due diligence checks.

Where insurers do have reason to be suspicious, they must report their concerns to the relevant agencies. Common red flags include clients seeking to pay for policies with cash, seeking to pay via third parties, overpaying for cover and then seeking a refund, and making claims very soon after the policy is taken out. But there is no exhaustive list – insurers’ due diligence endeavours must be sufficiently comprehensive to identify a wide range of potentially suspicious individuals and behaviours.

Such work can be onerous and time-consuming, but new technologies will increasingly play a role in lightening the burden. Via AML- and KYC-focused platforms, it is now possible to standardise and automate processes, and to secure access to a wide range of external data sources. Such platforms also create an audit trail, enable data and report sharing between teams and help insurers to show that they have met regulatory requirements.

Technology alone will not enable insurers to combat the mounting threat posed by financial criminals, but it can help reduce the compliance burden. Insurers’ first responsibility is to accept the need to step up their due diligence work – thereafter, new technologies offer an opportunity to undertake this work both more effectively and more efficiently.