Financial crime and the insurance industry
October 2019 | FEATURE | FRAUD & CORRUPTION
Financier Worldwide Magazine
October 2019 Issue
The insurance industry is open to abuse by criminals, including money launderers and terrorist financiers. Fraud and financial crime in the insurance space has risen sharply in recent years. According to PwC’s 2018 Global Economic Crime Survey, 62 percent of respondents from the global insurance community said their firms had been exposed to fraud or financial crime within the previous 24 months, compared to 37 percent in 2016 and 35 percent in 2014.
Global focus on money laundering and the financing of terrorism has grown markedly in recent years. As criminals have developed new and innovative tactics to perpetrate their crimes, global financial regulations have evolved to try and stay one ahead. The European Union (EU), for example, has introduced a number of new financial regulations. The Fourth and Fifth Anti-Money Laundering Directives (AMLD4 and 5), the Payments Services Directive (PSD2) and the updated Markets in Financial Instruments Directive (MiFID II), among others have been implemented to address issues the financial services industry has experienced over the last decade or so.
A report from the Special Committee on Financial Crimes, Tax Evasion and Tax Avoidance’s, co-rapporteur Jeppe Kofod, said: “Europe has a serious money laundering and tax fraud problem. We have the world’s largest, richest and most integrated single market with free movement of capital, but little to no effective cross-border supervision and 28 differing national anti-money laundering and anti-tax fraud provisions...We need tougher EU-level regulation.”
The rise of fraud and financial crime, the increasing sophistication of criminals and the evolution of the regulatory landscape have reshaped the financial services industry in recent years. Financial institutions, including insurers, have been required to develop new processes and systems. Today, they are obliged to regularly assess areas of their business vulnerable to financial crimes. These risks must be mitigated with appropriate internal safeguards.
Enforcement action against companies which have failed to meet shifting global regulatory standards has also increased in recent years. According to encompass Group, 2019 is on track to be year a record year for anti-money laundering (AML) fines, overtaking the $10.89bn levied in 2014. Between January and April 2019, $7.7bn of AML fines were handed out compared to $1.16bn in the same period in 2018. US-based regulators are responsible for the largest amount of fines, followed by the UK. Though banks are still the most likely recipient of financial penalties, there is a burgeoning focus on insurance providers.
Yet, historically, there has been limited risk of money laundering in the insurance space, according to Livia Benisty, financial crime expert and adviser at ComplyAdvantage. “AML is typically a cross-border activity that moves through multiple entities; insurance does not allow for much space in that area,” she explains. “The industry is typically at higher risk of fraud than AML activity as customers buy a product and work with a provider who will payout directly to them, rather than insurers dealing with a high velocity of transactions moving through various institutions.” According to a 2004 report by the International Association of Insurance Supervisors, the insurance industry was not considered to be particularly susceptible to money laundering compared with other areas within the financial services industry.
However, insurance products, particularly life insurance, do provide opportunities to launder money, given the significant flow of funds. As a result, AML regulations are evolving. Insurance firms operating in the US that issue or underwrite covered products which may pose a higher risk of money laundering, for example must comply with Bank Secrecy Act/anti-money laundering (BSA/AML) programme requirements. A covered product includes an annuity contract other than a group annuity contract, a permanent life insurance policy, other than a group life insurance policy and any other insurance product with cash value or investment features.
The five basic components of a BSA/AML programme are: (i) a risk assessment; (ii) internal controls review; (iii) independent auditing; (iv) the appointment of a BSA/AML compliance officer; and (v) the introduction of BSA/AML compliance training for employees. BSA/AML compliance is mandatory. Firms must build an effective and reliable compliance programme on the back of careful analysis and systematic review. Insurance companies must reduce compliance risk and adopt best practices for fraud control. Creating a culture of top-down regulatory compliance will be vital to ensuring that insurance employees understand the threat posed by financial crime.
In light of these regulations, insurers face an increased compliance burden. Due to the extended remit of the US Department of the Treasury under the USA PATRIOT Act, the Financial Crimes Enforcement Network (FinCEN) issued two final rules requiring certain insurance companies to implement AML compliance programmes and file Suspicious Activity Reports from May 2006.
In the UK, the Financial Conduct Authority (FCA) has extended its financial crime supervision programme to include annually visiting a random sample of firms which are subject to the money laundering regulations. This approach is designed to pressurise firms, including insurers, to improve general standards.
Increasingly, insurance companies are being held responsible for compliance, which includes the activities of any agents and brokers.
One of the primary challenges facing insurance providers is verifying their data. They must ascertain the accuracy and reliability of the customer data they hold. They must also perform Know Your Client (KYC) risk ranking to include additional data from external data sources and validate or add to any information the customer may have provided during onboarding.
Insurers must deal with suspicious activity alerts received through their data analytics. They must classify different alerts so that investigators can deal with high-risk cases first. Technology plays a crucial role in the fight against financial crime.
Technological change has driven product, underwriting and administrative practices, and has given rise to InsurTech, which may be the most visible means of transformation affecting the insurance industry. “The industry is being digitalised and there is an expectation for customers to follow the use of technology, which is visible with the rise of the more prominent InsurTechs,” says Ms Benisty. “It is important to note, however, that insurance is not transforming at the same rate as other financial industries. There is a burgeoning InsurTech industry but traditionally insurance moves more slowly than finance due to the product purchasing nature of the relationship. Customers typically buy an insurance product rather than engage in a financial service with insurers.”
A number of new and exciting innovations are helping firms achieve global compliance. The blockchain and distributed ledger technologies (DLT), for example, are being used at the proof of concept stage and have potential applications around data sharing, KYC, AML and fraud prevention.
Technology alone will not be enough to fight financial crime in the insurance sector and beyond, however. An effective, management-led commitment to compliance is key. This commitment requires management to refocus efforts and budgetary discipline on compliance which, in turn, will better facilitate the successful integration of new technological solutions. In addition, insurance providers must have a solid understanding not only of their compliance obligations but also the systems and frameworks supporting those functions.
Customer due diligence is also essential to compliance. Insurers must be able to obtain identifying data such as a customer’s name, existing residential address, contact telephone number, date of birth and nationality in the case of individuals. For non-personal customers, such as companies, differing data will be required, but insurers must be able to verify the identity of customers using reliable, independent sources, and maintain records of all reference documentation used to do so.
Tackling financial crime
The threat posed by financial criminals is becoming more complex and varied. As a result, insurers must take appropriate steps to identify and prevent financial crime, employing fraud detection methods, including technology solutions.
Other steps may be taken. First and foremost, insurers must take a comprehensive approach, rather than focus primarily on one aspect of financial crime, be it money laundering, fraud or employee misconduct. By utilising data and improved communication channels, insurers can cost-effectively monitor a wide array of potentially fraudulent activities, then investigate them further.
Technology such as robotic process automation (RPA) and artificial intelligence (AI) has an important role to play. RPA allows businesses to automate processes at a fraction of the cost of traditional solutions, without the need to change current IT systems. Technology can be used to replicate activities that people currently undertake, using existing core applications, accessing websites, and manipulating spreadsheets, documents and email to complete tasks. Though it is unlikely to replace human investigators, technology can identify and analyse financial crime patterns across large transaction sets. It may also identify potential criminality much quicker than humans. RPA can also reduce costs generally and improve compliance in the wake of increased regulatory pressure.
Looking ahead, the insurance industry, like the wider financial services industry, faces a number of key challenges. The threat of cyber crime and consumer fraud rank highly in PwC’s economic crime survey, with 30 percent and 29 percent of respondents respectively identifying these issues as the most likely cause of disruption over the next two years. Furthermore, business misconduct, asset misappropriation, money laundering and bribery and corruption will have a detrimental effect. Given the scale and severity of these and other challenges, it is imperative that firms maintain adequate fraud and financial crime risk management frameworks. To avoid potential enforcement action, insurers must be able to demonstrate robust policies and procedures that comply with regulatory expectations in a constantly evolving compliance landscape.
© Financier Worldwide