How and why insurers must up their AML game

By law, insurance firms are subject to the same anti-money laundering obligations as banks. The industry perception is that as “just insurers.” they are at less risk of money laundering.  However, insurers are presented with some risk of money laundering, and the level of that risk must be identified in their business-wide risk assessment.

There are many points in the insurance value chain where money laundering can occur. Data collection processes and customer insight are a particular concern that can also put insurers on the back foot when it comes to payment screening.

Let’s examine how and why insurers must be on top of their approach to customer data to ensure they stay on the right side of the law and strengthen their AML and sanctions best practices to remain there.

Money laundering risks in insurance

Fraud is often the main concern for insurers when it comes to financial crime, with AML a secondary consideration, but AML is also part of the broader fraud picture and needs more attention. Insurers are not immune to money laundering, with notable cases of providers receiving multi-million dollar fines for AML failings.

Money laundering can occur at many points in the insurance process. Policy cancellation and refund processes are a particular weak spot.

For example, an individual can buy an expensive policy for a high-value item, such as a luxury car, and then switch it to a cheaper policy for a mid-range vehicle and receive a refund, minus administration expenses, for the difference in policy value. Or an individual can buy multiple policies from several different insurers for the same item, then cancel the policies to claim refunds. On a more organized level, multiple people can buy multiple policies from multiple insurers and then cancel the policies and claim all the premium refunds.

Bogus or exaggerated claims are another potential concern, particularly where insurers, in an effort to meet consumer demand, invest in faster claims processes. Approached in an organized fashion, these tactics can be scaled up to launder vast sums of money. These scams often go undetected for weeks or months, at which point it is too late to recoup the lost funds.

Deepening customer insight into AML

A lack of customer insight can be a particular challenge for insurers in managing money laundering risks. In contrast to banks, insurers typically collect less information when onboarding new customers, focusing only on the policyholder and what needs to be insured. Insurers are often hampered by legacy systems, which are likely to be disjointed across the various functions. For example, underwriting may be disjointed with claims processing. These legacy systems may not be designed with best-practice data collection processes in mind, are often deeply embedded in the relevant processes and cannot be readily modified.

Unlike banks, insurers don’t get to see the day-to-day lives of their customer based on their online interactions, whereas banks benefit from detailed transactional information that helps to build a more detailed picture of the customer and provides red flags to potential money laundering practices. For example, a bank is more likely to know that a customer regularly travels to certain countries, has associates in those places, which airline they travel with, where they shop, and where they eat, since all this information is likely to show up in a bank account statement.

Improving customer data collection processes to prevent money laundering is essential to overcome these challenges. Customer data collection processes also must be balanced with data protection requirements. It is critical that money laundering reporting officers and data protection officers have a strong working relationship and can manage the ever-present conflict between over- and under-collection of data and determine whether data protection or money laundering legislation will win out or whether a balance can be struck. There also must be a clear understanding of what data needs to be retained and for how long so that data is not retained needlessly and that no data pointing to knowledge, suspicion or reasonable grounds to suspect money laundering is lost.

Improving understanding of insured items

In addition to improving customer insight, insurers also must develop a deeper understanding of what they are insuring and whether there are any associated money laundering risks. In the commercial space, in particular, there is not always an in-depth awareness of what is being insured and all the parties involved.

Global trade is a case in point. According to the OECD, 90% of the world’s goods are shipped in containers. This has made it an attractive market for bad actors. Trade-based money laundering is a known issue, for example, through over- and under-invoicing of goods using trade finance. Furthermore, checks in ports, docks and customs environments typically focus on hazardous cargoes rather than scrutinizing the contents against the invoice value. The contents of the container, its mode of transport and storage will all have been insured, but how does the insurer really know what is inside that container?

It is well documented that most of the paperwork related to trade finance is still prepared manually. Therefore, a key consideration for insurers is how much independent checking they do to ensure they are comfortable that the trade process, associated documentation, goods and shipping are all legitimate. They must also be satisfied with the planned route of any shipping or flights carrying their insured items.

Understanding these risks starts with thorough data collection processes when onboarding new customers or when existing customers purchase new policies. The right questions must be asked to ensure insurers get the required answers and are familiar with all parties and steps involved to ensure compliance with their AML obligations. The data collected must also be consistent, both at a customer and policy level, particularly given that many customers will hold multiple policies.

Better data helps to improve AML processes

Acknowledging the risks of money laundering in insurance is a crucial first step for insurers looking to up their approach to AML. Second is the need to revisit the approach to customer onboarding and ensure all the relevant data is collected systematically, which may require investment in technology. This must be done with the DPO to guarantee the business complies with both AML and data protection requirements. Finally, with their data house in order, insurers will be much better positioned to maximize payment and sanction screening technology and avoid preventable legal or regulatory mishaps.

Steve Marshall is director, advisory services, with FinScan. Contact him at [email protected].

© Entire contents copyright 2024 by InsuranceNewsNet.com Inc. All rights reserved. No part of this article may be reprinted without the expressed written consent from InsuranceNewsNet.com.