As a preliminary, general observation Insurance Europe supports these guidelines’ reaffirmation of the central role played by the Risk Based Approach (RBA) in the new European legal framework for Anti-Money Laundering and Combatting the Financing of Terrorism (AML/CFT). It is therefore essential for the general guidelines to be consistent with the rationale behind the RBA and ensure that AML/CFT resources are not wasted on low-risk areas.
In order to achieve this, it must be made clear that the firms and competent authorities should adopt a holistic approach to the risk factors guidelines. Indeed, in the overwhelming majority of cases, the decision to opt for the Standard (CDD), Enhanced (EDD) or Simplified Customer Due Diligence (SDD) procedures will not be based on one risk factor taken individually but on a combination of risk factors. Insurance Europe encourages the European Supervisory Authorities (ESAs) to further explicit this holistic approach in their risk factor guidelines, in order to ensure it is understood and implemented by all relevant stakeholders.
Insurance Europe also notes that these guidelines include a useful reminder that life insurance products are not sufficiently flexible to be the first vehicle of choice for money launderers, as they are designed for the long term and generally only pay out on a verifiable event, such as death or retirement. Furthermore, life insurance products will sometimes benefit individuals not nominally known or individuals who do not hold any rights on the proceedings of the contract during its lifetime, but only at the pay-out phase (such as beneficiaries) and therefore should only be identified and verified at pay-out. It should also be noted that the initial underwriting process for life insurance products already involves good KYC (Know Your Customer) steps.
TITLE II – Assessing and managing risk – general part
Identifying ML/TF risk – Sources of information (page 14)
“16. Other sources of information firms may consider in this context may include, among others: (…)
• information from media sources, such as newspaper reports;”
Insurance Europe understands that this provision is of a general nature, and would require insurers to be aware of risks on the basis of information available in the media. However, European insurers fear this could become a prescriptive guideline to consider such media sources when assessing the ML/TF risks. This is problematic given the potentially very wide number of media sources that could be considered.
“28. Risk factors that may be relevant when considering the risk associated with a product, service or transaction’s value or size include:
• To what extent are products or services cash intensive, such as many payment services but also certain current accounts? “
It should be noted that in some countries (such as Italy for example) it is forbidden to pay life insurance premiums in cash.
Assessing ML/TF risk (page 21)
“31. Firms should take a holistic view of the ML/TF risk factors they have identified…”
Insurance Europe is highly supportive of this particular risk factor. This should be highlighted as a guiding principle underpinning the RBA.
Simplified Customer Due Diligence (page 22-23)
“42. Simplified customer due diligence measures firms may apply include, but are not limited to: (…)
• adjusting the quantity of information obtained for identification, verification or monitoring purposes, such as:
i. verifying identity on the basis of one document only;
Provided the single document has the necessary evidential quality (official identity documents such as ID cards or passports for example), verifying identity on that basis should be part of the standard CDD procedure rather than an option restricted to SDD.
Whilst it is understandable the guidelines focus on the SDD and EDD, it should not be forgotten that most of the AML/CFT work done by firms will consist in standard CDD.
Politically Exposed Persons (page 25)
“49. Firms that have identified that a customer or beneficial owner is a PEP must always:
• take adequate measures to establish the source of wealth and source of funds to be used in the business relationship in order to allow the firm to satisfy itself that it does not handle the proceeds from corruption or other criminal activity. The measures firms should take to establish the PEP’s source of wealth and the source of funds will depend on the degree of high risk associated with the business relationship. Firms should verify the source of wealth and the source of funds on the basis of reliable and independent data, documents or information where the risk associated with the PEP relationship is particularly high.”
Insurance Europe believes this particular risk factor goes against the proportionality requirement of the RBA by requesting this task to be done with any PEP a firm deals with, regardless of other risk factors. On that occasion it would be more adequate to follow more closely the wording and spirit of the Directive (article 20), allowing firms only to establish the source of wealth and/or funds if this turns out to be the adequate measure in the given circumstances i.e. if the “degree of high risk associated with the business relationship” justifies it. It would also be useful to confirm whether open-source information (such as the internet) can be used to determine the source of wealth.
The correlation between the adequacy of the measures the firms should take and the degree of high risk associated with the business relationship should also be explicitly stated in the subsequent two bullet points (on senior management approval and enhanced ongoing monitoring).
TITLE III – Sector-specific guidelines
Insurance Europe is particularly supportive of the confirmation in the introductory paragraphs of the need to take a holistic view of the risks being considered.
Insurance Europe calls for a coherent and proportionate approach to be adopted for all sectors covered by the guidelines.
Chapter 5 – Sectoral guidelines for wealth managements
Product, service and transaction risk factors (page 56)
“143. The following factors may indicate higher risk: (…)
• assets deposited or managed in another financial institution, either of the same financial group or outside of the group, particularly abroad;”
The inclusion in this category of assets within the same financial group goes against the principles of balance and proportionality induced by the RBA. Insurance Europe would therefore recommend restricting this risk factor example to assets deposited or managed outside of the financial group.
Measures – Enhanced customer due diligence (page 57)
“148. The following EDD measures may be appropriate in high risk situations: (…)
• These procedures may include those for recording visits to clients’ premises, whether at their home or business,…”
As per the previous comment, this aspect of the guideline seems excessive, thus going against the rationale underpinning the RBA.
Chapter 7 – Sectoral guidelines for life insurance undertakings
Applying the RBA to the life insurance sector means recognising (as is done on the guidelines) that, whilst life insurance products can be misused for money laundering, they are insufficiently flexible from money launderers’ perspective and therefore not the first vehicle of choice for ML/TF. This is because they are designed for the long term and that they only pay out on a verifiable event, such as death or retirement. However, there are products in life insurance with more flexibility in terms of duration, pay-in or pay-out and which therefore raise the AML-risk. This should be taken into account when considering the need for and, where applicable the nature of, AML/CFT procedures to be adopted by firms.
Insurance Europe would like to stress that, given the nature of life insurance contracts, identification procedures should be restricted to the time when the contract is established and at the time of pay-out rather than throughout the life of the contract. Requiring the identification on an ongoing basis is not consistent with the structure of life insurance products and would result in an inadequate allocation of AML/CFT resources.
Product, service and transaction risk factors – (page 65-66)
“177. The following factors may indicate higher risk:
• flexibility of payments (…)
• ease of access to accumulated funds (…)
• negotiability (…)”
Insurance Europe agrees in principle that these categories of risk factors may indicate a higher risk. However, some of the subcategories that were included are features that apply to the overwhelming majority of life insurance products. Some can even be seen as defining characteristics of life insurance and/or are required by national law:
- Including a ‘free look’ provision in life insurance contracts is required by European law ;
- The possibility to use the contract as collateral for loan is required by national law of certain member states;
- Allowing high value or unlimited value premium payments, overpayments or large volumes of lower value premium payments is not a risk factor per se, as a large group of life insurances do not set a fixed premium payment.
Listing these subcategories as factors indicating higher risk goes against the RBA by including too wide a category of products within the EDD, thus preventing an adequate allocation of AML/CFT resources by life insurance companies. Insurance Europe would suggest adopting a more proportionate approach, such as the approach taken when listing risk factors for providers of investment funds (Chapter 9). For example, “cooling off” periods should only be considered as a higher risk factor where the circumstances in which the customer makes use of this “cooling off” period are suspicious.
“178. The following factors may indicate lower risk:
• The product
• is accessible only through employers, for example a pension, superannuation or similar scheme that provides retirement benefits to employees, where contributions are made by way of deduction from wages and the scheme rules do not permit the assignment of a member's interest under the scheme;
• cannot be redeemed in the short or medium term such as pension schemes without early surrender option;”
Pension products are generally highly regulated at national level and lacking the flexibility required for money laundering. These products vary throughout Europe and descriptions that are too restrictive could lead to excluding certain markets’ pension products from the scope of SDD. Excluding such (very) low-risk products from SDD procedures would lead to the inadequate allocation of AML/CFT resources. Insurance Europe would therefore suggest adding pension products as a whole category of products than can be considered lower risk.
Customer and beneficiary risk factors – (page 67)
“179. The following factors may indicate a higher risk: (…)
The customer’s behaviour:
i. in relation to the contract, for example:
a. the customer frequently transfers the contract to another insurer”
One insurer taken individually cannot be expected to know, when a contract is transferred to it from another insurer, how often that contract was transferred previously. It would also be necessary to clearly define the situations covered by the term ‘transfer of contract’.
“f. the customer requests change or increase of the sum insured and/or of the premium payment.”
This risk factor is inadequate given how common such requests are during the life of an insurance policy. This means they play a role in determining the level of risk only if the changes are excessive or abnormal or happen within a short time.
“iii. In relation to payments, for example:
f. catch-up contribution to a retirement plan close to retirement date.”
This is again a very common occurrence during the term of a life insurance contract. Insurance Europe would suggest amending this guideline to limit it to ‘excessive’ or ‘abnormal’ catch-up contributions.
Measures – Enhanced customer due diligence – (page 70-71)
“188. The following EDD measures may be appropriate in a high risk situation: (…)
• taking additional steps to strengthen the firm’s knowledge about the customer (…). Examples include: (…)
viii. where possible, identifying the beneficiary at the beginning of the business relationship, rather than wait until they are identified or designated;”
Identifying a beneficiary at the beginning of the business relationship is not necessarily very useful for AML/CFT purposes, as the customer can change the beneficiary at any time during the lifetime of the contract. However, it is important to identify the beneficiary at pay-out. Insurance Europe believes this measure would unduly add administrative burden and hinder the efficient allocation of AML/CFT resources. A more proportionate approach, such as that taken with the EDD measures listed for investment funds providers (chapter 9), would be preferable.
ix. identifying and verifying the identity of the beneficiary’s beneficial owner;
It would be useful to provide an example of beneficial owner, depending on the nature of the beneficiary.
Measures – Simplified customer due diligence – (page 71)
189. The following measures may satisfy some of the CDD requirements in very low risk situations (to the extent permitted by national legislation):…
Insurance Europe believes the wording of this guideline is problematic for a number of reasons:
- Referring to a very low risk situation effectively creates a new category of risk (high, normal, low and very low risk). It would therefore be preferable to simply refer to a low risk situation there.
- Furthermore, bearing in mind one of the Directive’s objectives is to further converge the actual implementation of its provisions at national level, it would be preferable to remove any reference to “the extent permitted by national legislation”.
Chapter 9 – Investment funds providers
Insurance Europe notes that the approach taken for this sector’s guidelines was much more proportionate. Such emphasis on proportionality would be a useful model to update the guidelines for life insurers.
Notwithstanding a few observations made regarding specific guidelines (please see response to question a), Insurance Europe believes these guidelines are indeed conducive of an effective monitoring by the competent authorities of firms’ compliance with applicable AML/CFT requirements.
It is essential for competent authorities to never lose sight of the central role the RBA is meant to play in the new European Legal framework for AML/CFT, and also the rationale for this approach: the efficient allocation of AML/CFT resources to those areas of business that need close monitoring.
Competent authorities must be encouraged even more explicitly to adopt a holistic approach to the risk factors (i.e. considering not just single factors taken individually but a combination of factors). If not, the risk is that some competent authorities will expect firms to treat each high risk factor individually as warranting EDD, thus defeating the purpose of the RBA. Competent authorities should also be encouraged to provide feedback (whether general or firm-specific) to ensure such a holistic approach is understood and implemented by firms.
Finally, it is also important for competent authorities to be fully aware that life insurance products are not sufficiently flexible to be money launderers’ first vehicle of choice, as they are designed for the long-term and only pay out on a verifiable event. However, there are products in life insurance with more flexibility in terms of duration, pay-in or pay-out and which therefore raise the AML-risk. This should be taken into account when considering the need for and, where applicable the nature of, AML/CFT procedures to be adopted by firms.
Insurance Europe believes organising the guidelines by types of business is an effective approach but that it should remain consistent with the classification operated in the Directive.
Indeed, regarding life insurance, the scope of the guidelines should be clarified as it currently seems these guidelines are only aimed at life insurance companies (life insurance undertakings). This means there are no guidelines specified for insurance intermediaries. This is inconsistent with the Directive’s specific reference to insurance intermediaries (as defined in point (5) of Article 2 of Directive 2002/92/EC) where they act with respect to life insurance and other investment-related services. The ESAs should therefore consider either extending the life insurance guidelines to insurance intermediaries or drafting guidelines specifically aimed for them. In any event, life insurers should be able to rely on the AML/CFT checks carried out by the relevant intermediaries when identifying and assessing ML/FT risks.