04 July 2016
In March 2016, the Central Bank published a report setting out its observations and expectations in relation to Anti-Money Laundering, Countering the Financing of Terrorism and Financial Sanctions (AML/CFT) compliance by Irish life insurers (the Report).
Carried out over the course of 2014 and 2015, the Report was based on a combination of on-site inspections and desk-top reviews which involved the assessment of insurers’ related policies, procedures, risk assessments, outsourcing and third-party arrangements together. The Report also encompassed interviews with key staff, walk-throughs of key processes and testing of relevant IT systems conducted by the Central Bank.
The Report recognises that although the inherent AML/CFT risk may be lower in the insurance sector than in other sectors, insurers should be aware that there are products, customers and geographic regions that present a higher AML/CFT risk.
Main areas of concern identified
The Report concluded that in many instances, insurers generally had satisfactory procedures and systems and controls in place. However, a number of the issues identified indicated that that further improvements should be made by insurers to strengthen their existing AML/CFT framework. The findings of the Report focus on customer due diligence (CDD), suspicious transaction reporting, terrorist financing, financial sanctions, and compliance and governance centred on the importance of robust board oversight and record keeping.
The Report identifies the following main areas of concern:
Central Bank recommendations
The Central Bank expects that insurers maintain a detailed suite of AML policies which are supplemented by guidance and supporting procedures that fully demonstrate compliance with all legal and regulatory requirements. The Report also points out that these policies should be reviewed and updated accordingly.
In addition, the Central Bank expects that insurers conduct and document an AML risk assessment of their business including all risk categories (e.g. geographic risk, product/service risk, policyholder risk and channel/distribution risk). If any gaps are identified, it is expected that an action plan should be put in place to address such gaps and such plans should be reviewed and approved by the board at least annually.