2.2. ML/FT Risks Relevant to Life Insurance and other Investment-Related Insurance Products
Criminal actors may use life insurance and other investment-related insurance products to place illicit proceeds into the financial system, especially (though not exclusively) where the insurer or intermediary accepts premium payments in cash. Such products may be purchased with the intention of either holding the insurance policy over its standard duration or canceling coverage before maturity and, where permitted, withdrawing premiums paid less a penalty (a practice known as “early surrender”) so as to free up funds for alternative uses. Illicit actors may also deliberately overpay premiums and request a refund for the amount overpaid to the insurance carrier in order to trigger payout under a policy. Reimbursed premiums, withdrawn contributions, and payout proceeds (whether legitimate or fraudulent) can then be deposited into a bank account or used to purchase other financial instruments without necessarily revealing the ultimate origin of the funds.
As noted above, life and other investment-related products are generally considered to present higher ML/FT risk, particularly where they have high cash values upon surrender. The following methods may be employed to launder funds through life insurance and other investment-related insurance products or relationships:
• Assigning policies and payments to third parties, especially through policies (such as secondhand endowment and bearer insurance policies) that allow the policyholder to change the beneficiary before maturity or surrender without the knowledge or consent of the insurer;
• Borrowing against the cash surrender value of permanent life insurance policies or using a policy as collateral to purchase other financial instruments;
• Selling units in investment-linked products, such as annuities;
• Buying products with insurance termination features without concern for the product’s investment performance; and
• Establishing fictitious insurance or reinsurance companies or intermediaries in order to place or move illicit proceeds without revealing the true source of funds.
In addition to these vulnerabilities, the insurance sector is also vulnerable to abuse from other types of economic crime, particularly orchestrated fraud. Moreover, even where insurance products or relationships are not directly abused to launder money or perform other illicit transactions, insurance may be purchased by illicit actors to provide an appearance of legitimacy to the underlying, insured activities. As per Article 11.2 of the AML-CFT Decision, LFIs must consider the customer and the beneficiary of life insurance and family Takaful policies as risk factors when determining the applicability of enhanced due diligence procedures (EDD).
The remainder of this section presents additional examples of key ML/FT risk factors relevant to the insurance sector for life insurance and other investment-related insurance products, organized by risks related to insurance products, services and transactions, distribution channels and intermediaries, customers, and geographies. These should be considered by insurance sector operators when performing their financial crimes risk assessments (see section 3.1) and determining the risks presented by specific customers or business activities. Individual risks may be heightened in view of the UAE’s national and regional circumstances and the composition of the local insurance sector. Where a risk factor is coupled with one or more of the red flag indicators provided in Annex 1 of this Guidance, insurance sector operators should consider assigning additional resources or controls to the area of heightened risk, such as by applying enhanced due diligence (“EDD”) or heightened ongoing monitoring.
Insurance operators are expected to perform and document an enterprise ML/FT risk assessment and keep the risk assessment up to date given material changes to their risk profile or legal, regulatory, or supervisory environment. Additional details on the enterprise risk assessment process and the use of risk assessment findings to support a risk-based approach are provided in section 3.1.
2.2.1. Product Risk Factors
Product risk is assessed by identifying how vulnerable a product is to money laundering and terrorist financing based on the product’s design. Product risk should be assessed periodically and when significant changes are made to product offerings, including the development of new products, services, or technologies. Product risk is a significant factor in identifying unusual activity.
The following table describes attributes used to assess the vulnerability of product offerings and provides lower-and higher-risk examples of each.
Attribute Lower-risk example Higher-risk example Ability to hold funds or transact large sums Product design that does not hold a balance or cannot be withdrawn against, such as group benefits Product design that allows funds to be held on behalf of the customer; high-value or unlimited-value premium payments, overpayments, or large volumes of lower-value payments Customer anonymity or third-party transactions Product design that only allows transactions from customers with identification, or where all funds flow back to the customer Product design that allows deposits and payments by third parties or that provides for non-face-to-face transactions (e.g., mobile apps where payment source is unknown) Liquidity Product design that does not permit withdrawals or includes significant fees or other penalties for early withdrawals Product design that has no (or no significant) fees or other penalties for early withdrawal Time horizon Products that are typically held for a long period of time, such as years, until retirement or death Products that are typically held for a shorter time period Purpose or intended use of the product Product design makes it easy to identify if products are not being used as intended Product design makes it difficult to identify if products are not being used as intended 2.2.2. Service and Transaction Risk Factors
Service and transaction risk can be assessed by identifying how vulnerable a product is to use by a third party or unintended use based on the methods of transaction available. Service and transaction risk is influenced by product design. Understanding potential service and transaction risks in the business is a significant factor in recognizing unusual activity at a customer level.
The following table describes attributes used to assess service and transaction risk and provides lower-and higher-risk examples of each.
Attribute Lower-risk example Higher-risk example Difficulty in tracing ownership of funds Preprinted checks, bill payments, and electronic funds transfer (EFT) payments with verified banking records Cash, bank drafts in bearer form, travelers checks, counter checks (where ownership information is handwritten or typed in a different font than the rest of the check), and potentially some digital currencies The customer is not the payer or recipient of the funds The funds are moved from or to another financial institution The third-party paying or receiving funds has not previously been disclosed Payment source or recipient is based outside of the country The recipient or payer is the policyholder and is in a low-risk country The recipient or payer is the policyholder and is in a higher-risk country or is a third party outside the country (making it more difficult to trade or confirm the source of funds) Number of transactions The low number of transactions or transaction frequency that is typical for the product A large number of transactions back and forth with the customer or third parties, especially where it exceeds typical usage for the product Transactional patterns Regular and expected customer account activity Significant, unexpected, and unexplained change in the customer’s typical activity, such as early surrenders or withdrawals where such service is offered 2.2.3. Distribution Channel and Intermediary Risk Factors
The distribution channel is the method a customer uses to open a new policy or account. The distribution channel risk is identified by assessing how vulnerable the channel is to money laundering or terrorist financing activities based on attributes that may make it easier to obscure customer identity.
The risk of failing to identify a customer correctly may be higher for distribution channels that use an intermediary or do not require face-to-face contact. Depending on the product, distribution channel risk may be mitigated by using distributors who are also subject to AML/CFT obligations or a pension scheme subscribed through the customer’s employer.
The following table describes attributes used to assess the vulnerability of distribution channels and provides lower- and higher-risk examples of each.
Attribute Lower-risk example Higher-risk example The distributor has AML/CFT obligations The distributor is overseen by a regulatory authority and subject to AML/CFT laws equivalent to or stronger than the insurer Distributor is not subject to AML/CFT requirements Payment to an insurer Customer pays the insurer directly from their account at a bank or securities dealer The customer pays the distributor, who then pays the insurer The direct relationship of customer to insurer Tied agents, brokers, and banking consultants; products distributed directly by insurers Non-face-to-face relationships6 with insurers or agents (e.g., trusts or insurance sold by telephone or online without adequate safeguards for confirmation of identity) 6 As discussed in section 3.3.1.5 below, relationships in which personal contact between an insurer or agent and the customer is achieved via video teleconference are not considered to be non-face-to-face relationships.
2.2.4. Customer Risk Factors
Customer-based risk factors are assessed to evaluate the level of vulnerability to ML/FT threats posed by customers based on their characteristics. Understanding the inherent risks enables an insurer, agent, or broker to identify appropriate mitigating controls and manage residual risks. Customer risk factors combined with business risk factors can be used as criteria for risk scoring to identify high-risk customers. Such risk factors include:
• Customer identity; • Third-party involvement; • Customer’s source of wealth or funds; • Customers who are politically exposed persons (“PEPs”), including the direct family members and close known associates of a PEP, and legal entities where at least one beneficial owner is a PEP; and • Known criminals, terrorists, or persons on sanctions lists.7
The following table describes attributes used to assess customer risks and provides lower- and higher-risk examples of each.
Attribute Lower-risk example Higher-risk example Identification Customer provides identification or can be identified using third-party sources. Customer has difficulty producing identification, or the authenticity of the identification provided is questionable Third-party relationships No third-party involvement Customer is controlled by a third party, or there are multiple indicators of third-party deposits or payments; customer is controlled by a gatekeeper (such as an accountant, lawyer, or other professional holding accounts or contracts at the insurer) without any interaction with the beneficial owner Customer’s legal form Customer is a living person or is a large, publicly-traded legal entity with clear ownership and control Customer is a legal entity with a complex structure where it is difficult to ascertain those who own or control the entity; policyholder and/or beneficiary are companies with nominee shareholders and/or shares in bearer form Occupation, business type, or another source of wealth or funds Customer’s business type or occupation is in a lower-risk industry Customer’s business or occupation is in a higher-risk industry (such as a cash-intensive business or an industry that has extensive international exposure or is associated with crime typologies) or is associated with a lower income for a high-value deposit without a confirmed source of funds or wealth (such as inheritance or real estate) Depth and duration of relationship with customer Customer has a long history with the insurer or its agents and additional information is on file (such as credit underwriting, insurance underwriting, customer due diligence, etc.) Customer is new to the insurer or insurer has little or no experience with the customer Customer only holds accounts with lower risk products and services Customer holds policies or accounts that are registered with the government, such as a registered retirement savings plan Customer only holds non-registered policies or accounts (e.g., investment or bank accounts with an affiliate) Political exposure Customer does not have any ties to politically exposed persons Customer is considered a politically exposed person, particularly from a foreign jurisdiction Other screening results Customer does not have negative news media or media confirms what is known about the customer (such as career confirmation or community engagement) Customer has ties to or is on a designated sanctions list; has a history of predicate offenses; or is associated with negative news 7 Please see section 3.5 below and also refer to the Executive Office’s “Typologies on the circumvention of Targeted Sanctions against Terrorism and the Proliferation of Weapons of Mass Destruction”: available at https://www.uaeiec.gov.ae/en-us/un-page?p=2#
2.2.5. Geographic Risk Factors
A customer’s geographic location or connections may indicate a higher risk for ML/FT activities. To mitigate risk, controls are recommended based on domestic and international geographic risk factors. Where available, data from internal insurer historical case experiences or government data based on crimes applicable to ML or predicate offenses can be used to inform the assessment of domestic geographical risk. Customer risk is higher among customers with connections outside the country, especially connections to higher-risk countries. According to the National Assessment of Inherent Money Laundering and Terrorist Financing Risks in the United Arab Emirates, the regions and jurisdictions most often involved in criminal activity in relation to the UAE were Pakistan, India, Iran, Bangladesh, China, Russia, South Africa, Nigeria, Somalia, Lebanon, Yemen, Syria, Iraq, Afghanistan, and North Africa. The following table describes attributes used to assess geographic risks and provides each's lower- and higher-risk examples.
Attribute Lower-risk example Higher-risk example Higher-crime regions Customer does not reside in a region with higher frequency and severity of crimes with ML risk, based on the insurer’s own risk assessment (utilizing historical case experiences or government data where appropriate) Customer resides in a region with high frequency and severity of crimes with ML risk, based on the insurer’s own risk assessment (utilizing historical case experiences or government data where appropriate) History high-risk activity or fraud Customer does not reside in a region that experiences a higher incidence of high-risk activity or fraud Customer resides in a region that experiences a higher incidence of high-risk activity or fraud Foreign tax or physical residency of customer Countries risk rated as low by the insurer Countries risk rated as high by the insurer Foreign ties or transactions Customer does not have any indicators of foreign residency or transactions outside of country Customer has requested or performed transactions with ties to high-risk countries, including especially those on the NAMLCFTC’s and FATF’s lists of high-risk jurisdictions subject to a call for action and jurisdictions under increased monitoring.