The sanctions landscape is complicated for financial firms, to say the least. As we have explored in previous posts, firms have no room for error when it comes to reviewing their books for potential sanctions risk, or broader financial crime exposure. But for insurers, the risk is potentially harder to identify and mitigate. Recent penalties1 and the evolving sanctions regime highlight the potential dangers for insurers and what can happen if controls are weak or lacking.2 

This post will highlight some of the key challenges and pain points in identifying and mitigating financial crime risk in insurance, with a focus on sanctions risk, and point towards key solutions for improving processes, reducing costs, and protecting your insurance firm and clients from financial crime activity.  

Financial Crime (FC) definition and risks to insurers

FC is broadly defined as criminal conduct relating to money, financial services or markets involving fraud, market misconduct including bribery, handing the proceeds of crime or terrorist financing.3 For this series, we will continue our focus on sanctions, but our identified pain points and potential solutions can be applied to other FC risks as well. Financial institutions have historically borne the brunt of regulatory fines and transformation costs for failures in FC controls, resulting in over $36 billion in fines globally for non-compliance with Anti-money Laundering (AML), Know Your Customer (KYC) and sanctions rules since the financial crisis.4 In 2019 alone, penalties for sanctions violations represented 40 percent of the total regulatory fines levied against global firms.5   

Except for a series of fines against several large insurance brokers in the late 2000s and early 2010s, for failing to have adequate systems and controls to prevent bribery and corruption, firms involved in the insurance sector have largely managed to avoid penalties imposed on the banking sector. This is primarily due to their mix of lower risk products and the intermediated nature of insurance business models and, as a result, KYC processes for many covered parties. 

Insurers and brokers should have robust KYC and third-party vendor management processes that can identify FC risks at onboarding or during customer lifecycle management

There are key areas where firms may be more vulnerable to failings, such as broker-based customer introductions and treaty reinsurance. In particular, insurers and reinsurers are at greater risk due to the lack of direct contact with, or indeed knowledge of, the customers involved, and a reliance on the due diligence controls of third parties. However, the increasingly complex sanctions landscape threatens to open insurers and brokers to more regulatory scrutiny of controls, and potential penalties for identified failings. Insurers and brokers that fail to stay proactive in identifying sanctions targets on their books can still face millions in fines and even more severe reputational damage.   

To avoid regulatory and reputational risk, insurers and brokers should have robust KYC and third-party vendor management processes that can identify FC risks at onboarding or during customer lifecycle management. In this regard, insurers and brokers face similar process pain points in both identifying and mitigating/removing risks within their customer base, including:  

  • Process and data pain points: Onboarding and customer lifecycle management processes can vary widely between brokers introducing new customers to insurance markets. This process variance creates data variance—both content and structure—which is then passed to insurers. This reduces the ability to automate certain processes or steps, increasing inefficiency, increasing time to onboard or manage clients and reducing effectiveness of sanctions screening processes and other FC controls.  
  • Manual tooling: Insurers and the brokers they work with often rely on manual screening of newly onboarded customers, with minimal continual screening of customer bases for potential risk. This presents an acute risk in treaty reinsurance, when the underlying customers covered may not be fully known until after a policy is issued. 
  • Risk from third parties: In many cases, insurers and brokers rely on third parties, whether offshore branches or separate, local brokers, to bring in new customers. This creates reliance on the due diligence processes of the third party, but also creates potential bribery and corruption risks if inappropriate commissions are tied to new customers. Screening for these risks, especially using current adverse media tooling, is often difficult or ineffective.  

So, from an FC perspective, insurance can be seen as a lower-risk, but not no-risk, business. Insurers and brokers should still protect themselves and their customers with a focus on process improvement, use of tech to more effectively screen for and identify risk, and to effectively use vendors to complete KYC checks. Getting these processes wrong can expose the business to both regulatory fines and reputational damage in a market already being breached by more-nimble InsurTechs that are focused on building customer trust.  

In our next post we will discuss how insurers and brokers can effectively implement some, or all, of the above action steps as our focus on insurers continues.  If you have any questions on the topic, please reach out to one of the authors.  


  1. Atradius Trade Credit Insurance settles US sanctions violations,” S&P Global Market Intelligence, August 19, 2019. Access at: 
  2. “U.S. to warn shippers against storing Iranian oil: State Department official,” Reuters, March 9, 2020. Access at: 
  3. “Financial Crime Guide: A firm’s guide to countering financial crime risks (FCG),” Financial Conduct Authority, July 2020. Access at: 
  4. “AML, KYC & Sanctions Fines for Global Financial Institutions Top $36 Billion Since Financial Crisis,” Fenergo, January 29, 2020. Access at:$36-billion-since-financial-crisis.html. 
  5. Ibid. 

Submit a Comment

Your email address will not be published.