FATF GAFI. Risk-based Approach Guidance for the Life Insurance Sector
The risk-based approach (RBA) is central to the effective implementation of the FATF Recommendations. It means that supervisors, financial institutions, and intermediaries identify, assess, and understand the money laundering and terrorist financing (ML/TF) risks to which they are exposed, and implement the most appropriate mitigation measures. This approach enables them to focus their resources where the risks are higher.
The FATF RBA Guidance for the Life Insurance Sector aims to support the implementation of the RBA, taking into account national ML/TF risk assessments and AML/CFT legal and regulatory frameworks. It includes a general presentation of the RBA and provides specific guidance for life insurers and intermediaries, and for their supervisors. The guidance was developed in partnership with the private sector, to make sure it reflects expertise and good practices from within the industry.
The Guidance underlines some of the specificities of the life insurance sector, which need to be taken into consideration when applying a RBA. In particular, it highlights the nature and level of ML/TF risk of life insurance products, which is generally lower than that associated with other financial products, such as loans or payment products. Indicative risk ratings are provided for a set of life insurance products, as well as examples of products' inherent risk factors. The Guidance also looks at the involvement of intermediaries in the distribution of life insurance, and how it affects the split of AML/CFT responsibilities. It also insists on the need for life insurers to factor in their distribution network and channels when performing their ML/TF risk assessment.
The Guidance underlines that the development of the ML/TF risk assessment is a key starting point for the application of the RBA by life insurers and intermediaries. It should be commensurate with the nature, size and complexity of the business. This means that a simple risk assessment might be enough for smaller or less complex life insurers or intermediaries, and that where life insurers or intermediaries are part of a group, risk assessments should take into account group-wide risk appetite and framework.
The Guidance also recalls that the intensity and depth of risk mitigation measures including customer due diligence (CDD) checks depend on the ML/TF risks. The guidance emphasises in particular that the identity and status of parties to life insurance contracts, including the beneficiary and where relevant the beneficial owner(s), will determine the extent of the controls to be performed, in particular if/when a Politically Exposed Person (PEP) is involved. The Guidance also insists on the importance of life insurance entities' internal controls, whose structure and organisation depend on the ML/TF risks identified and for which, in any case, the "tone from the top" i.e. the involvement of senior management, plays a central role.
The Guidance clarifies that the obligation to report suspicious transactions is not riskbased, but applies regardless of the amount of the transactions. The action of reporting suspicious transactions does not discharge a life insurer or intermediary of their other AML/CFT obligations.
On AML/CFT supervision, the Guidance stresses the importance of the group level approach to mitigate ML/TF risks, including the development of group-wide assessment of ML/TF risks, and the sharing of relevant information between supervisors involved. It also highlights the relevance of allocating supervised entities which share similar characteristics and risk profiles into groupings (or clusters) for supervision purposes.