AML in Insurance: Identifying and Stopping Money Laundering

Anti-Money Laundering I Insurance Insights

February 14th, 2025

Ted Sausen, Subject Matter Expert, NICE Actimize AML Line of Business
AML in Insurance: Identifying and Stopping Money Laundering

Money laundering remains a pervasive global challenge, with its scale ever increasing.  Some estimates indicate that over 6 trillion dollars are laundered each year. Unfortunately, less than 2% of money being laundered is recovered. The amount of money laundering being identified and reported to appropriate authorities is higher. However, it is hard to determine what that percentage is, but it is likely a fraction of the 6 trillionaundered by the criminals.

The Role of Insurance in Money Laundering

At first glance, insurance companies may not seem like a common vehicle for money laundering. According to various sources, an estimated $80 billion to $100 billion is laundered annually through insurance, the vast majority through life insurance.

Why is insurance such a hot spot for money laundering? Unlike traditional financial institutions (FIs), insurance companies operate under a different structure. Insurance companies are established to protect the policy holder from financial loss due to, amongst other things, accidents, injury, or property damage. The key to insurance is that it is a contract between the policy holder and the insurance company, with it referred to as a policy and not an account as would be the case when opening a relationship with a bank to custody your funds. People are tied to the policies but typically the reference used is a policy number rather than a personal identifier such as a tax identification number.

Customer Due Diligence (CDD) is a regulatory requirement of money laundering regulations for insurance companies, just as it is in other regulated businesses; however, in the insurance industry, there are variances in how this data is captured, and potentially the completeness and quality of it. Many policies are sold by third parties, online, or even by third-party online systems. Insurance companies often use brokers to sell their policies. The brokers are not employees and are not directly responsible for complying with Bank Secrecy Act (BSA) regulations or identifying suspicious activities. However, it is the responsibility of the insurance company to implement a program and take ultimate responsibility for abiding by the regulations and filing SARs as necessary. The method of data collection may be different depending on the broker. I have had many policies in my lifetime – from umbrella policies to home, auto, life, personal property and others. I use a broker for all my insurance needs and have yet to meet anyone from the various companies that provided the policies to me. My broker collected all my required CDD information and then transferred it to my insurance companies.

Common Money Laundering Tactics in Insurance

Criminals use various tactics to launder money through insurance products, including:

  • Early Surrender – Life insurance is the number one product for accomplishing this. In the early 2000s, the US Customs Service found that $80 million of illicit funds from drugs were used to purchase life insurance policies and were cashed out early. Surrendering a policy early comes with penalties, but the remaining funds appear to be clean.
  • Overpayment – This occurs when criminals overpay their premium with illicit funds and then request refunds, for which insurers need to reimburse them. The money then appears as clean money originating from a legitimate source.
  • Refund of Premiums – Many insurance policies have what is known as a “cooling off” period. After a policy purchase, it is a timeframe in which a policyholder has an opportunity to further review their policy and determine that it is indeed meeting their objectives. During this period the policy can be cancelled without a fee and the funds need to be returned to the policy holder. This allows criminals to purchase policies with illicit funds and receive back what is perceived as clean money.
  • Ownership Changes – Life insurance policies can have the ownership transferred to another individual, say a family member or “business” associate, at which point the new owner can then draw funds or take out loans against the policy. Those funds appear to be clean and can even be paid back with additional illicit funds.
  • Secondary Market – Similar in nature to the above ownership changes, customers can choose to sell their life insurance to a third party who in turn could make the payment the originator using illicit funds.
  • Multiple Policies – To avoid detection of a small number of larger policies, multiple smaller policies are purchased. This is similar to mule activity in the banking industry. Rather than using large deposits which raise red flags, multiple smaller transactions occur which can go undetected.
  • Top-Ups – This is another practice used to avoid detection. A cheap policy can be purchased with a minimal premium payment, one which would not raise suspicion. Once the policy premium is made, additional funds can be added to supplement the original policy, increasing its value.
  • Third-Party Payments – A key typology of money laundering involves third-party payments. Policies can either be funded by a third party who is not the policy holder, or the policy holder can request refunds be credited to a third party. This combined with one of the other typologies such as a refund of an overpayment could be highly suspicious.

Strengthening AML Controls in Insurance

The insurance industry and its policies are often exploited for illicit activities. How can we put an end to this? It starts with having a solid AML program like FIs. Identify your risks and put measures in place to address them.

Assess the risk of your product(s). Different products carry different levels of risks.  If the policy can be funded with cash deposits, one can assume this is a much higher risk and should be treated accordingly. Cash is usually used in the placement phase of money laundering, getting money into the system. However, it does not mean non-cash payments are clean and free of risk. Criminals may still be layering transactions to obscure the source of funds. Third-party payments are another red flag. Are policies taken out by one individual while another person makes the payments? Consider policy size as well. Larger policies allow for greater amounts of illicit funds to be laundered. Surrender fees also matter—smaller penalties make it easier to cleanse a higher percentage of illicit funds with minimal loss. Finally, examine the product’s terms. Money launderers typically seek short-term options with quick access to funds, avoiding long-term investments with limited exit opportunities.

The Risk-Based Approach

Regulators globally have been encouraging firms to take a risk-based approach.  Applying a blanket approach to all customers, products, and services is an inefficient use of resources, as the risks can vary significantly.  A risk-based approach enables you to identify the areas in your business that pose the highest money laundering risk. By allocating the right resources to mitigate these risks, you can ensure regulatory compliance in the most cost-effective manner.   

Know Your Customer (KYC)

Understanding customers goes beyond collecting basic details like name, address, and ID number. Consider the following:

  • Is the customer a cash-intensive business that could mix illicit funds with legitimate income?
  • Are they located in a high-risk jurisdiction?
  • Do they have adverse media exposure or political connections?
  • Does their policy purchase align with their profile (e.g., a young delivery driver buying a high-value policy)?
  • Who are the beneficiaries on their accounts?

Identifying Customer Relationships

In addition to the customers themselves, try to identify their relationships. Key questions to ask:

  • Are they tied either through family or business dealings to anyone that poses a higher risk or has been involved in illicit behaviors? Build out their network.
  • Do they have multiple policies with different beneficiaries on each?
  • Are they a beneficiary of another policy owned by someone else?
  • Do they share an address with other policyholders?

Understanding their network is very important to identifying hidden risk.

Geographical Threats

Geographical threat plays an important role as well. Considerations include:

  • Is the customer from a high-risk jurisdiction, and Location plays a critical role in risk assessment:
  • Is the customer from a high-risk jurisdiction? Does their business activity make sense in relation to your organization?
  • Is the jurisdiction known for illicit activities like human trafficking or drug trade?
  • Are the policy beneficiaries located in high-risk regions?

It is also essential to understand the jurisdictional requirements in which your organization is operating. A solid program has minimum standards for which the whole organization globally must comply, with additional jurisdictional requirements as needed.

Continuous Monitoring

Ongoing monitoring is essential. As mentioned above, identify the risks of the product, customer, geography, and transactional activity. Monitor them appropriately according to their risk. Periodically review the higher risk customers for changes in their activity, transactions, circumstances, etc. When looking at all the variables, the implementation of technology is a must. This cannot be accomplished by adding extra staff. Technology solutions can look for these types of threats and can be configured to the specific needs of any organization.

Technology Integration

There are several considerations when it comes to managing and mitigating money laundering risk, as well as a need to constantly understand and implement changing regulatory requirements. This can be extremely resource intensive and if not managed well, can significantly increase the cost of compliance. That is why technology modernization plays an increasingly important role in every insurance company compliance function. AI-driven solutions can streamline much of the compliance process, from automating data collection, validation, and enrichment through to advanced analytics which can assess the available data, including payment information to detect suspicious activity, even subtle anomalies which would otherwise be missed by manual reviews or older rules-based systems. AI-driven solutions which are mapped with the right data and optimized can significantly improve efficiency and effectiveness. These solutions reduce inefficiencies and noise, while allowing you to target suspicious policy holders and activity, with speed and precision. Technology also ensures you can scale and adapt with ease, so that you don’t need to worry about the cost and resources associated with addressing a new regulatory expectation or major business event.

Training and Awareness

Lastly, train your staff. Front line workers should be aware of any suspicious activities that occur with their customer interactions, whether it is on the phone, in person, or via electronic correspondence. It is also necessary to train your investigators reviewing the outputs of your technology solution. Provide a methodology for what they should be looking at while they investigate the situation. The stronger the investigation procedures, the more standardized your investigations will be. Reporting is critically important as this is the outcome of the entire compliance process. This cannot be done in a vacuum and by submitting your suspicions, you are not only complying with regulations, but you are also helping law enforcement in their investigations as they will have access to the bigger picture. Again, technology can help with this process, automating the creation, narrative, and submission of suspicious activity reports.

Strengthening Defenses Against Money Laundering in Insurance

Running an effective and compliant program is just as important for insurance companies as it is for any other regulated business. Getting it wrong is not an option.  With criminals continually probing and exploiting gaps in compliance programs, strong defenses must be in place to prevent exploitation. By understanding risks, mapping these risks to money laundering typologies and implementing the right technology and controls – insurance companies can strengthen their AML controls and prevent criminals utilizing their organizations to launder illicit funds. 

Ready to learn more? Schedule a demo today.

ESG Risk Management: Integrating AML with Environmental Social Governance

Anti-Money Laundering
February 19th, 2025
Francisco 'Paco' Mainez, Professional Services, Principal Business Consultant, NICE Actimize & Rahul Kadu, Senior Specialist Business Consultant, NICE Actimize

Improving Financial Investigations: Essential Strategies for Success

Anti-Money Laundering
February 7th, 2025
Adam McLaughlin, Global Head of Financial Crime Strategy & Marketing, AML

NICE Actimize Recognized as RiskTech Leader in Chartis 2024 AML Transaction Monitoring Report

Anti-Money Laundering
January 6th, 2025
Cindy Morgan-Olson, Head of Global PR and Analyst Relations

AML Predictions: Information Sharing, Increased Sanctions and Regulatory Landscape Prioritized for 2025

Anti-Money Laundering
January 3rd, 2025
Adam McLaughlin, Global Head of Financial Crime Strategy & Marketing, AML
Speak to an Expert
Speak to an Expers

Thank you for your interest

A NICE representative will be in touch with you shortly

Get in Touch