AML compliance checks in the insurance industry

Automating AML and KYC compliance checks in the insurance industry would help drive operational efficiency and better customer experiences - challenges the industry needs to address according to a report issued by Deloitte earlier this year.

Earlier this year, Deloitte published its annual insurance industry outlook. Among the predictions for the sector included, unsurprisingly, an increased focus on digitisation. The report also highlighted various challenges within the industry, including sustainability concerns, financial inclusion, and rapidly evolving consumer product and purchase preferences. Other concerns focussed on issues such as stakeholder trust and improving customer experience while driving efficiency.

But, insurance firms are particularly at risk of fraud – especially those dealing with high-value life insurance policies - and they can be a target for money laundering too.

Products such as single premium policies – which allow a large amount of money to be paid out in a single transaction – are open to exploitation. Fraudsters also take advantage of being able to top-up policy payments to offload illegal funds and transfer ownership of life insurance policies, as well as selling off policies to third-parties.

A risky business?

Back in 2021, the Global Federation of Insurance Associations (GFIA) published a report suggesting the industry should restrict any measures aimed at fighting money laundering (ML) and terrorist financing (TF) to the life insurance business, describing it as “the only one with some, albeit low, exposure to ML/TF risks”. 

The federation’s view was that “applying anti-money laundering (AML) and counter-terrorist financing (CTF) rules to general insurance would divert resources and attention away from other higher risk areas and place a significant compliance burden on insurers for low- or no-risk harms.” The report adds, the EU’s own risk assessment states that “non-life insurance is not used for money laundering purposes, as it requires a degree of planning and expertise that make it relatively unattractive.”

Banks, credit unions, and insurance companies are nonetheless regulated by the Financial Conduct Authority (FCA) and the Bank of England’s Prudential Regulation Authority (PRA). Back in 2020, the UK updated its AML regulations requiring firms to include new high-risk factors when conducting customer due diligence. These high-risk factors included situations where a customer is the beneficiary of a life insurance policy. 

Currently, mortgage brokers, general insurers, and general insurance brokers in the UK are not subject to the FCA’s AML rules and money laundering regulations. But they are still subject to the Proceeds of Crime Act 2002 and are duty-bound to report suspicious activity, risking financial penalties if they fail to do so. As a result, many insurance brokers choose to implement controls similar to those adopted by firms who are subject to ML regulations and the FCA’s AML rules. This is a wise choice as, since 2009, the FCA says it has taken enforcement action against four wholesale insurance intermediaries for failure to adequately manage corruption risk.

Automated AML checks

Regardless of the regulation, AML and CTF checks matter, and insurance fraud is on the rise. According to PwC’s Global Economic Crime and Fraud Survey, 62% of global insurers were exposed to fraud or financial crime in 2018, compared with 37% and 35% in previous years. In the survey, the most common offence was consumer fraud, but other respondents who were canvassed reported exposure to a wide range of financial crime threats, including asset misappropriation, business misconduct, cybercrime, bribery and corruption, and money laundering.

Insurance firms need to carry out strict know your customer (KYC) and AML checks to combat growing risks, but there are drawbacks to using traditional methods for KYC activity.

Traditionally, insurance providers would ask new customers to fill in paper forms and submit documentation for proof of identity and address. This documentation would then be analysed manually before a decision was made about onboarding the customer. These kinds of manual KYC tasks are time-consuming and prone to human error, not to mention being annoying for the customer. Poor or disparate record keeping can also cause challenges when it comes to ongoing monitoring.

Given Deloitte, as mentioned, highlighted the importance of efficient and improved customer experience across the industry, automating KYC and AML compliance processes seems a sensible place to start.

A digital approach also supports risk monitoring, which needs to be performed on an ongoing basis. Firms need to run and re-run KYC, AML, and other checks on their customers at regular intervals to manage risk and maintain regulatory compliance. This too is time-consuming using any method other than automated execution of the checks.

And, given insurers need to demonstrate to regulators they have robust compliance practices in place and provide evidence of that, such as showing alerts and actions taken in response, automating KYC tasks means firms have access to reports and sources of data related to share with stakeholders, auditors, and regulators. Insurers don’t have to rely on paper records for risk management and due diligence, and they can reduce human error and customer dissatisfaction in the compliance process. 

Automating KYC processes frees insurance firms, their financial crime, and compliance teams to focus on potential fraud cases, emerging risks, and adding value to customers.


Despite the apparent regulatory gaps in the insurance industry, good KYC is essential and should invite best practice. Those in the insurance industry who aren’t automating AML checks, and keeping up regular monitoring are putting themselves at risk and are missing opportunities for operational efficiency and delivering better customer experiences. Digitization of compliance processes, integrated with automated access to leading data sources provides a streamlined way of managing risk and compliance throughout the customer lifecycle.

Get in touch

PassFort Lifecycle allows you to automate a series of AML and KYC checks, helping you manage compliance and mitigate AML and fraud risk across your business. We enable you to make customer onboarding smoother and ongoing risk monitoring easier. PassFort also supports perpetual KYC for risk monitoring of corporate or individual customers in any jurisdiction.

Please get in touch to discuss automating your AML compliance processes - we’d love to help.