Request a Demo →
The Compliance Team’s Guide to Customer Onboarding - Part 1
The State of Financial Crime 2023
ComplyAdvantage Takes on Payment Fraud with New AI-powered Solution
The insurtech industry is rapidly expanding, with its market value projected to increase from $5.4 billion in 2022 to $152 billion by 2030. However, as cutting-edge technology reshapes traditional insurance models, insurtechs are also becoming prime targets for criminals eager to exploit digital systems.
In 2024, research revealed a concerning trend: artificial intelligence (AI) and digital tools are increasingly being used to alter or create fraudulent insurance claims.19 percent of surveyed claims handlers suspected up to one in four claims included fake supporting documents generated or manipulated with AI, and 94 percent believed at least 5 percent of claims they reviewed were fraudulent. Furthermore, 65 percent said they had witnessed an increase in fraudulent claims since 2021.
Understanding and mitigating these emerging risks is essential for insurtechs – not only for compliance but also for building brand reputation and customer trust. This guide outlines key risks, regulations, and best practices for insurtechs navigating the complex landscape of fraud, money laundering, and other financial crimes.
What is insurtech?
Insurtech refers to the innovative use of technology in the insurance industry to streamline processes, enhance customer experience, and improve operational efficiency. By leveraging digital tools, insurtechs aim to disrupt traditional insurance models, offering tailored products and services that cater to consumer’s needs.
What are the financial risks for insurtechs?
Insurtechs face several financial crime risks that can significantly impact their operations and reputation, including:
- Fraud: The potential for fraudulent claims, identity theft, and other deceptive practices is a critical risk for insurtechs, especially as they often rely on digital interfaces for customer interactions.
- Money laundering: Criminals seeking to launder money through insurance products can exploit insurtechs, necessitating stringent monitoring and compliance measures.
- Sanctions evasion: With the evolving global sanctions landscape, insurtechs must be vigilant to avoid inadvertently facilitating transactions with sanctioned entities.
Global regulations concerning insurtech
Insurtechs operate in a complex regulatory landscape, with various regulations impacting their operations across different jurisdictions. Key global regulations include:
- United States: In the US, insurtechs must comply with the Bank Secrecy Act (BSA), which mandates financial institutions (FIs) to establish anti-money laundering (AML) programs, report suspicious activities, and maintain records. Additionally, states may impose specific insurance regulations, requiring insurtechs to obtain licenses and comply with consumer protection laws.
- United Kingdom: The UK’s Financial Conduct Authority (FCA) oversees insurtechs and enforces compliance with the Money Laundering, Terrorist Financing, and Transfer of Funds (Information on the Payer) Regulations. Insurtechs must implement robust AML controls and conduct customer due diligence (CDD).
- European Union: The EU's Anti-Money Laundering Directives (AMLDs) require member states to establish AML regulations, impacting insurtechs across the region. Insurtechs must carry out CDD, monitor transactions, and report suspicious activity to ensure compliance with these directives.
- Singapore: The Monetary Authority of Singapore (MAS) regulates insurtechs under the Payment Services Act and the Financial Advisers Act. Insurtechs must comply with AML/CFT regulations, requiring enhanced due diligence (EDD) and regular risk assessments.
- Australia: The Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) regulate insurers in Australia. Insurtechs must adhere to the AML/CFT Act 2006 and follow the guidelines set by the Australian Transaction Reports and Analysis Center (AUSTRAC), which emphasize a risk-based approach to financial crime prevention.
- FATF recommendations: The Financial Action Task Force (FATF) sets international standards to combat money laundering and terrorist financing. Insurtechs must adhere to these guidelines, which promote a risk-based approach to AML/CFT obligations.
However, as any compliance professional in the sector will know, regulatory expectations are constantly evolving, meaning insurtechs need to stay nimble to remain compliant. For example, since 2021, the US National Association of Insurance Commissioners (NAIC) has worked closely with state insurance regulators to modernize insurance regulation in response to the growth of insurtech through initiatives like “Stay Ahead.” This effort aims to help state regulators keep pace with new technologies, such as artificial intelligence (AI) and predictive analytics, with a focus on cybersecurity, data privacy, and consumer protection. In 2023, NAIC introduced further updates, especially targeting the use of AI in underwriting, with heightened attention on AI ethics and bias mitigation in insurance products.
Insurtech Financial Crime Guide: Tackling Risk and Regulation
Written for compliance officers in the insurtech sector, this guide will help firms navigate these forces and enable them to continue growing sustainably, protecting their customers and reputation.
Download NowHow can insurtechs mitigate financial crime risks?
To effectively combat financial crime, insurtechs should implement a comprehensive program that includes the following steps:
- Onboarding – identity verification (IDV): Collecting, verifying, and securely storing sensitive personal data to confirm client identities is crucial. Advanced technologies, such as biometrics, can enhance this process.
- Onboarding – CDD/know your customer (KYC): Insurtechs must assess the inherent financial crime risks they face, moving beyond a blanket low-risk approach to incorporate broader enterprise risk frameworks.
- Onboarding – screening: This involves checking client information against sanctions lists, PEP data, and adverse media to identify potential risks early in the onboarding process.
- Fraud detection: Insurtechs should implement systems to detect and prevent fraud during applications and claims, ensuring that the identities of claimants and beneficiaries are verified.
- Transaction monitoring: Ongoing review of client transactions, such as premium payments and claims histories, is essential for identifying suspicious behavior.
- Ongoing screening: To maintain compliance, existing client names must be regularly updated and screened against current sanctions and PEP lists.
Challenges in implementing anti-fraud and AML solutions
Despite the importance of these measures, insurtechs face several challenges in implementing anti-fraud and AML solutions:
- Remote access: The online nature of many insurtech operations increases the risk of impersonation and fraudulent claims, making robust identity verification vital.
- Incomplete risk data: While relying on vendors for risk information is common, insurtechs must ensure they are obtaining comprehensive and accurate data to avoid coverage gaps.
- Time gaps: The rapid changes in sanctions lists can outpace many firms' internal processes, leaving them vulnerable to compliance breaches.
- False positives: Traditional rules-based systems often generate excessive false positives, leading to wasted resources and inefficient processes.
- Lack of flexibility and integration: Legacy systems may not interact seamlessly with new technologies, creating silos that hinder effective risk management.
4 Tips for insurtechs to choose the best anti-fincrime solutions
To effectively mitigate financial crime risks, insurtechs should consider the following best practices when selecting anti-financial crime solutions:
- Assess vendor capabilities: Look beyond superficial vendor claims about using AI and assess the specifics of what their solutions offer, and the value this has added for customers.
- Prioritize integration: Choose platforms that utilize APIs to ensure flexibility and seamless integration with existing systems, enabling a more comprehensive approach to financial crime prevention.
- Use real-time data: Opt for solutions that are capable of updating critical data sources like sanctions in minutes, not days, reducing the risk of compliance breaches due to outdated information.
- Evaluate user experience: Ensure the solutions are user-friendly for employees to facilitate smooth implementation and to help maximize productivity.
Advanced AML and fraud detection solutions for insurtechs
To effectively address the challenges posed by financial crime, insurtechs should leverage advanced solutions that can significantly enhance their capabilities. For instance, cloud computing technologies enable real-time risk data storage and access, improving the responsiveness of compliance processes. AI-driven platforms can help in onboarding, transaction monitoring, fraud detection, and screening, minimizing false positives and streamlining workflows.
By utilizing these technologies, insurtechs can enhance their ability to identify potential financial crimes and ensure compliance with evolving regulatory requirements. Furthermore, as the industry's demand for transparency and ethical practices rises, insurtechs can benefit from integrating sustainable finance principles into their risk management frameworks.