Tag Archives: kyc

Can Insurers Stop Financial Crimes? Yes

What makes it difficult to detect and prevent fraud within an insurance firm is also what might make fraud attractive to criminals: The low number of transactions in insurance provide few tracks for tracing financial crimes. Outside of premium payments and claim submissions, insurance customers engage in relatively few transactions (compared with banking customers) from which companies can build and test anti-money laundering models on their own. And, while insurance is a heavily regulated industry, it has been relatively ignored when it comes to its anti-money laundering practices in comparison with the attention regulators give to financial institutions. For these reasons, some fear that an annuity account, for example, might be just the place a nefarious character would park funds as part of a larger money laundering scheme.

The Next Focus for Regulators

Immediately following the financial crisis of 2008, regulators were laser-focused on big banks’ policies and procedures for deterring financial crimes. Those that didn’t comply with the U.S. Patriot Act and Bank Secrecy Act were hit with hefty fines. No wonder: It is estimated that almost 70% of illicit finance flows through legitimate financial institutions, while less than 1% of global trade is seized and frozen. Regulators are now turning their attention to non-traditional banks like Western Union (which expects to pay compliance-related charges of up to 4% of its revenue in 2017) and PayPal (which in 2015 agreed to pay $7.7 million to the Treasury Department’s Office of Foreign Assets Control for sanctions violations). Insurance companies feel they are the next industry to receive the attention of examiners and are acting to comply with know your customer (KYC) and anti-money laundering (AML) rules.

At stake for insurers is not just large penalties if a regulatory agency feels that anti-money laundering policies don’t meet expectations. Risk to reputation is of top concern to insurers, which understand that it takes only nanoseconds for customers to find an alternative carrier or for investors to learn on social media that their institution was used in organized crime or, worse yet, funding for terrorist activities. A regulator’s ability to directly affect an insurer’s bottom line is also a major threat. A regulator could, for example, hamper the insurer’s expansion efforts, preventing it from entering a market or from acquiring a business because it lacks the right safety controls.

See also: Cognitive Computing: Taming Big Data  

How Insurers Can Mitigate Money-Laundering Activities

To avoid this, I recommend to my clients that they focus on evaluating the entire AML and KYC function across the enterprise, cleaning and enriching the data that firms already have and bolstering AML efforts with outside expertise.

Clean and Enrich Your Data

The availability of high-quality data that is meaningful and predictive lays the foundation for an effective financial crimes prevention strategy. This critical first step is often overlooked and no easy feat for the typical insurance carrier that operates in silos and segregates information within different systems and lines of business.

Before investing in new tools and technology, partner with data remediation experts to assess the quality, completeness and predictive power of the customer profile data and fill in missing data to ensure that KYC and AML systems work effectively.

Establish a Consistent, Enterprise-Level Customer Onboarding, KYC and AML Process

Regardless of the many products and channels your insurance company offers, you need to establish a single, consistent process for monitoring, evaluating and onboarding customers.

Many insurance companies bring in an IT partner to assess their AML and KYC policies and procedures, as well as how technology can be leveraged to improve effectiveness. The right partner will help you define an onboarding strategy with a strong customer experience component and establish the roles and responsibilities for different lines of defense. This includes the agents who capture the customer information and onboarding; the financial crimes unit that monitors transactions and customer behavior; and the internal audit group, which ensures all policies and procedures are followed and measures their effectiveness at preventing financial crimes.

In addition, with clean data and an enterprise-level AML process, you’re ready to customize off-the-shelf generic AML models with observed client performance, data from public sources and third-party data feeds for the industry.

Look Outside Your Industry for AML Expertise

Insurers can learn a lot from compliance experts in other industries, such as banking, law enforcement and the public sector. Your recruitment efforts should focus on building financial crime teams with people from these sectors.

Find opportunities to share stories and best practices with compliance professionals outside your industry. Attend conferences focused on financial crime and regulation where the attendee list includes both banks and insurance firms.

See also: Big Data? How About Quality Data?  

Insurers whose AML strategy is built on meaningful and predictive customer data and that create a culture of compliance that permeates all areas of the company, will succeed at strengthening their mandated AML/KYC functions. While these changes can’t happen overnight, by pulling in expertise from outside the industry insurance companies can make great strides toward protecting their assets from fraudulent activities.

Blockchain: Basis for Tomorrow

Could a blockchain platform deliver new markets, more agile products and large-scale cost efficiencies across the industry?

Commentators have identified the insurance industry as an ideal candidate for transformation by blockchain technology. Many blockchain Insurtech pilots are exploring alternatives for processes in the insurance value chain such as know your customer (KYC) and claims. But few have seriously explored the more fundamental potential of blockchain for the insurance industry and considered how it could improve a substantial part of the value chain by removing rework and driving efficiencies, thus transforming the industry, including its operating model and cost structures and thereby opening up new market segments.

Insurers Are Struggling with Digital

Growing digital channels and transforming insurance organizations are hampered by:

  • Complicated products. Clients struggle to understand product features while the ticket sizes and commitment durations are often intimidating. Products increasingly fail to meet client expectations and don’t suit new digital distribution channels.
  • Legacy systems. Monolithic systems obstruct personalization and require long product development cycles. Straight-through processing remains the exception, not the norm.
  • Limited customer service options. Insurers dictate which channels clients use for service while the omni-channel experience remains a dream and far from reality.
  • Limited digital options for customers. Digital support is sporadic across the customer journey.

This means Asian insurers struggle to find a model to cost-effectively expand their reach into Asia’s emerging middle class while a growing millennially minded, digitally savvy demographic in mature markets is underserved.

See also: Why Blockchain Matters to Insurers  

Properties of a Blockchain

Blockchain implementations have three fundamental qualities:

  • Trust. All parties know their view of the current state is true and devoid of fraud.
  • Transparency. Participants can be confident all counterparties have the same information.
  • Immutable. The content of the transactions that delivered the current state can never be changed. The code encased in a smart contract will endure for the transaction’s lifecycle.

To understand this potential, let’s decompose the blockchain and understand the technology properties it brings to solving business problems.

  • Database. First and foremost, a blockchain is a distributed database, with each node maintaining its own copy with the confidence that its version is identical to the other parties’ and safe in the knowledge that no one can change the history of transactions that have created the current state.
  • Codified services. Smart contracts enable code to be executed at various points in the lifecycle of a contract. The executable byte code is enshrined in the contract. The code reacts to the changes in state by executing each time the variables in the contract are updated.
  • Middleware. Contracts are replicated to all nodes on the network. Nodes can monitor the network and react to changes in the state of contracts. It’s publish-and-subscribe.
  • Business process management. These properties create a perfect environment for BPM. Changes in the state of contracts can orchestrate a workflow described in the contract’s code. This enables the execution of complex processes where different parties (such as insurers and distributors) perform roles and execute a process.

Contracts stored on a blockchain cannot be changed. Once a contract is mined into a block, it is cast in stone. In blockchains like Ethereum, the code can never be changed but the variables can be updated, creating a new state and storing a new version of the contract. As each new version is propagated to the other nodes on the chain, the code will execute and react to the changes in state. This is perfect for updating contracts over the lifecycle of an insurance policy.

For example, on each anniversary of a policy there are payments and renewals to be processed and commissions to be paid. The logic for this would be encoded in the policy at its outset. The rules would reflect the terms and conditions of the policy itself, the commission agreements for distributors and the processes of the insurer. All of this would be encoded in a smart contract representing the policy. Claims would be separate contracts, emitted by the policy and coded to follow their own lifecycle as they are assessed and paid.

Integrating Industry Participants

Blockchain is an ideal distributed platform for connecting participants in an industry that includes distributors, insurers and reinsurers. Like any industry with multiple participants, each party currently maintains its own version of data. At various points in the life cycle, these different perspectives need to be reconciled. This could be commission payments to a distributor or claims against a reinsurance agreement from the insurer to the reinsurer.

A shared database means all of the participants are looking at the same single source. All the relevant participants know the current state of a policy or a claim.

Many benefits are enabled by a trusted shared platform.

  1. There is a single source of truth. Parties to a policy (distributors, insurers and reinsurers) are accessing a single source of information. This has the potential to deliver a true omni-channel experience.
  2. The distributor could use a contract to request quotations from insurers on behalf of a client.
  3. The terms, conditions and premiums for a policy, once agreed, are permanently encoded in a smart contract.
  4. Names, addresses and contact details of the policy owner, the life insured and beneficiaries could be stored in client contracts so that all parties to the policies have up-to-date information.
  5. Payments could be made by clients using tokens or be performed using traditional channels and tracked using oracles and contracts.
  6. Documents relating to the policy, KYC and claims would be stored off-chain and shared in a parallel environment, with the blockchain used to share their provenance, locations and authenticity.
  7. Reinsurers could be participants using contracts documenting reinsurance relationships. If an insurer has an agreement to cover a percentage of all policies written for a product, this could be executed automatically when a policy is underwritten.
  8. Claim contracts would be linked to policies and any impact on reinsurance contracts would be instantaneous.
  9. The model can be expanded to other participants. Providers of health services could access coverage limits and submit claims on behalf of clients.

Improving Business Agility

Existing policy administration systems are cumbersome because their code base must support multiple generations of products. A policy administration system for life insurance, for example, needs to be capable of processing everything from term life to universal life, disability, health and every conceivable rider. Its commission system has to support every possible structure, including those that may have only been used for one or two products.

This ever-expanding code base is costly to maintain and slows product development. Changes to accommodate new products need to consider this vast array of legacy to ensure nothing is broken when they are introduced.

The policy contract on a blockchain would have its own heartbeat. Its code and business rules remain with it for its life. This may be a matter of days for travel insurance or an entire lifetime for a term life policy. But the code and business rules enshrined in the contract need only support that policy. It is self-contained, and it doesn’t have to include all of the options for every other product ever produced.

This simplifies the code base. We no longer need a monolithic application to support all products and commission structures but smaller programs each supporting individual policies.

This is the key to product and service innovation enabling experimentation with new designs. This will be important in new distribution channels, partnerships and reaching specific client segments with targeted offerings.

See also: What Blockchain Means for Analytics  

Keys to Success

To realize this vision of an industry platform on a blockchain, a successful solution would need these features:

  • Enterprise scale. It would need to be capable of processing the volume of insurance transactions in a jurisdiction.
  • Credentials. Access must be limited to properly qualified industry participants. With participants filling different roles (distributors, insurers, reinsurers, etc.), a system of credentials is required to govern the permissions of participants.
  • Encryption. Blockchains are typically public. People often confuse the cryptographic structure of a blockchain with encryption of its data. The state of a contract can be seen by all participants in a basic blockchain, whereas policies and insurance transactions need to be confidential. Any solution needs a method for encrypting individual contracts.
  • Open APIs. There must be a set of services defined and implemented enabling each node to interact with the participant’s own or third party systems.


A blockchain-based industry-wide platform will be the catalyst for entirely new paradigms for selling and administering insurance. The shared platform offers cost-effective adoption of new technologies giving access to new generations and segments of consumers.

As business models of existing and new players within the industry flex and evolve, their integration via the platform will deliver a seamless, rewarding client experience. And blockchain technology will uphold the secure, trusted and reliable qualities that are so critical for insurance brands.