All images are of AAR staff and partners
Allens Arthur Robinson
Anti-money-laundering homeOverviewIndustriesAllens on AMLLinksNewsAsia Pacific
Home »  Industries »  
Print Version
Or use advanced search
Introduction
Accountants
Financial service providers
Gambling service providers
Insurance
Lawyers
Dealers in precious metals & stones
Real estate agents
 Feedback
 Contacts


Industries: Insurance 

The Federal Government appears to have accepted the insurance industry's argument that the risk of money laundering in general insurance is low, and has restricted the ambit of the AML/CTF Act to those life policies with an investment component. Some general insurers, however, may still be caught under the new Act.

Insurance: vulnerability to money laundering

The Financial Action Task Force (FATF) addressed the vulnerability of the insurance sector to money laundering in its 2004-2005 report, Money Laundering & Terrorist Financing Typologies 2004-2005. In that report, FATF expressed concern that the increasing growth and sophistication of the insurance industry globally has not been accompanied by an industry awareness or acknowledgment that insurance products are attractive to money launderers.

FATF said that, while life insurance appears to be the most attractive type of insurance for money launderers, it is clear that general insurance and reinsurance are not immune from this abuse. The FATF report considered that insurance intermediaries also often play a large part in the money laundering process and are generally under-regulated as a group. See AAR Focus: Insurance & Reinsurance - September 2005.

To toptop of page

The Anti-Money Laundering and Counter-Terrorism Financing Act 2006

The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (the Act) came into effect in December 2006. The Act will have a significant impact on the way insurers interact with each other, and their customers and intermediaries.

The Act will be supplemented by Regulations (mainly technical in nature), Rules (which will contain the practical, operational detail of the AML/CTF regime and have legislative force), and Guidelines (which will not be legally binding and which are intended to assist 'reporting entities' (see below) to interpret their obligations and are anticipated in time to represent a 'best practice' approach for reporting entities).

Who is affected?

Generally, the Act imposes AML/CTF obligations on a wide range of financial service providers (known as reporting entities), including those in the banking, life insurance, managed funds and superannuation sectors, which provide one or more specific types of services (known as designated services). Section 6 of the Act sets out a comprehensive list of 70 types of designated services.

In the consultation period prior to the introduction of the Act, the insurance sector had lobbied that only life insurance with an investment component should be captured under the Act1. The Government appears to have accepted this argument and restricted designated services directly applicable to the insurance sector to those designated services2 that are:

  • issuing or undertaking liability, as an insurer, under a life policy or sinking fund policy. The holder of the policy is the customer of the service;
  • accepting a premium, as the insurer, under a life policy or sinking fund policy. The holder of the policy is the customer of the service; and
  • making a payment to a person, as the insurer, under a life policy or sinking fund policy. The recipient of the payment is the customer of the service.

The Explanatory Memorandum released with the Act indicates that, in all of the above, the designated service includes services provided by insurance intermediaries such as agents and brokers.

The definition of life policy in the Act follows the definition in subsection 9(1) of the Life Insurance Act 1995 (Cth) but is restricted in that it does not include policies:

  • where there is no prescribed minimum surrender value; or
  • which are regular premium policies with premiums not more than $1500 per annum3; or
  • which are single premium policies where the premium is not more than $30004; or
  • which are contracts of consumer credit insurance (CCI).

This restricted definition has generally been welcomed by the insurance industry, but some problems have been identified. These include:

  • whether life policies not otherwise caught by the Act, which have 'cash back' features5, are caught by the definition. The Federal Government has said that this will be the case if such policies have a minimum surrender value and are not otherwise excluded under the Act; and
  • which reporting entity is classified as the designated service provider, in circumstances where one reporting entity is the issuer of the insurance product but another (and sometimes more than one) reporting entity undertakes the liability of the insured by underwriting the product.

General insurers are not targeted under the Act but may be reporting entities if they provide any of the other designated services listed in the legislation. Designated services potentially provided by general insurers include:

  • making loans in the course of carrying on a business of making loans6;
  • issuing or selling securities or derivatives in the course of a business of issuing or selling securities and derivatives (and the issue does not consist of the issue by a company of securities or options to buy securities issued by the company);
  • acquiring or disposing of securities, derivatives or foreign exchange contracts on behalf of another where the acquisition or disposal is in the course of carrying on a business of acquiring/disposing of securities in the capacity of an agent;
  • accepting payments, contributions and rollovers by super funds, approved deposit funds and retirement savings accounts;
  • providing a custodial or depository service7;
  • providing a designated remittance arrangement;

The Act defines a 'designated remittance arrangement' broadly so that any entity, other than those excluded by the Act or the AML/CTF Rules, who accepts money or property from one party to transfer to another will provide a designated remittance arrangement.

Many CCI products contain a life insurance component. A general insurer may accept premium payments from a client in respect of the life component of the CCI policy to be transferred to the CCI provider. Such an arrangement fits the definition of 'designated remittance arrangement'. Industry has argued that such an arrangement, when a general insurer acts as an intermediary between the client and the CCI provider in respect of the life insurance component, should be excluded as a designated service; and

  • in the capacity of a holder of an Australian financial services licence, making arrangements for a person to receive a designated service (a licensee arranger).

As a practical matter, those insurers that are likely to become reporting entities may consider it a useful exercise to identify (before 13 December 2007, when the customer identification requirements come into force) and maintain a record of those customers to whom they currently provide (or have provided in the past) a service that is a designated service. This will ensure that these customers are recorded as being existing customers and, as such, will not need to undergo an applicable customer identification procedure should they receive a designated service after 13 December 2007, unless a suspicious matter reporting obligation arises or as part of ongoing due diligence requirements.

The person8 providing the designated service will be a reporting entity only if the service is provided:

  • at, or through, a permanent establishment (that includes where the person is carrying on business either themself or through an agent) in Australia; or
  • by a resident of Australia at or through an overseas permanent establishment of that resident (a foreign branch); or
  • by a subsidiary of a company that is a resident of Australia at or through an overseas permanent establishment of the subsidiary (an overseas subsidiary).

A person who provides a service while travelling or operating on a mobile basis in a country is taken to provide the service at a permanent establishment in that country.

The Act therefore applies to foreign insurers that provide a designated service in Australia, even if they have no place of business in Australia and only provide the service through an agent who does.

Foreign branches or overseas subsidiaries of Australian insurers are exempt from some of the requirements. For example, the identification requirements do not apply to a designated service that is provided overseas by a foreign branch or subsidiary.

To toptop of page

Timing

Obligations under the Act will be phased in over a two-year period. The schedule for implementation of obligations relevant to insurers is as follows:

  • 13 December 2006: obligations relating to:
    • records relating to transaction records, customer-provided transaction documents and transferred ADI accounts; and
    • registration of designated remittance providers;
  • 13 June 2007: obligations relating to AML/CTF compliance reports;
  • 13 December 2007: obligations relating to:
    • customer identification and records of identification procedures; and
    • AML/CTF programs; and
  • 13 December 2008: obligations relating to:
    • ongoing customer due diligence; and
    • suspicious matter and threshold reporting.

The Government has stated that a 15-month amnesty period will follow after each of the above stages is implemented. During that period, the Australian Transaction Reports and Analysis Centre (AUSTRAC) will only take civil penalty action against a reporting entity where the reporting entity has manifestly failed to take steps towards compliance with its obligations.

The Government has said that a Technical Amendments Bill will be introduced in the autumn 2007 sitting of Federal Parliament to address some of the amendments arising out of the report of the Senate Scrutiny of Bills Committee and outstanding technical issues. Although the amending legislation is not intended to address significant policy matters, it is anticipated that it will introduce some significant amendments.9

Operational detail is contained in the AML/CTF Rules. Some final AML/CTF Rules were issued in December 2006. The Government has said that all AML/CTF Rules necessary for those provisions that will come into effect on 13 December 2007 will be finalised by 31 March 2007.

To toptop of page

Core requirements

These include:

  • customer due diligence (including enhanced customer identification and verification procedures and transaction monitoring);
  • suspicious matter and threshold transaction reporting;
  • development of, and compliance with, an AML/CTF program; and
  • record keeping.

AAR has commented in detail on some of these core requirements in Focus: Anti-money Laundering publications and Client Updates: (22 December 2005, 27 July 2006, 3 August 2006, 2 November 2006, 17 November 2006, 8 December 2006 and 14 December 2006).

Risk-based approach

The Act and the Draft AML/CTF Rules released as at 31 December 2006 adopt a risk-based approach. In practice, this should mean that insurers who are reporting entities will decide how to best assess and how to mitigate their risks of money laundering and financing of terrorism (ML/TF), while allowing those insurers to concentrate their resources on areas where that risk is higher.

The Act recognises that the core of an effective, risk-based approach is a comprehensive and current risk assessment. It does so by empowering AUSTRAC to require a reporting entity to carry out a ML/TF assessment and report the results of the assessment to AUSTRAC.

Examples of an effective, risk-based regime can be found in overseas jurisdictions. These include guidelines developed by the UK Joint Money Laundering Steering Group10, the Revised Supplement to the Guideline on Prevention of Money Laundering and Interpretative Notes issued by the Hong Kong Monetary Authority11, and the guidance developed by the Wolfsberg Group to assist financial institutions to manage their AML risks.12

Guidance on ML/TF risks specific to the insurance sector (and how to respond to them ) is available in the International Association of Insurance Supervisors (IAIS) guidance paper, Anti-Money Laundering and Combating the Financing of Terrorism, published in October 2004 and in the FATF Typologies Report 2004-2005.

To toptop of page

Issues for the insurance sector

Many of the concerns raised by insurance sector representatives during the consultation period on the legislation have been resolved but some difficulties remain. Some of these are discussed below.

Existing customers

The Act provides that existing customers will only have to be identified, verified or re-verified in the event that a suspicious matter obligation arises, that is, where a reporting entity suspects on reasonable grounds that:

  • the customer (or the customer's agent) is not who they claim to be; or
  • information about the provision (or prospective provision) of a designated service may be:
    • relevant to the investigation or prosecution of a person for:
      • a criminal offence;
      • tax evasion; or
      • a money laundering or terrorism financing offence;
    • of assistance in the enforcement of laws relating to proceeds of crime; or
    • preparatory to the commission of a money laundering or terrorism financing offence.

In those circumstances, the reporting entity must take such action as is required by the AML/CTF Rules.13 There is, however, no prohibition against providing or continuing to provide a designated service, pending the taking of such action.

However, where an existing customer is accessing a new designated service that presents a different increased risk, the reporting entity may need to verify the identity of that customer as part of its ongoing due diligence obligations.

Designated business group

The Act introduces the concept of a designated business group (DBG), which will facilitate sharing of customer identification information and allow for a group-wide compliance program. In particular, members of a DBG can discharge ongoing customer due diligence, record keeping and compliance reporting requirements for other members and can, in some circumstances, share suspicious matter information.

Members of a DBG (except licensee arrangers) can enter into joint AML/CTF programs, but can adopt some systems and controls to suit their individual needs.

The Explanatory Memorandum released with the Act indicates members of a DBG can also share customer identity information within the group, although there is no specific provision to this effect in the Act.

In practical terms, this may not go far enough. Reporting entities within the same DBG that provide designated services to each other, such as treasury operations, will still be required to carry out customer identification on each other and will each have to carry out customer identification/verification on each other's customers (although this may be tempered by AML/CTF Rules that could be made under s38).

Additionally, customers of one reporting entity in a DBG may not be an existing customer of another member of the group. If the customer is new for one member, that member as a reporting entity will have an obligation to identify it. This will apply even if the customer is existing for another member of the DBG.

A DBG is defined as a group of two or more persons (not just corporates), each of whom has elected in writing to be a member of a DBG. A DBG member cannot be a member of another DBG at the same time.

However, the Draft AML/CTF Rule on DBGs, released for consultation in January 2007, restricts membership to:

  • related bodies corporate (within the meaning of s50 of the Corporations Act 2001 (Cth)) that are reporting entities; or
  • persons who provide designated services under a joint venture agreement to which each member is a party; or
  • a company:
    • in a foreign country, which, if it were resident in Australia, would be a reporting entity, and
    • is related to another member of the group (within the meaning of s50 of the Corporations Act); and
    • the other member is a reporting entity.

Third parties

Insurers who are reporting entities will be able to appoint agents to carry out their customer application procedures, although, as general agency principles apply, they will remain responsible for the acts of their agents. This is tempered by the reasonable precautions and due diligence defence provisions in the Act (s236). Insurers will still have to identify, manage and mitigate any risk posed by the use of third parties in order to comply with requirements of their AML/CTF program.

Reporting entities can also rely on customer identification procedures undertaken by other reporting entities, but this is subject to conditions to be set out in the AML/CTF Rules.

Electronic verification

The AML/CTF Rules now specifically allow for customer verification by electronic verification (EV), as well as reliance on documentation. There are specific safeguards where EV is used, in that there must be systems and controls in place to ensure that the data is reliable, independent and, among other matters, accurate, secure, up to date and comprehensive.

A safe-harbour provision is available, but only where EV is used where the customer has a three-year credit or transaction history.

AAR's Focus: Anti-money laundering of 27 July 2006 deals with the customer identification obligations in more detail.

Licensee arrangers

Licensee arrangers are not subject to all the AML/CTF obligations. The customer identification/verification and record keeping obligations apply. Their AML/CTF program obligations are restricted to customer identification procedures. Although not currently subject to the suspicious-matter reporting regime, the Act will be amended so that licensee arrangers will be required to report suspicious matters during the period that they provide the designated service.

To toptop of page

The Financial Transaction Reports Act

The insurance industry in Australia is already subject to the Financial Transaction Reports Act 1988 (Cth) (FTRA) AML regime because insurers and insurance intermediaries fall within the definition of a 'cash dealer' in that Act. Under the FTRA, insurance service providers are required to:

  • verify the identity of customers on opening an account (although given the definition of 'account' this is unlikely have any practical implications);
  • keep transaction records; and
  • report significant cash transactions and suspicious transactions to AUSTRAC.

Although it is intended that the AML/CTF Act will eventually replace the FTRA, the FTRA will continue to apply to those 'cash dealers' who are not 'reporting entities' under the AML/CTF Act. In practice, therefore, general insurers will continue to be subject to the AML/CTF obligations under the FTRA. This is consistent with the Government's statement14 that the current FTRA obligations in relation to all insurance products will continue on a transitional basis, pending consultation with the insurance sector on broad coverage issues.

For further information about the AML/CTF reform process, see the Attorney-General's website.

To toptop of page

Footnotes

  1. This reflects the FATF position that applies the FATF Recommendations to life insurance and other investment-related insurance.
  2. Set out in items 37 to 39 of the list of designated services.
  3. or a greater amount specified in the AML/CTF Rules.
  4. ibid
  5. Typically, this provides the policy-holder with a refund of a percentage of the premiums paid, based on the length of time the policy has been held and on the basis of the policy-holder not bringing a claim against the policy.
  6. The Federal Government has said that this designated service is limited to businesses where lending is a core or significant or primary part of an entity's activity (determinable on the individual circumstances). This being the case, insurance sector concerns that premium funding arrangements (whereby some insurers offer a loan product enabling commercial clients to pay their insurance products by instalments) would be included under this service, has probably been resolved as these arrangements are not likely to be core activities.
  7. It has been suggested by IAG in its submission to the Senate Legal and Constitutional Affairs Committee (14 November 2006) that, because of the definition of a custodial or depository service, this designated service could capture the trust arrangements between a general insurance provider and a life insurance provider where the general insurer holds a life insurance policy under a CCI policy on behalf of its customer.
  8. defined widely to include:
    1. an individual;
    2. a company;
    3. a trust;
    4. a partnership;
    5. a corporation sole; and
    6. a body politic.
  9. It is expected that the amendments will include:
    • an amendment to section 42(6) extending the suspicious matter reporting obligation to licensee arrangers;
    • an amendment so that remedial directions under section 191 can be reviewed by the Administrative Appeals Tribunal; and
    • changing some of the absolute liability offences to strict liability.
  10. These guidelines are set out in the JMLSG Guidance Notes Part 1 and Part 2.
  11. http://www.info.gov.hk/hkma/eng/guide/index.htm
  12. http://www.wolfsberg-principles.com/risk-based-approach.html
  13. Draft AML/CTF Rules released by AUSTRAC require a reporting entity within 14 days to carry out a customer identification procedure, and/or collect and verify any Know Your Customer information for the purpose of being reasonably satisfied the customer is who it claims to be.
  14. in a paper entitled, Questions and Answers on the Insurance Sector, issued by the Attorney General's Department in December 2005.


Allens home | Anti-money laundering home | Top of page | Disclaimer | Privacy | Sitemap
Allens Arthur Robinson - a leading international law firm
© 2008 Allens Arthur Robinson, Australia | contactus@aar.com.au

 Allens Arthur Robinson - Clear Thinking