Red Flags in Insurance Business- India Perspective

By

 The Guidelines on Anti-Money laundering /Counter Financing of Terrorism (AML/CFT) were issued under Section 34 of the Insurance Act, 1938 on 31st March 2006. The Guidelines were made applicable to general insurance companies in the modified form effective from 1st January 2007. These were revised from time to time subsequent to respective amendments in PMLA 2002

Key Obligations for Insurance Companies


  • Customer Due Diligence: Verify identities (KYC)at policy issuance, during claims, and for significant transactions, especially with large single premiums or unusual funding sources.
  • Transaction Monitoring: Continuously watch transactions for suspicious patterns indicative of money laundering or terrorism financing.
  • Record Keeping:  Maintain client records and transaction details for five years after the business relationship ends.
  • Reporting: Report suspicious transaction reports(STRs) and cash transactions (CTRs) above thresholds to FIU-IND
  • Designated Director & Principal Officer:  Appoint a Compliance Officer and a Designated Director.
  • Staff Training: Ensure all employees and agents understand PMLA requirements and AML/CFT procedures. 

Common Typologies & Methods

Money launderers take advantage of vulnerabilities in insurance systems and processes to disguise the illegal origins of funds. Common techniques include:

Phantom Policies/Premium Redeposits: Buying policies with illicit money, then canceling them to receive "clean" funds as a refund, or getting returns in different currencies than paid.


·         Ghost Broking : Agents sell fake policies (often for cars or homes) or alter real ones with false info (like driving history) to get cheaper rates, but the policy is void, leaving the buyer unprotected.


·         Life & Health Fraud: Brokers create fictitious policies or enroll people without their consent (especially with government subsidies) to pocket premiums, leaving victims with no actual coverage.


·         Construction "Ghost" Policies: Workers' comp policies for owners without employees, satisfying job site requirements but offering no coverage if the owner gets hurt.

·         ‘Silent’ or ‘Phantom’ Coverage: Standard policies (like general liability) that don't explicitly exclude certain risks (like cyber), potentially triggering coverage for unforeseen events without the insurer intending it. 

Captive Insurance Abuse: Using self-owned entities (captives) to manipulate payments, overpay for services to move funds, or process fraudulent claims.

Money Laundering : Illicit funds enter as seemingly legitimate premiums or are paid out as fabricated claims, with criminals controlling both sides of the transaction.

Terrorist Financing: Funds can be channeled through captives, potentially masking their true origin.

 Tax Evasion: Captives can be set up in favorable jurisdictions (e.g., Bermuda, Mauritius)  to avoid taxes in the parent company's home country.

Self-Dealing & Circular Transactions: Overpaying premiums or engaging in circular payments between related entities hides illicit funds.

Lack of Transparency: Complex structures can obscure beneficial ownership, making it hard to identify true controllers. 


Re-insurance Layering: Passing risks through multiple reinsurance layers to obscure the origin of funds.

Fictitious Entities: Establishing bogus insurance or reinsurance companies or intermediaries to facilitate the movement of illicit funds.


Deliberate Placement: A ceding insurer deliberately places the proceeds of crime with legitimate reinsurers to disguise the source of funds.

Complex Structures: Funds are passed through multiple layers of reinsurance and retrocession agreements (reinsurance of reinsurance) across different jurisdictions, especially those with lax AML regulations, to make tracing the trail nearly impossible.

Fronting Arrangements: A legitimate insurer issues a policy and then immediately cedes all or most of the risk to a "bogus" or related reinsurer, effectively using the legitimate insurer as a front to get the money into the system. 

Over- or Under-Invoicing: Manipulating the premiums or claims values between related insurance/reinsurance entities to move illicit money under the guise of legitimate business transactions. 


Fraudulent Claims: Paying out claims for non-existent losses or inflated damages.

Money Laundering: Criminals buy high-value insurance policies with illegal funds, build cash value, then take out "loans" against the policy, appearing as legitimate income.

Terrorist Financing: Funds from illicit activities can be channeled through insurance premiums to fund terrorism, or false claims can be used to move money.

Staged Incidents: Reporting non-existent or exaggerated losses (e.g., fake car crashes, property damage, or theft) to receive payouts. 

Policy Abuse: Frequent, high-volume purchases and immediate cancellations, or using policies for quick cash-out schemes. 

"Premium redeposits" or, more accuratelypremium overpayment and refund schemes, are a money laundering typology where criminals use the insurance sector to clean illicit funds. 

The core scheme involves a customer overpaying for an insurance premium, often significantly, using "dirty money" (cash or transfers from illicit sources). Then, the customer requests a refund for the excess amount. 

This process effectively introduces illicit funds into the legitimate financial system and then extracts them as a "clean" payment from the insurer. The refund often comes from the insurance company's general account, making it harder to trace the original source of the funds. 

Large, unexplained premium overpayments inconsistent with the customer's known financial profile or the policy's requirements.
Requests for refunds in a different currency or to an unrelated third-party account.
Frequent policy purchases and immediate cancellations with requests for refunds (known as "early surrender").
Payments made from high-risk jurisdictions or by unrelated third parties.
Customer reluctance to provide full documentation or details about the source of funds. 


Illustrative list of Suspicious Transactions: IRDA

 

 1. Customer insisting on anonymity, reluctance to provide identifying information, or providing minimal, seemingly fictitious information

2. Frequent free look cancellation free look cancellation  by customers;

3. Assignments to unrelated parties without valid consideration;

4. Request for purchase of a policy in amount considered beyond apparent need;

5. Policy from a place where he does not reside or is not employed;

6. Frequent request for change in addresses;

7. Inflated or totally fraudulent claims.  eg. by arson or other means causing a fraudulent claim to be made to recover part of the invested illegitimate funds

8. Overpayment of premiums with a request for a refund of the amount overpaid.

9. Refund of proposal deposit by cancelling the proposal on request of the customer;

10. Media reports about a customer;

11. Information sought by Enforcement agencies;

12. Unusual termination of policies;

13. Borrowing the maximum loan amount against a policy soon after buying it

 

 

Note: The list is only illustrative and not exhaustive. Red Flag Indicators issued by FIU-IND also be taken in account for Suspicious Transaction wherever necessary. For more examples on Suspicious Transactions please visit the FIU-IND website


Illustrative list of Suspicious Transactions: National Insurance Company Ltd

 

Vulnerable Products / Features:

 

1. Personal Accident Policies

2. Assignment of Policies 

 

 

Illustrative list of Suspicious Transactions:

1. Customer insisting on anonymity, reluctance to provide identifying information, or providing minimal, seemingly fictitious information

2. Cash based suspicious transactions for payment of premium over and above ` 5 lakh per person per month. It should also consider multiple DDS each denominated for less than `50,000/-

3. Frequent free look surrenders by customers;

4. Assignments to unrelated parties without valid consideration;

5. Policy from a place where he does not reside or is employed;

6. Frequent request for change in addresses

7. Inflated or totally fraudulent claims e.g. by arson or other means causing a fraudulent claim to be made to recover part of the invested illegitimate funds

8. An established trend or pattern or frequent overpayment of premium with a request for refund of the overpaid amount

9. Frequent cancellation of policies for the return of premium by an insurer’s cheque

 

Note: The list is only illustrative and not exhaustive. For more examples on Suspicious Transactions please visit the IAIS website


Health Insurance


Policyholder & Customer Red Flags

Red flags related to the customer often revolve around inconsistencies in their profile, financial behavior, and interactions with the insurer. 

·         Inconsistent Financial Profile: A significant mismatch between the customer's declared income/occupation and the high premium amount or policy value (e.g., a low-income individual purchasing a high-value policy).

·         Suspicious Payment Patterns:

  • Making large premium payments in cash or through sequentially numbered money orders when not expected for that customer profile.
  • Payments made by an seemingly unrelated third party without a clear economic or legitimate reason.
  • Frequent overpayments on premiums followed by requests for a refund, in an attempt to cycle illicit funds through a legitimate source.
  • Use of multiple small policies to avoid detection thresholds for large transactions (structuring/smurfing).

·         Unusual Policy Activity:

  •  Early or frequent policy surrenders/cancellations, especially if the refund is requested to be sent to a third party or a different account.
  • Requests for policy loans or withdrawals shortly after the policy is issued.
  • Frequent changes to personal details, contact information, or beneficiaries without reasonable explanation.
  • Lack of concern for the investment performance or early termination charges, indicating the primary goal is moving money rather than an investment.

·         Inconsistent Information: Providing false, incomplete, or inconsistent information/documents regarding their identity, medical history (e.g., concealing pre-existing conditions), or source of funds.

·         Complex Ownership Structures: The use of opaque legal entities (e.g., shell companies, trusts) to hide the true beneficial owner of the policy. 

Healthcare Provider & Claims Red Flags

These red flags often point towards potential insurance fraud, which can be a predicate offense for money laundering: 

·         Billing Irregularities:

  • Billing for services or procedures that were never performed (phantom treatments).
  •  Upcoding (billing for a more expensive service than the one provided) or unbundling procedures that should be billed as one.
  • Submitting inflated or exaggerated claims for treatment costs.

·         Suspicious Provider Behavior:

  • Claims from a healthcare provider that is no longer operational or is located unusually far from the patient's residence.
  • A sudden, unexplained spike in claims from a specific provider or location.
  • Evidence of collusion between the provider, patient, or agents to generate fabricated claims.

·         Documentation Issues: Medical records that appear fabricated or lack standard information (e.g., no hospital letterhead, no proper case numbers). 

Insurers must conduct ongoing monitoring and enhanced due diligence for high-risk profiles to effectively comply with PMLA guidelines and report suspicious activities to the authorities. You can find more information on the IRDA Website  and the FIU-IND website






Those who read this, also read:

1.Insurance Sector & AML/CFT - India

2. Red Flags in AML/CFT

3. Obligations of RE under sec 12  PMLA 2002


Formerly Faculty for Finance & Associate Dean, IBS-Kochi MBA (Banking & Finance – CUSAT);CFA. Accredited Management Teacher from CME of AIMA, Delhi has been in Management Education from 1988. Exposure is in the field of Mutual Funds, Market Research, Project Report preparation & evaluation, Advertising & NGO Activities. This Chief Manager, UTI Asset Management Co Pvt. Ltd(1992-2003), Mumbai. Undergone training in Case Study method of teaching under Mr. Trevor Williams and Mr. Scott M Andrews conducted by the ECCH, UK . Published Books & Book Review, Series of academic articles and maintains a column on MFs under "Fund scan" in Business Manorama since January 2007,Contributes "Portfolio Doctor" column for 'Sampadyam' a wealth mgt publication in Malayalam from manorama group since February 2007, Listed her case studies at asiacase.com.Presented papers in national & international conferences on Mutual Funds. Faculty Member @ ASIET, Kalady from 2010 to June 2019. Dean @ SNGIST, N Paravur, Ernakulam from Sep 2019 -Jan 2021, I continue my efforts to spread the knowledge in area of Finance and contribute to Management Education

Comments

Post a Comment

Popular posts from this blog

National Risk Assessment (NRA): India

By
  India's National Risk Assessment (NRA) is  an ongoing exercise to identify sectors that are vulnerable to money laundering and terrorist financing (ML/TF) .  The NRA is based on recommendations from the Financial Action Task Force (FATF) and helps inform policy-making, resource allocation, and the implementation of effective AML/CFT measures. The NRA also ensures that national strategies address both domestic and international threats. The NRA provides a foundation for informed policy-making, resource allocation, and the implementation of effective AML/CFT measures . It ensures that national strategies are aligned with the specific risk landscape of the country and that they address both domestic and international threats. The subject matter of NRA  was discussed in the Anti-Money Laundering Steering Committee (AMLSC) set up with the approval of Finance Minister, and it was decided to conduct the NRA following the World Bank methodology. The Methodology requi...
Read more

Customer Due Diligence(CDD) : Individuals

By
Image
This post is based on RBI Master Circular dated Feb 25, 2016 updated on Jan 04, 2024  Part I - Customer Due Diligence (CDD) Procedure in case of Individuals For undertaking CDD, REs shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity: (a)     the Aadhaar number where,   (i) He is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or (ii) He decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub-section (1) of section 11A of the PML Act; or (aa) the proof of possession of Aadhaar number where offline verification can be carried out; or (ab) the proof of possession of Aa...
Read more

Periodic Updation of Customer Risk Profile

By
1. Preparation of Customer Profile from KYC Data In the initial years of KYC, RBI has been following a handholding approach as can be seen from their circular dated July 2009 and that of Feb 25, 2016 as updated on Jan 04, 2024. RBI requires REs to conduct risk profiling and risk categorization and periodic updation.  Extracts from RBI MD dated July 01, 2009 under Customer Acceptance Policy a)ii) Parameters of risk perception are clearly defined in terms of the nature of business activity , location of customer  and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher; b). Banks should prepare a profile for each new customer based on risk categorisatio...
Read more