ARTICLE

Anti-Money Laundering and Counter Terrorism Financing: Risk-based Approach for the Insurance Industry

New rules were enacted regarding risk management and compliance for reporting entities of the insurance industry.

May 31, 2018
Anti-Money Laundering and Counter Terrorism Financing: Risk-based Approach for the Insurance Industry

The Financial Information Unit (“UIF,” after its acronym in Spanish), is in the process of reviewing its anti-money laundering and counter terrorism financing (“ML/TF”) regulations, moving from a “normative” approach to a “risk-based” approach, in line with Financial Action Task Force (FATF) recommendations. Accordingly, the UIF has recently enacted new regulations addressed to financial and exchange entities (Regulation UIF No. E-30/2017) and capital markets (Regulation UIF No.  E-21/2018).

In this context, Regulation UIF No. 28/2018 (“Regulation 28”) is aimed at establishing new rules for the insurance industry.

Reporting entities within the insurance industry are the following: insurance companies, local reinsurance companies, insurance brokers (productores asesores de seguros), insurance broker companies (sociedades de productores asesores de seguros), insurance agents (agentes institorios) and reinsurance brokers (intermediarios de reaseguros) pursuant to Laws No. 17,418, 20,091 and 22,400 as amended and complemented.

Regulation 28 provides for a general regime applicable to insurance companies (Title II) and a specific regime for the other reporting entities (Title III).


General Regime: Insurance Companies

Regulation 28 establishes the following obligations and guidelines applicable to insurance companies:

  • ML/TF Prevention system. Consisting of (i) all policies, proceedings and controls for ML/TF risk management, and (ii) all compliance elements requested by applicable rules. The ML/TF prevention system must be developed by the compliance officer and approved by the reporting entity’s administration body.
    • Risk management. Self-assessment. The reporting entities must establish policies, proceedings and controls to identify, assess, mitigate and monitor their ML/TF risks. To such effect they must develop a methodology for identifying and assessing risks in accordance with the nature and volume of their commercial activities, considering the different risk factors of each line of business.
    • The compliance officer must prepare a technical report showing the results of the application of such methodology. Such report must be updated on a yearly basis - for life and retirement insurance companies- and every two years -for non-life insurance companies-. The report must be filed with the UIF and the Argentine Superintendence of Insurance before October 30 each year.
    • Regulation 28 establishes minimum guidelines to identify risk factors concerning clients, products and/or services, distribution channels and geographical zones. In addition, the reporting entities may develop their own additional risk indicators.
    • Once the risks are identified and assessed, the reporting entities must establish the most appropriate and efficient mechanisms to mitigate such risks, in line with Regulation 28 guidelines.
    • Compliance. Regulation 28 provides for the minimum compliance standards to be included in the ML/FT prevention system; such as a detailed description of policies and proceedings to be adopted, rules regarding the administration body’s responsibilities, duties and responsibilities of the compliance officer, document preservation, and training sessions, among others.  In particular, the new regulation covers (i) the possibility of introducing a corporate compliance officer, (ii) rules applicable to reporting entities with branches, affiliates and/or subsidiaries (local or foreign) and (iii) task outsourcing. Furthermore, an independent external auditor must issue a report on an annual basis regarding the quality and effectiveness of the ML/TF prevention system.
  • Due Diligence. Know your client policy. The new regulation provides due diligence guidelines regarding segmentation in low, medium and high risk clients. High risk clients require a reinforced due diligence, while low risk clients may be subject to simplified due diligence. In addition, Regulation 28 provides for specific recommendations concerning different type of insurance.
  • Transactional monitoring. The new rules provide for mechanisms regarding transaction monitoring and analysis, unusual transactions detection, and suspicious transactions reporting.
  • Information regimes. The rules regarding information regimes include new terms and conditions to comply with reporting obligations, in particular regarding life or retirement insurance, non-life insurance and payment of claims.


Specific Regime

In addition, Regulation 28 (sections 40 to 43) sets forth the specific obligations that must be met by reporting entities, classified as follows:

  1. Insurance broker companies (sociedades de productores asesores de seguros) with net worth equal or exceeding ARS 16 million and/or annual invoicing equal or exceeding ARS 100 million;
  2. Insurance broker companies (with net worth of less than ARS 16 million), insurance brokers (productores asesores de seguros) and insurance agents (agentes institorios);
  3. Reinsurance companies and reinsurance brokers; and
  4. Labor risks insurance companies and single-purpose public transport insurance companies (empresas aseguradoras con objeto exclusivo de transporte público de pasajeros).

This new regime is more detailed than the former regime established by Regulation UIF No. 202/2015.


Term for Enactment. Implementation Plan.

In general terms, Regulation 28 will enter into force on June 1, 2018, abrogating Regulation UIF No. 202/2015. However, regarding the identification and ML/TF risk assessment for each entity, the regulation provides the following deadlines for the implementation plan:

  1. On September 30, 2018: develop and document the methodology to identify and assess the risks according to their nature and volume of its commercial activity, considering the different risk factors of each business line.
  2. On December 31, 2018: prepare a technical report, including the results of the implementation of the mythology to identify and assess the abovementioned risks.
  3. On March 31, 2019: adjust the policies and proceedings, according to Regulation 28 requirements, and in accordance with the results of the risk self-assessment, that must be included in the ML/TF prevention manual.

As to the information regimes, the insurance companies must comply with the new terms and conditions as of March 1, 2019.

This insight is a brief comment on legal news in Argentina; it does not purport to be an exhaustive analysis or to provide legal advice.