Research by the Dutch National Bank (DNB) has indicated that insurers are not taking enough precautions to avoid infringement of the Sanction Law (SL). With European legislation on the rise, this is an issue that many insurers in Europe may be facing on the short term.
In previous studies DNB already found that insurers and other financial institutions are experiencing difficulties in connecting their specific risk profile to the measures required to comply with the Sanction Law. From the study was concluded that the compliance level at some firms was too low due to a lack of actions that were taken to thoroughly assess customers with a high risk profile. At the same time, DNB recognized an excess of compliancy measures at some other institutions.
Improvements and best practices on sanction law
Based on the current studies, DNB concludes that a number of insurers have improved on complying with the Sanction Law. There are even several ‘good practices’: these are organizations that have no shortcomings with regards to the law, and from which DNB recognizes that the taken measures have been implemented adequately.
Regulations are barely included in education and trainings. This may partly explain the lack of awareness among insurers in relation to the sanction legislation. Insurers are mainly relying on suppliers of sanction lists and on periodical screenings of the portfolio. A screening of new relations is not always taking place.
Most important bottle-necks for compliancy
The most important bottle-necks are the following:
- Most non-life insurers have not registered Ultimate Beneficial Owners (UBOs). This means that these relations cannot be screened against a sanction list, which conflicts with the SL.
- Few or no screenings are taking place after updates of the sanction lists.
- Insurers update lists only periodically, and not when actual changes are made to the lists. This leads to periods in time where customers are accepted who are on a sanction list.
- Insurers often assume that other parties in the chain are taking the required measures, without checking and controlling if these parties are in fact doing so.
- Knowledge about the sanction legislation is insufficient in a large part of the industry.
To what extent does your organization comply with the sanctions regulations?
DNB’s requirements for compliance with the Sanction law have been published in its guidelines (http://www.toezicht.dnb.nl/binaries/50-212353.pdf).
In order to be able to comply with the regulations, it is essential that you know your clients; know what type of client they are, what kind of stakeholders there are and what kind of activities they perform. This must be recorded in a customer database and must be structurally checked;
- upon acceptance of a new client,
- periodically during its lifetime; and
- in the event of payment of (compensation).
It is therefore very important that your administrative organization and internal control (AO/IC) is controlled in such a way that you can identify ‘hits’ in time (relationships that appear on the sanctions lists). Hits must be reported to the DNB, which will then process them and, if necessary, forward them to the Ministry of Finance.
How can FRISS help you?
FRISS has a solution to facilitate your Sanction checks and manage your compliancy audit. Also FRISS can carry out a scan of your whole portfolio for you. Which will show you in a relatively short period of time the risk in your portfolio so you can take the needed steps.