• As part of their ABC governance structures, intermediaries may consider appointing an ABC officer with technical expertise and professional credibility within the intermediary.
• Intermediaries should ensure that responsibility for oversight and management of third-party introducers and other intermediaries is clearly allocated.
Examples of ABC MI which intermediaries may consider providing include:
• details of any business rejected in the relevant period because of bribery and corruption concerns, including the perception that the risk of bribery and corruption associated with the business might be increased, and
• details, using a risk-based approach, of staff expenses, gifts and hospitality and charitable donations, including claims that were rejected and cases of non-compliance with the intermediary’s policies where relevant.
Intermediaries may consider providing ABC MI about third-party introducers and other intermediaries.
Examples of such MI include:
• a breakdown of third-party introducers and other intermediaries, in chains that are involved in business generation, with details of the business sectors and countries they work in
• the amount of business each third-party introducer or other intermediary generates
• how much the immediate third-party introducer or other intermediary with whom the intermediary has a direct relationship is paid and on what basis (fees, commission, etc), and
• details of the third-party introducer’s role, including the services they provide and the basis of the commission or other remuneration they receive.
Business-wide risk assessments
Intermediaries should identify and assess the bribery and corruption risk across all aspects of their business.
Examples of factors which intermediaries should consider when assessing risk across their business.
• Risks associated with the jurisdictions the intermediary does business in, the sectors they do business with and how they generate business.
• Risks associated with insurance distribution chains, in particular where these are long. This includes taking steps to understand the risk associated with parties that are not immediate relationships, where these can be identified. Parties that are not immediate relationships may include, in addition to the insured and the insurer, entities such as introducers, sub-brokers, co-brokers, producing brokers, consultants, coverholders and agents.
• Risks arising from non-trading elements of the business, including staff recruitment and remuneration, corporate hospitality and charitable donations.
Risk assessments and due diligence for individual relationships
The risk-rating process for individual third-party introducer and client relationships, for example the producing broker, should build on the intermediary’s business-wide risk assessment.
Examples of factors intermediaries may consider when assessing bribery and corruption risk associated with individual relationships include:
• the role that the party performs in the distribution chain
• the territory in which it is based or in which it does business
• how much and how the party is remunerated for this work
• the risk associated with the industry sector or class of business, and
• the governance and ownership of the third party, including any political or governmental connections.
Intermediaries should decide on the level of due diligence, and which party to apply due diligence to, based on their assessment of risk associated with the relationship. This may include other parties in the insurance chain and not just their immediate contact. Where it is not possible or feasible to conduct due diligence on other parties, intermediaries should consider alternative approaches, such as adjustments to the level of monitoring to identify unusual or suspicious payments.
Examples of the type of information which intermediaries may obtain as part of the due diligence process include:
• other intermediaries’ terms of business and identification documentation, including information about their anti-corruption controls
• checks, as risk dictates, on company directors, controllers and ultimate beneficial owners, considering any individuals or companies linked to the client, PEP screening and status, links to a PEP or national government, sanctions screening, adverse media screening and action taken in relation to any screening hits, and
• for third-party introducers, details of the business rationale.
Examples of ongoing monitoring and review for ABC purposes include:
• payment monitoring, including a review of payments to identify unusual or suspicious payments
• refreshing due diligence documentation
• ensuring that the business rationale remains valid – this may include a review of third-party introducers’ activities
• re-scoring risk where necessary, including based on the outcome of internal or external reviews or audits
• updating PEP screening, sanctions screening and adverse media screening, and
• taking a risk-based approach to ongoing monitoring measures applied to directors, controllers, ultimate beneficial owners and shareholders relevant to third-party relationships, which is consistent with the risk rating applied at the outset of a relationship.
• Intermediaries should set meaningful thresholds for gifts and hospitality that reflect business practice and help identify potentially corrupt actions.
• When determining whether a payment is appropriate, staff responsible for approving payments should consider whether the payment is in line with the approved scope of the third-party relationship.
Examples of initiatives to supplement ABC training and awareness include:
• creating a one-page aide-mémoire for staff, listing key points on preventing financial crime and the whistleblowing process, to which staff could easily refer, and
• appointing a compliance expert within each business area who provides ABC advice to staff.