FCTR 17.1 Introduction

FCTR 17.1.1 G

1 Who should read this chapter? This chapter is relevant, and its statements of good practice apply, to

  1. commercial insurance intermediaries and other firms who are subject to the financial crime rules in SYSC 3.2.6R or SYSC 6.1.1R, and

  2. e-money institutions and payment institutions within our supervisory scope.

FCTR 17.1.2 G

1In November 2014 we published a thematic review of how commercial insurance intermediaries manage bribery and corruption risk. We looked at ten intermediaries’ anti-corruption systems and controls and the extent to which these intermediaries had considered our existing guidance, enforcement cases and the findings from thematic work, particularly our 2010 review of ‘anti-bribery and corruption in wholesale insurance broking’. This sample also included five intermediaries that had been part of the sample in 2010.

FCTR 17.1.3 G

1While most intermediaries had begun to look at their ABC systems and controls, this was work in progress and more improvement was needed. We found that most intermediaries we saw were still not managing their bribery and corruption risk effectively. Business-wide bribery and corruption risk assessments were based on a range of risk factors that were too narrow and many intermediaries failed to take a holistic view of the bribery and corruption risk associated with individual relationships. Half of the due diligence files we reviewed were inadequate and senior management oversight was often weak.

FCTR 17.1.4 G

1The contents of this report are reflected in FCG 1 and FCG 2.

FCTR 17.3 Themes


FCTR 17.3.1 G

1This section complements guidance in FCG 2.2.1G and FCG 6.2.1G and FCTR 9.3.1G

  1. • As part of their ABC governance structures, intermediaries may consider appointing an ABC officer with technical expertise and professional credibility within the intermediary.

  2. • Intermediaries should ensure that responsibility for oversight and management of third-party introducers and other intermediaries is clearly allocated.

Management information (MI)

FCTR 17.3.2 G

1This section complements guidance in FCG 2.2.2G and FCTR 9.3.1G

Examples of ABC MI which intermediaries may consider providing include:

  1. • details of any business rejected in the relevant period because of bribery and corruption concerns, including the perception that the risk of bribery and corruption associated with the business might be increased, and

  2. • details, using a risk-based approach, of staff expenses, gifts and hospitality and charitable donations, including claims that were rejected and cases of non-compliance with the intermediary’s policies where relevant.

Intermediaries may consider providing ABC MI about third-party introducers and other intermediaries.

Examples of such MI include:

  1. • a breakdown of third-party introducers and other intermediaries, in chains that are involved in business generation, with details of the business sectors and countries they work in

  2. • the amount of business each third-party introducer or other intermediary generates

  3. • how much the immediate third-party introducer or other intermediary with whom the intermediary has a direct relationship is paid and on what basis (fees, commission, etc), and

  4. • details of the third-party introducer’s role, including the services they provide and the basis of the commission or other remuneration they receive.

Risk assessment

FCTR 17.3.3 G

1This section complements guidance in FCG 2.2.4G, FCG 6.2.2G and FCG 6.2.4G and FCTR 9.3.2G and FCTR 9.3.3G

Business-wide risk assessments

Intermediaries should identify and assess the bribery and corruption risk across all aspects of their business.

Examples of factors which intermediaries should consider when assessing risk across their business.

  1. • Risks associated with the jurisdictions the intermediary does business in, the sectors they do business with and how they generate business.

  2. • Risks associated with insurance distribution chains, in particular where these are long. This includes taking steps to understand the risk associated with parties that are not immediate relationships, where these can be identified. Parties that are not immediate relationships may include, in addition to the insured and the insurer, entities such as introducers, sub-brokers, co-brokers, producing brokers, consultants, coverholders and agents.

  3. • Risks arising from non-trading elements of the business, including staff recruitment and remuneration, corporate hospitality and charitable donations.

Risk assessments and due diligence for individual relationships

The risk-rating process for individual third-party introducer and client relationships, for example the producing broker, should build on the intermediary’s business-wide risk assessment.

Examples of factors intermediaries may consider when assessing bribery and corruption risk associated with individual relationships include:

  1. • the role that the party performs in the distribution chain

  2. • the territory in which it is based or in which it does business

  3. • how much and how the party is remunerated for this work

  4. • the risk associated with the industry sector or class of business, and

  5. • the governance and ownership of the third party, including any political or governmental connections.

Intermediaries should decide on the level of due diligence, and which party to apply due diligence to, based on their assessment of risk associated with the relationship. This may include other parties in the insurance chain and not just their immediate contact. Where it is not possible or feasible to conduct due diligence on other parties, intermediaries should consider alternative approaches, such as adjustments to the level of monitoring to identify unusual or suspicious payments.

Examples of the type of information which intermediaries may obtain as part of the due diligence process include:

  1. • other intermediaries’ terms of business and identification documentation, including information about their anti-corruption controls

  2. • checks, as risk dictates, on company directors, controllers and ultimate beneficial owners, considering any individuals or companies linked to the client, PEP screening and status, links to a PEP or national government, sanctions screening, adverse media screening and action taken in relation to any screening hits, and

  3. • for third-party introducers, details of the business rationale.

Ongoing monitoring and reviews

FCTR 17.3.4 G

1This section complements guidance in FCG 2.2.5G, FCG 6.2.3G and FCG 6.2.4G and FCTR 9.3.3G

Examples of ongoing monitoring and review for ABC purposes include:

  1. • payment monitoring, including a review of payments to identify unusual or suspicious payments

  2. • refreshing due diligence documentation

  3. • ensuring that the business rationale remains valid – this may include a review of third-party introducers’ activities

  4. • re-scoring risk where necessary, including based on the outcome of internal or external reviews or audits

  5. • updating PEP screening, sanctions screening and adverse media screening, and

  6. • taking a risk-based approach to ongoing monitoring measures applied to directors, controllers, ultimate beneficial owners and shareholders relevant to third-party relationships, which is consistent with the risk rating applied at the outset of a relationship.

Payment controls – insurance broking accounts

FCTR 17.3.5 G

1This section complements guidance in FCG 6.2.3G and FCG 6.2.4G and FCTR 9.3.4G and FCTR 9.3.9G

  1. • Intermediaries should set meaningful thresholds for gifts and hospitality that reflect business practice and help identify potentially corrupt actions.

  2. • When determining whether a payment is appropriate, staff responsible for approving payments should consider whether the payment is in line with the approved scope of the third-party relationship.

Payment controls – accounts payable

FCTR 17.3.6 G

1This section complements guidance in FCG 6.2.3G and FCG 6.2.4G and FCTR 9.3.4G

  1. • Intermediaries should consider whether an absence of recorded gifts, entertainment, expenses and donations may be due to reporting thresholds being too high and/or staff being unaware of the requirement to report.

Training and awareness

FCTR 17.3.7 G

1This section complements guidance in FCG 2.2.6G and FCG 6.2.3G and FCTR 9.3.6G and FCTR 9.3.9G

Examples of initiatives to supplement ABC training and awareness include:

  1. • creating a one-page aide-mémoire for staff, listing key points on preventing financial crime and the whistleblowing process, to which staff could easily refer, and

  2. • appointing a compliance expert within each business area who provides ABC advice to staff.