ACI's AML & OFAC Compliance for the Insurance Industry PPT (Day 2)


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

ACI's AML & OFAC Compliance for the Insurance Industry PPT (Day 2)

  1. 1. Leveraging Existing Resources to Increase Efficiency and Reduce Costs While Ensuring ComplianceBrian C. Loutrel, Vice President, Chief Privacy Officer, New York Life Insurance Co.Cari N. Stinebower. Crowell & Moring, LLPNoreen M. Fierro. Vice President, Corporate Counsel, Prudential Financial
  2. 2.  Alphabet Soup  AML, OFAC & FCPA- Offense of one could be offense of all  Leveraging the similarities/acknowledging the differences The value (or not) of Benchmarking  When structural differences make all the difference When to consider “outsourcing”  Appropriateness of function  Ability to actively oversee outsourced work  “Internal” vs. “External” “outsourcing” 2
  3. 3.  Leverage, Leverage, Leverage  How to rely on information from other departments to streamline your own processes International Privacy laws- their impact on multi-nationals and how they influence outsourcing decisions Specific FCPA Risks for insurers and reinsurers 3
  4. 4.  Basic controls may not be sufficient  Benefits to sharing information/developing complimentary processes Consider this:  Your company is attempting to expand its insurance business in Mexico  Many government approvals are required before a license to sell insurance is granted  Your company has hired a local law firm to assist in procuring the necessary approvals - an engagement letter is executed outlining the law firm’s fees  The Senior Vice President in charge of opening the Mexico operations approves a payment to the law firm that includes not only billable attorney time but some “miscellaneous” charges  Your company wires the fees to the identified bank account in the name of the law firm 4
  5. 5.  You find out after the fact that some of the “miscellaneous fees” included in the law firm’s invoice were to cover “payments” made to local government officials in an effort to procure the necessary licenses to sell insurance You also determine that one of the local government officials receiving the payments is on the SDN for alleged ties to drug trafficking 5
  6. 6. PLACEMENT OF MONEY FUNDS LAUNDERING CONCERNS- Beyond PATRIOTPayment LAYERING OF Act applicabilitysent to Law FUNDS 18 USC § 1956, et alFirm Payment placed in INTEGRATION Law Firm’s bank account Funds distributed from Law firm’s bank account to government official for deposit or use elsewhere, integrating them into the financial system 6
  7. 7. Where were the controls? 7
  8. 8.  Law Department  Terms of law firm engagement ▪ Backup documentation for expenses  Lawyer review of invoice  Identification of red flags Internal Approval Processes  Are managers being trained to ask the right questions before approving invoices?  More than monetary approval authority Accounts Payable  Necessary documentary backup  Copy of law firm engagement or access to ask questions regarding appropriateness of fees General AML/OFAC/FCPA Compliance program may not have identified these issues  Payment to law firm not likely to hit AML surveillance reports  OFAC issue not transparent  FCPA issue not immediately transparent 8
  9. 9.  Generalities can sometimes be misleading Risk assess differences  Resource differences  Operational differences  Jurisdictional Exposure differences  Speak to people who are in charge of process  Do not rely on information learned through basic business channels When it really can be helpful  Learning from others experiences 9
  10. 10.  Confirm executive support  Critical for success of process and your ability to insure appropriate oversight Consider current processes  Are there functions that naturally lend themselves to outsourcing? ▪ OFAC screening ▪ Initial CIP vetting Internal vs. External- Does “outsourcing” have to automatically imply hiring an unrelated third party? 10
  11. 11.  Build business case  Conduct cost-benefit analysis  Proper utilization of current resources Outsourcing does not have to mean “downsizing” Consider regulatory risk/expectations  FINRA 3190 requirements Value of Benchmarking- Leverage lessons learned from colleagues 11
  12. 12.  Look for redundancies  Review processes ▪ Are there multiple touch points reviewing the same data? ▪ Could one touch point review the data for multiple purposes? Sometimes less is more  Insure consistency in approach  Integrity of data/consistent view of issue or vendor Maintaining active oversight  Third party vs. other internal departments or divisions 12
  13. 13.  Acknowledge the difference  Purposes are usually very distinct  Consider what those differences are and/or look for overlap with general compliance controls  If overlap is identified, consider ways to redirect control or audit resources to enhance overall control/testing environment Look to develop a complimentary overall program  Context is key 13
  14. 14.  Considerations when outsourcing  Location of data storage  Cross-border sharing of information  Local law implications/limitations Security of Data  Encryption  Vendor commitment  Inside/outside firewall solutions 14
  15. 15.  Review the basic elements of each program  Policy/Procedures Risk Assessments  Frequency/focus ▪ FCPA/OFAC/AML risk profiles while similar are not always equally weighted  Macro level and micro level ▪ Business Unit process ▪ Hiring – employees, vendors ▪ Use of third parties ▪ Role of third parties ▪ Payment/Approval processes FOLLOW THE MONEY 15
  16. 16.  Current Screening Processes(OFAC/PEP/Sanctioned Countries/Sanctioned Governments)  What information is screened? ▪ Customer/Vendor/Accounts Payable  Do you get enough information to adequately screen? ▪ Screening for those owned or controlled by the above Compliance Testing Training  Avoid the siloed approach Audit Function/Periodic Review 16
  17. 17.  Foreign Agents: Must perform thorough background checks and examine qualifications; be cautious of an agent’s efforts to use front companies to make improper payments Guarantees: An agent’s refusal to sign a contract confirming that no improper payments were or will be made should prompt close scrutiny Middlemen: Be wary of any situation where multiple middlemen seem to be performing the same task Government Relationships: Carefully examine agents who have held government positions or have an ongoing relationship with a government official. Employing an agent solely because of his/her connection to the government risks running afoul of the FCPA Third Parties: The payment of an agent’s fees to a foreign bank account or to an entity other than the agent is a warning sign of possible FCPA problems 17
  18. 18.  High Risk Country: Take extra care in countries where the standard costs of doing business are perceived to include bribes, pay-offs, and “gifts” to officials Business: Certain industries present historically higher risks of FCPA violations; note, however, that the DOJ and SEC have increasingly targeted a variety of industries Commissions: Unreasonably high commissions increase the probability that money will be diverted to pay government officials Cash Payments: One of the most obvious FCPA warning signs is the transfer of large amounts of cash Bonuses, Reimbursements, and other Payments: Large bonus payments or reimbursements for unusually high entertainment, advertising, or other administrative expenses may be used as a device to mask illegal payments 18
  19. 19.  Payroll Fraud: The presence on a company’s payroll of persons who are relatives or associates of foreign government officials raises serious FCPA compliance concerns Secrecy: Be wary of any situation in which a potential agent seems reluctant to fully explain the nature of the proposed activity or to provide clear answers to routine questions Research: Publicly reported cases of bribery and public corruption should prompt careful review of the company’s operations in that country Competitor Violations: If the company learns of competitor violations, it should conduct a careful investigation of its operations; in a difficult competitive environment, employees may learn of a competitor’s tactics and be tempted to follow suit 19