Tunisia's insurance regulator, the General Insurance Council (CGA) has released guidelines to the insurance industry on customer due diligence obligations, detailing the identification, verification, and know-your-customer processes. It aims to help insurance companies implement an effective system to prevent money laundering and terrorist financing, tailored to the risk profile of their customers.
The guidance is provided in a 33-page document titled “Guidelines on Customer Identity Verification and Contractual Relationship Verification in the Insurance Sector”.
The CGA says that the contents are strongly inspired by recommendations made by the Financial Action Task Force (FATF), which is an independent inter-governmental body that develops and promotes policies to protect the global financial system against money laundering, terrorist financing and the financing of proliferation of weapons of mass destruction. The FATF Recommendations are recognised as the global anti-money laundering (AML) and counter-terrorist financing (CFT) standard.
The Guidelines state that in the insurance sector, the insurance contract formalises the business relationship, which is a fundamental concept in AML/CFT. The insurance policy involves reciprocal commitments between the insurer and the insured, for a fixed period. Upon entering into such a contract, the underwriting agent is required to: identify the client, know their risk profile, and understand the purpose and nature of the proposed relationship.
Within the AML/CFT framework, the business relationship triggers an obligation of constant vigilance. This includes in particular:
- Verification of the client's identity
- Analysis of their risk profile
- Regular monitoring of transactions carried out,
- Updating of client information.
The business relationship covers: the client and, where applicable, the person acting on their behalf (the subscriber, the insured and the beneficiary) and the beneficial owners.
For the underwriting agent, identifying the business relationship is the first step to take. The Guidelines read, “The AML/CFT system depends largely on the quality of this first step and the effective implementation of due diligence obligations.”
The Guidelines also cover politically exposed persons (PEP); determination of the beneficial owners; duty of vigilance when establishing a remote business relationship; knowledge of the business relationship; the collection and analysis of information; cases requiring enhanced vigilance; dealing with intermediaries, group insurance contracts, and subsidiaries and branches; obligation to train and raise awareness among insurance company staff of AML/CFT, and the retention of documents.
Insurance intermediaries
Insurance intermediaries are themselves subject to AML/CFT requirements. However, this does not relieve the insurance company of its primary responsibility, as it remains fully responsible for compliance with all due diligence obligations. As such, the insurance company must have the entire client file, including copies of all supporting documents relating to identification.
The Guidelines said, “It is important to remember that transactions carried out by brokers are considered riskier, which justifies the implementation of heightened vigilance.”
Insurance companies must exercise rigorous control over the due diligence carried out by intermediaries. In particular, they must ascertain the quality of information, the completeness of documentation and other compliance requirements.