Evidence submitted by ABI (ECR0052)
Treasury Select Committee Inquiry on Economic Crime
Introduction
The ABI is the voice of the UK’s world leading insurance and long-term savings industry. A productive, inclusive and thriving sector, we are an industry that provides peace of mind to households and businesses across the UK and powers the growth of local and regional economies by enabling trade, risk taking, investment and innovation.
Executive Summary
- The ABI supports the Inquiry. The UK must continue to attract legitimate business and retain its status as a leading global financial centre. However, money laundering and other financial risks continue to evolve and it is equally important that the UK reviews the measures it has in place to tackle illicit financial flows and continues to make the UK a hostile environment for committing economic crime. The insurance industry is committed to working in partnership to tackle all forms of economic crime and protecting honest customers from fraudulent activity. For this reason, the industry invests significant resources in preventing, detecting and enforcing against financial crime and insurance fraud.
- The current legislative and regulatory landscape is complex and there are inherent weaknesses which undermine the overall effectiveness of the UK’s approach to financial crime, including the lack of a collaborative approach between the public and private sectors. The Money Laundering Advisory Committee (MLAC) remains central to ensuring that the UK adopts a proportionate, joined-up and strategic approach to the prevention of money laundering and that guidance issued by different bodies is consistent. The new National Economic Crime Centre (NECC), as the lead agency for serious and organised crime, should play a key role in coordinating the UK’s enforcement strategy. We would encourage HM Treasury to ensure it engages with all relevant private sectors in preparing the National Risk Assessment, including the ABI and bodies representing the London Market.
- We welcome the central aim of the Office of Financial Sanctions Implementation (OFSI) to improve service delivery to the private sector, including taking a proactive approach to issuing and reviewing guidance.
- The requirements imposed upon insurers and other providers of financial services by the Sanctions and Anti-Money Laundering Bill must be clear, proportionate and practical. Sanctions can limit the provision of financial services. Insurers must be able to identify designated persons and obtain the necessary licences expeditiously to provide insurance and release funds to customers.
- The insurance industry is committed to tackling all forms of insurance crime, including fraud, and protecting its honest customers. The industry adopts a collaborative approach to tackling financial crime and fraud, currently detecting fraud valued at around £1.3bn a year. It is conservatively estimated that ABI members spend at least £200m each year on measures to combat fraud that focus on the three core pillars of prevention, detection and enforcement. This includes several key initiatives, including the Insurance Fraud Bureau (IFB) and the Insurance Fraud Enforcement Department (IFED), that have led to a sea-change in the way that insurance fraud has been tackled for the last decade.
- Insurers recognise that fraudsters are mobile and seek to exploit weaknesses in systems and controls. While technology and innovation already play a key role in combatting insurance fraud, the drive towards digitisation means that insurers are increasingly looking at the benefits of using emerging technologies such as artificial intelligence and biometrics alongside more traditional counter fraud tools.
- Insurers take the security of customers’ data very seriously and adopt a variety of measures to ensure that data is kept safe, in line with regulatory guidance to minimise the risk of data theft.
- While combatting fraud and ensuring the security of customer data will remain industry priorities, it is vital that legislators, regulators and the judiciary play their part too.
- The Civil Liability Bill and the Financial Guidance and Claims Bill should help to fix the broken UK compensation system and drive behavioural change, both amongst consumers making vexatious personal injury claims and organisations such as claims management companies who often aid and abet such claims.
- The ABI supports Government awareness campaigns which, alongside industry campaigns, help to highlight the serious consequences of fraud and change attitudes and behaviours of opportunistic fraudsters. However, disruption of organised fraudsters requires a different strategy, including depriving them of their liberty and lifestyle. It is important that the judiciary adopts a robust and consistent approach to sentencing that recognises the economic and physical harm that is caused by insurance fraud. Further, while recent legislative reforms have helped to make the asset recovery process simpler and more effective, it is still unnecessarily protracted. The Government should therefore keep this matter under review.
The AML, counter-terrorist financing and sanctions regimes
The scale of money laundering, terrorist financing and sanctions violations in the UK, and the means by which this activity is enabled
- We suggest that the Home Office, HM Treasury and the various supervisors are best-placed to address the scale of violations and the methodologies employed by criminals[1].
- However, we believe that weak controls are still apparent in several areas and these may be exploited to facilitate financial crime:
- Company set up: it is relatively easy to set up a company, with the role of Companies House being a registering service to ensure appropriate checks and due diligence on significant role holders (as opposed to a ‘gatekeeper’). When firms undertake their own due diligence checks, these can be time-consuming and problematic because information is not readily available, particularly when links go overseas. The due diligence process would be improved through consolidating director information on registers, so that each director has a single identity.
- Property ownership: ownership is not always transparent and is a known method to launder money. Investments and property purchase may be made by individuals not resident in the UK, which can make it harder to undertake due diligence checks. We consider that investments and property purchase by individuals not resident in the UK need full beneficial ownership requirements to be made compulsory, registered, properly enforced and verified.
- Complex company structures: there are often companies with layers of Trustee companies/trusts in various tax havens around the world, where it is often difficult to identify the ultimate parent company and beneficial owner. We recognise that this is a legal method of operation, often connected to tax efficiency/avoidance. However, it can mean that more resource and time is required to understand the structure and whether it is a legitimate business. The Government should review these structures to assess whether they remain appropriate.
- Low levels of SAR reporting exist amongst some sectors of the economy. The recent National Crime Agency (NCA) FAQ good practice guidance[2] is helpful in this respect.
- NCA capability and capacity could be improved. Making better technology available to the NCA would enable it to adopt a more joined-up approach.
The current legislative and regulatory landscape, including any weaknesses in the rules and their enforcement
- The current landscape is complex. On the one hand, it is comprehensive. However, on the other, there are often numerous regimes with which businesses must comply. Moreover, there are weaknesses in the UK’s infrastructure which undermine the effectiveness of the response to financial crime, including the lack of a collaborative approach between the public and private sectors.
- Many obligations flow from the recommendations set down by the inter-governmental standard-setting body, the Financial Action Taskforce (FATF). The UK was a founding member of the FATF and must continue to play a leading role to ensure that the recommendations are proportionate – balancing the need to make domestic regimes hostile places for money laundering, with the need to ensure that the obligations placed upon businesses are not overly-burdensome.
- UK insurers must implement systems and controls to ensure compliance with a plethora of AML regimes including the Money Laundering Regulations 2017 (MLRs), FCA financial crime rules and guidance and the Joint Money Laundering Steering Group Guidance (JMLSG). It is therefore imperative that a coordinated approach is adopted, where the requirements are complementary, rather than in conflict.
- JMLSG Guidance is prepared by industry practitioners and is intended to assist firms in meeting their legal and regulatory obligations, and this should be regarded as the definitive source of reference. The FCA Financial Crime Guide provides guidance on supervisory expectations that are sometimes not addressed in the JMLSG guidance and includes useful examples of good and bad practice. While supervisors should be encouraged to publicise examples of good and poor practice, these should cross-refer to the JMLSG Guidance.
- There do exist differences in the guides, as they have emerged from different processes and sources, as well as debates as to which guidance takes priority. By way of example, an FCA guidance consultation[3] highlighted different interpretations of source of wealth/source of funds. We recommend that each guidance document should refer to the other to highlight that readers are aware that there are other sources of guidance available.
- Moreover, such guidance must be kept up-to-date. While JMLSG guidance is reviewed on a regular basis, reviews of the FCA Financial Crime Guide appear to be less frequent. However, we welcome the current review[4] and consultation. While this is being undertaken primarily to add a chapter on insider dealing and market manipulation, the FCA is taking the opportunity to reflect recent changes brought about to the AML and sanctions regimes.
- The ABI supports HM Treasury’s proposals to harmonise the AML supervisory regime. We believe any new supervisory regime needs to encourage better co-ordination and co-operation amongst supervisors in different - and the same - sectors. Supervisors should be empowered to ensure supervisory regimes remain effective; and we support proposals for supervisors to undergo training and development to keep to up-to-date with emerging risks.
- The Government recognises that the number of professional body supervisors in some sectors risked inconsistencies of approach. Moreover, there was an absence of data sharing between supervisors (or with law enforcement agencies). The ABI supports the establishment of the Office of Professional Body Supervisors (OPBAS) within the FCA which should help to strengthen the oversight arrangements of professional body supervisors.
- The Money Laundering Advisory Committee (MLAC), established in 2002, includes members from Government, industry, law enforcement, the professions, and consumer representatives and remains central to ensuring that the UK adopts a consistent joined-up strategic approach to the prevention of money laundering.
- The law enforcement framework is also multi-dimensional, involving the National Crime Agency (NCA), local police forces (including Regional Organised Crime Units), the UK Financial Intelligence Unit (UKFIU), the Serious Fraud Office, HM Revenue and Customs and the Crown Prosecution Service (CPS). As with the supervisory regime, this complex structure highlights the need for a fully joined-up approach. In addition to MLAC, the new National Economic Crime Centre (NECC) within the NCA – as the lead agency for serious and organised crime – should play a key role in coordinating the UK’s AML enforcement strategy.
- However, the current structure of the NCA does not fully lend itself to being ‘end-user friendly’. There is limited dialogue with, and guidance issued by, the NCA and no straightforward effective way of reporting general suspicious information. We recognise that the NCA must prioritise deployment of its limited resources, though we suggest that it would be helpful to have a dedicated NCA point of contact for the financial services sector. Moreover, there are too many reporting options (NCA; Action Fraud; Benefit Fraud etc). These could be made more straightforward and consistent.
- Several new offences for tackling money laundering and sanctions have been created recently which we believe provide, in principle, a suitable array of enforcement tools for enforcement agencies. The Criminal Finances Act 2017 (CFA), for example, introduced Unexplained Wealth Orders (UWOs) which should lead to more focused investigations. However, while UWOs have potential to be used extensively (e.g. to investigate high value property purchases through trusts and overseas companies), they do require a High Court Order and use of UWOs appears currently to be limited.
- The CFA also contains various provisions designed to improve the UK’s ability to recover criminal assets. Notwithstanding previous measures introduced by the Serious Crime Act to improve the asset recovery framework, the process can still prove complex and protracted. Where an individual subject to, say, a confiscation order, does not settle or stops repayments, the process is over-reliant on the recipient pursuing their right to recompense under the order. We would welcome the publication of the Government’s Asset Recovery Action Plan setting out its proposals to improve the performance of the asset recovery regime.
- The Policing and Crime Act 2017 (PCA) contains provisions which make significant changes to the financial sanctions regulatory landscape. While the PCA substantially increases the maximum penalties for the criminal offence of failing to comply with a prohibition under a freezing order, we consider that the civil financial penalty may prove most effective, not least because of its severity, with the maximum penalty being £1m or 50% of the value of the funds involved, whichever is the greater. It is notable that the power appears similar to the ability of the HMRC to impose a compound penalty for breach of export controls in lieu of a criminal prosecution. HMRC has used this sanction vigorously, as it is quicker and less costly than bringing a prosecution.
- Whilst there is currently no corporate liability offence for failing to prevent economic crime (unlike bribery and facilitating tax evasion), the Government is currently reviewing evidence submitted in response to its call for evidence considering a new offence designed to prevent financial crimes such as fraud, false accounting and money laundering when committed on behalf of, or in the name of, companies. The ABI considers that regulation in the financial services sector generally provides a good benchmark for dis-incentivising corporate misconduct through improved compliance, although the existing identification doctrine does inhibit holding companies to account. We suggest that, if a new offence is introduced, the burden should be placed on the prosecution to prove that the company did not take adequate preventative measures.
- We expand on some of the matters raised in response to this question in other parts of our submission.
The effectiveness of the Treasury and its associated bodies in supporting and supervising the regimes
- The ABI supports the Treasury’s clarification of the obligations on all supervisors through the MLRs. We also welcome work by supervisors to review and improve their risk-based approach to supervision. It is vital that there is appropriate oversight of supervisors. The new Office for Professional Body AML Supervision (OPBAS) has a key role to play in the legal and accountancy sectors (where there has previously been a plethora of supervisors), firstly, in ensuring that supervisors fulfil their obligations under the MLRs and, secondly, in strengthening the supervisory regime by improving coordination - and promoting consistency - between supervisors and enforcement.
- Insurers are supervised by the FCA for conduct regulation. The FCA has a clearly defined role and well-developed infrastructure in relation to financial crime. In addition to high-level rules, the FCA publishes a financial crime guide which sets down examples of good and poor practice on financial crime including in relation to money laundering.
- From the end of 2016, many regulated firms have been required to submit an Annual Financial Crime Return to the FCA. This is a useful tool that enables the FCA to accurately categorise firms for risk purposes to inform efficient use of its limited resources for supervision purposes. It also assists the FCA with trend analysis to identify potential emerging risks.
- The ABI is a member of the Joint Money Laundering Steering Group – made up of the leading UK financial services trade associations. JMLSG plays an important role in promoting compliance in that it promulgates good practice and provides practical assistance in interpreting the UK’s MLRs. As we have outlined above, it is vital that guidance is consistent and kept-up-to date. We welcome the Government’s commitment to work with supervisors and industry to address any unnecessary and contradictory guidance, thereby ensuring that businesses are provided with guidance that clearly sets out how they can tackle money laundering risks.
- JMLSG guidance is approved by the Treasury following review by the Money Laundering Advisory Committee (MLAC), of which the ABI is a member. MLAC – which is administered by the Treasury – has a useful role to play in approving sectoral guidance, identifying emerging risks and in ensuring that the UK’s money laundering regime is risk-based and proportionate. In respect of the latter, MLAC members are working alongside the Treasury to prepare for the 2018 FATF (Financial Action Task Force) Mutual Evaluation of the effectiveness of the UK AML regime (see question below on ‘international efforts’).
- One area where the Treasury could be more effective is in ensuring that it engages with all relevant private sectors in preparing the National Risk Assessment (NRA). Notwithstanding that the insurance sector has been classified as ‘low risk’ relative to other sectors, the NRA 2017 merely provides a single paragraph in respect of the sector, with information seemingly provided mainly by the regulator. It is important that the Treasury engages with representative bodies including the ABI and others representing the London Market on an ongoing basis. The ABI held a roundtable meeting with the Treasury earlier this year to discuss the industry’s response to the NRA and we welcome the Treasury’s commitment to involve the ABI in the development of future NRAs.
- The ABI welcomed the establishment of the Office of Financial Sanctions Implementation (OFSI) in 2016. A central aim of OFSI is to improve service delivery to the private sector and OFSI has put in place dedicated resource to engage with the private sector including via an outreach and engagement team.
- In the past, the insurance sector has experienced difficulties in interpreting EU sanctions because of imprecise language in legislation, notably in relation to scope. Sectoral guidance previously issued by the Treasury has sometimes been cumbersome, not timely and issued ‘after the event’. We welcome OFSI’s intent to be proactive, to review guidance on a regular basis and to work closely with bodies including the Foreign and Commonwealth Office and EU institutions to provide guidance. Best practice guidance, published following consultation with industry, on expectations, including the standards of proof expected for identifying whether a sanctions match is positive or otherwise would be helpful. We also welcome OFSI’s recent initiative to publish blogs to keep businesses apprised of financial sanctions events, changes to OFSI guidance and topical issues. Publication of case studies by sector, following conclusion of investigations, would assist firms in embedding compliance training and awareness and the consequences of non-compliance.
The impact of the implementation of the current regimes on individuals, firms and the wider economy, including unintended consequences, such as the removal/refusal of financial services from/to individuals or firms
- As well as investing significant resources in ensuring they have adequate systems and controls to comply with money laundering requirements, financial services providers who fall foul of regulatory requirements are subject to a range of enforcement actions including fines and suspension or withdrawal of a firm’s authorisation. Individuals may also be prohibited from carrying on regulated activities.
- Although general insurers and brokers are regarded as low risk and are not covered by the MLRs, they are required to comply with regulatory requirements and put in place systems and controls to prevent all types of financial crime.
- Firms are required to undertake customer due diligence which in turn may lead to insurance being denied to an individual. One area that can be challenging is assessment of the risk posed by a politically exposed person (PEP). To do this (as required) on a case-by-case basis, a firm must ensure it has in place risk management systems and procedures to determine whether a potential customer is a PEP (or a beneficial owner of a legal entity with close links to a PEP), obtain senior management approval for establishing or continuing a business relationship, take measures to establish sources of wealth and funds and (if necessary) conduct enhanced due diligence. This process can be administratively burdensome.
- Sanctions can limit the provision of financial services, including insurance. Insurers must ensure, firstly, that they are able to identify designated persons and, secondly, that they obtain the necessary licences to provide insurance and/or release funds to customers.
- Inadequate information on Treasury lists can lead to delay in dealing with a customer enquiry or claim because of the need to prove or disprove a potential match. Failure to grant a licence in relation to the issuing of a policy could render an individual uninsured, potentially exposing the Motor Insurers Bureau to uninsured loss claims.
- As with money laundering breaches, insurers who breach sanctions obligations face a variety of enforcement actions. The PCA introduced a series of measures (from 1 April 2017) that strengthen the Government’s response to breaches, including imprisonment (on conviction on indictment) for up to 7 years and OFSI’s power to impose monetary civil penalties.
- The requirements imposed upon insurers through the Sanctions and Anti-Money Laundering Bill[5] currently progressing through Parliament must be clear, proportionate and practical. While we welcome the obligation placed upon the relevant Minister to issue guidance on best practice, exceptions, enforcement and so on, such guidance must be substantive, and not merely ‘explanatory’ in nature. We would support FAQ-style guidance similar to EU/US financial sanctions guidance.
- Insurers must be able to identify those designated through their screening procedures. We are therefore reassured that designation by name will continue to be the standard procedure, with designation by description limited to rare circumstances, such as to guard against sanctions being circumvented by terrorist groups that change their name, fracture into smaller groups or merge into entities with different names.
- Individuals who are designated must be treated fairly. We note that while sanctions regulations will be reviewed on an annual basis, reviews of qualifying designated persons will only be reviewed every three years. Such persons must therefore be able to challenge their status in appropriate circumstances during the three-year period.
The role of financial institutions and/or professional bodies in these regimes
- It is incumbent upon financial institutions to have in place suitable systems and controls to enable compliance with financial crime regulations and legislation. This includes policies and procedures that enable submission of suspicious activity reports and regulatory returns, such as the FCA Annual Financial Crime Return.
- Financial services providers will, for example, invest significant sums in ensuring they comply with the financial sanctions regime and often the same parties (individuals/companies) will be screened on multiple occasions, across the different businesses with whom they transact. A more joined-up approach, which reduces duplicate screening, would benefit both financial services providers (particularly SMEs with less resource) and their customers.
- In relation to complex business arrangements, requirements to adhere to current requirements can lead to decisions being taken not to accept what may be legitimate business. The cost and overheads associated with undertaking Enhanced Due Diligence (EDD) for clients with complex or unusual business structures can make it uneconomic for the product provider to take on their business.
- In commercial insurance, brokers have a key role to play in collecting information about directors and ultimate beneficial owners (UBOs), as well as the exact nature of a business. We consider there is scope for further improvement in the consistency of the collection of data about risks and those seeking cover in the general insurance broker market and transmission of all relevant data to an underwriter.
- The Trusts Register hosted by HM Revenue and Customs is not currently available to financial crime teams within regulated financial services providers. Opening-up such access would assist firms in identification of money laundering activity.
- The role of professional bodies is perhaps best illustrated in relation to the supervision of the legal and accountancy professions, which were previously supervised by a plethora of different supervisors. OPBAS has a key role to play in ensuring that supervisory standards are consistent across the professional bodies and in seeking to enable better information and intelligence sharing between the bodies.
The UK’s role in international efforts to tackle money laundering and terrorist financing and implement sanctions
- The ABI recognises that the UK works in tandem with its international partners to tackle the threats posed by financial crime and has indeed been a leading player in closing-down opportunities to launder the proceeds of illicit activity. The 2016 Anti-Corruption Summit held in London led to over 600 specific commitments made by more than 40 countries and six major international organisations. The Summit Host, the then Prime Minister David Cameron, commented: “We are talking about stopping the corrupt hiding their loot from authorities. When people steal from your country and hide it in mine, we can find it and return it to you”.
- The UK has implemented many reforms, including the transposition of 4MLD into UK law through the MLRs bringing the UK’s AML and CTF regime into line with the latest international standards. These should put the UK in a relatively good position in relation to the 2017/18 mutual evaluation of the effectiveness of the UK’s AML framework, though we have identified several weaknesses that need to be addressed.
- We consider that there needs to be greater transparency and regulatory guidance in relation to the use of tax havens. This would help to identify the real owners of offshore companies doing business – and those owning assets - in the UK.
- Money laundering thrives when assets can be hidden through shell companies and ownership structures, and transparency is a powerful weapon in the fight against financial crime. We welcome the Foreign and Commonwealth Office’s recent announcement that it intends to promote public registers of company ownership. New transparency measures, which will be introduced by way of an amendment to the UK’s Sanctions and Anti-Money Laundering Bill will bring the position of British Overseas Territories (BOTs) in line with that of the UK by creating registers of beneficial ownership. We would support equivalent transparency measures being adopted in the Crown Dependencies of Jersey, Guernsey and the Isle of Man.
- We believe that the role of financial services providers in combatting financial crime would be enhanced if financial services providers had a better understanding of the international cooperation that takes place in the light of submission of suspicious activity reports.
- When the UK leaves the EU, sanctions will continue to be implemented through new powers to fulfil the UK’s international obligations under the UN and impose further sanctions domestically. The powers are contained within the Sanctions and Anti-Money Laundering Bill currently awaiting Third reading and Report Stage in the House of Commons.
- The ABI’s views on the Bill are outlined elsewhere in this submission.
Consumers and economic crime
The current legislative and regulatory landscape, including any weaknesses
- Given the focus of the above section on financial crime, our responses are predicated on the relevance of the questions to insurance fraud only.
- The insurance sector is regulated by the FCA for conduct regulation.
- The FCA SYSC sourcebook sets out the overarching requirement[6] that a firm must take reasonable care to establish and maintain effective systems and controls to enable compliance with applicable requirements and standards under the regulatory system for countering the risk that the firm might be used to further financial crime.
- While the FCA rules focus on the risk posed by money laundering, they do reference other obligations which are relevant to the fraud risk, including compliance with the Proceeds of Crime Act 2002. Moreover, the FCA provides guidance on steps that a firm can take to reduce the risk that it might be used to further financial crime.
- The Financial Crime Guide contains a dedicated chapter on ‘fraud’. This reflects the FSA’s previous thematic work in this area. It does not specifically address certain topics, including insurance fraud. This is in recognition that the FCA’s limited resources are better directed elsewhere, given the strong incentive that firms should have to protect themselves from fraud. The Guide also provides links to several bodies active in counter fraud, including the City of London Police – the UK’s lead force for economic crime which hosts the Insurance Fraud Enforcement Department (see below). The ABI supports this approach.
- The fraud chapter does, however, provide general advice on fraud prevention, including self-assessment questions and examples of good and poor practice.
- As referenced earlier, the FCA is currently consulting on changes to the Guide[7], albeit mainly to introduce provisions on insider dealing and market manipulation.
- Many financial firms are required to submit an Annual Financial Crime Report to FCA[8]. This includes a requirement to identify the top three fraud risks faced by a firm. The Return ensures that the FCA receives information about the firm’s financial crime prevention controls and information about fraud risks that helps to inform FCA fraud trend analysis.
- In assessing the approach adopted by a sector, a key question that the FCA asks is “how good is a sector at collaborating to mitigate the risk to its financial crime objective?” Collaboration is key to combatting fraud and we consider that any sector that fails to heed this warning is potentially opening itself up to close regulatory scrutiny.
- The Solicitors Regulation Authority (SRA) also has a key role to play in combatting insurance fraud. The Insurance Fraud Taskforce[9] makes several recommendations designed to secure an evolution of the role and powers of the SRA. A key recommendation is that insurers – via the Insurance Fraud Bureau (IFB) – should provide the SRA with evidence regarding claimant law firms suspected of fraud and that the SRA in turn should investigate and act accordingly.
- Like many regulators, the SRA adopts a risk-based approach. Historically, it has tended to focus on issues where there has been direct consumer detriment to consumers, such as a breach of the client account rules. However, some promising headway has been made and the IFB and the SRA have put in place a process that has been successful, seeing the insurance industry make numerous referrals to the SRA. Whilst little detail can be provided about the live and ongoing investigations at a granular level, the process has led to referrals being escalated and reviewed by the supervisory team. The level of investigation will vary from monitoring through to active forensic investigation leading to potential intervention. Several insurance-related law firms have been subject to intervention.
- It is important that the SRA is afforded enforcement powers that deter wrongdoing and sufficiently punish those solicitors who breach the practice rules, including committing or enabling insurance fraud. The SRA is currently only able to fine individual solicitors up to £2000. More serious offences are dealt with by the Solicitors Disciplinary Tribunal (SDT) which requires a case to be proven to the criminal standard. The ABI supports the recommendations of the Insurance Fraud Taskforce that the SRA should take a tougher approach to combatting insurance fraud and that the Government should consider strengthening the fining powers of the SRA for fraudulent or corrupt activity and review the standard of proof used in cases put before the SDT. The ABI would support the SDT adopting the civil standard of proof, bringing it in line with the practice adopted by the Bar Council in 2017.
- In addition to the regulatory framework, several key legislative developments impact on insurers’ ability to combat fraud.
- Information sharing is vital to enable insurers to detect fraud. And many insurers share information via the Insurance Fraud Bureau and strictly governed databases, such as the Insurance Fraud Register and the Claims & Underwriting Exchange. It is vital that insurers ongoing ability to share such data for legitimate counter fraud purposes that are in the public good is not inadvertently hampered by the UK adopting an overzealous interpretation of the requirement of the General Data Protection Regulation (GDPR).
- ABI welcomed the Government’s recent announcement[10] to introduce a Bill to reform the law relating to whiplash claims and the way in which the personal injury discount rate is set.
- The proposals will benefit both motorists and businesses who have been paying more for their motor insurance than ever before by tackling some of the root causes. Soft tissue injury claims are 40% higher since 2005 whilst accidents have fallen nearly 30% in the same period as cold calling firms have thrived, driving up the cost of insurance. The Bill will ensure that people in England and Wales receive fair compensation while reducing excess costs in the system. In a competitive market, cost benefits get passed through to consumers as they did after previous reforms in 2012[11] which saw average motor premiums fall by £50 on average over the next two years.
- The ABI also supports the reforms being brought about by the Financial Guidance and Claims Bill. Cold calling claims cowboys are driving many frivolous personal injury claims. There are more than 750 personal injury claims management companies (CMCs) in the UK, turning over nearly £200m a year. In 2017, the Claims Management Regulator (CMR) cancelled 69 licences, reflecting some of the poor practice in the sector.
- While we consider that the CMR has done a good job with the limited resources at its disposal, the ABI fully supports the transfer of regulatory responsibility to the FCA. This will bring several benefits. The FCA is a well-established regulator with mature enforcement powers. The primary factors driving poor CMC behaviour are financial and the FCA is best-placed to understand the underlying business models of CMCs. This will, for example, help the FCA to clamp down on CMCs seeking re-authorisation and adapting business models to exploit new opportunities as existing loopholes are closed.
- A key way to disrupt organised insurance fraudsters is to deprive them of their (often lucrative) lifestyles. The Proceeds of Crime Act 2002 (POCA) provides the framework for asset recovery in the UK. We recognise that the Serious Crime Act 2015 introduced changes designed to make the asset recovery process simpler and more effective. This is moving in the right direction. However, the process is still unnecessarily protracted. Even if assets can be identified, it can still take years to confiscate and return the illicit proceeds of crime to the owner. As such, the Government should keep this matter under review. For this reason, we welcome the Home Office’s commitment to publishing an asset recovery action plan setting out its plan to do more to improve performance in the asset recovery regime.
The scale and nature of economic crime faced by consumers, including emerging trends
- Insurance fraud cuts across every type of insurance. At one end of the spectrum, fraud may be committed by opportunists, where people encounter an opportunity within their everyday experiences to invent or exaggerate a claim or to deliberately or recklessly provide false information when applying for insurance. At the other end, there are highly organised criminal gangs, for example fraudsters involved in ‘crash for cash’ or ghost broking scams.
- In 2016, insurers detected 125,000 dishonest general insurance claims valued at £1.3bn. The number was down 5% on 2015, while their value fell 3%.
- The level of organised fraud fell by around 30% on 2015, with 15,000 frauds valued at £174m detected. This fall reflects the work of the Insurance Fraud Bureau (IFB) and the Insurance Fraud Enforcement Department (IFED) in exposing crash for cash staged motor accidents, and other organised frauds, such as criminals (commonly referred to as ‘ghost brokers’) offering fake motor insurance. Fraudsters are highly mobile and have moved into new areas such as bogus liability claims. In 2016, there was an epidemic in false food poisoning claims made against some overseas hotels and tour operators, often encouraged by disreputable CMCs.
- While motor insurance frauds remain the biggest threat, in 2016 the number (at 69,000) fell 4% on 2015; their value (at £780m) was down 5%. The reduction in organised fraud, such as crash for cash, contributed to this reduction. However, there was a small rise in opportunistic motor insurance frauds. While the overall number of opportunistic frauds detected (at 110,000) remained unchanged on 2015, there was a rise in opportunistic motor insurance frauds uncovered – 77,000 compared to 54,000 in 2015. Opportunistic fraudsters will generally be otherwise law-abiding citizens. They are often encouraged by disreputable CMCs.
- Despite the considerable investment of the insurance industry in initiatives such as the IFB and IFED, the ABI believes that at least a similar amount of fraud goes undetected (as is detected) each year.
The response of the Treasury and its associated bodies to economic crime consumers face
- As part of the Government’s modern crime strategy, in December 2017, the Home Secretary announced a new National Economic Crime Centre (NECC) within the UK. The ABI supports the establishment of the NECC. Given that many economic crime problems will have more than one driver (e.g. opportunity, character, profits, drugs etc), this requires a coordinated approach. The best way to tackle crime – particularly organised crime – is to bring together expertise from across government, law enforcement, regulators and the private sector and to share intelligence to help make the UK a more hostile environment for committing crime.
- The Treasury sponsored the Insurance Fraud Taskforce, which was launched in January 2015 under the stewardship of David Hertzell, the former Law Commissioner. The rationale for establishing the Taskforce was essentially three-fold: firstly, the cost of insurance fraud drives up premiums for everyone; secondly, insurance fraud was becoming morally acceptable and thereby corroding trust in society; and, thirdly, there are links between insurance fraud and other serious organised crime.
- The overarching aim of the Taskforce was to make recommendations to make the UK more resilient to insurance fraud. The industry has made good progress in implementing the recommendations, notably in relation to improving consumer understanding, publishing good practice guides, data sharing and identifying emerging trends.
- The final recommendation of the Taskforce was for the Government to establish a legacy vehicle to ensure that the Taskforce recommendations are implemented. It is disappointing that a legacy vehicle was never established formally. The Treasury – who were ideal candidates to administer the vehicle - were unable to commit resource. However, the Treasury has been able to attend periodical roundtable meetings of those stakeholders charged with taking forward the recommendations. These meetings have served a useful purpose in maintaining momentum and the presence of the Treasury has helped in getting the right people round the table. Moreover, the Treasury has fulfilled its initial obligations to publish an annual progress report to Ministers, albeit the first (2016) report was not published until the following August and the 2017 report is still awaited.
- A key pillar of the insurance industry’s counter fraud strategy is to pursue wherever possible a proactive robust approach to enforcement that goes beyond mere detection and refusal of a policy application or repudiation of a claim. While recognising that the judiciary might not strictly be classed as an “associated body” of the Treasury, we should like to take this opportunity to assert that the approach of the judiciary towards sentencing is inconsistent. The ABI welcomed the 2013 sentencing guidelines which recognised, for the first time, the serious physical (as well as financial) harm that insurance fraud can cause and put sentencing periods on a par with crimes that had traditionally seen tougher sentences (e.g. banking fraud and confidence fraud). However, we are seeing evidence of many convicted insurance fraudsters receiving suspended sentences and other non-custodial sanctions (e.g. community service orders). This undermines the impact of the industry’s counter fraud strategy and messaging.
Consumer education, responsibility and vulnerability in relation to economic crime
- Too many consumers fail to recognise that insurance fraud is a criminal offence. The cost of insurance fraud is not simply absorbed by a faceless corporation, it is passed on to consumers by way of increased premiums.
- Those consumers who purchase fake motor insurance from ghost brokers and consequently drive uninsured face a myriad of potential consequences. Aside from purchasing a worthless policy, these include acquiring penalty points on your driving licence, receiving a fixed penalty notice and having your vehicle seized and potentially destroyed.
- Ghost brokers often target vulnerable people or communities, although there are also cases where people have knowingly purchased fraudulent or invalid policies to try to cut costs. The industry recognises that it has a duty to raise awareness about the issue of ghost broking to stop innocent people being targeted and to educate those who may consider buying insurance from a disreputable source. The industry also works closely with the police to bring down websites used to sell fake insurance and to take enforcement action to bring ghost brokers to justice.
- More generally, fraudsters are opportunistic, creative and innovative; quick to identify new targets and vulnerabilities and to adopt new tools and techniques.
- Given that heightened awareness of the consequences of fraud acts as a deterrent to opportunistic fraud, insurers and other public and private organisations are working hard to promote fraud awareness across all sectors in the UK. We would therefore encourage further cross-sector campaigns to educate the public about fraud and how to protect against it. In view of an ageing UK population, one area that the Government should focus on in providing safeguards and raising awareness is in relation to the use of powers of attorney.
- Following the introduction of pension reforms around freedom and choice in April 2015, the ABI supports awareness initiatives undertaken by bodies such as the Pensions Regulator and the Government Pensions Advisory Service aimed at promoting informed choice on pension options and protecting against pension scams.
- One of the many complex challenges faced by the industry is identifying ways of interrupting dishonest behaviour while reassuring honest customers and avoiding any barriers to the timely payment of legitimate claims. Opportunistic fraud is believed to account for a significant majority of the total value of undetected fraud. Tackling this type of fraud has been a long-standing challenge to the industry and forms one of the key recommendations of the Insurance Fraud Taskforce.
- As part of the industry’s commitment to developing a communications strategy to tackle opportunistic insurance fraud, the ABI and the IFB has appointed behavioural experts to carry out research into the impact of various interventions in the customer journey that could change attitudes and behaviours towards insurance fraud, reduce the propensity of some people to be dishonest and reduce the cost of fraud, without disrupting honest customers.
The role and effectiveness of financial institutions in combatting economic crime that consumers face
- The insurance industry is committed to tackling all forms of insurance crime and protecting honest customers from fraudulent activity and rising costs as a result.
- The insurance industry invests significant resources to help prevent people from falling victim to, and getting involved in, financial crime and scams. In addition to insurers improving their own anti-fraud systems to protect customers and firms, the industry fully supports a collaborative approach to tackling financial crime and fraud. It is conservatively estimated that ABI members spend at least £200m a year on measures to combat fraud that focus on the three core pillars of prevention, detection and enforcement. This includes several core counter fraud initiatives that have led to a sea-change in the way that insurance fraud has been tackled over the last twelve or so years.
- The IFB is a not-for-profit company established in 2006 focused on the detection and prevention of organised fraud. The IFB supports the insurance industry and law enforcement by providing intelligence and assisting investigations. The IFB also raises public awareness of insurance fraud scams: how they work and how to spot them, so that the chances of being caught out are reduced. The IFB has assisted the police in securing of 536 convictions that have resulted in more than 500 years custodial sentences.
- IFED is a specialist police unit dedicated to tackling insurance fraud. Established in 2012, IFED is funded by the ABI and Lloyds of London members, and is hosted by the City of London Police. IFED's team of detectives, financial investigators and police staff act with operational independence while working closely with the insurance industry. IFED targets established criminality – including motor insurance fraud, commercial and public liability fraud – while at the same focusing on emerging threats. Since its inception in 2012, IFED has secured more than 340 convictions.
The potential for technology and innovation to assist those committing and combatting economic crime
- Technology and innovation already play a key role in combatting insurance fraud. Insurers share data and intelligence via different sources, ranging from insurers in-house analytics to industry-wide measures, and those where the remit of data sharing extends beyond the insurance sector.
- There are several databases that are operated by the industry, including the Insurance Fraud Register (IFR), the Claims and Underwriting Exchange and MyLicence, all of which have a consistent, clear and robust governance framework. Innovation is also central to the evolution of databases. They have two consistent principles in their respective roadmaps for development; firstly, to improve where possible the integrity and availability of data at both the application and claims stage; secondly, where possible to allow access to the data to a wider group. These principles have been reflected in recent developments including:
- Improving the quality and consistency of CUE data, beginning work to make CUE available at the point of quote, and bringing travel insurance within scope.
- The industry also worked closely with the Law Society, the Motor Accident Solicitors Society (MASS) and the Association of Personal Injury Lawyers to introduce AskCUE PI – which allows claimant lawyers to verify the claims history of claimants via this service before filing a soft tissue claim (as required by the Civil Procedure Rules). This service also helps the IFB to identify trends and patterns of behaviour of claimant lawyers.
- The IFR, the industry’s database of confirmed frauds, continues to go from strength to strength with around two-thirds of the general insurance market participating. Membership of the IFR was opened-up to the Lloyd’s market in December 2017.
- The No Claims Database is an online service allowing insurers secure access to NCD data via the MIB Hub – thereby replacing the need for motor insurers and policyholders to manually exchange papers about a policyholder’s NCD data.
- Many insurers subscribe to commercial analytics solutions which operate alongside their traditional claims and risk management tools, such as ‘red flag’ indicators, studies of behavioural traits, identity verification tools, device software, voice recognition and other data mining tools. While each solution will offer its own unique features, and can often be tailored to meet the insurer’s bespoke needs, they will typically comprise fully integrated defence platforms for fraud and risk management aimed at uncovering suspicious behaviour across the policy lifecycle by identifying and scoring networks of customers across an organisation’s product portfolio. These tools are aided by the inclusion of fraud prevention data from various commercially available organisations.
- The insurance industry has developed a clear strategy for managing transactional (e.g. claims), proven and suspected fraud data. This strategy fits with wider initiatives such as the National Fraud Intelligence Bureau (NFIB), the UK’s current fraud detection hub, operated by City of London Police, and the Counter Fraud Data Alliance (CFDA). The CFDA is the national data sharing concept being led by the Cabinet Office that will build on initiatives already in place at sector level, and through which confirmed fraud information will be made available across the private and public sector[12] so that organisations providing products, services and benefits can better assess the fraud risk in their applications.
- The industry would welcome support from Government and legislators in ensuring that such data sharing (with all the appropriate controls and measures in place to ensure it is relevant and proportionate) remains permissible in any future regulatory and legislative regime. Furthermore, support from other sectors, particularly banks and public sectors organisations such as DWP and HMRC, would assist with increasing fraud detection rates.
- One area where we consider that the insurance industry’s counter fraud efforts have not been fully supported has been in relation to increased access to the DVLA’s KADOE (Keeper at the Data of Event) database. The DVLA had restricted permitted uses to situations where a claim had arisen and where there was specific evidence of fraud. This impeded insurers ability to counter fraud, particularly application fraud, including ghost broking where the insurer would also wish to warn an individual that they were uninsured. However, following extensive dialogue with industry, in July 2015 the DVLA agreed to extend the permitted uses of KADOE in a limited number of areas including ghost broking, crash for cash and credit hire claims fraud. The ABI subsequently sought further permitted uses (for example, in relation to application fraud). Despite positive discussions with the DVLA, in April 2016, the ABI was advised that the DVLA Data Sharing Clearance Panel had refused all requests for additional permitted uses. This was extremely disappointing given that these uses would have delivered numerous benefits. As well as informing the identification of fraud, access would aid insurers in paying legitimate claims expeditiously.
- In addition to data sharing, the insurance industry is exploring how to best use emerging technologies, not least to support the industry drive towards digitisation. The availability of increasing amounts of data online or through data breaches has facilitated fraudsters’ use of personal data in criminal activity. Biometrics can play a central role in validating someone’s identity and may prevent account takeover and other forms of application fraud. And machine learning and artificial intelligence provide a means to analyse huge swathes of data and identify patterns of fraud.
The security of consumers’ data
- Insurers take the security of customers’ data very seriously and adopt a variety of measures to ensure that data is kept safe. This includes stringent vetting of potential employees who will be handling customer data; putting in place policies and procedures that are fully understood by staff; and ensuring access to sensitive areas is restricted and that data can only be accessed for business reasons. In short, insurers follow guidance from the FCA and data protection requirements and will have in place systems and controls to minimise the risk of data theft.
- While data theft within the insurance sector is not a systemic issue, there have been instances where approaches have been made to insurance staff by CMCs, or by people acting on behalf of CMCs, who attempt to induce the insurance employee into stealing customer data. CMCs may then use this data to make nuisance calls or text messages to individuals to try to persuade them to make frivolous claims often for personal injury. ABI commissioned research (2015) showed that 83% of people had been contacted by a CMC encouraging them to claim compensation for personal injury or other financial loss. 92% said the contact had no relevance to them.
- Insurers will regularly remind staff of their data security obligations and the consequences of stealing customer data. As well as adhering to the data security and handling policy within the workplace, staff are on their guard outside of the workplace (and when using social media). They will rebut any approaches and are urged to report any suspicious activity. They are also urged to report any suspicious activity of colleagues and to retain evidence.
- On the very rare occasions that insurance company employees have been induced to steal data on behalf of others they have been dealt with firmly. Aside from the loss of their jobs, other measures taken against insider fraudsters have included referral to IFED by their employer and prosecution[13].
- Combatting data theft is an industry priority. While insurers will continue to do all that they can to mitigate this threat, it is vital that the legislators, regulators and judiciary play their part too. We know that CMCs are often behind efforts to induce staff to provide data and will then bombard insurance customers and others with nuisance calls to try to convince them to make a claim, often when they have not suffered any loss.
- CMCs do not just cause a nuisance, they can cause real economic harm through promoting frivolous and fraudulent claims, which in turn push up insurance premiums for everyone. It is vitally important that there is effective regulation of CMCs, including shutting down those that engage in illegal and unscrupulous behaviour. The ABI fully supports the transfer of regulatory responsibility for CMCs to the FCA. Where directors of CMCs are prosecuted, the courts must play their part in in handing down appropriate sentences to deter future wrongdoing.
ABI May 2018
19