Financial Conduct Authority finds mostly effective financial crime controls at large insurers but flags gaps in risk assessment due diligence and transaction monitoring

The Financial Conduct Authority has published findings from a review of the design of financial crime systems and controls at a selection of large insurance firms, concluding that frameworks are mostly effective but need targeted strengthening. The main improvement areas are risk assessments, client due diligence and transaction monitoring, with life insurers generally showing stronger controls than retail and wholesale firms. The findings are intended to inform all insurers and insurance intermediaries operating in the UK market. Across sectors, the review identified recurring weaknesses in how firms document and tailor policies and procedures, define roles and responsibilities, map legal and regulatory obligations to controls, and oversee outsourced financial crime activities. The FCA also found that some firms lacked structured, risk-based monitoring and testing plans. By sector, retail insurance firms were rated moderate overall, with strengths in sanctions, fraud risk management, and anti-bribery and corruption, but weaker risk assessment and client due diligence. Wholesale firms were also moderate overall, with stronger design in people and knowledge, anti-bribery and corruption, and sanctions, while fraud management and the embedding of transaction monitoring were weaker. Life insurers were the strongest cohort overall, with solid performance in risk assessment, client due diligence, people and knowledge, third-party risk, and sanctions, though transaction monitoring still needs improvement. The FCA will provide individual feedback to firms that took part in the review and engage further where improvements are needed. Other firms are expected to assess the findings against their own business models and controls, and the FCA said it will continue monitoring how firms meet requirements to prevent and detect financial crime.