AML & OFAC COMPLIANCE FOR THE INSURANCE INDUSTRY

R&C: Could you provide an overview of the anti-money laundering (AML) and Office of Foreign Asset Controls (OFAC) compliance challenges that insurance companies are currently facing?

Ellis: Insurance companies have historically faced myriad sanctions risks arising from the unknown and unpredictable ways that an insured or an insured’s interests or property could be harmed. Thus, it is difficult, and sometimes impossible, to diligence in advance the many issues that can arise with insurance policies. A great example of this is maritime insurance for the global shipping industry. Vessel operators may never intend to make a port call in a sanctioned jurisdiction, but in practice, what choice do they have if there is a collision or a repair is required when a vessel is off the coast of Cuba and must make an emergency port call? Another, more recent example is in the cyber insurance space, where insurance providers often cover and compensate for a wide variety of issues that can affect a corporation or organisation’s IT infrastructure. But with ransomware attacks on the rise – and with the Office of Foreign Assets Control (OFAC) designating many of those bad actors responsible for those attacks – cyber insurance providers are often faced with the dilemma of reimbursing an insured’s ransom payments that may have potentially ended up in the hands of sanctioned parties. Unfortunately, in the modern economy, it is impossible for an insurance company to predict every scenario that may introduce sanctions liability, and there are many situations where anti-money laundering (AML) activities traditionally focused on the insured are inadequate to address those risks.

Jan-Mar 2022 Issue

Norton Rose Fulbright

Simpson Thacher & Bartlett LLP

Skadden, Arps, Slate, Meagher & Flom LLP