Growth vs compliance: A false choice?

As insurtechs grapple with managing their rapid expansion, one important question relates to their financial crime compliance obligations.  This can be challenging for insurtechs as they consider their growth agenda – What should be prioritized? How will regulations change? What regulatory technology (regtech) solutions are available? 

In our Insurtech Financial Crime Guide, these challenges are discussed to help compliance managers address their compliance obligations whilst maintaining growth. This article outlines four common principles that can help insurtechs approach the growth vs compliance challenge effectively.

1. Maintain a proactive understanding of regional and national regulations 

The regulatory environment for insurance can vary significantly across jurisdictions, making it challenging for insurtech companies to stay informed about changes in laws and compliance standards. While keeping abreast of regional legislation is essential, the savviest of firms will be proactive and aim to keep up with national and global regulations to help spot trends that may impact them down the road. Key legislation pertaining to insurance includes:

• United States: The Bank Secrecy Act (BSA) requires insurance companies with a nexus to the US to implement anti-money laundering and combating the financing of terrorism (AML/CFT) compliance programs.
• European Union: The insurance industry is regulated at a national level, but the EU’s anti-money laundering directives (AMLDs) aim to establish a consistent regulatory environment. 
• United Kingdom: In the UK, only life and investment providers are subject to AML/CFT regulations, but all insurers must follow the Senior Management Arrangements, Systems, and Controls (SYSC) framework, the Proceeds of Crime Act (POCA) 2002, and the Sanctions and Money Laundering Act (SAMLA) 2018. 
• Singapore: In Singapore, insurance providers, insurance intermediaries, and related institutions are regulated under the Insurance Act of 1966.
• Australia: The insurance industry in Australia is regulated by two main laws: the Insurance Act 1973, and the Insurance Contracts Act 1984. Insurance intermediaries, including agents and brokers, are regulated under Chapter 7 of the Corporations Act 2001.

A deep understanding of regulations enables insurtechs to identify and mitigate compliance-related risks early on. By adapting to these changes, firms can adjust their operations swiftly to comply with the new requirements. This adaptability is essential for maintaining a seamless business process and avoiding potential disruptions that may arise from non-compliance. 

2. Implement scalable risk management systems

By anticipating regulatory challenges, insurtechs can then implement risk management strategies that address potential pitfalls before they inhibit business growth. This proactive risk mitigation not only safeguards the firm’s reputation but also enhances investor and customer confidence – crucial elements for sustainable scaling. 

But what should these risk management strategies look like?

In recent years, technology, specifically regtech, has played an increasing role in compliance and risk management. These systems are designed to adapt to evolving regulatory landscapes while accommodating increasing data volumes. They often employ machine learning (ML) algorithms to analyze vast datasets, identify patterns, and prioritize potential risks. Through real-time monitoring and predictive analytics, regtech risk management systems can enhance compliance and minimize vulnerabilities, providing a robust and scalable solution for insurtechs. Automation is also a key feature of scalable regtech, as it not only enhances the speed and accuracy of regulatory requirements – like customer risk assessments – but also allows firms to allocate resources more effectively.

When implementing such systems, the Financial Action Task Force (FATF) encourages taking a risk-based approach, where standards are applied sensitively according to the customer, geographic, and product/service/channel risks. This approach allows insurtechs to calibrate their risk management tools based on the nature of their business.

3. Actively seek opportunities to collaborate with regulatory bodies

When working on aligning business strategies with regulatory expectations, insurtechs may also consider collaborating with regulatory bodies through strategic initiatives. Such collaboration could take multiple forms, including:

• Participating in industry forums to create a platform for networking. 
• Communicating regularly with regulatory authorities to advise on sector updates and trends.
• Joining advisory panels, pilot programs, or research initiatives to contribute first-hand knowledge from working in the industry.
• Participating in regulatory sandboxes to test innovations under regulatory supervision. 

By actively participating in this collaborative process, insurtechs can gain a deeper understanding of regulators’ priorities, positioning them as responsible and compliant entities – which can be advantageous when seeking approvals, licenses, or partnerships that may be necessary for future growth.  

4. Partner with an agile vendor that can meet changing requirements

Effective collaboration, however, goes beyond joining regulator sandboxes and information-sharing initiatives. Insurtechs that want to grow while staying compliant should focus on partnering with vendors that can adapt quickly to changing regulations. These agile vendors can help firms remain responsive in the face of evolving regulatory requirements.

Picking a vendor familiar with the ins and outs of the insurtech industry is equally important. Industry knowledge is crucial when it comes to tailoring solutions to address compliance challenges specific to insurance operations. It ensures that compliance efforts are not just effective but also attuned to the distinct demands of the insurance sector.

Additionally, opting for a vendor with pre-built rules for transaction monitoring and fraud detection can simplify implementation. These pre-configured rules, shaped by industry insights, make transaction monitoring more efficient and fortify fraud detection processes. This collaborative approach enables insurtechs to roll out comprehensive compliance solutions swiftly, allowing them to focus on core business goals and supporting sustainable scalability.