1. Insurers should be cognisant of their exposure to ML/TF risks. Payments originating from insurers are viewed as commonplace, with the money assumed to be clean. If money launderers are able to successfully place funds into an insurance policy, they would have made significant steps in layering and integrating such funds into the financial system.

2. In the case of reinsurance business, ML/TFactivity could occur through the establishment of fictitious fronting arrangements and captives, or by the misuse of normal reinsurance transactions.

3. Insurers are reminded that the ultimate responsibility and accountability for ensuring compliance with AML and CFT(“AML/CFT”)-related laws and regulations rest with their board of directors and senior management

4. The roles and responsibilities of the board of directors and senior management in relation to AML/CFT should be clearly set out.

5. The screening of customers should include the screening of policy owners, insured persons and claimants.

6. where screening results in a positive hit against the lists (described in the notes), an insurer shall freeze without delay and without prior notice, the funds or other assets of designated persons and entities that it has control over, so as to comply with applicable laws and regulations in Singapore.

7. As a good practice, additional parameters such as date of birth and nationality should minimally be used to establish and dismiss false [positives].

8. A clear internal reporting channel should be set up for the escalation of suspicious transaction reports from the officer, employeeor agentmaking the report. The insurer should establish a single reference point(e.g. Chief Executive, Head of Compliance)within the organisation to whom all transactions suspected of being connected to ML/TF activity should be referred to (sic).

9. STRs should be filed on all suspicious transactions and cases. Where an insurer decides not to file an STR for a case that was initially thought to be suspicious, the basis for doing so should be documented, and the decision made by the initial assessor of the case should be raised to a higher authority for review and approval.

10. Certain systems may require two separate fields to be entered (e.g. name and nationality) before screening can be carried out. The system should not reject a potential hit solely due to an incorrect field match (e.g. nationality)since there may be different definitionswith regard to the nationality field (e.g. country of citizenship vs. country of residence etc.).