AML in Insurance: Identifying and Stopping Money Laundering The insurance sector rarely tops the list when financial crime professionals discuss money laundering risk. That's a problem. U.S. life insurers manage roughly $8.4 trillion in invested assets and paid $110 billion in annuity benefits in 2024 alone, according to ACLI industry data. The sheer volume of funds moving through insurance products makes the sector a meaningful target—even if SAR filings from insurers remain a fraction of total financial sector reporting.

For compliance officers and executives at insurance companies, the gap between perceived risk and actual exposure is where enforcement problems begin. Certain insurance products share structural features with money laundering vehicles: they accumulate cash value, allow early redemption, permit third-party beneficiary designations, and can be funded with large single premiums. Criminals recognize these features even when compliance programs don't.

This article covers why insurance is targeted, which products carry the highest risk, how laundering schemes actually work, what red flags matter most, and what a compliant BSA/AML program requires under 31 CFR 1025.

Key Takeaways

  • Insurance companies offering covered products must maintain a written BSA/AML program under 31 CFR 1025.210
  • The highest-risk products are single premium policies, annuities, and investment-linked policies with cash value or flexible redemption
  • Red flags include large single premium payments, early surrender requests, and unusual third-party involvement in policy transactions
  • A compliant program requires four core elements: written policies, a designated compliance officer, ongoing training, and independent audits
  • Insurers bear AML responsibility for their entire distribution network; agents and brokers carry no independent obligation under the insurance rules

Why Insurance Products Are Attractive to Money Launderers

Insurance products are built to accumulate and transfer wealth. That's the value proposition for legitimate policyholders—and it's exactly what makes certain products appealing to criminals.

The three stages of money laundering map onto insurance products with surprising precision:

  • Placement — A criminal funds a single premium life insurance policy with a large cash payment, moving illicit funds into the financial system through an insurer
  • Layering — Policy transfers, beneficiary changes, annuity income streams, and cash value loans obscure the money's origin across multiple transactions and parties
  • Integration — Surrendering a policy generates a check issued by a legitimate insurer, which looks like a clean financial transaction with no obvious criminal origin

Three-stage money laundering process placement layering integration insurance products

Not all insurance products carry equal risk. FATF's 2018 Risk-Based Approach guidance for the life insurance sector characterizes ML/TF risk in life insurance as generally lower than other financial sectors, but explicitly identifies cash value and investment products as higher risk because illicit funds can be used to purchase them. Pure protection policies (payable only on death, disability, or illness with no cash surrender value) carry minimal ML risk.

That distinction matters for program design. Controls should concentrate where risk concentrates: investment-type products, single premium policies, and anything with flexible top-up or withdrawal features.

The Reporting Gap

FinCEN reported that insurance companies filed just 641 SARs in their first year under the 2006 rule, rising to 1,276 in year two—against a backdrop of 4.7 million total SARs filed across all industries in FY2024. Even accounting for sector size differences, the insurance SAR rate remains disproportionately low relative to the funds moving through covered products. That gap reflects both genuinely lower ML risk in term products and the real possibility that suspicious activity in higher-risk products is going undetected.

Covered Products Under U.S. AML Rules

Under 31 CFR 1025.100(b), U.S. AML obligations apply to three categories of "covered products":

  1. Permanent life insurance policies, other than group life insurance policies
  2. Annuity contracts, other than group annuity contracts
  3. Any other insurance product with cash value or investment features

Group policies are explicitly excluded. The final rule was published at 70 FR 66754 on November 3, 2005, with a compliance deadline of May 2, 2006.

Who Bears the Obligation

AML program requirements apply to the insurance company—not independently to agents or brokers. FinCEN's FAQ confirms that agents and brokers carry no separate AML program obligation under the insurance rules. Even so, the insurer remains responsible for covered-product activity conducted through its entire distribution network.

That responsibility has a practical implication: the insurer must train, monitor, and oversee distribution channel conduct. Agent and broker integration into the AML program is a program requirement, not a discretionary add-on.

Two things follow from this:

  • Distribution channel oversight falls entirely on the insurer, regardless of whether agents or brokers have their own obligations.
  • Reliance on existing programs is permitted when a broker or agent is already subject to AML requirements under another BSA rule — a bank acting as agent, for example — in which case the insurer may generally rely on that entity's program for point-of-sale compliance.

How Money Laundering Happens in Insurance: Common Typologies

Single Premium Abuse and Early Surrender

A criminal places a large lump sum into a single premium life insurance policy, cleaning illicit funds in a single transaction. Shortly after, they surrender the policy early. Whatever surrender penalty they absorb is simply the price of receiving a check from a legitimate insurer—one that moves into the next laundering stage without scrutiny.

FinCEN's first-year SAR analysis identified 73 reports involving early policy termination or annuity redemption. The consistent tell: no concern about investment performance or surrender costs.

Common red flags:

  • Single large premium with no prior relationship to the insurer
  • Surrender request within weeks or months of policy inception
  • Customer indifferent to early redemption penalties

Policy Loans Against Cash Value

A criminal purchases a permanent life insurance policy using illicit funds, then borrows against the accumulated cash value. The loan proceeds appear legitimate, having passed through an insurer's books.

Repayment is optional by design. The outstanding loan is simply deducted from any future claim or surrender value. FinCEN identified 94 cases of early or excessive borrowing in year one of insurance SAR reporting and 62 more in year two.

Beneficiary and Ownership Transfers

These first two typologies exploit the policy itself as the laundering vehicle. Ownership transfers work differently — they move value across parties without a transaction.

Criminals purchase a policy in one name, then transfer ownership or reassign the beneficiary to a seemingly unrelated third party. This sidesteps traditional transaction monitoring entirely. Insurers must conduct customer due diligence on the new owner or beneficiary whenever these transfers occur.

Annuities as Integration Vehicles

A criminal invests criminally derived funds into an annuity using a single large premium, then begins receiving what appear to be regular, legitimate income payments. The periodic payments are indistinguishable from legitimate annuity income. By the time distributions begin, integration is effectively complete.

Red Flags Every Insurance Compliance Team Must Monitor

Effective detection requires calibrating monitoring to insurance-specific patterns, not banking typologies. The most actionable red flags fall into three categories:

Payment-Related Red Flags

  • Large single premium payments using cash, cashier's checks, money orders, or wire transfers from high-risk jurisdictions
  • Premium overpayments followed by a refund request from the insurer (FinCEN's SAR Activity Review identified this as a documented typology)
  • Multiple policies purchased in a short period aggregating to large totals
  • Premium payments structured in amounts designed to stay below detection thresholds

FinCEN's second-year analysis found 796 filings involving multiple cash equivalents and 256 more involving unusual payment methods.

Insurance AML red flags categories payment behavior third-party warning signs

Customer Behavior Red Flags

  • No interest in policy features, coverage terms, or investment performance
  • Immediate early surrender request after a brief holding period
  • Reluctance to provide source-of-funds documentation
  • Stated income or occupation inconsistent with premium levels
  • Customers unconcerned about surrender penalties or investment losses

Third-Party and Distribution Red Flags

  • Sudden unexplained beneficiary designation changes, especially to unrelated third parties
  • Policy loans taken shortly after purchase as collateral
  • Transactions involving intermediaries in high-risk jurisdictions
  • Agents or brokers discouraging required customer due diligence steps or expediting policy placement without adequate documentation

Transaction Monitoring Considerations

Generic banking monitoring parameters won't catch insurance-specific patterns. Monitoring systems need rules configured for early surrender requests, unusual top-up activity, rapid policy cycling, and third-party payment instructions. Pillars FinCrime Advisory works directly with insurance-sector compliance teams to optimize transaction monitoring parameters, improving alert quality on genuine risks while reducing the false positives that drain investigator capacity.

BSA/AML Regulatory Requirements for Insurance Companies

The BSA establishes specific compliance obligations for insurance companies — not just banks. Under 31 CFR 1025.210, any insurer issuing covered products must develop and implement a written AML program approved by senior management. Non-compliance is a Bank Secrecy Act violation enforced by FinCEN and the Department of the Treasury.

SAR Filing Obligations

Under 31 CFR 1025.320, insurance companies must file a SAR when they know, suspect, or have reason to suspect a transaction of $5,000 or more involves illicit funds, is structured to evade reporting, or serves no apparent lawful purpose.

Key filing requirements:

  • File within 30 calendar days of initial detection
  • If no suspect is identified, filing may be extended by 30 days (maximum 60 days total)
  • Joint SARs are permitted when a bank acting as insurance agent is involved in the same suspicious activity
  • Insurers must obtain relevant customer information from agents, brokers, and other sources to support SAR filings

Examination Authority

FinCEN examines insurance company AML programs under BSA authority, with examination authority for non-bank financial institutions delegated to the Commissioner of Internal Revenue under 31 CFR 1010.810. State insurance regulators are not named as delegated BSA examination authorities.

Building a Scalable AML Compliance Program for Insurance Companies

The Four Statutory Minimum Requirements

Under 31 CFR 1025.210(b), every covered insurer's program must include:

  1. Written policies, procedures, and internal controls based on a risk assessment of covered products
  2. A designated compliance officer responsible for program implementation, updates, and training oversight
  3. Ongoing training of employees, agents, and brokers—either directly delivered or verified through third-party training programs
  4. Independent testing by a qualified party other than the compliance officer, with scope and frequency proportionate to product risk

Four statutory AML program requirements for insurance companies under 31 CFR 1025

Risk Assessment as the Program Foundation

Before writing policies or building controls, insurers must conduct a formal AML risk assessment. FATF's life insurance guidance identifies four dimensions to evaluate:

  • Products — Single premium, annuities, and investment-linked policies require enhanced controls
  • Customer segments — Cash-paying clients, politically exposed persons (PEPs), and customers from high-risk jurisdictions trigger enhanced due diligence
  • Geographies — Distribution into or from high-risk or non-cooperative jurisdictions increases inherent risk
  • Distribution channels — Independent agents and brokers with limited oversight present higher risk than direct-to-consumer channels

When multiple risk factors converge—a cash-paying PEP, a single premium annuity, an independent broker, and a high-risk jurisdiction—the combination should trigger the most intensive monitoring and EDD requirements.

Program Maintenance and Audit Readiness

An AML program is not a document you file and revisit annually. It requires ongoing attention as products evolve, regulations change, and the risk environment shifts. Key maintenance activities include:

  • Independent audits of program adequacy and agent/broker compliance
  • Model validation for any automated monitoring systems
  • Regular training updates as new typologies emerge
  • Periodic risk assessment refresh when new products launch or distribution channels change

For insurers building or remediating an AML program, working with a specialized financial crime advisor helps resolve deficiencies before they become examination findings.

Pillars FinCrime Advisory supports the full program lifecycle—risk assessment, policy development, transaction monitoring optimization, and audit readiness—so programs hold up under regulatory scrutiny and scale with the business.

Frequently Asked Questions

What is anti-money laundering in insurance?

AML in insurance refers to the regulatory and compliance framework insurers must maintain to detect and prevent money laundering through their products, not an insurance policy type itself. U.S. regulations under 31 CFR 1025 require insurers offering covered products to implement a written BSA/AML program approved by senior management.

What is an example of money laundering in insurance?

A common example: a criminal purchases a single premium life insurance policy with illicit funds, then surrenders it shortly after—accepting the penalty—and receives a check from the insurer. That check appears to be a legitimate financial transaction, laundering the funds behind a clean paper trail.

What are the three stages of money laundering AML programs target?

The three stages are placement, layering, and integration — moving illicit funds into the system, obscuring their origin, then reintroducing them as apparently legitimate assets. Insurance products can be exploited at any stage.

Which insurance products carry the highest AML risk?

Single premium investment-type life insurance policies, annuity contracts, and other policies with cash value or flexible redemption features carry the highest risk. Pure protection policies—payable only on death, disability, or illness with no cash surrender value—carry significantly lower risk.

What are the SAR filing requirements for insurance companies?

Insurance companies must file a SAR with FinCEN under 31 CFR 1025.320 when they know, suspect, or have reason to suspect a transaction of $5,000 or more involves illicit funds or is structured to evade reporting. Joint SARs can be filed with bank agents selling covered products when both are involved in the same suspicious activity.