The UK Financial Conduct Authority (“FCA”) has issued an update to its 2010 Thematic Review “Managing bribery and corruption risk in commercial insurance broking.”1 continuing its robust approach to the monitoring of, and enforcement against, bribery and corruption risks within the insurance broking sector.
The Review found that, despite improvements in the management of bribery and corruption risk, many brokers’ internal systems and controls remained deficient. Insurance brokers, who are subject to FCA oversight if they operate in the UK, irrespective of their size or level of sophistication, should heed the FCA’s update and ensure that their anti-bribery and corruption processes meet the regulator’s latest expectations.
The Thematic Review
The Review examined the compliance culture at 10 medium to small sized brokers, nine of which were Lloyd’s brokers. Five brokers were also the subject of the original 2010 Review. Having extensively examined the brokers’ internal anti-bribery and corruption systems and controls, the FCA concluded that some progress had been made, but most brokers still failed adequately to manage the risk of bribery and corruption.
Particular deficiencies noted included:
- Over half of the files the FCA reviewed did not accurately record basic information regarding third parties engaged by the broker.2
- Whilst employee training was offered, it was rarely tailored to the specific roles the employees played in the business.3
- Most brokers had commercial intelligence databases at their disposal to assist with due diligence, but many brokers failed to use them on a routine basis.4
- Management responsible for monitoring bribery and corruption risks often had a paucity of information and, in some cases, lacked the requisite expertise effectively to oversee the risk management exercise.5
Having assessed the situation, the Review provides guidance to brokers on how to manage bribery and corruption risks. In particular, the FCA stressed the need for a holistic assessment of risk across brokers’ businesses, in addition to on-going and tailored management of bribery and corruption risk in respect of individual third parties in the insurance supply and sales chains.
The Need for a Holistic Assessment of Risk
The FCA recommends that brokers identify and assess both external and internal risks to measure their organisation’s risk profile as a whole. As to external risks, the FCA called upon brokers to expand the scope of their risk assessments. Brokers should look beyond the immediate third parties they deal with, such as sub-brokers, producing brokers and agents, and consider the risk profile of all those in their “insurance supply chain”. Simply assessing the bribery and corruption risks posed by the next entity along is insufficient.6
Internally, brokers must examine both the trading and non-trading aspects of their business.7 For example, brokers should consider the role that remuneration structures8 and recruiting processes can play in advancing or retarding anti-bribery and anti-corruption initiatives.9 Brokers should move away from bonus schemes determined by business generation alone and consider the suitability of job applicants to working in an industry where bribery and corruption risks exist.
The FCA’s broad approach offers clear benefits to brokers. Assessing both internal and external bribery and corruption risk not only improves the quality of brokers’ internal controls but also the cost effectiveness of those measures. All organisations have finite resources and if brokers adopt the FCA’s approach, they will be better placed to determine how to allocate them most efficiently.10
The Need for Individual Assessment
This broad assessment of risk should not, however, come at the expense of the robust analysis of risks posed by individual third parties. The latter is key to the holistic assessment exercise: if individual assessments are inaccurate, the holistic assessment will suffer accordingly.
The Review found that risk assessments performed on third parties engaged by brokers were frequently inadequate.11 Analysis too often focussed on single factors such as the jurisdiction in which the third party operated. Where brokers did consider multiple factors, they often failed to collate them to make an overall risk assessment.
The FCA has indicated that it expects that due diligence be adapted to the particular circumstances of each case: for example, higher- risk intermediaries should receive greater attention, and be broughtto the attention of more senior levels of management, than lower risk intermediaries. But such risk weightings should inform internal processes and not simply form the basis of a box-ticking exercise.
The FCA’s clear message is that there is no “one size fits all” for due diligence. Broking firms will be expected to meet high standards, which will require significant engagement within the business at all levels.
The FCA shows no signs of reducing its focus on the commercial insurance broking sector. However, to help improve the management of bribery and corruption risks in all regulated industries, the FCA has launched a consultation on updating its guidance on financial crime to provide regulated entities with further examples of good practice.12
Brokers should consider not only the Review but also the FCA’s and FSA’s previous actions, including the Final Notices issued against Aon, Willis, JLTS and Besso, which together imposed fines totalling over £14 million.13
The FCA expects all market participants to read and act upon its guidance and enforcement action, and fully address and engage with all bribery and corruption risks that arise in the course of business.