No Support JavaScript
Main Content Area


Title: Directions Governing Anti-Money Laundering and Countering Terrorism Financing of Insurance Sector Ch
Date: 2014.01.06
Legislative: 1.Promulgated on January 6, 2014 per Order No. Jin-Guan-Bao-Zong-Zi-10202576291 of the Financial Supervisory Commission

1.These Directions are specifically adopted to strengthen the anti-money laundering and countering terrorism financing (AML/CFT) regime of Republic of China (R.O.C.), and enhance soundness of the internal control and internal audit system of the insurance industry in R.O.C.

2.An insurance business shall conduct customer due diligence (CDD) and keep records on all business relations and transactions with its customers in accordance with the Directions as well as "Money Laundering Control Act", "Regulations Governing Cash Transaction Reports (CTR)and Suspicious Transaction Reports (STR) by Financial Institutions" and relevant provisions.

3.The "insurance business" referred to in the Directions include insurance companies, insurance agent companies, insurance broker companies and postal institutions conducting simple life insurance business.

4.An insurance business shall comply with the following provisions in undertaking CDD measures:
(1) An insurance business shall not allow anonymous customers, customers with fictitious names, fictitious companies or entities to be insured.
(2) An insurance business shall undertake customer due diligence (CDD) measures when:
A.establishing business relations with any customer; receipt or payment in a single transaction (including all transactions recorded on cash deposit or withdrawal vouchers for accounting purpose), or the transaction of currency exchange of NTD 500,000 or more (including the foreign currency equivalent thereof); or
C.there is a suspicion of money laundering or terrorism financing, or carrying out inward remittances from a country or region with high money laundering and terrorism financing risk; or insurance business has doubts about the veracity or adequacy of previously obtained customer identification data.
(3) The CDD measures to be taken by an insurance business are as follows:
A.Identifying the customer and verifying that customer's identity using reliable, independent source documents, data or information. In addition, an insurance business shall retain copies of the customer's identity documents or record the relevant information thereon.
B.Verifying that any person purporting to act on behalf of the customer is so authorized, identifying and verifying the identity of that person using reliable, independent source documents, data or information where the customer applies for insurance coverage, claims request, contract changes, or other transaction. In addition, the insurance business shall retain copies of the person's identity documents or record the relevant information thereon.
C.Taking reasonable measures to identify and verify the identity of the beneficial owner of a customer.
D.Enquiring information on the purpose and intended nature of the business relationship when undertaking CDD measures.
(4) According to Item 3 of the preceding Subparagraph, an insurance business shall obtain the following information to identify the beneficial owners of the customer when the customer is a legal person or a trustee:
A.For legal persons:
(A) The identity of the natural persons who ultimately have a controlling ownership interest in a legal person. A controlling ownership interest refers to owning more than 25 percents of a company's shares or capital;
(B) To the extent that there is doubt under (A) above as to whether the person(s) with the controlling ownership interest are the beneficial owner(s) or where no natural person exerting control through ownership interests is identified, the identity of the natural persons (if any) exercising control of the customer through other means.
(C) Where no natural person is identified under (A) or (B) above, an insurance business shall identify and take reasonable measures to verify the identity of the relevant natural person who holds the position of senior managing official.
B.For trustees: the identity of the settlor(s), the trustee(s), the trust supervisor, the beneficiaries, and any other person exercising ultimate effective control over the trust;
C.Unless otherwise provided for in the Proviso of Point 5, an insurance business shall not be required to inquire if there exists any beneficial owner in relation to a customer that is
(A) a R.O.C government entity;
(B) a enterprise owned by the R.O.C government;
(C) a foreign government entity;
(D) a public company and its subsidiaries;
(E) an entity listed on a stock exchange outside of R.O.C. that is subject to regulatory disclosure requirements of its principal shareholders, and the subsidiaries of such entity;
(F) a financial institution supervised by the R.O.C. government, and an investment vehicles managed by such institution;
(G) a financial institution incorporated or established outside R.O.C. that is subject to and supervised for compliance with AML/CFT requirements consistent with standards set by the FATF, and an investment vehicle managed by such institution;
(H) Public Service Pension Fund, Labor Insurance, Labor Pension Fund and Postal Savings of R.O.C.
D.Unless otherwise provided for in the Proviso of Point 5, an insurance business shall not be required to inquire if there exists any beneficial owner in relation to a customer that applies for health insurance or insurance with no policy value.
(5) Ongoing monitoring on transactions:
A.An insurance business shall conduct ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the institution's knowledge of the customer, their business and risk profile, including, where necessary, the source of funds.
B.An insurance business shall periodically review the adequacy of customer identification information obtained in respect of customers and beneficial owners and ensure that the information is kept up to date, particularly for higher risk categories of customers.
C.An insurance business is entitled to rely on the identification and verification steps that it has already undertaken, therefore an insurance business is allowed not to repeatedly identify and verify the identity of each customer every time that a customer conducts a transaction unless it has doubts about the veracity of that information. Examples of situations that might lead an insurance business to have such doubts could be where there is a suspicion of money laundering in relation to that customer, or where there is a material change in the way that the customer's account is operated, which is not consistent with the customer's business profile.
(6) An insurance business shall apply CDD measures to existing customers on the basis of materiality and risk, and to conduct due diligence on such existing relationships at appropriate times, taking into account whether and when CDD measures have previously been undertaken and the adequacy of data obtained.

5.An insurance business shall determine the extent of applying CDD and ongoing monitoring measures under Subparagraphs (3) and (5) of the preceding Point using a risk-based approach (RBA). The enhanced CDD and ongoing monitoring measures shall be applied to those circumstances with higher risk while the simplified CDD measures are allowed where a lower risk has been identified. However, simplified CDD measures are not allowed in the following circumstances:
(1) Where the customers are from or in countries and jurisdictions known to have inadequate AML/CFT regimes, including but not limited to those which  designated by international organizations on AML/CFT as countries or regions with serious deficiencies in their AML/CFT regime , and other countries or regions that do not or insufficiently comply with the recommendations of international organizations on AML/CFT as forwarded by the Financial Supervisory Commission (FSC); or
(2) Where an insurance business suspects that money laundering or terrorism financing is involved.

6.An insurance business shall keep records on all business relations and transactions with its customers in accordance with the following provisions:
(1) An insurance business shall maintain, for at least five years, all necessary records on transactions, both domestic and international.
(2) An insurance business shall keep all the following information for at least five years after the business relationship is ended, or after the date of the occasional transaction:
A.All records obtained through CDD measures, such as copies or records of official identification documents like passports, identity cards, driving licenses or similar documents.
B.Contracts documents.
C.Business correspondence, including inquiries to establish the background and purpose of complex, unusual large transactions and the results of any analysis undertaken.

7.Risk control mechanism and internal control system:
(1) The risk control mechanisms and internal control systems established by an insurance company or a postal institution conducting simple life insurance business according to Article 5 or 8 of "Implementation Rules of Internal Audit and Internal Control System of Insurance Industries",and those established by an insurance agent company or insurance broker company with prescribed scale of business operations  according to Article 6 of  "Regulations Governing the Implementation of Internal Control and Audit System and Business Solicitation System of Insurance Agent Companies and Insurance Broker Companies" shall contain the following items:
A.The policy and procedure to identify, assess and manage its money laundering and terrorism financing risks.
B.An AML/CFT program based on the result of risk assessment.
C.A standard operational procedure to comply with the AML/CFT regulations, which shall be included in the self-inspection and internal audit system.
(2) An insurance business shall ensure that its foreign branches and subsidiaries apply AML/CFT measures, to the extent that the laws and regulations of host countries or jurisdictions so permit, consistent with the home country requirements.

8.If an insurance business violates the Directions, the FSC may take appropriate sanctions commensurate with the seriousness of the violations in accordance with Articles 167-2, 167-3, 171-1 of the Insurance Act and other relevant regulations.