Insurance regulator orders frequent audits on high-risk clients
Business
By
Graham Kajilwa
| Sep 06, 2025
Insurance companies will be required to frequently audit their high-risk customers in line with new guidelines issued by the regulator.
The move aims at strengthening their internal anti-money laundering (AML) measures.
Also to be audited are products, distribution channels and customer identification programmes. A guidance note provided by the Insurance Regulatory Authority (IRA) says insurers should conduct frequent audits of higher-risk areas of their operations prone to money laundering.
The guidance note on independent review of the anti-money laundering (AML) compliance also stipulates who can carry out these audits.
READ MORE
Jilted lover attacks woman in Bungoma
Pilot, co-pilot killed in LaGuardia runway collision
A free lecture for those who want professors to retire early
How NARC resuscitated imperial presidency that Kenyans loathed
KNEC opens KCSE registration for 8-4-4 candidates
Family calls for justice over woman's murder
How Kenya missed out on Sh125b World Bank project
From austerity to handouts: Ruto's Sh4.7tr pre-election budget to appease Kenyans
Kenya's school categorisation gives us a false sense of unity
IRA says the audit can be either outsourced or done internally. When outsourced, the insurer will still be responsible.
The independent review is meant to audit the underwriter's regulatory compliance with the relevant laws, measures put in place to detect, deter and report suspicious financial activities, gaps and potential risks, and areas of improvement. IRA states that the note is for guidance purposes only and does not supersede or replace any legal requirement.
It adds that the review is not a financial audit but rather a verification of the adequacy, appropriateness, effectiveness and compliance of the institution's AML programme.
"The objective of the independent review is to form an opinion of the overall integrity and effectiveness of the AML programme, including policies, procedures, and processes," says IRA in the guidance note published in September 2025.
The note states that in line with the best practices and recommendations from the Financial Action Task Force (FATF), an intergovernmental global body that develops policies on anti-money laundering, the review should be risk-based.
This should consider the nature, scale, risk profile and complexity of the institution. "Higher risk areas need to be reviewed in every audit, while lower risk areas can be reviewed on some form of rotational basis," the guidance note reads. "In this context, risk includes both inherent money laundering, terrorism financing, proliferation financing risk, such as high-risk customers, products, distribution channels or geographical locations and compliance risk, such as adequacy and implementation of the customer identification programme."
If the review is conducted internally, IRA says the staff should be independent from AML counter terrorist financing (CTF) or countering proliferation financing (CPF).
"The institution should ensure that AML, CTF and CPF review is incorporated in the job description of the staff who will conduct the review," says IRA.