Anti Money Laundering/

Combating Financing of
Terrorism Framework

Anti Money Laundering Framework

Page 1 of 9
 Index

Sr. No. Particulars Page No.

1 Background and objective 3
2 Money Laundering – Definition 4
3 Money Laundering Risks 4
4 AML/CFT Governance Framework Structure 5-9
1. AML/KYC Standards
a) Basic Due Diligence (KYC)
b) When should KYC be done?
c) Risk profile of the customer
d) Enhanced Due Diligence
e) Record Keeping
2. Appointment of ‘Designated Director’ and Principal Officer
a) Appointment
b) Responsibilities
3. Recruitment and training of employees/agents
4. Internal Control/ Audit
5 Review of AML Framework 9

Anti Money Laundering Framework

Page 2 of 9
HDFC Life Insurance Company Limited Anti Money Laundering (AML) Framework

1. Background and Objective

Background:

The Prevention of Money Laundering Act, 2002 brought into force with effect from 1st July
2005, is applicable to all the financial institutions, which include insurance institutions. The
application of AML measures to non-depository financial institutions generally, and to the
insurance companies in particular, has also been emphasized by international regulatory
agencies as a key element in combating money laundering. Establishment of AML program by
financial institutions is one of the central recommendations of the Financial Action Task Force
(FATF) and also forms part of the Insurance Core Principles of the International Association of
Insurance Supervisors (IAIS). Accordingly, the Insurance Regulatory and Development Authority
of India (IRDAI) has issued regulatory guidelines to the Insurers as part of an AML Program for
the insurance sector.

Responsibility of HDFC Life Insurance Company Limited:

HDFC Life Insurance Company Ltd. (hereafter referred to as the “HDFC Life” or “Company”) is
fully committed to comply globally with all applicable laws designed to combat money
laundering and any activity which facilitates the funding of terrorist or criminal activities. HDFC
Life would meet the extant regulatory requirements and the Frame work would be amended
from time to time as may be required by the Authority and Compliance with Financial Action
Task Force requirements.

Objective:

The key objectives of this document are:

1. To lay down the detailed AML Framework of HDFC Life.
2. To ensure that none of its products are vulnerable to Money Laundering and also to ensure
that company is not used as a conduit for Money laundering.
3. To ensure compliance with the AML laws and regulations in force from time to time.
4. To protect company’s reputation.
5. To assist law enforcement agencies in their effort to investigate and track money
launderers.
6. To lay down AML compliance norms for the employees of the Company.

Anti Money Laundering Framework

Page 3 of 9
2. Money Laundering – Definition

2.1 Money Laundering is moving illegally acquired cash through financial systems so that it
appears to be legally acquired.

2.2 There are three common stages of money laundering as detailed below which are resorted
to by the launderers and insurance institutions may unwittingly be exposed to a potential
criminal activity while undertaking normal business transactions:

1. Placement - the physical disposal of cash proceeds derived from illegal activity;
2. Layering - separating illicit proceeds from their source by creating complex layers of
financial transactions designed to disguise the source of money, subvert the audit trail and
provide anonymity; and
3. Integration - creating the impression of apparent legitimacy to criminally derived wealth.

2.3 If the layering process has succeeded, integration schemes place the laundered proceeds
back into the economy in such a way that they re-enter the financial system appearing to be
normal business funds.

Section 3 of PMLA, describes the offence of Money Laundering. Section 3 reads as under:
“Whosoever directly or indirectly attempts to indulge or knowingly assists or knowingly is a
party or is actually involved in any process or activity connected with the proceeds of crime and
projecting it as untainted property shall be guilty of offence of money-laundering.”

3. Money Laundering Risks

The Company is aware that it is exposed to several risks if an appropriate AML framework is not
established, which are detailed as under:

1. Reputation Risk - Risk of loss due to severe impact on Company’s business. This requires
maintaining the confidence of authority, customers, creditors and the general marketplace.
2. Compliance Risk - Risk of loss due to failure of compliance with key Regulations governing
the company’s operations.
3. Operations Risk - Risk of loss resulting from inadequate or failed internal processes, people
and systems, or from external events.
4. Legal Risk - Risk of loss due to any of the above risks or combination thereof resulting into
the failure to comply with Law and having a negative legal impact on the Company. The
specific types of negative legal impacts could arise by way of fines, confiscation of illegal
proceeds, and suspension/termination of licenses by the regulators, criminal liability, etc.
5. Financial Risk - Risk of loss due to any of the above risks or combination thereof resulting
into negative financial impact on the Company.

Anti Money Laundering Framework

Page 4 of 9
4. AML/CFT Governance Framework structure:

As required by IRDAI guidelines, company’s AML Framework is broadly divided into the
following main components:

1. AML/KYC Standards;
2. Appointment of Designated Director and Principal Compliance Officer;
3. Recruitment and training of employees/agents;
4. Internal Control/Audit;

4.1 AML/KYC Standards:

4.1.a Basic Due Diligence [Know Your Customer (KYC)]:

Keeping in view the specific requirements of the guidelines issued by IRDAI and other
regulatory bodies and considering the potential threat of usage of financial services by a money
launderer, company shall make reasonable efforts to determine the true identity of all
customers by doing proper Customer Due Diligence (CDD). Effective procedures should be put
in place to obtain requisite details for proper identification of new customers.

1. Agents / Financial Consultant’s (FCs) shall be required to provide information to indicate any
behavioral aspects of a customer that are found to be suspicious at the time of their
interaction.

2. Special attention will be given to all complex, unusually large transactions and all unusual
patterns which have no apparent economic or visible lawful purpose.

3. Company will not enter into a contract with a customer whose identity matches with any
person with known criminal background or with banned entities and those reported to have
links with terrorists or terrorist organizations. Customer’s name screening will be done daily
against the negative list. In case any matching records are identified, it will be reported to
the relevant authority.

4. In case of receipt of order to freeze / unfreeze account is received under section 51A of the
UAPA, it will be implemented without prior notice to the designated individuals / entities.

5. Measures will be taken to identify beneficial ownership in case of non-individual customers.

Anti Money Laundering Framework

Page 5 of 9
4.1.b When should KYC be done?

1. New Customers:

a) In case of new contracts, KYC / CDD should be done before entering into any contract
pertaining to insurance with new customer.

2. Ongoing basis:

KYC should also be carried out at the claim payout stage and at times when additional top
up remittances are inconsistent with the customer known profile. Any change which is
inconsistent with the normal and expected activity of the customer, further KYC processes
and / or action as considered necessary.

4.1.c Risk Profile of the Customer

Entity Risk Assessment:

As a large Life Insurance Company, the number of policies issued, and financial transactions
conducted by the customers are of a very high magnitude. Regulations require the Company to
monitor all policy issuances and transactions there under for any suspected incident of money
laundering. However, considering the spirit as well as the requirements under the regulations,
the monitoring efforts are directed more towards the customers and transactions with higher
risk of money laundering, being the Risked Based Approach (RBA) for monitoring and controls.
Thus, our focus would be on higher risk areas e.g. risk arising from payments instruments viz.
Demand Draft vs Cheque, Online vs Offline etc., and monitoring the same for suspected money
laundering.

Adopting a RBA implies the adoption of a risk management process for dealing with Money
Laundering (ML) / Terrorist Financing (TF), keeping in mind the magnitude of risk involved.

A risk analysis would be performed to determine where the ML/TF risks are the greatest based
on customers, products and services, including delivery channels, and geographical locations.
They can change over time, depending on how circumstances develop, and how threats evolve,
and our controls would also change accordingly. This process thus encompasses recognizing the
existence of the risk(s), undertaking an assessment of the risk(s) and developing strategies to
manage and mitigate the identified ML risks.

In the context of the very large base of insurance customers and the significant differences in
the extent of risk posed by them, HDFCL shall classify the customer into high risk and low risk,
based on customer category / nature / occupation / geography / sourcing channel / products
features / premium payment modes / review of sanctions lists for money laundering or
terrorism, as follows:
Anti Money Laundering Framework
Page 6 of 9
4.1.d Enhanced Due Diligence:

It is imperative to ensure that the insurance being purchased is reasonable. Accordingly,

customer’s source of funds, his estimated net worth etc., shall be appropriately documented
and company obtains income proofs and details of sources of funds for all policies as specified
by the Company from time to time.

Premium payments are received or can be received through various modes, including, Demand
Drafts (DD), cheques, online transfers, etc. However, the Company will have power to prescribe
rules / limits etc. for any particular payment mode, or to disallow any payment mode(s) for any
one or more channel. The cash acceptance limit / rules etc. shall be such, as may be decided
from time to time, keeping in view business requirements and regulatory provisions.
PAN and KYC documents of the payor to be obtained in case of third party payment (other than
proposer).

Suspicious Transactions (including Suspicious Cash Transactions):

The AML program envisages submission of Suspicious Transaction Reports (STR) / Cash
Transactions Reports (CTR) / Counterfeit Currency Report (CCR) / Non Profitable Organisation
Transactions Report (NTR) to the Financial Intelligence Unit-India (FIU-IND) set up by the
Government of India to track possible money laundering attempts and for further investigation
and action.

Prohibition from “Tipping off”

Employees (permanent and temporary) are prohibited (should maintain strict confidentiality)
from disclosing the fact that a Suspicious Transactions Report or related information of a
policyholder / prospect is being reported or provided to the FIU-IND.

[Link] Keeping:

Company will maintain the records (either in electronic or in paper form) of types of
transactions mentioned under Rules 3 and 4 of PMLA Rules 2005 and the copies of the Cash /
Suspicious Transactions reports submitted to FIU as well as those relating to the verification of
identity of customers for a period of 5 years in order to enable company to comply swiftly with
information requests from the competent authorities. Such records shall be sufficient to permit
reconstruction of individual transactions (including the amounts and types of currency involved
(if any) so as to provide, if necessary, evidence for prosecution of criminal activity. Company will
retain the records of those contracts, which have been settled by maturity or claim, surrender
or cancellation, for a period of at least 5 years after that settlement. Records pertaining to all
other transactions, (for which the Company is obliged to maintain records under other
applicable Legislations / Regulations / Rules) the Company will retain records as provided in the

Anti Money Laundering Framework

Page 7 of 9
said Legislations / Regulations / Rules but not less than 5 years from the date of end of the
business relationship with the customer.

The Designated Director, Principal Compliance Officer and staff assisting in execution of AML
guidelines should have timely access to customer identification data, other KYC information and
records.

4.2 Appointment of ‘Designated Director’ and Principal Compliance Officer:

4.2.a Appointment:

Company will designate ‘Designated Director’ and ‘Principal Compliance Officer’ and intimate
the names of the ‘Designated Director’ and ‘Principal Compliance Officer’ to IRDAI and FIU-IND.
Any change in incumbency will be intimated to IRDAI and FIU-IND immediately.

The ‘Designated Director’ will be Managing Director or a whole-time Director duly authorized
by Board of Directors.

The Principal Compliance Officer will be at a senior level and preferably not below the Head-
Audit / Compliance / Chief Risk Officer level and should be able to act independently and report
to senior management.

4.2.b Responsibilities:

The Designated Director shall:

Ensure overall compliance with the obligations imposed under chapter IV of the Act and the
Rules.

The Principal Compliance Officer shall:

1. Implementation of the AML Program effectively, including monitoring compliance by the

company’s insurance agents with their obligations under the program.
2. Ensure that employees and agents of the company have appropriate resources and are well
trained to address questions regarding the application of the program in light of specific
facts.
3. Be responsible for regulatory reporting, as prescribed under the IRDAI guidelines, for Cash
Transactions, Suspicious Transactions, Counterfeit Currency Notes and Non Profit
Organisation details.

Anti Money Laundering Framework

Page 8 of 9
4.3 Recruitment and Training of employees/agents:
The selection process of agents shall be monitored. It shall be ensured that if any unfair practice
is being reported, then action is taken after due investigation. Company will have adequate
screening procedures when hiring employees / agents. Instruction manuals on the procedures
for selling insurance products, customer identification, record keeping, acceptance and
processing of insurance proposals, issue of insurance policies will be set out.
The concept of AML will be part of in-house training curriculum for agents.

The following training requirements are considered essential based on the class of employees.

1. Employees: A general appreciation of the background to money laundering, and the

subsequent need for identifying and reporting of any suspicious transactions to the
appropriate designated official shall be provided to all new employees who will be dealing
with customers or their transactions, irrespective of the level of seniority.

2. Sales/Advisory staff: Members of staff who are dealing directly with the public (whether as
members of staff or agents) are the first point of contact with potential money launderers
and their efforts are therefore vital to the strategy in the fight against money laundering. It
is vital that “front-line” staff is made aware of company’s AML Framework for dealing with
non-regular customers particularly where large transactions are involved, and the need for
extra vigilance in these cases.

3. Ongoing training: Refresher training at regular intervals shall be provided to ensure that
staff does not dilute its approach to AML Implementation. AML training shall cover aspects
related to:
 AML definition, guidelines and requirements
 Possible risks due to non-compliance with AML
 Prevention of fraud or suspicious transactions
 Mandatory documentation for AML

4. Records of training imparted to agents / staff in the various categories detailed above shall
be maintained.

4.4 Internal Control/Audit:

HDFC Life internal audit / inspection departments shall verify on a regular basis, compliance
with policies, procedures and controls relating to money laundering activities. Exception
reporting under AML Frame work shall be done to Audit Committee of the Board.

5. Review of AML Framework:

The AML framework shall be reviewed at least annually and changes effected based on
experience and regulatory changes shall be incorporated in the same.
Anti Money Laundering Framework
Page 9 of 9