Credit: Devon Yu/Adobe Stock
Cyber threats will always matter, but they are not the risk most likely to catch insurers off guard in 2026. The real exposure is far more ordinary and far more likely to be overlooked: sanctions risk hiding in plain sight within routine payment flows.
The industry has built strong defenses against attacks that make headlines. What has not kept pace are the basic operational controls that protect insurers from regulatory exposure.
According to the London Stock Exchange Group (LSEG), global sanctions lists now include nearly 80,000 individuals and entities, and the volume of sanctions worldwide has risen 446% since 2017.
Yet many insurers still rely on manual, inconsistent, or outdated checks performed either internally or by partners whose processes may not meet the same standards. These controls were not designed for the speed and scale of today’s sanctions landscape.
We are already seeing the consequences across the market. In several recent industry cases, payments have nearly been processed to newly sanctioned entities simply because updated lists were not captured in time.
These were routine, recurring payments ,not cyberattacks or malicious activity, and they highlight how easily gaps can form when different parties assume someone else has run the required checks. Without real-time screening at the point of payment, such transactions can slip through and expose carriers to regulatory scrutiny and reputational risk.
This is becoming more common. LSEG reports that sanctions inflation continues to climb, with a 17.1% annual increase as of early 2025. At the same time, investigative reporting shows that sectors like maritime and travel insurance are particularly vulnerable because of complex payment chains involving many intermediaries. In short, the environment is evolving faster than most insurers’ operational controls.
Sanctions lists are updated frequently. Regulators are asking tougher questions. Banks are flagging more transactions. Carriers remain responsible for every payment made in their name, even when a partner is the one who missed something. Relying on onboarding checks or legacy processes is no longer enough.
The solution is straightforward, but it requires a mindset shift. Instead of assuming partners are consistently running adequate checks, insurers need real-time sanctions screening embedded into every payment across their entire network. When assumptions are replaced with automated controls that evolve as the landscape changes, insurers eliminate the quiet vulnerabilities that lead to major compliance failures.
This is not about alarmism. It is about recognizing that insurers now operate in a far more complex and rapidly changing regulatory environment, one where operational gaps can create outsized consequences. Cyber threats matter, but the likeliest trigger for a regulatory investigation in 2026 is not a hacker. It is a routine payment that never should have been made.
The insurers who succeed next year will be those who refocus on the fundamentals: consistent controls, real-time visibility, and strong oversight across every partner handling payments on their behalf. The risk is hiding in plain sight. The fix is within reach. And the time to act is now, before regulators force the change.
Opinions shared in this piece are the author's own.
Phil McGriskin is CEO and co-founder of Vitesse. With more than 20 years of fintech and payments experience, he leads the company's global strategy, focusing on fund transparency and control, efficient claims operations and business growth. LinkedIn: https://www.linkedin.com/in/phillip-mcgriskin-521a2b1/
(Photo Credit: Chor muang/Adobe Stock)
See also:
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.