Various Insurance Web Aggregator Compliances under IRDAI
Regulatory Compliances are to be strictly followed by entities across India. By complying with it, an entity can smoothly function without any encumbrances. Likewise, insurance web aggregators also need to ensure compliance with regulatory guidelines as may be notified from time to time by the regulatory authority. The primary regulatory authority for the Insurance Web Aggregators is the Insurance Regulatory and Development Authority of India, also called IRDAI. The insurance regulatory authority had come up with the Insurance Web Aggregators Regulations, 2017, that lays down the rules to be followed by all insurance web aggregators across India. So the insurance web aggregators are governed by this regulation and also by the Insurance Act 1938 and IRDA Act 1999.
Who are Insurance Web Aggregators?
Insurance web aggregators are those insurance intermediaries who maintain a website to provide interface to insurance prospects for price comparison and to provide information of products of different insurers and other related matters. They collect data on various policies of insurance companies and upload it on a single online portal. This enables people requiring an insurance policy to visit their portal and compare the products, its pricing and such other details and then, based on these information, make a choice.
What are the different Insurance Web Aggregator Compliances?
Insurance Web Aggregators are required to comply with the following regulations:
Board Approved Policy
Insurance Web Aggregator are required to put in place a Board approved policy on the manner of soliciting insurance products. The Policy should include the approach to be followed by the Insurance Web Aggregator in having multiple tie-ups, type of products sold, mechanism for grievance redressal, reporting requirements and any other item. The Insurance Web Aggregator Board is required to review the same at least once in three years of time.
Professional indemnity insurance cover
Insurance Web Aggregators are required to maintain a professional indemnity insurance cover throughout the validity period of the registration certificate granted to them by the regulatory authority, as specified in Form K (Professional Indemnity Insurance) of Schedule III of Insurance Web Aggregators Regulations, 2017. The Insurance Regulatory and Development Authority of India may, in some instances, permit a newly registered Insurance Web Aggregator to produce this policy within 6 months from the date of issue of certificate of registration.
Maintenance of books of accounts, records etc.
Insurance Web Aggregator must prepare for every accounting year the following:
- A balance sheet or a statement of affairs as at the close of each accounting period;
- A profit and loss account for such period;
- A statement of income and expense;
- A statement of cash/fund flow;
- Additional statements on the business of Insurance Web Aggregators as may be required by the Authority.
Insurance Web Aggregators are required to submit to the Insurance Regulatory Authority, a copy of the audited financial statements with the auditor’s report thereon within a period of 90 days from the end of the accounting year along with the auditors’ remarks or observations, if any, on the conduct of the business, accounts statements, etc., and a suitable explanation on those observations will be appended to such accounts filed with Insurance Authority.
Further Insurance Web Aggregators are required to take steps in furtherance of rectifying deficiencies made out in the auditor’s report within ninety days from the date of the Auditor’s report and inform the Authority accordingly.
As per the IRDAI Insurance Web Aggregator Regulations of 2017, all books of account, statements, document, etc., are required to be maintained at the Insurance Web Aggregator head office, and it shall be available on all working days to officers of the Authority for inspection purposes.
All the e-records, books and documents, statements, contract notes etc., maintained by the Insurance Web Aggregator should be retained for a period of minimum 10 years from the end of the year to which they relate. However, those Digital Records or documents related to the cases of legal disputes reported and the disposal is pending for a decision from courts such records should be maintained till the disposal of the cases by the court.
Every Insurance Web Aggregator must keep Insurer wise records of the following in electronic form, and it should be made available as and when required by the Authority:
- Leads generated and transmitted;
- Leads converted into policies;
- Complaints received and disposed;
- Products Displayed on its website for comparison;
- Remuneration gained for Products displayed;
- Remuneration gained for leads converted to policies;
- Remuneration gained from outsourcing activities;
- Any other Remuneration obtained from Insurers;
- Clients KYC records, as required under the relevant Authority’s guidelines and provisions of PML Act;
- Proposal form copy duly signed electronically by the client and submitted to the insurer;
- Register with the list of clients, details regarding the policy such as type of policy, premium amount, date of issuance of the policy, charges or fees received;
- Register with details of complaints received, including therein the name of the complainant, nature of such complaint, details of the policy issued/solicited and action taken thereon;
- Copies of the correspondence exchanged with the Authority;
- Any other record as may be asked by the Authority from time to time.
Disclosure related compliance
There are certain disclosure related requirements to be followed by Insurance Web Aggregators. They need to furnish to the Authority half-yearly returns insurer-wise business placed separately in respect of life insurance, general and health insurance, in the formats specified by the Authority, before 31st October and 30th April every year.
The Regulatory Authority, after examining the returns furnished may issue directions or advices as it may deem necessary to the Insurance Web Aggregator, and they must be complied with by such Insurance Web Aggregator to whom the direction/advice is issued.
Additionally, Insurance Web Aggregators need to disclose the following to the Authority:
- Change in the information or particulars produced previously, having a bearing on the registration certificate granted to it;
- Name of the clients whose insurance portfolio he manages or has managed;
- Legal proceedings initiated against the insurance web aggregator by other regulatory/government bodies within a reasonable period but not later than 30 days period from the commencement of such proceedings. Additionally, an action or direction issued by other bodies should also be disclosed to the Authority within the above mentioned time limits.
These need to be disclosed to the authority as and when required by it, in any event not later than 30 days of a requisition.
Further Insurance Web Aggregators are required to disclose to the Authority about any material change in the composition of the Insurance Web Aggregator in 30 days of such change. A prior approval of the authority is needed for making the following changes:
- Principal Officer change;
- Change in Director/s or Designated Partner/s;
- Company name change;
- Address change of registered office / Corporate / Head Office;
- Using the services of service providers or third party vendors for the Insurance Web Aggregator core activities such as, Lead Management System, Webhosting, and other core activities.
- Change in location of the Servers hosting the comparison website(s).
Insurance Web Aggregators also need to disclose the following information within three days of the action-
- Opening/closing of branch offices;
- Updated authorised verifier list to solicit insurance business via Telemarketing/ Distance marketing modes;
- In respect of a claim under professional indemnity policy;
- Property acquired.
If there is any change in the information provided for consideration of their application, after application filing or during the processing of application, then the applicant shall disclose such change to the authority voluntarily.
The Insurance Web Aggregator’s Principal Officer shall submit a certificate to the Authority declaring that the Insurance Web Aggregator has complied with all the provisions of Insurance Web Aggregator Regulations during the financial year, at the end of each financial year.
- The Insurance Web Aggregator must display Information on their designated website related to the products of Insurers who have made agreement with Insurance Web Aggregators;
- The Insurance Web Aggregators need to ensure that the information systems, (hardware and software), including the aggregation website(s)/portals, Lead Management System & the Data Centers hosting the website(s) / Portal(s) / Lead Management System comply with the generally accepted information security standards and procedures in force in India.
- The insurance web aggregators need to ensure that the leads, as well as other data, is sent to the insurers and others through a secured layer data encryption technologies such as 128 bit encryption.
- They need to ensure that the information systems (hardware and software), including the aggregation website(s)/portals, Lead Management System & the Data Centers hosting the website(s) / Portal(s) / Lead Management System hosted in India and is audited by CERT-In empanelled Information Security Auditing organisations once every financial year. They also need to submit a copy of the Audit Certificate / Report to insurance authority and the insurers with whom they have entered into an agreement, within 15 days from the date of receipt.
- The Insurance Web Aggregator should annually submit a certificate obtained from the statutory auditor along-with the annual report specifying that the insurance web aggregator is in compliance with all the provisions and the framework of the IRDAI Insurance Web Aggregator Regulations 2017.