INSURTECH: LEGAL UPDATE
PROPOSED RESOLUTION CONCERNING THE ELECTRONIC INSURANCE REGULATIONS
‘The last two decades have seen a tremendous shift in the way retailers and consumers procure and purchase products and services. The Insurtech sector for instance is exploring avenues that large insurance firms have less incentive to exploit, such as offering ultra-customized policies, social insurance, and using new streams of data from internet-enabled devices to dynamically price premiums according to observed behavior.’ Sale of specialized products like InsurTech products or provision any insurance services through an online medium requires high level of risk regulatory monitoring, implementation of measures to mitigate risks and robust compliance structures. In the same stride, last month, the Insurance Authority of the UAE (“IA”) has invited comments on a Draft Resolution Concerning Electronic Insurance Regulations (“Draft Resolution”).
The Draft Resolution applies to “Electronic Insurance Operations” practiced by licensed Insurance Companies, Insurance Brokers, Insurance agents and Health Insurance TPA Companies. As per the draft, the term “Electronic Insurance Operations” means “any business carried out by a company through the Internet including insurance coverage offers, insurance premium offers, sale of insurance policies, marketing of insurance policies, collection of premium, receipt of claims, receipt and handling of complaints.” “Website” is defined as “the Company Address on the Web, which is accredited in all company’s publications, advertisements, and electronic documents and authorized by the competent authority.”
The Draft Resolution proposes to implement the following approval structures for:
(a) Any company that wishes to practice Electronic Insurance Operations would be required to procure an approval from the IA. The application would need to be submitted along with an action plan approved by the Company’s Board of Directors with such plan including an analysis of the projected volume of electronic insurance operations, the risks associated with electronic transactions and the precautionary measures that are being adopted and a contingency plan in case one or more elements of the automated system is disrupted.
(b) A company must procure an approval on the classes of products that it would sell through a Website. The products cannot be insurance policies of persons and funds accumulation operations, protection and saving.
(c) The Company shall obtain the IA’s prior approval before signing a contract to assign the management of the Website to any third party. The Company is obligated to verify the compliance of such third party with the provisions of the Regulations herein and related legislation.
The Draft Resolution also requires a company to have managerial structure in place to ensure the proper operation of the Website and the compliance of the Website with the regulatory requirements. The applicant company is expected to maintain Board of Directors and an Executive Management. The Board of Directors have the ultimate responsibility of concluding the electronic insurance in a proper way while the Executive Management is obligated to implement the strategy. The company is also expected to establish an IT Department which shall be responsible for the Website. As a part of the ‘identify-your-customer’ requirements, the company is obligated to maintain proper records of customers documents and identities through the Website for a period of 10 years.
If the management of the Website is outsourced to a third party, the company is also expected to maintain a Communications Officer for managing the communications with the third-party entity.
The Company which is outsourcing the Electronic Insurance Operations to another party, outsourcing the development, management or maintenance of its Website or outsourcing any other operations related to its Website, shall develop a special provision in the Outsourcing Contract whereby the other party shall commit to apply the provisions of the Regulations herein, the code of professional practice issued by the Insurance Authority, and any other related legislation.
The Website itself is expected to meet certain guidelines under the Draft Resolution, including creating a self-assessment tools for the insurance applicant, disclosure of all information through the website relating to the insurance product, the details of the insurance company operating the insurance, technological capabilities of the website, management of user’s of personal information etc. Additionally, the Draft Resolution also prescribes the specific compliances to be followed by the company when undertaking each of the below activities through a Website:
- Selling an insurance through a website – disclosure or clarity to be provided of the product, the insurance company providing the same and other details like who is being insured, the beneficiary, benefits, options, validity, premium payment model etc
- Payment of premium -may be paid through any electronic means of payment including direct debit, credit card payment or other payment methods approved by UAE Central Bank
- Post-Sales Support – The Website is required to have a special section for post-sales support. The Website must include clear measures/procedures for cancellation of a policy through the website. In the event that the cancellation of an insurance policy issued through the Website due to failure or lack of clarity in the systems, components or contents or website drivers, the company is obliged to compensate the client for costs incurred as a result of the cancellation of the policy.
- Claims handling – the website must have a separate form where the relevant person may submit their claims and upload electronic copy of the claim. Before reimbursement of claim, the company must procure the original claim documents
- Registering of complaints- the website must have a separate form for registering complaints and follow-up the same.
A regulation governing the provision of Insurtech products is an absolute need of the hour. While buying and selling of the insurance products has been regulated for a while, the use of tech platforms and the ancillary procedures is something that will now be regulated and monitored if the Draft Resolution is implemented. The Draft Resolution proposes to expand the scope of regulating the insurance players, which is a welcome move. What remains to be seen is the impact that it will create on the various other industry stakeholders like the tech developers and intermediaries- an assessment which can only be carried out once the draft gets enacted.
Authored by Soumya George (Principle Associate).