India - InsurTech Sandbox – IRDAI Releases An Important Update (But Some Debugging Still Required).
Legal News & Analysis - Asia Pacific - India - Regulatory & Compliance - Banking & Finance
2 August, 2019
So far this year, Indian financial sector regulators have taken steps towards adapting financial sector regulations to encourage the use of new technology. On April 18, 2019, the Reserve Bank of India (RBI) released its Draft Enabling Framework for Regulatory Sandbox for public comments. Following the RBI, the Securities and Exchange Board of India (SEBI) on May 20, 2019, released its Framework for Innovation Sandbox to the public.
The Insurance Regulatory & Development Authority of India (IRDAI) has not lagged behind in proposing regulatory changes for encouraging the use of new technology as a part of the insurance sector, especially in the life and health insurance sector. In 2017, the IRDAI initiated discussions intending to refine existing law for allowing the use of telematics in the motor insurance space whilst protecting data and privacy of customers from organisations using telematics. In late 2018, the IRDAI constituted a Working Group (Wearable Technology WG) for considering regulatory reforms for examining innovation in the use of wearable / portable devices in the insurance sector.
These steps have been taken to identify existing hurdles in the regulatory framework that inhibit the use of technology. Though the existing regulatory framework does not prohibit technology use as such, it is not well adapted to changing technology and is unclear as to the extent to which technology may be used. The IRDAI has also raised concerns in relation to data privacy, fraud, misinformation and transparency, which may arise as a consequence of technology firms exploiting existing loopholes in the regulatory framework.
The concerns surrounding regulatory roadblocks and policyholder protection forms the basis on which the IRDAI, on May 18, 2019, issued an Exposure Draft of the IRDAI (Regulatory Sandbox) Regulations, 2019 (Exposure Draft) for public comments. The Exposure Draft encourages supervised testing of innovative ideas, instead of overhauling the existing regulatory framework to allow for rampant modernisation of the insurance sector.
Interestingly, it was Wearable Technology WG’s report that recommended the testing of innovative technology-based ideas in a controlled sandbox environment. It was after the issuance of this report that the IRDAI issued an order dated September 19, 2018, for constituting a ten member committee (Sandbox Committee) for considering possible frameworks for implementing a regulatory sandbox for the Indian insurance sector (InsurTech Sandbox). The Sandbox Committee tabled its report to the IRDAI on February 5, 2019 (Sandbox Report) setting out the principles to be followed for formulating a regulatory sandbox framework pursuant to which the IRDAI has issued the Exposure Draft.
Below is an analysis of the Exposure Draft in light of the Sandbox Committee’s recommendations.
The Recommendations of the Sandbox Committee
In order to ensure a well-rounded approach for implementing an InsurTech Sandbox, the Sandbox Committee has taken into account the regulatory issues involved in the use of technology, the measures adopted by regulators in other jurisdictions and the feedback received from the Indian insurance sector.
In the Sandbox Report, the Sandbox Committee provided 15 key recommendations for implementing a framework for the purpose of setting up an InsurTech Sandbox. These are broadly as follows:
- The InsurTech Sandbox should be used for testing products/ services that promote innovation, and also those that are disruptive by nature and pose new challenges to regulators and enable the assessment of the extent to which existing regulations may need to be refined.
- Special exemption, allowance, or other limited time-bound exceptions may be granted to the applicants testing their innovations. However, in doing so, the IRDAI must specify the regulatory requirements that are to be mandatorily required to be complied with by all applicants. These may include regulatory requirements in relation to confidentiality, anti-money laundering, “fit and proper” criteria and policyholder safeguards prescribed by the IRDAI.
- IRDAI should permit the testing of innovative ideas in “cohorts” i.e. processes under which applicants are able to apply for testing during designated periods.
- Testing of innovations should be under regulatory supervision of a separate committee constituted by the IRDAI empowered to override or relax any legal or regulatory requirements for the period of experimentation, if deemed appropriate.
- The InsurTech Sandbox should have defined entry and eligibility criteria, boundary conditions, process flow, timelines and success factors / exit parameters for the applicants, along with appropriate controls for protection and risk management.
- Customers proposed to be involved in the testing phase should be informed about such involvement and the entities participating in the InsurTech Sandbox should be held liable for any losses which policyholders may incur at the time of the testing of any proposal.
In line with the principles set out above, the Sandbox Committee proposed draft guidelines setting out a skeletal legal framework for implementing the InsurTech Sandbox (Draft Guidelines). Unfortunately, these guidelines did not expressly set out some of the principles set out above.
Analysis of the Exposure Draft
Interestingly, the IRDAI’s Exposure Draft is only a skeletal draft based on the Draft Guidelines. Some of the key shortcomings that emanate from the Exposure Draft are as follows:
- Participation of individuals excluded: The Exposure Draft excludes individuals from participating in the InsurTech Sandbox. Given the growth of insurance companies promoted and managed by individual promoters, it is unclear as to why the IRDAI has proposed such an exclusion. Neither does the Sandbox Report clarify the reasons for such exclusion.
- Unclear definition of “Regulatory Sandbox”: The Sandbox Report defines a regulatory sandbox to be a live testing environment. However, the Exposure Draft does not provide any clarity to this effect in the definition of the term “Regulatory Sandbox”. While the intent of the IRDAI can be considered to be aligned with that of the Sandbox Committee, in the absence of clarity in the regulations, the market participants would be required to rely on the Sandbox Report to derive the IRDAI’s intention.
- No detailed “fit and proper” criteria: The Sandbox Report recommends that applicants proposing to participate in the InsurTech Sandbox must be required to fulfil a “fit and proper” criteria. However, the Draft Guidelines themselves do not detail “fit and proper” criteria or a requirement to meet such criteria. In fact, the Sandbox Report requires applicants to have a minimum net worth of INR 25,00,000, which has been reduced to INR 10,00,000 in the Exposure Draft. Further, while the Draft Guidelines had prescribed a format in which applicants would be required to apply to the IRDAI for participating in the Insurtech Sandbox, this draft application form has been done away with in the Exposure Draft. Absence of a well-defined “fit and proper” criteria and the scope of information that would be required to be disclosed at the time of applying to the IRDAI creates regulatory uncertainty on the criteria on which a person may be disqualified from participating in the InsurTech Sandbox. It may also expose the IRDAI’s decisions in relation to allowing/ disallowing applicants to a challenge on grounds of arbitrary administrative action, given the lack of regulatory certainty.
- No provisions in relation to policyholder protection: The Sandbox Report recommends that the applicant using the InsurTech Sandbox must disclose to clients that they are involved in the testing phase of an innovation and divulge the risks associated with the same. However, the Exposure Draft does not address this requirement.
- No scope of justification prior to revocation: The Exposure Draft states that the IRDAI may terminate its permission for testing of a proposal if the IRDAI is of the view that the proposal is unlikely to meet its objective. In doing so, the Exposure Draft does not clarify whether the IRDAI will allow the participant to justify progress of the proposal or make any changes to the proposal which would allow the proposal to meet its desired objective. Given that a participant would have invested capital in the testing of his/ her proposal, an order to terminate testing permission without being provided with a reasonable opportunity to justify existing positions would be prejudicial to the participant.
While we commend the IRDAI for acting swiftly in formulating regulations for the InsurTech Sandbox, the Exposure Draft leaves a lot of unanswered questions. It would be pertinent to mention that the Exposure Draft retains a provision that allows the IRDAI to issue guidelines from time to time for clarifying the regulations, as has been the case with the IRDAI of late.
Given the scale of supervision that is generally involved in a regulatory sandbox, we expect the IRDAI to release detailed guidelines supporting the regulations, if the regulations are enforced in their current form. That said, a framework that requires the regulator to keep a close watch on the participants should prescribe more detailed regulatory requirements for the benefit of the various stakeholders who are entrenched in the system.
For further information, please contact:
Indranath Bishnu, Partner, Cyril Amarchand Mangaldas
 A regulatory sandbox entails the lives testing of ideas pursuant to a specific testing plan agreed and monitored by a dedicated function of the authority. As opposed to a regulatory sandbox, an innovation hub only provides a dedicated point of contact for firms to raise inquiries with authorities for seeking non-binding, guidance on the conformity of innovative financial products, services, business models or delivery mechanisms with licensing, registration and/or regulatory requirements. Further details in this regard can be found here: https://www.esma.europa.eu/sites/default/files/library/jc_2018_74_joint_report_on_regulatory_sandboxes_and_innovation_hubs.pdf
 For example, in case of health insurance sector, Regulation 8(d) of the IRDAI (Health Insurance) Regulations, 2016, permit general insurers and health insurers to devise mechanisms or incentives for rewarding policyholders for adopting preventive and wellness habits. This provision in particular was seen by the IRDAI as encouraging insurance companies to use wearable technology as a part of their business.