Insurance regulator seeks more measures to check fraud, improve security

Insurers must upgrade systems and board-approved processes by April 2026, says Irdai

The insurance regulator has issued new guidelines for companies to strengthen systems against fraud and bolster cybersecurity by April 1 next year, marking a major push to make fraud prevention and data protection central to insurers’ operations.

 

The guidelines by the Insurance Regulatory and Development Authority of India (Irdai) apply to insurers, reinsurers, and intermediaries. Traditionally treated as a compliance formality, fraud management is now being elevated to a strategic priority. Irdai has instructed insurers to establish a board-approved plan detailing how suspicious transactions will be detected and handled.

 

Key requirements include:

• Formation of a fraud monitoring committee (FMC) to oversee vulnerable areas and ensure timely action. 
• Creation of a dedicated fraud monitoring unit, which is independent of internal audit, to support the FMC.
•  
• Quarterly and annual reporting of fraud incidents to the board and risk management committee. 
• Collaboration with other insurers through the Insurance Information Bureau to track repeat offenders and share verified fraud data.

 

The regulator expects companies to achieve zero tolerance for fraud, with clear protocols covering internal staff, distribution channels, policyholders, vendors, and complex collusion schemes.

 

Cybersecurity in spotlight

Alongside fraud management, the guidelines emphasise data protection. Insurers must:

 

• Conduct regular system audits and strengthen encryption. 
• Limit access to sensitive customer data. 
• Upgrade outdated digital infrastructure and train staff on cybersecurity protocols. 
• Introduce real-time monitoring to quickly detect cyber threats.

Irdai’s approach recognises that cybersecurity is not merely a technical concern but a management responsibility that affects the entire organisation.

Impact on Policyholders

For customers, the changes aim to create a safer, more reliable insurance experience. Stronger checks are expected to reduce fraudulent claims, ensuring legitimate policyholders receive timely payouts. While this may involve additional verification steps during purchase or renewal, these are designed to protect policyholders rather than complicate the process.

 

By integrating fraud prevention and cybersecurity into daily operations, the regulator aims to build a sector capable of meeting the demands of a fast-moving, digital economy.