All insurers have to share with Insurance Information Bureau (IIB) the details of distribution channels, hospitals, third party vendors and fraud perpetrators blacklisted and IIB will have to maintain the caution repository concerning all such details in order to safeguard the integrity of the insurance sector by preventing the involvement of those with a record of fraudulent activities
Hyderabad: Tightening fraud control, including cyber risks, measures, insurance regulator IRDAI has asked all re/insurers and distribution channels(except individuals) to adopt zero tolerance for fraud and put in place appropriate fraud risk management framework sensitive to its business profile to enable it to deter, prevent, detect, report and remedy insurance frauds.
The insurance regulator has issued Insurance Regulatory and Development Authority of India (Insurance Fraud Monitoring Framework) Guidelines, 2025 on Oct 9 which has to be implemented from Apr1,2026.
According to the new framework, every insurer will have to establish appropriate systems and processes across its functions to deter, prevent, detect, report and remedy frauds and report such frauds according to the following categories:
-Internal Fraud: Fraud involving internal staff, including employees and / or senior management,
-Distribution Channel Fraud: Fraud involving distribution channels,
-Policyholder Fraud and/or Claims Fraud: Fraud involving any person(s), in obtaining coverage or payment during the purchase, servicing, or claim of an insurance policy.
-External Fraud: Fraud involving external parties’ / service providers / vendors etc.
-Affinity Fraud or Complex Fraud: Fraud involving collusion among one or more fraud perpetrators in the above categories.
The Risk Management Committee (RMC) of the insurer will be responsible for effective implementation and oversight of the fraud risk management framework.
The fraud risk management framework has to be specific to the insurer’s business considering the nature of business, size, risk profile, overall business strategy, products, distributions channels, technology infrastructure, and any other applicable parameter including various activities carried out by the insurer.
It will include board approved Anti-Fraud Policy.
The Board approved Anti-Fraud Policy will be relevant to the entire operations of the insurer’s business and activities. The insurer will have to review such policy regularly, at least annually, and it will include include:
red flag indicators, as applicable, adequate procedures to deter, prevent, detect, report and remedy fraud in each category of fraud across various activities and responsibilities, delegation of authorities for all relevant functions including for identified sensitive posts
Cyber or New Age Fraud
In order to prevent Cyber or New Age fraud, insurers have to establish and implement robust cybersecurity framework to protect against evolving cyber frauds or threats,continuously monitor and strengthen systems and processes for fraud risk management, such as incident databases, customer verification, and access control.
and utilize a team with relevant risk and technological expertise to manage cyber fraud risks across various insurance business lines.
In order to ensure that the data available with insurers is effectively utilised to prevent frauds in insurance sector, all insurers will have to participate in the Fraud Monitoring Technology Framework, as applicable to its businesses, made available by the Insurance Information Bureau (IIB), to help the industry to combat fraud and protect policyholders and all stakeholders.
-The IIB through the industry-wide database, facilitate timely threat intelligence sharing on attempted, suspected and reported fraudulent activities within the insurance industry. For the platform to be effective, suitable mechanism for identifying policyholders irrespective of insurer, such as a unique identifier,
will have to be adopted.
-All insurers have to share with IIB the details of distribution channels, hospitals, third party vendors and fraud perpetrators blacklisted and IIB shall maintain the caution repository concerning all such details in order to safeguard the integrity of the insurance sector by preventing the involvement of those with a record of fraudulent activities.
IIB, in joint consultation with the Life insurance council and General Insurance council, shall adopt unique identifier, procedure and timelines for reporting necessary details for caution repository to be maintained.
The insurers have to report incidents of fraud to Law Enforcement Agencies and/or other relevant agencies subject to applicable laws.
Besides, the insurers will have to file annual returns with the IRDAI Authority in specified forms (FMR-1) within 30 days of close of the financial year.
In the event of fraud committed by distribution channels registered by the IRDAI, the insurer will have to promptly escalate and report the matter to the regulator without delay.