Summarize

Simplifying... Inshort

Following a significant data breach at Star Health Insurance, the Insurance Regulatory and Development Authority of India (IRDAI) is pushing for stronger anti-fraud measures.
The regulator suggests insurers establish independent fraud monitoring units and use unique identifiers for policyholders to enhance threat intelligence sharing.
The aim is to bolster cybersecurity, prevent identity theft, financial scams, and protect the integrity of the insurance market.

Was a long read? Making it simpler...

Next Article

IRDAI urges insurers to bolster cybercrime defenses

After Star Health data leak, IRDAI proposes stricter anti-fraud measures

By Akash Pandey

Oct 25, 2024

06:44 pm

What's the story

The Insurance Regulatory and Development Authority of India (IRDAI) has proposed changes to its fraud-monitoring framework for insurance companies. The move comes amid the changing face of cybercrimes. "In view of the substantial change in the nature and intensity of fraud over the years since, the framework has been reviewed and comprehensive insurance fraud monitoring framework guidelines for the insurance sector is drafted," IRDAI said on October 24.

Recent incident

Draft rules follow major data breach

The proposed changes by IRDAI come in the wake of a major data breach at Star Health Insurance in September, where a senior employee reportedly leaked customer information through messaging apps. Though the regulator did not directly cite this incident, it has stressed the need for insurers to strengthen their defenses against cyber frauds and establish a strong cybersecurity framework.

Fraud risks

Potential risks of cyber fraud

IRDAI's proposal highlights the dangers of cyber fraud, such as identity theft, financial scams, and reputational damage. "Personal information such as KYC details, financial details, and medical records are highly coveted by cybercriminals," the proposal reads. The regulator has asked all insurers to implement a board-approved anti-fraud policy outlining procedures and safeguards for preventing, investigating, and reporting frauds.

Monitoring units

IRDAI proposes independent fraud monitoring units

IRDAI has proposed that insurers set up independent fraud monitoring units, apart from their internal audit teams. These units would be tasked with implementing measures related to fraud deterrence, prevention, detection, and reporting. Further, the regulator has suggested better use of Insurance Information Bureau's (IIB) data analytics for timely threat intelligence sharing on frauds across the sector.

Unique identifier

Unique identifier for policyholders recommended

For effective threat intelligence sharing, IRDAI has recommended a unique identifier for policyholders, irrespective of their insurer. The regulator also suggested that the IIB maintain a repository of blacklisted agents and other entities involved in fraudulent activities. This measure would protect the integrity of the insurance market by keeping those with a record of fraudulent activities out of it.