Register for Your Insurance Repository Account

Any entity intending to maintain insurance policies in electronic format must obtain prior approval and registration as an Insurance Repository from the IRDAI (Insurance Regulatory and Development Authority of India). This mandate ensures the secure, standardized, and regulated management of electronic insurance policies, which enhances transparency and access for policyholders.

At RegisterKaro, we simplify the rigorous insurance repository registration process, ensuring your entity smoothly navigates IRDAI's requirements to become a licensed insurance repository in India.

Objective of the Insurance Repository System

The IRDAI created the Insurance Repository System with one primary goal: to give policyholders a secure, central, electronic facility to hold all their insurance policies. This system aims to:

• Eliminate Physical Documents: Remove the need for physical paper insurance policy documents, reducing storage hassle and the risk of loss or damage.
• Single View of Policies: Offer policyholders a consolidated view of all their insurance policies from different insurers in a single Electronic Insurance Account (eIA). This helps policyholders track and manage their entire insurance portfolio effortlessly.
• Ease of Access and Service: Provide easy, anytime, anywhere access to policy details and facilitate quick changes, modifications, nominations, and premium payments.
• Enhance Efficiency and Transparency: Streamline policy servicing, reduce turnaround times for various requests, and bring greater transparency to the insurance ecosystem.
• Reduce Frauds: Minimize instances of fraudulent claims or misrepresentation by maintaining a centralized, verified database of policies.
• Boost Financial Inclusion: Encourage more people to buy insurance by simplifying the ownership and management process.

Entities like Central Insurance Repository Limited, National Insurance Repository, Karvy Insurance Repository Limited, and CDSL Insurance Repository Limited are key players in this system, ensuring that policyholders have multiple options to choose from for managing their e-insurance accounts securely and efficiently.

A licensed insurance repository in India performs crucial functions to serve policyholders and insurers. However, there are also strict prohibitions to maintain the integrity of the system.

Navigating these operational boundaries is critical. Contact a RegisterKaro expert to ensure your business plan and SOPs are fully compliant with IRDAI guidelines.

Becoming a licensed insurance repository in India involves meeting stringent eligibility criteria set by IRDAI. These requirements ensure that only robust and reliable entities can handle sensitive policyholder data.

1. Corporate Entity Requirements

The applicant must be a company incorporated under the Companies Act, 2013 (or Companies Act, 1956, but would need to transition to the 2013 Act). Specifically, it must be:

• A Public Limited Company.
• A Public Financial Institution as defined in the Companies Act.
• A subsidiary of a SEBI-registered depository (e.g., NSDL or CDSL, explaining why we have National Insurance Repository and CDSL Insurance Repository Limited).
• A company promoted by the Life Insurance Council or the General Insurance Council, or both.
• Any other entity as specifically permitted by IRDAI.

2. Financial Thresholds

Financial stability is paramount for an insurance repository given the nature of the data it handles.

• Minimum Paid-up Share Capital: The applicant company must have a minimum paid-up share capital of Rs. 5 Crore (Rupees Five Crore).
• Minimum Net Worth: On receiving "in-principle" approval from IRDAI, the applicant's net worth must be at least Rs. 25 Crore. This demonstrates the financial capacity to establish and maintain robust infrastructure and operations.

3. Ownership & Investment Structure

An investment structure is necessary for an insurance repository as:

• No Foreign Direct Investment (FDI): As per current IRDAI guidelines, foreign investment is allowed up to 74% in insurance intermediaries.
• No Conflict of Interest: Neither the applicant nor its promoters should have any conflict of interest with the insurance business. This ensures neutrality and prevents potential biases.

4. Company Name

The name of the applicant company must mandatorily include the words "Insurance Repository" to indicate its nature of business. For example, Central Insurance Repository Limited or Karvy Insurance Repository Limited.

Check Your Company Name Instantly – Avoid Rejection and Reserve Your Perfect Name Today!

5. Memorandum of Association (MOA)

The Memorandum of Association (MOA) of the applicant company must clearly state that its primary objective is to act as an "Insurance Repository." This legal document outlines the scope of the company's activities and ensures that its core business aligns with the function of an insurance repository as regulated by IRDAI.

The process to obtain an Insurance Repository license from IRDAI is multi-phased and requires meticulous planning and execution.

Phase 1: Invitation & Preparation (Pre-Application)

This initial phase focuses on preparing your organization and understanding the market and regulatory landscape before formally applying.

• IRDAI's Call for Proposals: IRDAI typically initiates the process by issuing a "Request for Proposals" (RFP) or an invitation for applications for insurance repository registration. This signals their intent to license new entities; the issuance is highly selective and only occurs when IRDAI deems it necessary to license new repositories.
• Feasibility Study: The aspiring applicant conducts a thorough feasibility study, assessing market demand, technological requirements, operational models, and financial viability to become an insurance repository in India.
• Prepare Initial Infrastructure: Begin planning and, if possible, set up initial foundational elements for the proposed operational and IT infrastructure.

Phase 2: The Formal Application

In this phase, you formally apply to IRDAI with a comprehensive proposal and supporting documentation.

• Application Form Submission: Prepare and submit the formal application in the prescribed format to IRDAI. This application must be exhaustive, covering all aspects of the proposed insurance repository operations.
• Processing Fee: Accompany the application with a non-refundable processing fee, typically Rs. 10,000, payable to IRDAI.
• Comprehensive Documentation: Compile and attach all required documents as per IRDAI guidelines, covering corporate details, financial standing, promoter backgrounds, technology plans, and operational frameworks.

Phase 3: IRDAI Scrutiny and In-Principle Approval

IRDAI carefully reviews your application and validates your organization’s capability to operate as a repository.

• Thorough Review: IRDAI undertakes a rigorous scrutiny of the submitted application and documents. They may ask for clarifications, additional information, or revisions. This is where the depth of your preparation for insurance repository registration becomes critical.
• Management Interaction: IRDAI may conduct interviews or presentations with the applicant's key management personnel and promoters. Assess their understanding, commitment, and vision for the insurance repository system.
• In-Principle Approval: If IRDAI is satisfied with the application and the due diligence, they issue an "in-principle" approval. This is a milestone, indicating that the applicant has met the preliminary criteria. At this stage, the applicant must demonstrate a net worth of at least Rs. 25 Crore.

Phase 4: Post-Approval Formalities

After receiving in-principle approval, you must finalize the legal and operational setup to meet IRDAI’s stringent standards.

• Affidavit Submission: Within 15 days of receiving in-principle approval, the applicant must submit an affidavit to IRDAI, confirming their commitment to adhere to all regulatory requirements.
• Registration Fee: Pay the registration fee to IRDAI, typically Rs. 1,00,000.
• Infrastructure Setup: This phase involves building the complete operational, technological, and security infrastructure as proposed in the application. This includes data centers, software systems, cybersecurity measures, and the "Approved Person" (AP) network.
• Systems Audit: Undergo a comprehensive audit of your IT systems and operational readiness by an IRDAI-approved auditor. Ensure they meet the stringent security and functionality standards required for an e-insurance repository.
• Demonstrate Readiness: The applicant must demonstrate to IRDAI that all systems, processes, and personnel are fully prepared to commence operations as an insurance repository in India.

Phase 5: Final Verification and Certification

The last phase involves on-site inspections and official certification by IRDAI to commence operations.

• Physical Inspection: IRDAI conducts a physical verification and inspection of the applicant's infrastructure facilities, data centers, security measures, and operational setup.
• Final Approval & Certificate of Registration: If all conditions are met and IRDAI is satisfied with the readiness, they grant the final Certificate of Registration, formally licensing the entity as an insurance repository. This marks the completion of the insurance repository registration journey.

A comprehensive and accurate documentation set is vital for successful insurance repository registration. Prepare these meticulously.

Obtaining the insurance repository license is just the beginning. Licensed entities must adhere to rigorous operational and compliance standards to maintain their registration and ensure the safety and security of policyholder data.

These are ongoing compliances for an insurance repository:

1. Building a Compliant and Robust Operational Framework

A strong operational foundation ensures seamless functioning and regulatory adherence.

• Standard Operating Procedures (SOPs): Develop and implement comprehensive SOPs for all operations, including eIA opening, policy dematerialization, data management, service requests, grievance handling, and interactions with insurers and policyholders.
• Internal Controls: Establish strong internal control systems to prevent errors, fraud, and ensure data integrity.
• Record Keeping: Maintain accurate and exhaustive records of all transactions, policy data, and communications for prescribed periods.

2. Technology and Infrastructure: The Non-Negotiable Core

Reliable technology is essential to securely manage and scale repository services.

• Secure Data Centers: Operate highly secure and redundant data centers to store policyholder data. These must meet stringent physical and logical security standards.
• Robust IT Systems: Implement and maintain robust IT systems, including application software, databases, and network infrastructure, capable of handling large volumes of data and transactions reliably.
• Encryption and Data Security: Employ advanced encryption techniques for data in transit and at rest. Implement strict access controls and authentication mechanisms to protect sensitive policyholder information. This is paramount for any insurance repository in India.
• Scalability: Ensure the technology infrastructure is scalable to accommodate future growth in policyholder accounts and data.

3. The "Approved Person" (AP) Network

A qualified and monitored AP network is key to efficient customer service and compliance.

• Appointment and Training: Appoint and manage a network of "Approved Persons" (APs) across various locations. These APs serve as physical touchpoints for policyholders for eIA opening, KYC verification, and service requests.
• Vigilant Oversight: Implement rigorous due diligence and ongoing monitoring of APs to ensure they comply with IRDAI guidelines and maintain high service standards.
• Training and Certification: Ensure all APs and their staff undergo mandatory training and certification as prescribed by IRDAI to handle policyholder interactions professionally and securely.

4. Adhering to Ongoing Governance and Compliance

Strong governance and compliance management foster accountability and regulatory trust.

• Board and Management Oversight: Establish a strong governance framework with active oversight from the Board of Directors and senior management to ensure continuous compliance.
• Compliance Officer: Appoint a dedicated Compliance Officer responsible for overseeing all regulatory compliance for an insurance repository.
• Internal Audit: Conduct regular internal audits to assess the effectiveness of internal controls and compliance with IRDAI regulations.

5. Cybersecurity and Data Protection

Protecting policyholder data from cyber threats is non-negotiable.

• Cybersecurity Framework: Implement a comprehensive cybersecurity framework as per IRDAI guidelines and industry best practices to protect against cyber threats, data breaches, and unauthorized access.
• Regular Audits: Conduct periodic cybersecurity audits and penetration testing to identify and rectify vulnerabilities.
• Incident Response Plan: Develop and regularly test an incident response plan to effectively manage and mitigate the impact of any cybersecurity incidents.

6. Business Continuity and Disaster Recovery

Ensuring uninterrupted services during disruptions is critical for customer trust.

• Robust BCP & DRP: Maintain a comprehensive Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) that are regularly tested and updated. These plans ensure the uninterrupted operation of the insurance repository system even during unforeseen events.
• Off-site Data Backup: Implement robust off-site data backup and recovery mechanisms to protect against data loss.

7. The Audit and Inspection Regimen

Regular audits and inspections verify compliance and operational soundness.

• Statutory Audits: Undergo annual statutory audits of financial statements.
• System Audits: Conduct periodic system audits as mandated by IRDAI to assess the robustness and security of the IT infrastructure.
• IRDAI Inspections: Cooperate fully with IRDAI during their routine and ad-hoc inspections, providing all necessary information and access.

8. Regulatory Reporting and Filings

Timely reporting ensures transparency and regulatory compliance.

• Periodic Reports: Submit various periodic reports to IRDAI, including operational data, financial performance, and compliance status.
• Annual Filings: File annual returns and audited financial statements with IRDAI and the Registrar of Companies (ROC).

Understanding the financial outlay is crucial when considering insurance repository registration. The costs primarily comprise regulatory fees and capital requirements.