Insurtech Update: Approval Needed For E-Insurance


On 27 February 2017, the Office of Insurance Commission (“OIC”) announced a Notification entitled Criteria and Methods of Issuing Insurance Policy, Offering Insurance Products, and Indemnity Payment or Compensation Payment through Electronic Channels (“Notification”). The Notification was published in the Royal Gazette, which will take effect on 26 August 2017.   It clearly sets out the criteria for insurance companies, licensed brokers or licensed banks to register with the OIC and obtain approval for insurance-related online activities.

Insurtech, which is a combination of ‘insurance’ and ‘technology’, refers to technology innovations in the insurance industry. As technological advancement is inevitable, the Notification seeks to ensure that strict criteria are adhered to in order to protect the public.

8 key points about the Notification

  1. Offering insurance through electronic channels can only be made by insurance companies, licensed brokers, or licensed banks. If the payment of premium is made through electronic means, such payment must be made to the insurance company’s bank account.
  2. Insurance policy offered through electronic channels must receive prior approval from the insurance registrar.
  3. Confirmation from the insured is required within seven days from the issuance of the insurance policy if the offering of insurance is made through electronic channels.
  4. Issuing an E-Insurance Policy must receive prior consent from the insured and must attach a reliable electronic signature as prescribed in Electronic Transactions Act (“ETA”) or by the OIC.
  5. Indemnity payment or compensation payment through electronic channels must be made to the bank account of the insured or the beneficiary.
  6. Offering, issuing, and compensation payment system must be registered and approved by the OIC under criteria that such system will provide sufficient security and consistency to the insured or beneficiary. The information system must also be certified by an independent auditor e.g., Certified Information System Auditor (“CISA”), that the system is in accordance with strict security measures as prescribed in ETA or by the OIC.
  7. Third-party service providers who provide services related to information system must be approved by OIC if the services provided are related to offering insurance, issuing policy, or indemnity payment or compensation payment.
  8. All insurance related transactions through electronic channels must be made under strict security measures as prescribed in ETA or by the OIC.

Insurance Regulatory Sandbox (“Project”)

The OIC is in the process of finalizing the terms and conditions for insurance companies and Fintech companies to participate in the Project which will be supervised by the OIC. The purpose of the Project is to allow insurance companies and Fintech companies to test their financial products or services in a live but limited environment, without being fully subject to all requirements that are normally applicable. The Project is expected to be announced later this year. This Project will give the OIC an overall view from the perspective of the business operator to provide more suitable and acceptable guidelines for online insurance regulations in the near future.

What this means for the insurtech industry

In light of this development, insurance companies, licensed brokers, and licensed banks offering online insurance services should prepare and improve their information system to ensure compliance with the requirements and approval set out in the Notification. Any violation of this Notification shall be subject to a fine of not more than THB 500,000 and an additional THB 20,000 per day until the rectification of such violation.

For more information, please contact the Threenuch Bunruangthaworn, Nattapon Suraratrangsi or the ZICO Law Partner you usually deal with.

This alert is for general information only and is not a substitute for legal advice.