The Insurance Regulatory and Development Authority of India (IRDAI) has issued a circular to amend Clause 15(a) of the “Revised Guidelines on Insurance Repositories and Electronic Issuance of Insurance Policies.” The original rule required a yearly review of the insurance repository’s controls and systems by an external system audit firm approved by the Authority. The amended rule, effective immediately, modifies this requirement to allow for a broader range of qualified professionals to perform the annual audit. The new clause states that the review must be conducted at least once a year by an external auditor who is a Certified Information System Auditor (CISA), a Chartered Accountant with a DISA (ICAI) Qualification, or a CERT-IN certified expert. This change gives insurance repositories more flexibility in choosing their auditors, while still ensuring that the review is conducted by a certified and competent professional. The updated guidelines aim to maintain robust security and procedural standards for insurance repositories by broadening the pool of eligible auditors.
INSURANCE REGULATORY AND DEVELOPMENT AUTHORITY OF INDIA
Ref No. IRDAI/INT/GDL/MISC/87/7/2025 Date : 29/07/2025
Amendment to Clause 15(a) of “Revised Guidelines on Insurance Repositories and Electronic Issuance of Insurance Policies”.
1. Reference is drawn to the Revised Guidelines on Insurance Repositories and Electronic Issuance of Insurance Policies (IRDA/INT/GDL/INSRE/111/05/2015) dated 29th May, 2015. As per Clause 15(a), a review of the controls, systems, procedures, and safeguards put in place by the insurance repository shall be conducted by an external system audit firm approved by the Authority, on yearly basis.
The above Clause 15(a) hereby stands modified and shall be read as below: –
“A review of the controls, systems, procedures and safeguards put in place by the insurance repository as outlines in Clause 14 shall be conducted at least once a year, at their own cost, by an external auditor who is either a Certified Information System Auditor (CISA), a Chartered Accountant with DISA (ICAI) Qualification or a CERT-IN certified expert”.
2. This circular comes into force with immediate effect.
3. This has approval of the Competent Authority.
(Sudipta Bhattacharya)
(Chief General Manger (Intermediaries)
