The Insurance Regulatory and Development Authority of India (IRDAI) has released the Insurance Fraud Monitoring Framework Guidelines, 2025, which will apply to all insurers and distribution channels starting April 1, 2026. The objective is to establish a robust regulatory framework to effectively deter, prevent, detect, report, and remedy fraud risks across the insurance sector. The guidelines mandate that every insurer implement a zero-tolerance Fraud Risk Management Framework, specific to their business profile. This framework must include a Board-approved Anti-Fraud Policy—reviewed at least annually—and the establishment of a Fraud Monitoring Committee (FMC), headed by a Key Management Personnel (KMP), and a supporting Fraud Monitoring Unit (FMU), independent of internal audit. Frauds are classified into categories like Internal, Distribution Channel, Policyholder/Claims, External, and Affinity/Complex Fraud. Insurers must also utilize the Insurance Information Bureau (IIB) for data sharing and threat intelligence, and implement robust measures against Cyber or New Age Fraud. Furthermore, distribution channels must establish their own commensurate fraud risk management frameworks, including policies for reporting and investigation, ensuring a comprehensive industry-wide approach to safeguard public trust.
Insurance Regulatory and Development Authority of India
Ref: IRDAI/IID/GDL/MISC/112/10/2025 Date: 09.10.2025
Insurance Regulatory and Development Authority of India (Insurance Fraud Monitoring Framework) Guidelines, 2025
In exercise of power enshrined under Section 34 of Insurance Act, 1938 and Section 14(1) of Insurance Regulatory and Development Authority Act 1999, these Guidelines are issued to provide regulatory framework on measures to be taken by Insurers and Distribution Channels to address and manage risks emanating from fraud.
1. Short Title, Applicability and Commencement
1.1. These Guidelines may be called the Insurance Regulatory and Development Authority of India (Insurance Fraud Monitoring Framework) Guidelines, 2025
1.2. These guidelines shall be applicable to all insurers and distribution channels unless otherwise specified
1.3. These guidelines shall come into force from 1st April, 2026.
2. Objective
To establish a comprehensive framework in order to deter, prevent, detect, report and remedy fraud risks effectively across the insurance industry. These guidelines aim to enhance the sector’s resilience against fraud, foster a culture of integrity, protect policyholders’ interests, safeguard financial stability and maintain public trust.
3. Definitions
3.1. “Insurance Fraud” (hereinafter referred to as ‘Fraud’) shall mean an act or omission intended to gain advantage through dishonest or unlawful means, for a party committing the fraud or for other related parties; including but not limited to: • Misappropriating funds;
- Deliberately misrepresenting/concealing/not disclosing one or more material facts relevant to any decision / transaction, financial or otherwise
- Abusing responsibility, position of trust or a fiduciary relationship.
3.2 Red Flag Indicator or RFI means a possible warning sign, that points to a potential fraud and may require further investigation or analysis of a fact, event, statement, or claim, either alone or with other indicators.
3.3 Cyber or New Age Fraud means any insurance fraud carried out using digital or new age technologies.
3.4 Distribution Channels shall have the same meaning assigned to it under sub clause (8) of clause 5 of IRDAI (Protection of Policyholders’ Interests and Allied Matters of Insurers) Regulations, 2024.
3.5 Words and expressions used and not defined in these guidelines but defined in the Insurance Act, 1938 (4 of 1938), Insurance Regulatory and Development Authority Act, 1999 (41 of 1999) shall have the meanings respectively assigned to them in those Acts, Rules, Regulations, Guidelines issued under those Acts, as the case may be.
4. Classification of Frauds
4.1. Every insurer shall establish appropriate systems and processes across its functions to deter, prevent, detect, report and remedy frauds; and report such frauds according to the following categories:
4.1.1. Internal Fraud: Fraud involving internal staff, including employees and / or senior management.
4.1.2. Distribution Channel Fraud: Fraud involving distribution channels.
4.1.3. Policyholder Fraud and/or Claims Fraud: Fraud involving any person(s), in obtaining coverage or payment during the purchase, servicing, or claim of an insurance policy.
4.1.4. External Fraud: Fraud involving external parties’ / service providers / vendors etc.
4.1.5. Affinity Fraud or Complex Fraud: Fraud involving collusion among one or more fraud perpetrators in the above categories.
5. Fraud Risk Management Framework
5.1. Every insurer shall target for zero tolerance for fraud and must put in place appropriate fraud risk management framework sensitive to its business profile to enable it to deter, prevent, detect, report and remedy insurance frauds.
5.2. The Risk Management Committee (RMC) of the insurer shall be responsible for effective implementation and oversight of the fraud risk management framework.
5.3. The fraud risk management framework shall be specific to the insurer’s business considering the nature of business, size, risk profile, overall business strategy, products, distributions channels, technology infrastructure, and any other applicable parameter including various activities carried out by the insurer. It shall inter-alia include:
5.3.1. Board approved Anti-Fraud Policy: The Board approved Anti-Fraud Policy shall be relevant to the entire operations of the insurer’s business and activities. The insurer shall review such policy regularly, at least annually, and it shall, inter-alia, include:
a. red flag indicators, as applicable.
b. adequate procedures to deter, prevent, detect, report and remedy fraud in each category of fraud across various activities
c. responsibilities, delegation of authorities for all relevant functions including for identified sensitive posts
d. fraud investigation process, including internal turnaround times from identification to remedy, designated officer(s) for reporting incidents of fraud and report submission
e. mechanism for appropriate action in case of non-compliance to the fraud risk management framework and against the fraud perpetrators
f. appropriate and adequate resources to the Fraud Monitoring Unit to carry out its functions effectively.
g. due diligence procedures for staff recruitment and vendor engagement
f. review process to identify “missed” insurance fraud detection opportunities
i. whistle blower protection policy
5.3.2. Fraud Monitoring Committee
5.3.2.1. Every insurer shall establish:
a. a Fraud Monitoring Committee (FMC) which shall be responsible for operationalizing the Fraud risk management framework within the insurer and oversee activities, as appropriate, to ensure fraud deterrence, prevention, detection, reporting and remedying.
b. a Fraud Monitoring Unit (FMU), independent from internal audit, to support FMC in discharging its functions and effective implementation of measures suggested by FMC.
5.3.2.2. Composition of the FMC: The FMC:
a. shall be headed by a KMP and include senior representatives from relevant departments, such as underwriting, claims, legal or any other department as deemed necessary.
b. may form subcommittees, as required, for its effective functioning.
c) shall avoid conflicts of interest in its composition and functioning.
5.3.2.3. Functions of the FMC: The FMC shall, inter alia:
a. recommend and regularly update, based on experiences, appropriate measures on fraud risk management to various functions.
b. oversee prompt responses to instances or suspicions of fraud
c. maintain all relevant details pertaining to each instance of fraud
d. facilitate collaboration with industry peers / bodies, law enforcement agencies and regulatory bodies to pursue cases of fraud and share information / intelligence on known fraud schemes and perpetrators.
e. conduct an Annual Comprehensive Fraud Risk Assessment to identify potential vulnerabilities across business lines and activities for fraud, using past experiences, emerging trends & Red Flag Indicators (RFIs), etc.
f. identify areas for improvement and adaptation of the Fraud Risk Management Framework.
5.3.2.4. Reporting Requirements: The FMC shall:
a. submit quarterly reports to the RMC on its activities, findings, and recommendations including the financial impact of fraud on the insurer.
b. submit report of the Annual Comprehensive Fraud Risk Assessment before the Board of Directors through RMC.
c. report to the Audit Committee, in addition to the RMC, in case of all internal frauds.
5.4. Fraud Risk Identification, Mitigation and Monitoring
5.4.1. For effective implementation of Fraud Risk Management Framework, insurers shall put in place appropriate measures to identify and assess fraud risks. Based on the lines of business, activities, past experience, trends etc, Insurers shall identify Red Flag Indicators (RFIs), as applicable, for detection of frauds and incorporate them appropriately in their operations. Such RFIs shall be reviewed regularly for their continued relevance and effectiveness in detecting fraud.
(Note: Examples of RFIs may be referred in the IAIS Application Paper on Insurance Fraud.)
5.4.2. In order to ensure the identified fraud risks are mitigated, insurers shall put in place appropriate control measures with respect to each category of fraud.
5.4.3. Insurers shall implement appropriate measures for monitoring and review of fraud risks, including maintaining an Incident Database of persons convicted of or attempting fraud, conducting fraud-sensitive audits for compliance with the Fraud Risk Monitoring Framework, tracking business trends from distribution channels, continuously monitoring vendor activities for compliance with fraud prevention measures and contractual obligations, and analyzing customer grievances and complaints to detect and prevent fraud.
6. Cyber or New Age Fraud
6.1. In order to prevent Cyber or New Age fraud, Insurer shall inter alia:
6.1.1. establish and implement robust cybersecurity framework to protect against evolving cyber frauds or threats.
6.1.2. continuously monitor and strengthen systems and processes for fraud risk management, such as incident databases, customer verification, and access control.
6.1.3. utilize a team with relevant risk and technological expertise to manage cyber fraud risks across various insurance business lines.
7. Insurance Information Bureau (IIB)
7.1. In order to ensure that the data available with insurers is effectively utilized to prevent frauds in insurance sector, all insurers shall participate in the Fraud Monitoring Technology Framework, as applicable to its businesses, made available by the IIB, to help the industry to combat fraud and protect policyholders and all stakeholders.
7.2. The IIB shall, through the industry-wide database, facilitate timely threat intelligence sharing on attempted, suspected and reported fraudulent activities within the insurance industry. For the platform to be effective, suitable mechanism for identifying policyholders irrespective of insurer, such as a unique identifier, shall be adopted.
7.3. All insurers shall share to IIB the details of distribution channels, hospitals, third party vendors and fraud perpetrators blacklisted and IIB shall maintain the caution repository concerning all such details in order to safeguard the integrity of the insurance sector by preventing the involvement of those with a record of fraudulent activities.
7.4. IIB, in joint consultation with the Life insurance council and General Insurance council, shall adopt unique identifier, procedure and timelines for reporting necessary details for caution repository to be maintained.
8. Framework for Reinsurance business
Insurers carrying on reinsurance business or ceding insurance business, can reduce their exposure to fraudulent claims by understanding the fraud risk management systems the counterparties have in place. Accordingly, these guidelines apply mutatis mutandis with respect to reinsurance business. FRBs shall implement the framework prescribed by the host jurisdiction of their parent entity or the framework outlined here, whichever is more comprehensive.
9. Framework for Distribution Channels
To ensure a comprehensive approach to fraud prevention, it is essential that distribution channels also establish an appropriate fraud risk management framework commensurate with their business size and risk profile.
10.1 Intermediary and Insurance Intermediary (except for individuals)
10.1.1 Intermediaries and Insurance Intermediaries shall recognise and understand fraud risk to their organization, including potential types and impact of frauds and take steps to minimize their vulnerability to Frauds.
10.1.2 Intermediaries and Insurance Intermediaries Board and Senior Management shall be rresponsible for establishing appropriate and adequate fraud risk management framework and shall:
10.1.2.1 put in place internal policies, procedures and controls to deter, prevent, detect, report and remedy frauds.
10.1.2.2 follow their respective regulator’s policy or framework, supplemented by additional controls specific to the insurance business, if its primary business is other than insurance.
10.1.2.3 take into account for types of frauds mentioned under clause 4 and relevant red flag indicators, as applicable, while framing such policies.
10.1.2.4 put in place a mechanism to inform the concerned insurer, whenever there is a suspicion of Fraud which may also impact the Insurer, and provide all relevant details.
10.1.2.5 while framing the internal policies at the minimum include:
a. Education, awareness and training to employees
b. Investigation and internal reporting structure for frauds
c. Procedure for reporting Frauds to Law Enforcement Agencies (LEAs), proper coordination to meet the requirements of the LEAs and follow up with LEAs and/or court for final disposal of fraud cases
d. Due diligence procedures for appointing employees/sales persons
e. Whistle Blower Policy
10.2 Distribution Channels (those not covered under 10.1):
10.2.1 Distribution Channels (those not covered under 10.1) shall comply with the insurer’s anti-fraud policies, procedures and controls.
10.2.2 Whenever there is a suspicion of Fraud which may also impact the Insurer, the same shall be informed to the Insurer providing all relevant details.
11 Training, Education and Awareness
Training, education, and awareness are vital for strengthening fraud prevention efforts. In this regard, insurers, intermediaries and insurance intermediaries, as applicable, shall conduct:
11.1 regular fraud awareness programs to educate policyholders and the general public about the risk of fraud and how to prevent and protect against it.
11.2 periodic training programs, as appropriate:
11.2.1 to the functions being carried out for the employees and the senior management including the board members.
11.2.2 to distribution channels on fraud risk management.
12 Reporting
12.1 Insurers shall report incidents of fraud to Law Enforcement Agencies and/or other relevant agencies subject to applicable laws
12.2 Insurers shall file annual returns with Authority in forms FMR-1 placed in Annexure I within 30 days of close of the financial year.
12.3 In the event of fraud committed by distribution channels registered by IRDAI, the insurer shall promptly escalate and report the matter to IRDAI without delay.
13 Repeal and Savings
13.1 These Guidelines, upon coming into force, shall repeal the Insurance Fraud Monitoring Framework issued vide ref: IRDA/SDD/MISC/CIR/009/01/2013 dated 21st January 2013.
13.2 Unless otherwise provided by these Guidelines, anything done or any action taken or purported to have been done or taken in respect of the Insurance Fraud Monitoring Framework mentioned in clause 13.1 above shall be deemed to have been done or taken under the corresponding provisions of these Guidelines.
Sd/-
DVS Ramesh
CGM (Insurance Inclusion and Development Department)
