Mucscat: The CEO of the Capital Market Authority (CMA) issued Resolution No. Kh/80/2023 on Sunday, regulating electronic insurance operations, which was published in the Official Gazette.
The decision calls for the concerned parties to adjust their situations in accordance with provisions of the law within (120) days from the date of its implementation, before January 24, 2024.
The decision is applicable to the legal person licensed to practice insurance brokerage, insurance business carried out by the company or broker through the Internet or systems, and the application or online portal designated for submitting electronic insurance transactions.
The regulations included a number of chapters, including procedures for obtaining approval, the obligations of the company and the broker, platform management, attribution and hosting operations, security, confidentiality and privacy of information, and administrative penalties.
The regulations require obtaining the approval of the Capital Market Authority before submitting electronic insurance operations.
It is also necessary to create a platform that provides these operations, including marketing and selling insurance policies, collecting premiums, receiving claims, handling complaints, and others.
To obtain approval, it is necessary to submit an application and define a specific business plan, which includes an analysis of the volume of electronic insurance operations expected in the first three years, an analysis of risks and measures, and a specialized human cadre to manage the platform, in addition to a media marketing plan, among others.
Before selling or issuing the document, the company is required to verify the authenticity of the customer’s identity and the documents provided, and in this context, it is necessary to keep records of the documents and identity of the currencies obtained through the platform for at least 10 years.
The regulations also included the obligation to provide an immediate response mechanism to respond to inquiries before, during, and after the sales process.
The regulations permit the assignment of any work related to the assignment of the platform to a third party, according to several conditions, including that the third party must have a headquarters in the Sultanate of Oman, and be licensed by the relevant authorities.
Penalties
The regulation specifies administrative penalties in the event of violating the provisions of the regulation, ranging from a warning and an obligation to correct, an administrative fine of RO2,000, stopping the platform for a period not exceeding 30 days, and canceling the platform.
The regulation includes a specification of three fees related to the regulation,
RO5O: Study of the approval request.
RO200: Issuance of approval.
RO20: Data modification.
To obtain approval, it is necessary to submit an application to the Authority on the form prepared for that purpose, pay the prescribed fee to study the application, and also submit the requisite documents, which include:
A specific business plan for electronic insurance operations, approved by the Board of Directors or the regional management of the company, and by the broker’s association of partners, provided that it includes, types of operations that will be provided through the platform, an analysis of the volume of electronic insurance operations expected during the first three years, an analysis of the risks associated with electronic insurance operations, and the precautionary measures and procedures necessary to reduce them, such as the risks of a wrong selection, money laundering and terrorist financing crimes, strategic risks, illegal entry into the platform, and any other risks determined by CMA.
It is important to provide proof of the existence of a specialized cadre to manage the platform, a statement of the mechanism for responding to customer inquiries received through the platform, a user guide explaining how to complete electronic insurance transactions through the platform, a plan to market the platform through various media and an emergency plan that includes the measures that should be taken in the event that one or more procedures of the platform’s automated system malfunction. This plan should include corrective measures to ensure business continuity, submitting the necessary reports for that, and a mechanism for preserving and backing up all data received through the platform.
The applications must submit measures required to maintain the security and confidentiality of information, security measures and procedures to prevent any electronic hacking and protect information exchanged with platform users, and technologies used to protect financial payment operations through the platform and a copy of the concluded contract in the event that the company or broker contracts with a third party.
Article (6) states that the authority shall study the approval request and verify that all prescribed documents and requirements are met. It may request clarification about electronic insurance processes and subject them to testing and evaluation.
The application shall be considered canceled if the applicant does not complete all the required documents and requirements within 30 days from the date of their request.
Article (7): The Authority shall issue approval within a period not exceeding thirty days from the date the application completes all documents and requirements, and after paying the prescribed fee in accordance with the schedule attached to these regulations. The expiration of this period without deciding on the application shall be considered a decision of rejection.
The concerned party may file a grievance with the Grievances Committee stipulated in the aforementioned Insurance Companies Law within (60) sixty days from the expiration date of the thirty (30) days stipulated in the previous paragraph, or from the date of his notification of the rejection decision, and the grievance must be decided within (30) Thirty days from the date of its submission, and the lapse of this period without a response is considered a rejection of the grievance.
Article (8): The company and the broker must enable the client to view the entire document through the platform, and in particular the following data,
1 - Document terms.
2- The limits and benefits of insurance coverage and the exceptions contained therein.
3 - Mechanism for calculating the insurance premium.
Article (9): Before selling or issuing a document through the platform, the company and the broker must verify the validity of the client’s identity and the documents submitted by them, and establish the necessary procedures for that. They must keep records of the client's documents and identities obtained through the platform for at least ten (10) years from The date on which it was obtained and the necessary measures were put in place to protect it, in particular, the following:
1 - Establishing security requirements on the procedures for accessing the customer’s record.
2 - Verify the validity of the customer-related data, such as phone number and email, by sending a verification (activation) link.
Article (10): When selling insurance policies through the platform, the company and the broker are committed to the following:
1 - Provide an electronic publication that includes the conditions, benefits, and exclusions of insurance coverage, and a mechanism for responding to customer inquiries in this regard.
2 - Provide the customer with a copy of the document and its annexes, and a payment receipt upon its issuance via email or any other method that enables the customer to receive the document, provided that it includes the serial number.
3 - Provide the customer with access to his electronic record, which must include a complete copy of the concluded policy, the insurance premium, and the executive status of claims or any other request related to this policy.
4 - Provide the client - upon his request - with a paper copy of the document signed and stamped by the company or broker, as the case may be.
5 - Explaining all available insurance services and coverage, the additional benefits of each insurance product, and their prices.
6 - The electronic insurance application form conforms to the final version approved by the Authority.
Article (11)
The company and broker must provide a special department for after-sales services through the platform to carry out the following tasks:
1 - Respond to any amendment requested by the client in the document or if he wishes to obtain any information about the current status of his document.
2 - Inform the customer of the procedures followed to cancel the document through the platform.
3 - Inform the customer no less than one month before the expiration of the policy, specifying the insurance premium, so that he can renew the policy or obtain insurance coverage from another company.
Article (12)
Through the platform, the company must provide all the information necessary for the customer or the affected person to submit their claims, and upload a copy of the claim documents.
The company - after accepting the claim - must provide the claimant with a reference number for it, and the company may, before paying the value of the claim, request to obtain the original claim documents from the claimant. To match and verify their validity.
Article (13)
The company and the broker must provide all the information necessary for the customer or the affected person to submit complaints and follow up on their status through the platform, provided that this information includes - as a minimum - the following:
1 - Complaint form.
2 - Contact information for the department responsible for receiving and inquiring about complaints (e-mail, phone number, fax number, postal address).
3 - A general description of the procedures for dealing with complaints, including the estimated time for processing them.
Oman Observer is now on the WhatsApp channel. Click here