Photo of Supriya Aakulu

Principal Associate in the General Corporate Practice at the Bangalore office of Cyril Amarchand Mangaldas. Supriya is experienced in a range of corporate areas, and has advised on public and private mergers and acquisitions, foreign investments and corporate restructurings. Supriya has also advised on private equity transactions and holds varied experience in advising private equity funds and Indian companies on their investments in India, both financial as well as strategic. She can be reached at supriya.aakulu@cyrilshroff.com

The Securities and Exchange Board of India (“SEBI”) has recently introduced significant changes to the governance framework for listed companies through an amendment to the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015 (“LODR Regulations”).

The amendments were signaled by various consultation papers issued by SEBI over the last 6-9 months, including consultation papers on ‘Review of disclosure requirements for material events or information under SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015’ and ‘Strengthening Corporate Governance at Listed Entities by Empowering Shareholders – Amendments to the SEBI (LODR) Regulations, 2015’.Continue Reading SEBI Amendments to the LODR – An Overview of Key Changes

data protection indian insurance regulations

In the first part of this two part series we discussed about the regulatory frameworks governing insurance companies and insurance intermediaries. In this part we will look at the guidelines applicable to both insurance companies and insurance intermediaries which includes cyber security and ecommerce guidelines.

Guidelines Applicable to Both Insurance Companies as well as Insurance Intermediaries

In addition to the previously-mentioned regulations, the IRDAI has also issued certain guidelines pertaining to data security and protection that are applicable to both insurance companies as well as insurance intermediaries. These are the Guidelines on Information and Cyber Security for Insurers[i] (Cyber Security Guidelines) and the Guidelines on Insurance E-Commerce[ii] (E-commerce Guidelines) and have been discussed below.
Continue Reading Data Protection in the Indian Insurance Sector – Regulatory Framework Part II

 Data Protection in the Indian Insurance Sector – Regulatory Framework Part I

A shift towards digitisation has been the central theme for the insurance industry in recent years. Digitisation lowers the cost of transacting business, helps increase penetration, and brings higher efficiencies. However, the convenience of digitisation brings with it concerns related to data protection.

The Information Technology Act, 2000 (IT Act) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules) set out the general framework with respect to data protection in India. However, given the nature of the business of insurance companies and intermediaries, the Insurance Regulatory and Development Authority of India (IRDAI) has prescribed an additional framework for the protection of policyholder information and data, which is required to be followed in addition to the general framework under the IT Act.
Continue Reading Data Protection in the Indian Insurance Sector – Regulatory Framework Part I