Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011

RECLASSIFICATION OF PROMOTERS BY SEBI

The Securities and Exchange Board of India (SEBI) came out with its consultative paper on “promoter reclassification/ promoter group entities and disclosure of the promoter group entities in the shareholding pattern[1] to seek public comments on November 23, 2020.

The topic of promoter reclassification has been a talking point since 2015, wherein the power to reclassify promoters laid in the hands of the company, rather than the promoter. Therefore, it was observed by SEBI that the process provided too wide a net to alter the tag of a “promoter”. Hence, in 2018, SEBI revamped the procedure and came out with the now inserted Regulation 31A of Listing Obligations and Disclosure Requirements Regulations, 2015.
Continue Reading RECLASSIFICATION OF PROMOTERS BY SEBI

data protection indian insurance regulations

In the first part of this two part series we discussed about the regulatory frameworks governing insurance companies and insurance intermediaries. In this part we will look at the guidelines applicable to both insurance companies and insurance intermediaries which includes cyber security and ecommerce guidelines.

Guidelines Applicable to Both Insurance Companies as well as Insurance Intermediaries

In addition to the previously-mentioned regulations, the IRDAI has also issued certain guidelines pertaining to data security and protection that are applicable to both insurance companies as well as insurance intermediaries. These are the Guidelines on Information and Cyber Security for Insurers[i] (Cyber Security Guidelines) and the Guidelines on Insurance E-Commerce[ii] (E-commerce Guidelines) and have been discussed below.
Continue Reading Data Protection in the Indian Insurance Sector – Regulatory Framework Part II

 Data Protection in the Indian Insurance Sector – Regulatory Framework Part I

A shift towards digitisation has been the central theme for the insurance industry in recent years. Digitisation lowers the cost of transacting business, helps increase penetration, and brings higher efficiencies. However, the convenience of digitisation brings with it concerns related to data protection.

The Information Technology Act, 2000 (IT Act) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules) set out the general framework with respect to data protection in India. However, given the nature of the business of insurance companies and intermediaries, the Insurance Regulatory and Development Authority of India (IRDAI) has prescribed an additional framework for the protection of policyholder information and data, which is required to be followed in addition to the general framework under the IT Act.
Continue Reading Data Protection in the Indian Insurance Sector – Regulatory Framework Part I