IRDAI Compliance: New Guidelines on Unsolicited Commercial Communications in Insurance

Introduction

On May 28, 2024, the Insurance Regulatory and Development Authority of India (IRDAI) issued Circular Ref: IRDAI/PP&GR/CIR/MISC/83/05/2024, addressing the matter of Unsolicited Commercial Communications (UCC) via telecom resources. This circular conveys important directives from the Telecom Regulatory Authority of India (TRAI) that aim to regulate UCC activities conducted through unauthorized telecom means.

Key Provisions of the Circular

Purpose of the Circular

This circular serves to inform all insurers and insurance intermediaries, referred to as Regulated Entities, regarding the new guidelines from TRAI designed to control UCC via voice calls and messages using unauthorized mobile and landline numbers.

Compliance with TRAI Guidelines

1. Registration with Telecom Service Providers (TSPs):

   • Regulated Entities wishing to send commercial communications to existing or prospective customers must register with a Telecom Service Provider.

2. Numbering Series for Voice Calls:

   • 140 Series: Exclusively for promotional voice calls to customers.
   • 160 Series (to be implemented by August 2024): Exclusively for transactional and service calls to customers.
   • Mixing promotional content with transactional/service calls on the 160 series is prohibited.
   • Usage of any 10-digit number outside the 140/160 series for promotional, service, or transactional voice calls is strictly prohibited.

3. SMS Header Registration:

   • Regulated Entities must register their SMS Headers with TSPs. Only registered Headers can be used for commercial communication.

4. Content Template Registration:

   • All message Content Templates, both fixed and variable, must be registered with TSPs.

5. Engagement of Registered Telemarketers:

   • Commercial communications should only be sent through Registered Telemarketers (RTMs) or through direct connectivity with TSPs.

6. Data Security and Customer Awareness:

   • Regulated Entities must:
     • Integrate with the Digital Consent Acquisition (DCA) system for customer consent acquisition.
     • Ensure confidentiality and security of customer data, taking corrective measures in case of data misuse or leakage.
     • Educate customers about their rights and remedial actions available, including DND Registration and Complaint Registration, in the local language.

Conclusion

It is imperative for all Regulated Entities to adhere strictly to the TRAI guidelines as outlined in this circular. Non-compliance could result in penalties or sanctions, affecting the credibility and operation of the insurance sector.