IDD, a challenge for insurers’ regulatory compliance

Some economic sectors are subject to intense regulatory pressure due to the relevance of their activity, their impact on the lives of their clients or users or the special protection of the data they handle, among other reasons. Among these sectors is the insurance sector. Such is the volume of data processed by its companies and its relevance that the European Union created a directive to harmonize at Community level some of the essential aspects in the distribution of insurance, thus improving the relationship between company and client. It did so by means of Directive (EU) 2016/97 on Insurance Distributiontransposed to our legal system in 2020. The obliged subjects are: insurers and any entity that participates in the process of insurance distribution, whether they are mediator, broker, physical or digital insurance offices, etc.

Among many other things, the IDD (Insurance Distribution Directive) came to standardize in all Member States aspects such as, among others, the mandatory qualification of insurance professionals and the information (type and format) that must be provided to customers before and after taking out products. It also makes it compulsory for customers to carry out suitability and appropriateness tests before taking out certain types of insurance, as was already the case in the financial sector, thus obliging insurers to create and implement Product Oversight and Governance(POG) procedures or policies to ensure that products meet the needs of the target market at all times.

With this regulation, the European Parliament has provided transparency to the contracting processes and increased the protection of users, regardless of the European Union country in which they reside or the channel through which they contract their insurance. Another of its effects has to do with guaranteeing free competition in the sector. But one of its most important innovations has undoubtedly been to consider insurance companies as a distribution channel more oriented towards the end user: the customer.

Due to the wide range of types of companies affected, products and types of clients, as well as the diversity of existing channels for communicating with the client, the IDD is a directive that generates difficulties in its compliance and also makes it continuously: it is not enough for the actors in the insurance area to adapt to the regulation at the time of its entry into force, for example, but because of some of the obligations established in the text, this has to be done continuously.

One of the most important challenges for companies is to undertake the processes related to the Insurance Product Information Document (IPID) for non-life products and the suitability and appropriateness tests in the case of insurance-based investment products. Regarding the former, IPID is a document that must be delivered on a durable medium. -Durable medium – meaning any instrument that enables the consumer and the entrepreneur to store information addressed personally to him in a way that allows future reference and faithful reproduction. the customer prior to taking out an insurance policyIn the first, the insurance policy, which details the following aspects: insurer, type of insurance, coverage, exclusions, limitations and the existence of a section where you can get in touch in case of non-renewal of the insurance, in short, it is a document that facilitates the understanding of the general conditions of the insurance contracted. Regarding the second, suitability tests are mandatory in those insurance-based investment products that incorporate a structure that makes it difficult for the customer to understand the risk involved, for the purposes of Article 30, paragraph 3, of the Insurance Distribution Directive.

In both cases, companies must be able to make the appropriate documents and information available to their clients or future clients before signing the product, to do so in the manner established by the regulations and to obtain the necessary evidence depending on the case (delivery, download, reading, test, communication of the client’s aptitude or not to contract the investment…).

In addition, at the request of the regulator, the user or the judicial administration, in the event of litigation, companies will have to be able to demonstrate that the entire process has complied with the requirements of the IDD and with all the guarantees provided for by law.

All this, moreover, must be carried out in combination with the prerogatives of one of the most important (and most fine-provoking) cross-cutting regulations, the General Data Protection Regulation.

The transposition of this directive in Spain was carried out at the beginning of 2020, when it was approved by the Council of Ministers through the Royal Decree-Law on the public procurement of private insurance.

The transposition of the IDD into Spanish law classifies its system of infringements as very serious, serious and minor, and distinguishes between natural and legal persons both when identifying infringements and when imposing the associated fine.

In the case of very serious penalties, a company could face penalties of up to 5% of the annual turnover published in the latest available accounts or EUR 5 million. Also, and depending on the type of sanction, fines of twice the amount of profits made or losses avoided due to the infringement could be imposed, if this can be determined.

In the case of individuals, in addition to financial penalties, some of the irregularities could result in the cancellation of their registration in the administrative registry or even the suspension of their activity for a period of 10 years.

At MailComms Group we have technological solutions, developed in-house, designed to ensure compliance with the Insurance Distribution Directive, while offering an attractive user experience to customers and the companies with which we collaborate.

Our tools allow you to generate and send the IPID and the suitability and appropriateness tests through any channel and in a certified manner, and also obtain the evidence of storage on a durable medium required by law to properly complete the procedures.

In addition, these solutions integrate functionalities such as electronic signature, proof of receipt and digital certification to ensure the legal authenticity of transactions and defense in the event of claims or legal proceedings.

On the other hand, they can be combined with our GDPR consent management platform for end-to-end compliance.

> Related content: we can also assist you in optimizing your strategies to improve the traceability of legal documents in insurance companies.