The Insurance Regulatory and Development Authority of India (IRDAI) has advised insurers to widen the scope of their individual cyber insurance policies, including global jurisdiction of cover.
Some of the other inclusions the regulator proposed are card cloning, skimming, small claims without a first information report (FIR), and online shopping fraud, The Indian Express reported.
According to the regulator, while the cyber cover may be valid worldwide, claims settlement must be made in India.
“A number of syndicated frauds originate from outside India – phishing, ransomware and malware attack – and cyber insurance clauses may or may not be clear on the coverage in this regard,” IRDAI said in a guidance document issued to insurers in the market.
While lodging an FIR with the police remains a critical requirement for most claims, IRDAI said that insurers may merely require an e-complaint filed at the National Cyber Crime Reporting Portal for small claims up to INR5,000 (SG$91).
“SIM-jacking, card cloning, skimming coverage is not available currently in the market while the same [are major reasons] for loss in India,” the regulator said. “Insurers could offer coverage for such losses.”
With hardware costs commonly excluded from cyber insurance policies, IRDAI also proposed inclusion of cover for hardware damage in the products.
However, IRDAI’s working group stopped short of suggesting a standardised policy wording for cyber. The group, which conducted consultations with various stakeholders, concluded that the rapid evolution of cyber risks and corresponding legal frameworks make standardised wordings unfeasible.