The Insurance Regulatory and Development Authority of India (IRDAI) announced on June 19, 2026, the formation of a seven-member working group on artificial intelligence, with a three-month deadline to deliver recommendations expected to form the basis of the sector’s first formal AI governance framework. For compliance and technology teams at regulated entities, the working group’s output is likely to define the standards against which existing and future AI deployments will be assessed.
According to The Hindu, the group’s mandate is broad. It will map the current state of AI adoption among regulated entities – assessing how far insurers have gone in deploying the technology, what systems are in use, and what governance structures already exist. From that baseline, it is tasked with proposing a framework for ethical, transparent, and explainable AI use, with specific attention to claims processing and fraud detection – the two functions IRDAI names explicitly, and where automated decision-making carries the greatest regulatory and reputational exposure for insurers.
Beyond internal governance, the group will assess the impact of frontier AI tools on insurance operations, prescribe security controls to mitigate risks from AI-driven automated attacks, and examine whether the sector requires stress tests to measure its exposure to AI-related failures. It will also survey how regulators in other markets have approached AI oversight in insurance – a review that will inform the audit framework the group is required to develop, covering both pre-deployment and post-deployment requirements.
Identifying skills gaps and capacity-building needs across the industry also falls within the group’s scope. That task points to a question that sits at the heart of the entire mandate: when an AI system produces an error in a claims decision or a fraud assessment, who bears responsibility? The audit framework the group is tasked with designing – covering what happens before an AI system goes live and how it is monitored afterward – is the mechanism through which that accountability gap could begin to close. No such framework currently exists in the Indian insurance market, which is part of what the working group is being asked to remedy.
The working group is chaired by Sandeep K. Shukla, director of the International Institute of Information Technology Hyderabad. Members include serving and former senior officials from CERT-In and the Reserve Bank Information Technology private limited company, alongside representatives from a life insurer, a general insurer, and a standalone health insurer. Deepak Gaikwad, IRDAI’s general manager and chief information security officer, serves as member convener.
The working group’s formation follows IRDAI’s issuance of revised information and cyber security guidelines in April 2026, which directed regulated entities to begin compliance in the current financial year, citing an evolving threat landscape. The AI working group extends that regulatory direction into territory the April guidelines did not fully cover: the ethical, operational, and governance dimensions of automated decision-making within insurance businesses. The three-month submission deadline places the group’s recommendations within the current financial year. Insurers should treat that window as preparation time – auditing current AI deployments, identifying governance gaps, and assessing whether existing systems would meet a standard of ethical, transparent, and explainable operation.
The IRDAI move comes as survey data from the global insurance industry points to unresolved questions about AI’s readiness for broad deployment – questions the working group's mandate directly acknowledges. A GlobalData poll conducted across the first and second quarters of 2026, surveying 113 insurance industry respondents, found that close to a quarter believed AI was not yet ready for widespread use within insurance.
Ben Carey-Evans, senior insurance analyst at GlobalData, attributed this to where applications currently stand in the sector. “This might be because use cases to date are largely around customer service and chatbots, rather than full-scale implementation. Regulation has not fully caught up yet and there is concern around who is liable for mistakes made by AI,” he said, in the GlobalData report published May 26, 2026. The liability concern Carey-Evans identifies connects directly to what IRDAI’s working group is attempting to address. A pre- and post-deployment audit framework of the kind the group is designing would, in principle, establish where responsibility lies when automated systems produce errors – whether in a claims outcome, a fraud flag, or an underwriting decision.
On expertise, GlobalData’s job market data recorded approximately 63,293 active insurance AI-related job listings globally in 2025 – a roughly 50.9% rise from 2024 and the highest annual figure in the dataset, according to the same report. The figures point to an industry attempting to close expertise gaps through hiring, even as the pace of AI development continues to outpace those efforts. IRDAI’s mandate to the working group to identify skills gaps and capacity-building needs suggests the regulator views this as a structural issue requiring sector-wide attention, not just individual company responses.
Carey-Evans outlined a practical path for insurers navigating the transition. “There will always be challenges to implement a technology with such high expectations as AI across the value chain. Insurers need to ensure they have the right expertise in place and fully understand the technology. Targeting certain areas at a time, such as customer service, customer acquisition, or claims could help make the scale manageable,” he said.
The three-month deadline is the beginning of a compliance cycle, not the end of one. While the working group’s recommendations will not automatically carry the force of regulation, IRDAI’s April 2026 cyber security guidelines – issued earlier this year with an immediate compliance requirement – indicate the regulator is prepared to move from guidance to obligation within a single financial year. Insurers that wait for final rules before assessing their AI governance posture are likely to find themselves under time pressure when those rules arrive.
The skills gap question deserves particular attention. If IRDAI’s recommendations follow the direction the mandate suggests, insurers without adequate in-house AI expertise may find it difficult to demonstrate compliance with audit or governance requirements. Addressing that gap before the framework is finalized is less disruptive than doing so under regulatory pressure. Claims processing and fraud detection are where scrutiny is likely to land first. These are the functions IRDAI specifically names in its announcement, and they are where the consequences of unexplainable or erroneous automated decisions carry the most weight – for policyholders, for regulators, and for the insurers accountable for both.
