Insurance Authority Board of Directors' Resolution No. (18) of 2020 Concerning the Electronic Insurance Regulations

Insurance Authority Board of Directors' Resolution No. (18) of 2020 Concerning the Electronic Insurance Regulations The Chairman of the Board of Directors of the Insurance Authority, Having pursued,

• The Federal Law No. (5) of 1985 concerning the promulgation of Civil Transactions Law and the amending laws thereof;

• The Federal Law No. (10) of 1992 concerning the promulgation of the Evidence Act for Civil and Commercial Transactions and the amending laws thereof;

• The Commercial Transactions Law issued by The Federal Law No. (18) of 1993;

• The Federal Law No. (17) of 2002 concerning the regulation and protection of industrial property rights for patents, Industrial Drawings and models;

• The Federal Law No. (3) of 2003 Concerning Regulating the Telecommunications Sector.

• The Federal Law by Decree No. (3) of 2012 on the establishment of the National Electronic Security Authority (NESA), as amended;

• The Federal Law No. (1) of 2006 concerning the Electronic Commerce and Transactions;

• The Federal Law No. (24) of 2006 On Consumer Protection;

• The Federal Law No.)6( of 2007 on Establishment of the Insurance Authority & Organization of Insurance Operations and the Amendments thereof;

• The Federal Law by Decree No. (3) of 2012 on the establishment of the National Electronic Security Authority (NESA), as amended;

• The Federal Decree-Law No. (5) of 2012 concerning Combating Cybercrimes and the amendments thereof;

• The Federal Law No. (14) of 2018 concerning the Central Bank, the Organisation of Financial Institutions.

• The Federal Law No. (20) of 2018 Concerning Confronting Money Laundering and Combating Terrorist Financing and Financing Illicit Organizations.

• The Insurance Authority Board of Directors’ Resolution No. (2) of 2009 Concerning the Issuance of the Executive Regulations of the Law No. (6) of 2007 Concerning the Establishment of the Insurance Authority and Organization of Insurance Operations, and the amendments thereof;

• The Insurance Authority Board of Directors’ Resolution No. (3) of 2010 Instructions Concerning the Code of Conduct and Ethics to be Observed by Insurance Companies Operating in the UAE and the amendments thereof;

• And, based on the recommendation of the Director General of the Insurance Authority and the approval of the Board of Directors, Has resolved, Definitions Article (1) The following words and phrases shall have the meanings ascribed thereto hereunder unless the context indicates otherwise: State: The United Arab Emirates Law: Federal Law No. (6) of 2007 Cconcerning the Establishment of the Insurance Authority and Organization of Insurance Operations and the amendments thereof. Executive Regulations: The Executive Regulations of the Law. Authority/IA: The Insurance Authority. Board: The Board of Directors of the IA. Director General: The Director General of the IA.

Company: The insurance company incorporated in the State and the foreign insurance company licensed to carry out insurance activities in the State either through a branch, or through an insurance agent, including Takaful insurance companies. Insurance-Related Professions: Any person licensed by the Authority to practice any of the activities of Insurance Agent, Actuary, Insurance Broker, Surveyor & Loss Adjuster, Insurance Consultant or any other insurance related profession that the Board decides to regulate. Insured: The person who has concluded an insurance contract with the company. Insurance Proposer: The person who applies to acquire insurance coverage through the website of the insurance company, insurance agent or insurance broker. Insurance Agent: The person approved and authorized by the company to carry out insurance operations on its behalf or on behalf of any branch thereof. Insurance Broker: The person who independently intermediates in insurance and reinsurance operations between the insurance Proposer or reinsurance Proposer on one side and any insurance or reinsurance company on the other side and receives for his efforts commission from the insurance company or the re-insurance company with which the insurance or reinsurance has been concluded. Electronic: What is relevant to new technologies which has electric, digital, magnetic, wireless, visual, electromagnetic, computed, photic capabilities, and the likewise. Electronic Information: Electronic data and information in the form of text, codes, sounds, graphics, images, or otherwise Electronic Insurance Operations: Any business carried out by the company through electronic and smart systems, including but not limited to;

insurance coverage offers, insurance premium offers, selling of insurance policies, marketing of insurance policies, collection of premiums, receipt of claims, receipt and handling of complaints. Website: The Company Address on the Web, which is accredited in all company’s publications, advertisements, and electronic documents and authorized by the competent authority, including but not limited to:

1. Social networks such as Facebook, LinkedIn and Twitter.
2. Multimedia sharing networks such as YouTube, Instagram and Snapchat.
3. Blogs such as Blogger, Tumblr, and Word Press.
4. Participatory work applications such as Google Docs and wiki tools.
5. Systems based on artificial intelligence and machine learning.
6. Autoreply, chatbot and smart personal assistant.
7. SMS.
8. Voice, video or audio communication.
9. Live chat channels.
10. Smart applications. Electronic Copy: A record or document that is created, stored, generated, copied, sent, communicated or received by electronic means, on a tangible medium or any other Electronic medium and is retrievable in perceivable form. Illegal Access: A person deliberately accesses a computer, a website, an information system, or a computers network without authorization. Outsourcing Company, Provider or Developer: Any natural or legal person providing, publishing, and interfering with the trading of insurance information and data via the Internet. Price Comparison Websites: The registered company at the Authority to provide insurance premium price comparison services, using the internet. Competent Authorities: government entities concerned with the regulation of the businesses identified in the laws for their establishment.

Chapter One General Provisions Article (2)

1. These regulations shall apply to all electronic and smart insurance operations practiced by licensed Insurance Companies, Insurance￾related Professions and marketing insurance policies through banks to the extent applicable to their nature.

2. The provisions of the Federal Law concerning the Electronic Commerce and Transactions and other related laws in force shall apply to the conclusion of an insurance contract electronically or any other matters related to the electronic insurance operations, excluding the matters that are specifically addressed hereunder.

3. Insurance Companies, and Insurance-related Professions must comply with the application of Protection of Confidential Information, issued by the Competent Authorities. Terms of Approval Article (3) Before submitting an application to obtain the approval of the Insurance Authority to practice electronic insurance operations, Companies shall develop a specific action plan for electronic insurance operations, approved by the company’ board of directors, or signed by the owner of the Sole Proprietorship or signed by the same person, in the event that he is a natural person or Sole Proprietorship, as appropriate, prior to submitting it to the Authority. This plan shall include but not limited to the following:

4. An analysis of the projected volume of electronic insurance operations for the next three years;

5. An analysis of the risks associated with electronic transactions and the necessary precautionary measures and procedures to mitigate those risks, including, but not limited to – risks of cyber security, risks of adverse selection, money-laundering and terrorist financing offenses in insurance activities, strategic risks and illegal access to the website.

6. A contingency plan, including the actions that should be taken in case one or more element of the electronic or smart system are disrupted. The plan should include the corrective measures to ensure continuity of business, and reporting to the authorised officials within the company and the Authority. Chapter Two: Electronic Insurance Strategy & Risk Management Responsibilities of the Board of Directors/ Mangers Committee Article (4)

7. The adoption of the electronic insurance strategy in the company and providing the necessary directives to the executive management to ensure the proper implementation thereof.

8. The adoption of the risk management strategy related to electronic insurance, the development of the related internal supervisory controls, and supervising the executive management in the course of their implementation of these requirements. Responsibilities of Executive Management Article (5) The Executive Management shall commit to the following: -

9. Ensure that online insurance products and services are in line with the strategy adopted by the Board of Directors in this respect.

10. Ensure that the level of risks arising from electronic insurance remains within the acceptable risk level stated in the risk strategy adopted by the Board of Directors or the Managers Committee, as the case may be.

11. Take the necessary actions to implement the internal supervisory controls to minimize the risk of exploitation from inside and outside the Company.

12. Ensure the availability of adequate expertise and resources for the business and sustain the electronic insurance system.

13. Develop a written policy adopted by the Board of Directors that establishes a clear separation between the executive and the supervision powers of the electronic insurance and related risk management strategies, so as to determine persons and their powers to access and view the stored files and possibility to make changes to the data contained therein, as well as saving the logs that reflect any access and change to the data of those systems.

14. Develop a policy for advertising and use of price comparison services, obtaining data, sharing data with InsureTech companies, electronic channels developers, manufacturers and suppliers. Addition of Permitted Lines of business Article (6) The company shall apply the resolutions in force and submit an application to obtain the Insurance Authority’s approval on the classes of insurance products that will be sold through its website and comply with the following conditions:

15. The Company shall not sell insurance policies of persons and funds accumulation operations and life insurance products, if linked to investment instruments, through the Company's website or any other website.

16. Subject to what is stipulated in paragraph (1) of the Article herein, the Company may sell life and personal insurance policies, which don’t require specific underwriting to each individual case.

17. The Company and Insurance Related Professions may sell Liability and Property insurance products through their website, in the following lines: a. Health Insurance. b. Fire insurance and associated perils. c. Land vehicles and related liabilities. d. Personal accidents. e. Comprehensive household insurance.

f. Travel insurance. g. Guarantee insurance and fidelity guarantee. h. Robbery and theft insurance. i. Glass insurance. j. Professional indemnity insurance including liabilities of those professionals in the fields of heath, engineering, finance, accountancy, law and other professions. k. Workman’s compensation and employer liability insurance. l. Agriculture and livestock insurance and insurances of other animals. m. Other insurances normally falling under miscellaneous accident insurance. n. Marine cargo insurance. o. Insurance related to housing loans, credit, personal loans, credit cards and similar perils such involuntary loss of employment and wallet insurance. p. Any other insurance that the Authority approves. 4. The Company shall meet the requirements stipulated in Articles (3), (4) and (5) of in the Regulations herein. Chapter Three: Website Management of the Website Article (7) When managing the website, the Company shall comply with the following:

1. The Company shall establish an IT department that shall be responsible for the managing of the official website.
2. The Company shall obtain the Authority's prior approval before assigning the management of the website to any other party, and must verify the compliance of the contracting party with the provisions of the Regulations herein and related legislation.
3. The Company shall appoint of a Communication Officer with the organization to which the management of the website was

outsourced. The Communication Officer’s responsibility shall - include but not limited to - monitoring the contents of the website, responding to the enquiries and requests of customers, verifying that the other party is adhering to application of the outsource contract terms and conditions, verifying the commitment and adherence of the other party to the Regulation hereunder and other related legislation. 4. Companies and related professions shall regularly conduct tests for Illegal Access and assessing vulnerabilities for the website or smart application to guarantee the soundness of such and to fill any potential gaps (if any). 5. Compliance with cyber security standards and requirements issued by the Competent Authorities, to protect data, systems and networks issued by the Competent Authorities. 6. Take the necessary measures, adhere to the data confidentiality of customer and visitor, adhere to the laws related to privacy as soon as they are issued, and put in place the necessary technical measures to prevent the leak of customer or visitor data, whether such thing happened intentionally or unintentionally. Transparency and Disclosure Article (8) 1- The Company or related profession shall comply to directly provide all necessary information to enter into a contract through its website, including the following as a minimum: A. Name of the Company or Related Professions that owns the website or the smart application. B. A Declaration to show the website or smart application belongs to the Company that is carrying the risk or it is one of the insurance Related Professions. In the latter case, it is mandatory to declare the name of the company that is carrying the insured risks. C. The Company or Related Profession ’s registration number with the Authority.

D. Contact details through phone and by electronic means. E. An explanation on how to register a complaint so that procedures are clear. 2- The Company shall continuously update the data and information stipulated in Para (1) of this Article on its website or smart application. Information Security and Integrity Article (9) 1- The company shall maintain the confidentiality of the Electronic Information obtained through the website, and shall not disclose this information to any other party except by judicial or security order. Accordingly, the company shall establish the necessary procedures and controls to maintain the confidentiality of information. 2- The Company and Related Professions shall ensure the security and integrity of the information provided through its website, through applying the measures and criteria determined by the competent authorities in the state, including storing data inside the State and in the cloud. 3- The commitments of the Company and Related Professions and persons responsible of such for maintaining the confidentiality of Electronic Information pursuant to this Regulation shall remain in force and indefinite. 4- The Company and Insurance-related Professions shall protect the confidentiality of personal data and shall not share it with third parties, except within the scope of the provisions specified in this resolution. Further, the Company and Insurance-related Professions shall not disturb customers when promoting products by SMS or frequent emails, unless with prior approval of the Customer for that. 5- establish different levels of supervision and control of the electronic insurance operations carried out through its website as follows:

A. Application of the minimum security measures and procedures to prevent the alteration of content of the fixed information displayed on the website by unauthorized individuals. B. Taking security measures and procedures to protect the shared Electronic Information with customers or visitors of the website from alteration, theft or illegal usage. C. Application of measures and procedures and provision of the latest technologies and programs to ensure the security of the payment transactions carried out through the company's website, by using payment systems that are adopted and licensed by the Central Bank of the United Arab Emirates for paying the amounts of issuing or renewing the insurance policy. 6- The department responsible for the website shall supervise the design, implementation, follow - up and update the security system of the Company’s website. 7- The Company and Insurance-Related Professions shall establish the necessary measures to deal with emergency cases or disasters. They shall also maintain backup copies of all data and Electronic Information displayed or obtained through their website and shall establish a clear mechanism for restoring the website systems in case of failure of one or more elements of the automated system of the website. 8- Insurance companies and Insurance-Related Professions shall take the necessary measures to prevent any viruses from accessing devices, networks, and databases through which the data of customers or visitors to the website may be leaked, whether such thing happened intentionally or unintentionally. They shall also take the necessary measures to not use any storage tools, disks, software, or networks containing viruses, whether such thing happened intentionally or unintentionally.

Duties of the Companies and Related Professions Article (10) The Company and Related Professions shall make sure of the following:

1. Verify its website or smart application's capacity to expand and absorb any additions that may arise in the future, such as the capacity of the website to handle any increase in the number of users, and the absorption of additional electronic insurance operations resulting from selling insurance policies or receiving claims and handling complaints.
2. The website or smart application shall be made available for use on a 24 hours’ basis and throughout the year and the responsible department for the website shall supervise and ensure that. In the event that the website is subject to maintenance processes, these responsible departments shall ensure that maintenance period shall not exceed one working day as maximum. In case of failure to complete maintenance operations during this period, the company shall notify the Authority in writing of the reasons that led to the website failure and determine the expected period of time to reboot the website.
3. Ensure that the electronic content on the website does not fall under any of the prohibited content categories.
4. Ensure that the website does not violate any laws, regulations and legislation in force in the UAE.
5. Ensure the collection and processing of the sensitive data of users in a secure manner (Including: using SSL techniques / Encryption to prevent illegal collection of usernames, credit card information and bank information).
6. Ensure that servers and website systems are secure, the use of antivirus and malware software, and shall perform security audits according to the best practices of management and operations.

Pre-contract Phase Article (11)

1. The Company shall illustrate its website with a description of the nature of the products that the company sells and markets electronically, and with self-assessment tools which enable the Insurance Proposer to assess his insurance needs, and eventually enable him to make an informed decision to conclude the contract.
2. The Company is committed to draw the attention of the Insurance Proposer to the following information in a timely manner during the purchase process and before concluding the contract: a. Nature of the product countering the insurance risk. b. Main benefits of the product. c. Options of the insurance product and the insurance coverage. d. Exclusions of coverage and restriction of the product. e. If there are waiting periods for specific covers. f. Total premiums, VAT and any other expenses, in an accurate and clear manner. g. Warning the Insurance Proposer of the consequences of providing incorrect data and information. h. Showing the outcome of cancelling the contract, in particular the manner premium refunds are calculated. i. Informing the Insurance Proposer about the importance of acquiring insurance consultancy from a licensed and registered Insurance Consultant. Declarations of the Insurance Proposer Article (12) The Company, through its website is committed to use "step by step" approach for the disclosure of essential individual information (rather than providing information in full) to ensure that the Insurance Proposer acknowledges and signs the same, and that he has read the essential information related to the insurance application, and that he comprehends and understands legal consequences of his declaration.

Outsourcing of Electronic Insurance Operations Article (13)

1. The Company and Insurance -Related Professions, after satisfying the procedures set forth in the Regulations herein- when outsourcing the electronic insurance operations to other party, outsourcing the development, management or maintenance of its website or outsourcing any other operations related to its website, shall develop a special provision in the Outsourcing Contract thereunder the other party shall commit to apply the provisions of the Regulations herein, the code of professional practice issued by the Insurance Authority, and other related legislation. The Company and Insurance-Related Professions shall remain accountable to the IA.
2. It is permissible to execute contracts through electronic automated means, including two or more electronic information systems that are prepared and programmed to do such in advance. The contracting shall be valid and has legal grounds, even if no direct personal interference was done in the process of executing the contract between these systems.
3. It is permissible to enter into a contract through an electronic automated system in the possession of a Company and Related Professions and other party, provided the other party knows or is expected to know that the system will automatically handle entering and executing the contract.
4. The Company and Related Professions, that wish to sell their insurance products through a website owned by other party licensed for this purpose, shall obtain the prior approval of the Insurance Authority. The Company and Related Professions shall verify that the website of the other party meets the following conditions: A. If the other party's website is used to sell the insurance products of other companies, each insurance product must be clearly linked to the company providing it.

B. The website shall include all the information and data that need to be disclosed by the company, such as; the Company name, address, license status, classes of insurance activities, channels of communication with the Company. C. The Website of the other party shall clarify the role of this party, its obligations towards customers such as the insured and whether this party is a broker or insurance agent licensed by the Insurance Authority or any other authority. Advertising and Marketing Article (14) The Company and Insurance-Related Professions or the party outsourced to perform the business related to the company’s website, when conducting advertisement and promotion of the electronic operations shall comply with the provisions of the code of professional practice, and must obtain the prior written approval of the Insurance Authority. Chapter Four: Price Comparison Websites Article (15)

1. Insurance Companies and Insurance-Related Professions are prohibited from dealing with Price Comparison Websites, except for Insurance Brokers.
2. In the event that the company deals with an Insurance Broker that deals with Price Comparison Websites, the company shall abide by the prices and coverage that appears on the Price Comparison Websites.
3. When dealing with Price Comparison Websites, Insurance Brokers are obliged to do the following: a. Not to deal with websites not registered with the Authority.

b. Providing the Authority with a copy of the agreement signed between the Insurance Broker and the owner of the Price Comparison Website, containing the terms and conditions, including not allowing them to issue or market any kind of insurance policies, and that the service provided by the website is to compare prices only and that the right to communicate with customers is limited to the Insurance Broker. The Insurance Broker shall also refrain from granting price comparison websites any authority to issue an insurance certificate. The agreement shall also indicate the amount of the allowance received by the Price Comparison Website which must be as a referral allowance in the form of a lump sum only. 4. The Price Comparison Websites that handle insurance, for the purposes of registration, shall satisfy the following: a. To be a company registered in the State according to the Commercial Companies Law or one of the financial free zones in the State. b. Submit a registration application to the Authority in accordance with the approved regulations. c. Providing the Authority with a copy of the agreement concluded with the Insurance Broker, provided that it includes referral fees for Price Comparison Websites provided that they are in the form of lump sums and it is prohibited to charge a commission for the services they provide. d. To have one of the goals of the company in its memorandum of incorporation is to provide a service for comparing insurance premium rates. e. Insofar as the issue relates to insurance, the company should not extend its work on anything other than providing premium comparison services. f. Not to engage in the activity of the Insurance Agent, insurance Broker, or any other insurance-related professions, or carry out insurance underwriting operations or receive insurance premiums. g. The Website clearly and explicitly and legibly included that the website only provides insurance policy price comparison services.

h. Refrain from maintaining, storing or copying any electronic data or information related to potential clients or clients and such information must be transferred electronically to the company in question without making copies thereof. i. Submit an undertaking to the Authority to abide by Federal Law No. (6) of 2007 concerning the Establishment of the Insurance Authority and organization of Insurance Operations, the amendments thereof, its regulations, instructions, decisions and circulars issued pursuant thereto. j. Designating an employee who is concerned with communicating with the Authority, and providing the Authority with his contact information and updating it periodically. 5. Price Comparison Websites must apply to renew the registration annually, including the following: - a. A list of the brokers contracted with during the year. b. Any changes to the agreement concluded with the Broker. c. A statement of the revenues generated by the Brokers. d. A list of the insurance lines that are compared. e. Any matters decided by the IA. 6. Price Comparison Websites are prohibited from communicating with the customer, and communication shall only be made through an Insurance Broker. 7. The provisions of the Regulations herein shall be applied to Price Comparison Websites, to the extent that they are applied to them, and according to what is decided by the Authority in this regard. 8. In the event that any of the violations of the Price Comparison Websites are proven according to evidence available to the IA or the Competent Authorities, the IA may take any of the following measures and penalties: a. Warning the Price Comparison Website to take appropriate measures to rectify its conditions during a specific period.

b. In the event that the conditions are not rectified within the specified period, the Price Comparison Website is prohibited from dealing with the Insurance Broker for a period not exceeding six months. c. In the event of repeating the violation, the website shall be blocked for a temporary period in coordination with the Competent Authorities, or the website shall be completely blocked, according to the discretion of the IA. Chapter Five: Selling and Marketing Insurance Policies Identifying the Customer Article (16)

1. The Company and the Insurance Agent, prior to selling or issuing any insurance policy through its website, shall verify the identity of its customers and the documents submitted by them and develop the necessary procedures in this regard. The Insurance Broker shall comply with the aforementioned rules when issuing the insurance certificate.
2. The Company and the Insurance Agent shall apply what is included in the legislations of anti- money laundering, combating the financing of terrorism and financing illegal organizations crimes, and they must inform the Competent Authority in accordance with electronic regulations or other approved means for any suspected activities that take place through its website.
3. The Company, Insurance Related Professions and Insurance Agent shall maintain proper records of customers’ documents and identities obtained through its website for a period of at least 10 years.
4. The Company, Insurance-Related Professions and Insurance Agent shall establish an electronic account for each customer and shall develop the following procedures to protect the customer's account: A. Change the password of the customer's account periodically. B. Request to re-enter the password after lapse of a fixed period of inactivity.

C. Validate the customer's email address by sending a verification link (activation). D. A unified policy approved by the company’s board of directors, which includes insuring the insurer has two factors upon logging in. Rules of Selling the Insurance Policy Article (17)

1. The Company and Insurance Agent shall issue dated electronic insurance policies and the issued electronic version shall include all the contents of the policy, including the insurance application, policy terms, limits of coverage and the annexes. They shall provide the customer with a copy of the entire policy in all available ways and means. Additionally, they must provide the customer with a thorough electronic copy of the policy in (PDF) format, which shall be sent by e-mail or other electronic means as soon as they are issued. The commencement date of and expiry date of the insurance coverage shall be clearly stated in the policy. The Insurance Broker shall comply with the aforementioned rules when issuing the insurance certificate.

2. The Company and Insurance Agent shall enable the customer to view, print and download a complete electronic copy of the policy through his electronic account on the Company's website at any time. In the event that the format of the electronic policy requires the use of special software, the company shall provide the necessary software on its website.

3. The Company and Insurance Agent shall provide the customer at his request with a paper copy of the insurance policy issued electronically signed and stamped by the Company or any other document directly related to this policy through its branches or its agent’s branches, or by sending it by registered mail within a period not exceeding seven working days from the date of customer application.

4. The Company and Insurance Agent shall provide the Insurance Authority with the electronic websites addresses through which the insurance policies will be sold, or through the Agent or the Broker. Payment of the Due Premiums Article (18) The payment of electronic policies premiums may be paid by the applicable electronic means of payment, including direct debit from a bank account or credit card payment and other payment methods adopted by the Central Bank of the United Arab Emirates. Post-sale Provisions - Services Article (19)

5. The Company and the Insurance Agent –as case may be - shall abide by all legislations in force related to the electronic operations in the State, when selling any insurance policy through its website. The Insurance Broker shall comply with the aforementioned rules when issuing the insurance certificate.

6. The Company, The Insurance Agent and the Insurance Broker shall develop clear procedures for the cancellation of the policy through their website. Article (20)

7. The Company and Insurance Agent shall communicate with the customer by using at least two means of communication preferred by the customer, such as; E -mail, registered mail, SMS and telephone.

8. The Company and Insurance-Related Professions, when sending notification or announcement to more than one customer by E - mail or any other means of communication, shall verify and ensure that the notification or announcement does not contain any personal

information relating to any customer and in a way that prevents the recipients of the notification or announcement to identify the identity of any other recipient. 3. The Company, the Insurance Agent and the Insurance Broker, when issuing the insurance policy through their website, shall provide a special section for post sales services on the website, whereby the customer can perform any of the following operations: A. Render any additional services related to the valid policy. B. Demand to Make any amendments to the policy, such as; addition, renewal or cancellation. C. Verify the status of the policy (valid, expired or cancelled). D. Know the date of commencement of the insurance coverage, the expiry date, insurance amount and insurance policy number. E. View the premiums schedule. F. View the paid premiums, payment dates and amounts. 4. The Company, the Insurance Agent and the Insurance Broker shall inform the customer one month at least before the expiry date of the insurance policy to enable the customer to renew the policy or obtain insurance coverage from another company. The Customer shall be informed through all the available means of communication referred to in Para (1) of the Article herein. Registering Complaints and Claims Article (21) Without prejudice to the provisions of the Code of Professional Practice and the legislations in force, the Company, the Insurance Agent and the Insurance Broker shall provide through their website, all the information necessary to the customer or the third party (the injured third party) to lodge complaints and follow - up their status. The information shall include the following as a minimum:

1. Complaint/Claims Forms.

2. Contact details of the concerned department for receiving complaints in the Company, the Insurance Agent and the Insurance Broker.

3. Available communication channels to inquire about complaints (e￾mail, fax, phone, postal address).

4. A general description of complaints handling procedures, including the estimated time to address a complaint.

5. The Company and the Insurance Agent are obliged to provide a written response to the claim, whether by accepting the claim or part of it or rejecting the claim in full, with an explanation of the reason.

6. Contact information of Customer Happiness Department in the Insurance Authority. Claims Handling Article (22)

7. The company shall provide electronic claim forms for submitting claims and uploading electronic copies of the claim documents. After accepting the electronic claim, the company shall provide the claimant with a reference number of his claim.

8. Before reimbursement of the claim submitted online, the Company may require the original claim documents from the claimant to match them and verify their validity. Chapter Six: Final Provisions Supervision and Inspection Article (23)

9. The Insurance Authority shall supervise and conduct periodical or challenge inspections in order to ensure compliance with the legislation issued by the Authority and to verify any irregularities resulting from the inspection or contained in the complaints received by the Authority.

10. The Insurance Authority may request all information and documents for the purposes of supervision and auditing.

Violations and Penalties Article (24)

1. If it was substantiated by evidence to the Authority and any other competent authorities, that the Company, Insurance Agent or Insurance Broker committed a violation, then the Authority may take one of the following actions and penalties: a. Warning that appropriate measures shall be taken to rectify conditions within a specified period. b. Suspend the electronic system for a period not exceeding six months in cooperation with the related Competent Authorities, and in case of repeating the violation, the period of suspension shall be doubled, and the public shall be notified of such by an announcement which shall be published by the Insurance Authority on its website or any other means. c. In case of failure to rectify conditions within the specific period, a decision to cancel the approval granted shall be taken, and all Insurance Companies, Agents, Brokers and competent authorities shall be informed of the decision and the public shall be informed by an announcement published by the Insurance Authority on its website. d. In the event the approval granted is cancelled pursuant to the provision of the Article herein, the entity against which the decision was issued may not submit a new application for approval before the lapse of one year from the date of issuing the cancellation decision.
2. Websites that carry out insurance operations inside the State without obtaining a required license by the IA shall be blocked, in coordination with the Competent Authorities in the state.

Grievance Article (25) The decision issued by the Authority according to Article (24) of the Regulations herein may be appealed within (20) days from the date of notification thereof. The appeal request shall be submitted to the IA’s Board of Directors to decide within (60) working days of submitting the complete request, and the decision of the Board on such appeal shall be final. Final Provisions Article (26) Insurance Companies and Insurance Related Professions registered by the Authority shall rectify their conditions pursuant to the provision of the Regulations herein within six months from their entry into force. Article (27) The Director General shall issue the decisions and circulars necessary to implement the provisions of the Regulations herein. Article (28) These Regulations shall be published in the Official Gazette and shall come into force as from the following day of its publication. Eng. Sultan bin Saeed Al Mansoori. Minister of Economy -Chairman of the Insurance Authority Issued in Abu Dhabi on: 27/4/2020 In case there is any inconsistency between this translation and the Arabic version of this resolution, then the Arabic version shall prevail.