الهيئة العامة للرقابة المالية

• Digital Brokers must meet all licensing requirements, submit a detailed business plan and clearly define the insurance products intended for digital offering.
• Companies shall submit a live version of the digital platform to FRA for review before its launch, along with the crucial results of penetration and vulnerability tests.
• Insurance offers and policies must be issued instantaneously (in real-time) through seamless electronic interface connections between the Digital Broker’s platform and the insurance companies’ systems.
• Brokers are required to use secure servers for storing customer and insurer data, guaranteeing full confidentiality.
• To finalize policy issuance, broker must secure the customer’s formal approval of all required declarations.

FRA Board of Directors issued Resolution No. 198 of 2025 establishing comprehensive controls for all digital insurance brokerage activities. This move is designed to accelerate digital transformation within the non-banking financial sector, create a robust regulatory environment supporting FinTech in insurance and enforce the stipulations of the new Unified Insurance Law No. 155 of 2024.

The resolution lays out strict requirements for licensed brokerage firms aiming to conduct business digitally. To gain approval, companies must already hold a valid license from  FRA for digital activity, submit a Board-approved business plan and clearly specify the digital products and services they intend to offer. Furthermore, they must adhere to the rigorous standards for digital services and cybersecurity outlined in FRA Board Resolutions 139 and 140 of 2023.  Companies must also provide FRA with a live version of the digital platform, including the essential results of penetration and vulnerability tests.

The new rules mandate that companies complete the issuance of insurance offers and policies instantaneously (in real-time). This is achieved through secure electronic interface connections (Web Service API) linking the Digital Insurance Broker’s platform directly with the insurance companies’ systems. The Digital Broker is explicitly responsible for ensuring that the insurance companies have fully prepared their technological infrastructure before the instant connection and information exchange established.

Digital Insurance Broker is mandated to securely store all customer and insurer data on protected servers, strictly preserving confidentiality and prohibiting disclosure outside the limits of the law. Digital Brokers shall clearly display their FRA license and approval on the digital platform and making all relevant service information readily available.  In addition, brokers must prepare all necessary declarations and acknowledgements for the customer to review and formally approve the terms and benefits before the policy is issued.

Furthermore, brokers are required to enhance accessibility by enabling direct customer service communication through the platform and allowing customers to neutrally compare insurance products of the same type.

On the other hand, the resolution strictly prohibits brokers from collecting premiums or fees by any method that routes funds into the broker’s own account. Instead, brokers must rely exclusively on the non-cash collection methods provided by the insurance company.

The resolution states that brokers must adhere to all cybersecurity requirements stipulated in previous FRA Board resolutions. This includes an obligation to conduct periodic penetration tests on the platform at least once annually, as well as following any material change to the technical systems. The broker must submit the results of this security test directly to FRA.

Additionally, it mandates that the platform undergo a Vulnerability Test at least once every three months and testing whenever a material change occurs in the technical systems. FRA must be immediately provided with the results of all these tests. Furthermore, the digital platform must be periodically developed and updated as needed and FRA reserves the right to request any related data or documentation.

Insurance companies that contract with a Digital Insurance Broker bear critical responsibilities. They must first verify that the broker has secured the necessary FRA approval before finalizing the agreement. They must also ensure that the electronic link established between their systems, the broker’s is dedicated exclusively for brokerage purposes, and that all product prices are displayed accurately according to the approved technical basis.

Companies must ensure their own readiness by preparing their technological infrastructure for instant (real-time) linking, information exchange and digital communication. They are required to independently verify the integrity and safety of the broker’s Penetration Test and Vulnerability Test results. Crucially, they must notify FRA immediately of any security breaches or violations the moment they occur.

Moreover, companies must offer specific channels for the e-collection of premiums using only companies registered in FRA’s dedicated registry for electronic collection. This ensures that all premiums are transferred directly into the insurer’s account.

Ultimately, this resolution is a strategic move by FRA to enhance digital transformation and raise the efficiency of the insurance market, which will expand coverage and make services accessible to more citizens, thereby boosting insurance, investment and financing inclusion.