3500 + Expert Advisors

3500

Expert Advisors

50 + Branch Offices

50

Branch Offices

Get Free Expert Consultation

Get Update on Get Update on Whatsapp Whatsapp

Insurance Web Aggregator Compliance under IRDAI – An Overview

Insurance web aggregator compliance under IRDAI is a strict compliance requirement governed by the IRDAI (Insurance Web Aggregators) Regulations, 2017. Web aggregators that adhere to insurance web aggregator regulatory compliance requirements also help with cybersecurity, DPDP compliance, regulatory reporting, the IRDAI portal, consent management, and corporate governance in India.

In simple terms, starting as an insurance web aggregator requires adherence to several IRDAI regulations and legal requirements for commencing business in India. Get Corpbiz support to prepare an IRDA web aggregator compliance checklist for filing, infrastructure, data privacy, inspection, etc.

Insurance Web Aggregator Compliance under IRDAI
Schedule a Meeting

Why is IRDA Compliance for Insurance Web Aggregators Important?

The importance of ensuring IRDA compliance for insurance web aggregators in India is as follows:

  • Enhanced Data Protection
    IRDA compliance for insurance web aggregators ensures protection of highly sensitive financial and personal information and 128-bit data encryption in India.
  • Enhanced Risk Management
    IRDA compliance for insurance web aggregators serves as a shield against financial penalties and reputational risk, helping manage lead generation, sensitive data, and operational transparency.
  • Builds Customer Trust
    IRDA compliance for insurance web aggregators leads to lower consumer apprehension, higher retention, organic traffic and long-term brand reputation.
  • Customer Grievance Redressal
    Insurance web aggregator compliance provides access to a formalised channel to resolve customer disputes regarding leads, policy mis-selling, or unauthorized telemarketing calls.
  • Professional Indemnity Management
    Ensuring compliance with insurance web aggregator regulations helps the business remain financially viable to handle client operations and professional indemnity commitments.
  • Supports Business Collaborations
    Insurance web aggregator compliance allows web portals to legally display products and generate leads, thereby facilitating business collaborations and partnerships in India.

Don't Let Compliance Delays Slow Down your Insurance Business

Avoid missed deadlines and keep your business aligned with IRDAI requirements.

✔ 360-degree Compliance Support ✔ Hassle-free System
Free 30-min Strategy Call

What is Included in the Insurance Web Aggregator Compliance Checklist?

The insurance web aggregator compliance checklist includes the following, as provided below:

  • Possess and maintain a half-yearly net worth of at least Rs. 25 lakhs.
  • Ensure review of status semi-annually on September 30th and March 31st.
  • Prepare a net worth certificate authenticated by a practicing CA.
  • Track record of the applicant's firm not showing connection with business governed by IRDAI.
  • Transfer all generated leads to insurers for protection using a minimum of 128-bit encryption.
  • Annually audit technology platforms by a CERT-in-empaneled auditor.
  • Maintain policy-wise details in a prescribed format.
Talk to our Experts
Documents for Insurance Web Aggregator Compliance under IRDAI

Documents for Onboarding Before Insurance Web Aggregator Compliance Under IRDAI

The following is a list of documents needed for onboarding before insurance web aggregator compliance under IRDAI:

  • IRDAI insurance web aggregator license
  • Memorandum & Articles of Association (M&AoA)
  • Company registration certificate
  • Audited financial statement of the company
  • CA-certified net worth certificate of the company
  • Board resolution or partner authorization for filing application
  • Screenshot of proposed website domain registration
  • Detailed architecture diagram of lead management system
  • Preliminary proof of SSL encryption and cyber-security audit report
  • KYC and identification proof of all directors, partners, and key personnel
  • Policies on cybersecurity and VAPT procedures
  • Record of grievance redressal
  • Record of previous IRDAI filings and ancillary approvals
  • Compliance & corporate governance policies
  • Detailed 3-to-5 years business plan and financial projections
  • Any other documents (if applicable)
Book a 1:1 Virtual Meeting

Types of Insurance Web Aggregator Regulatory Compliance

The following are the key types of insurance web aggregator regulatory compliance in India:

  • Capital Adequacy Compliance: The IRDAI-authorized insurance web aggregators must maintain a consistent minimum net worth and capital adequacy to sustain eligibility throughout the year.
  • Website & Portal Disclosure: The IRDAI-registered insurance web aggregators must clearly disclose information about partnered insurers, product comparisons, and features on their official websites or portals.
  • Sales and Solicitation Compliance: The insurance web aggregators must ensure that only IRDAI-certified operators engage in insurance sales and solicitation, ensuring compliance with the prescribed code of conduct.
  • KYC & AML Compliance: The IRDAI-registered insurance web aggregators must verify client identification details, the Anti-Money Laundering framework, and store historical logs for audit readiness.
  • Maintain Audit & Inspection Records: The IRDAI-authorized web aggregators must maintain records of the audited balance sheet, profit and loss statement, and auditor's certificate within 90 days of the financial year-end.
  • Submit Annual Returns: The IRDAI-authorized insurance web aggregators must submit bi-annual and annual returns disclosing details of leads generated and business placed with insurers.
  • Establish Consumer Grievance Redressal: The insurance web aggregators must establish a consumer grievance redressal mechanism to handle consumer complaints, maintain logs, and furnish timely reports.
  • Maintain Professional Indemnity: Insurance web aggregators must maintain a valid professional indemnity insurance policy to safeguard against liabilities arising from professional negligence, errors, or omissions.
  • Implement Cybersecurity Infrastructure: The insurance web aggregators must implement robust cybersecurity measures, including IT systems, regular vulnerability assessment, data backup, and an incident response mechanism.
  • Corporate Governance Compliance: It is important for insurance web aggregators to maintain sound corporate governance practices for the management of conflicts of interest and for periodic board oversight.
  • Event-Based Regulatory Reporting: The web aggregators must promptly report event-based regulatory changes affecting directors, shareholders, the registered office address, the technology platform, the business model, or other developments.

Crucial IRDA Filings for Insurance Web Aggregators: Mandatory Checklist

Have a look at the detailed and well-structured calendar detailing crucial IRDA filings for insurance web aggregators in India, as provided below:

IRDA Filings Description Timeline
Form N/ Form IWA-3 Submitted to report insurer-wise and product-wise business transactions. Half-yearly or bi-annually (October 31st or April 30th)
Form F/ Form IWA Reg. 5 (IWG License Renewal) Form F filed for annual renewal of IRDAI insurance web aggregator license. Annually
Form IWA Reg. 6 (Net Worth Certificate Filing) Form filed for submission of a CA-certified net worth certificate. Annually
Form IWA Reg. 6(f) (Professional Indemnity Policy Renewal) Form filed for renewal of professional indemnity insurance policy for the financial year. Annually, before expiry of the policy
Form IWA Reg. 8 (Insurer Tie-Up Agreement Renewal) Form for renewal or confirming all active insurer tie-up agreements are valid. Annually
Form IWA Reg. 13 (Internal Audit) Conduct internal audit covering operational, regulatory IT, and compliance controls for inspection. Annually
Form IWA Reg. 14 (Website & Disclosure Compliance) Comply with disclosure norms to check that all insurance product comparisons on the website are accurate and up to date. Ongoing
Form IWA Reg. 17 (Business Performance Reporting) Submit monthly premium volume and policy count report to all insurer partners. Monthly
Annual Financial Statements Submission of the audited financial statement, including the balance sheet, profit and loss statement, and the auditor's certificate. Within 90 days of the financial year end
Grievance Redressal Report Submit mandatory reports to track customer complaints and resolutions. Bi-annually or annually
Compliance Officer Certification Certification confirming compliance with the provisions of IRDAI Insurance Web Aggregator Regulations, 2017. Annually
Cyber Security Audit Report Includes annual IT and cybersecurity status reports verifying compliance with IRDAI cyber security guidelines. Annually

Insurance Web Aggregator Compliance Services by Corpbiz

  • 10X Faster Resolution Assistance: At Corpbiz, our team of experts provides 10X faster resolution, helping IWAs remain IRDAI-compliant in India.
  • Bi-Annual Reporting Services: Contact Corpbiz for professional assistance in preparing and filing all mandatory biannual and annual reports within the prescribed timeline.
  • IS & VAPT Assessment Support: Join hands to get support for Information Security Audits (IS) and Vulnerability Assessments & Penetration Testing (VAPT) in compliance with IRDAI guidelines in India.
  • Regulatory Audit & Inspection Assistance: Our Corpbiz experts provide end-to-end assistance in preparing records, responding to IRDAI inspections, and ensuring compliance audit readiness throughout the year.
  • Net Worth Compliance Support: Contact us for compliance support in preparing a CA-certified net worth certificate, an audited financial statement, and timely financial reporting.
  • Event-Based Filing Assistance: Get continuous assistance to ensure compliance with event-based filing requirements and stay updated with the latest IRDAI regulations.

IRDAI Compliance Made Simple for Insurance Web Aggregators

Corpbiz brings everything under one structured compliance plan so your team can focus on growth.

✔ 100% Remote Support ✔ Error-free Filings
Book a 1:1 Virtual Meeting

Why Trust Corpbiz for Insurance Web Aggregator Compliance?

  • Handled 500+ IRDAI Compliance Projects
    At Corpbiz, we have successfully handled 500+ projects for insurance web aggregator annual compliance, ensuring adherence to IRDAI regulations in India.
  • Free 30-Minute Strategy Call
    Schedule a free 30-minute strategy call to assess your compliance status, identify regulatory gaps, and receive a compliance roadmap for web aggregators in India.
  • Multi-Domain Filing Services
    Our multi-domain filing services at Corpbiz help streamline all corporate and IRDAI compliance requirements under one roof.
  • Real-Time Deadline Tracking Support
    Access real-time deadline tracking and a reminder system to avoid missing due dates for returns, audits, renewals, and event-based compliances.
  • PAN-India Compliance Management
    Get Pan-India compliance management support with consistent service delivery across multiple states and union territories.
  • Transparent Pricing Structure
    At Corpbiz, we customise a cost-effective structure with clear pricing, defined deliverables, and complete transparency throughout the compliance process.

Don't Let Compliance Delays Slow Down your Insurance Business

Avoid missed deadlines and keep your business aligned with IRDAI requirements.

✔ 360-degree Compliance Support ✔ Hassle-free System
Free 30-min Strategy Call

FAQs on Insurance Web Aggregator Compliance

An insurance web aggregator is an IRDAI-authorized intermediary that compares premiums, features, and benefits of various insurance policies. This platform further facilitates the purchase of insurance products through a single website.

The principal officer serves as the designated head responsible for ensuring that the entity strictly adheres to all regulatory mandates issued by the Insurance Regulatory and Development Authority of India.

The basic requirements to ensure compliance with the data security and encryption requirements of IWA are as follows: Encrypt all web traffic between the user's browser and the IWA application (TLS); Use a strictly validated SSL/ TLS certificate issued by trusted certificate authorities; Encrypt sensitive user profiles, credentials, and session states stored in databases; Cryptographically sign or encrypt session tokens to prevent tampering; Utilise a key management service for securely storing data; Implement a regular key rotation schedule to limit exposure in case of a breach; Require multi-factor authentication to secure login to the web interface; Employ role-based access control or attribute-based access control with the Principle of Least Privilege; Establish open authorization standards like OAuth 2.0 and OpenID Connect for securing APIs.

The key reporting requirements for insurance web aggregator reporting in India require IRDAI-authorized web aggregators to maintain a minimum net worth of Rs. 25 lakhs, meet accepted information protection standards, prepare complete documentation for all generated leads, and make generic advertisements for insurers' products.

The mandatory annual IRDA compliance for web aggregators includes the submission of an annual net worth certificate after finalization of accounts, the conduct of an annual cybersecurity and IT system audit, the maintenance of a valid professional indemnity insurance policy, and the strict maintenance of records of consumer sales & client complaints.

About the Author


NE
Neha Dawra

Legal Researcher

Written by Neha Dawra. Last updated on Jul 7 2026, 01:06 PM

Neha Dawra has 4+ years of experience in legal research and intellectual property advisory. Her expertise lies in analyzing IP laws, drafting structured legal content, and simplifying complex registration procedures into clear, simple insights.

 

Testimonials

Updated testimonials from our customers

Trusted by thousands of businesses across India for seamless compliance, registrations, and advisory services.

100% Verified Reviews
Confidential & Secure
ISO 9001:2015 Certified
100000+
Happy Customers
4.9 / 5
Average Rating
98%
Satisfaction Rate
6+ Yrs
Industry Experience

Other similar services

Request a call back