Malaysian Central Bank has on Friday issued the exposure draft on licensing and regulatory framework for Digital Insurers and Takaful Operators (DITOs) for written feedback following the issuance of the discussion Paper earlier this year.

Bank Negara Malaysia (BNM) said in a statement it aims to finalise the policy document and invite the applications for licence in 2023.

It also said up to five licences may be issued to applicants that meet all requirements.

The exposure draft outlines the proposed framework to facilitate the entry of DITOs in Malaysia that can offer strong value propositions to realise the following outcomes: inclusion – enhanced financial resilience of consumers whose protection needs are currently not served or not adequately served; competition – innovative products to cater to diverse protection needs; and efficiency – convenient and seamless consumer experience with greater cost savings.

DITOs are envisaged to carry on insurance or takaful business wholly (or almost wholly) through digital or electronic means. This in turn is expected to drive new types of business and operating models to meet diverse consumer needs through wider product choices and more efficient service quality.

In advancing these innovations, BNM continues to preserve a strong focus on sound risk management and consumer protection.

The exposure draft specifies licensing and application procedures, as well as specific requirements on the eligible business models and distribution channels of DITOs. This is intended to promote sustainable business operations, while delivering value to policyholders.

DITOs will have to comply with the existing requirements under the Financial Services Act 2013 (FSA) or Islamic Financial Services Act 2013 (IFSA). This includes standards on prudential aspects, business conduct and anti-money laundering and terrorism financing measures.

As part of the licensing application process, BNM will require an applicant to submit a comprehensive five-year business plan, which includes, among others, planned measures to effectively manage technology and cyber risks in delivering its products and services.

In line with the requirements applied to other financial institutions under the risk management in technology policy document, the applicant will also be expected to demonstrate its ability to protect consumer data and authenticate online transactions to mitigate fraud/cyber risks.

Similar to digital banks, a foundational phase will be observed for licensed DITOs. During this period, lower minimum paid-up capital requirements and proportionate regulatory flexibilities will be applied to DITOs, commensurate with their early stage of operations.

The foundational phase is applicable for a maximum period of five years, but no less than three years.

At the end of the foundational phase, DITOs that are not able to demonstrate credible prospects for long-term viability or meet higher prudential standards consistent with that applied to all existing licensed insurers and takaful operators will be required to implement an exit plan according to the conditions set out in the exposure draft.

Bank Negara Malaysia working with ‘relevant authorities’ to address concerns over BNPL