Expansion of business scope

Regulation 36/2024 opens new doors for general insurance companies by allowing them to broaden their business activities to include government-assigned tasks, such as issuing micro-working capital credit guarantees (kredit usaha rakyat). To seize this opportunity, these companies must establish a guarantee business unit (unit usaha penjaminan) within six months of the regulation's effective date. It is also important to note that this business expansion opportunity is only available to be conducted until 31 December 2030.

Sharia insurance companies also benefit from increased flexibility, enabling them to extend their business scope to include credit insurance for sharia financing distribution transactions and trading transactions. For trading transactions, Sharia insurance companies must ensure that the seller or supplier bears at least 10% of the risk, a less stringent requirement compared to the 25% mandated under OJK Regulation No. 20 of 2023.

Accordingly, Regulation 36/2024 provides new growth opportunities for Insurance Companies. By allowing these companies to (temporarily) broaden their business activities, the regulation opens up avenues for diversification and potential revenue growth. There are, however, points that warrant further discussions with OJK including on (i) the specific requirements for establishing guarantee business units, (ii) the status of the expanded business post-December 2030 and (iii) how the proposed sharia credit insurance relates to the existing requirements for credit insurance under OJK Regulation No. 20 of 2023.

Digital insurance services

In response to the growing demand for digital insurance products, Chapter IIIA of Regulation 36/2024 specifically regulates digital insurance services. This chapter defines digital insurance services as the process of writing insurance products entirely through digital means, without any face-to-face interaction with the policyholder, insured, or participant.

Some key provisions regarding digital insurance service include:

1. Requirement for OJK Approval and Business Plan Inclusion for Digital Insurance Services

Insurance companies planning to offer digital insurance services must obtain prior approval from the OJK and include such plan in their business plan. The application for approval must be accompanied by supporting documents, including proof of expertise, comprehensive policies and procedures, system ownership and control, cooperation agreements, and a detailed plan for the next three years.

Additionally, companies must apply to be registered as an electronic system provider within 30 days of receiving OJK's approval and submit proof of registration to OJK within seven days of such registration. Failure to implement the digital insurance service within 30 days of registration or obtain a registration certificate within 60 days may result in the revocation of OJK's approval.

2. Obligations for digital insurer

Insurance Companies operating digital insurance service must adhere to several key requirements, including:

1. Utilizing an electronic system that is owned, controlled, and managed by the company. "Owned" refers to systems independently owned by the company or in cooperation with IT service providers for the company's benefit. "Controlled" means the ability to develop, modify, and delete the electronic system. This requirement generally aligns with OJK Regulation No. 4/POJK.05/2021 on Risk Management in the use of IT by Non-Bank Financial Services Institutions (as partially revoked). In practice, this requirement may pose a significant challenge for Insurance Companies when negotiating service contracts with IT service providers, as it demands a high degree of control that large software developers may be reluctant to grant, especially for off-the-shelf products.
2. Ensuring the reliability of the electronic system. This requirement essentially imposes liability on insurance companies for failures in the electronic systems operated by their service providers. A robust contractual protection is crucial when dealing with a third party IT providers.
3. Providing adequate communication channels for policyholders, insureds, or participants.
4. Complying with IT risk management regulations.
5. Establishing a dedicated unit or function to handle digital insurance services.
6. Employing human resources with at least three years of experience and expertise in information technology (i.e., database, network, electronic system security, and programming development and management). Further clarity from OJK need to be sought on the level at which these experts should be employed within insurance companies. It unclear at the moment on whether it is sufficient to have these experts as general staff or if they should hold more managerial roles within the dedicated unit or function handling digital insurance, as referred to in item (v) above.

3. Cooperation with third party for certain functions

Insurance Companies are permitted to collaborate with third parties for specific functions, such as handling premium payments, enhancing IT infrastructure, and improving operational quality. However, they must not outsource their digital insurance services or transfer data processing of policyholders, insureds, or participants to these third parties.

Insurance Companies that have been providing digital insurance services prior to the enactment of Regulation 36/2024 must comply with the new requirements within six months of the regulation's effective date.

Stricter requirements for the use of insurance agents

Regulation 36/2024 introduces stricter requirements for the use of insurance agents, imposing additional obligations on insurance companies to ensure that:

1. Agents are prohibited from using another agent's name to close insurance policies for personal gain.
2. Agents must adhere to the code of ethics established by relevant associations and comply with all applicable insurance regulations.
3. Agents are prohibited from holding any strategic positions within the agency structure.

Given these additional obligations, Insurance Companies are expected to establish robust oversight mechanisms to ensure their agents comply with the new requirements. However, a key question arises: will Insurance Companies face difficulties in ensuring compliance, considering that agents are not their employees? In this case, Insurance Companies can only rely on their rights under the relevant agency contracts. This highlight the importance of having a robust agency agreement with sufficient degree of control and supervision by Insurance Companies.

Mandatory portfolio transfer

To further safeguard the financial health of Insurance Companies and protect the interests of all stakeholders, the OJK may order a portfolio transfer following a thorough evaluation of the Insurance Company's condition. This evaluation may reveal deficiencies such as insufficient human resources, inadequate infrastructure, and poor risk management.

Sanctions

Regulation 36/2024 stipulates that failure to comply with certain requirements may subject the Insurance Company to OJK's reassessment of its primary party(ies), in addition to the administrative sanctions outlined in the regulation.

Remarks

Regulation 36/2024 brings new opportunities for insurance companies seeking to foster growth and innovation, but it also presents several potential challenges:

1. While Regulation 36/2024 opens up new growth opportunities, Insurance Companies looking to seize these opportunities might need to make significant changes to their operations, policies, IT infrastructures, and procedures to comply with the new requirements.
2. Investing in advanced technology and hiring qualified IT professionals with at least three years of experience can be costly and time-consuming, especially for companies new to the digital insurance landscape.
3. Where deficiencies are identified by OJK, Insurance Companies might need to invest substantially to address such deficiencies, such as insufficient human resources, inadequate infrastructure, and poor risk management. Balancing these costs with the potential benefits of compliance and growth is crucial.

Overall, Insurance Companies must navigate these challenges strategically to maintain compliance and leverage the potential opportunities offered by Regulation 36/2024 in this evolving insurance landscape.

* * * * *

© 2025 HHP Law Firm. All rights reserved. In accordance with a common terminology used in professional service organizations. reference to a "partner" means a person who is a partner, or equivalent in such a law firm. Similarly reference to an "office" means the office of any such law firm. This may qualify as "Attorney Advertising" requiring notice in some jurisdictions. Prior results do not guarantee a similar outcome