Insurtech and digitalisation of the insurance sector: the first steps of the Italian regulatory sandbox

Tuesday 27 September 2022

Anthony Perotto

ADVANT Nctm, Milan


Matteo Marabini

ADVANT Nctm, Milan



The creation of the first Italian regulatory sandbox tops the list of recent developments in Italy’s insurance landscape for its relevance and innovative nature.

Although not the first in its field,[1] this initiative was carried out by the Ministry of Economy and Finance (MEF), in collaboration with relevant authorities, namely insurance (the Italian Institute for Vigilance in the Insurance Sector, (IVASS)), banking (Bank of Italy) and financial (Consob) sectors, represents an important breakthrough in the digitalisation of the regulated market and for the country overall.

Similar to others of its kind, the Regulatory Sandbox consists of a controlled environment where traditional players and new Fintech/InsurTech operators may experiment with technologically innovative products and services. They will benefit from a simplified temporary regulatory regime, in constant dialogue and exchange with relevant supervisory authorities, which may also offer their expertise to the subject matter. Indeed, through the Sandbox, the relevant authorities may observe the dynamics of technological development and identify the most appropriate and effective regulatory interventions to pursue goals of: further fostering the development of Fintech/Insurtech; and reducing the spread of potential risks associated with these activities.

Regulatory framework

From a regulatory standpoint, the provisions for the creation of Italy’s Regulatory Sandbox were set out by the MEF’s Decree dated 30 April 2021, No 100 (the Decree),[2] which established the first Italian Sandbox dedicated to ‘operators in the Fintech sector’.[3]

More specifically, the Decree lays down a framework for testing and approving Fintech/InsurTech projects/products which:

  • are deemed to be ‘significantly innovative’ or which, through the use of new technologies, contribute to offering services, products or processes in the banking, financial or insurance sectors that are new and different from what is already present in the national market;
  • may require a deviation from one or more guidelines, provisions or regulations adopted by the relevant supervisory authorities;
  • add value to the market, as described in more detail in the Decree; and
  • are deemed to be at a sufficiently advanced state for testing and economically and financially viable or have adequate financial coverage.

In addition, the regulation lays down a framework for the approval procedure for an operator to be admitted into the Regulatory Sandbox as well as the monitoring activity to be carried out by the relevant authority.

With regard to the simplified regulatory regime, Article 14 of the Decree allows the relevant authority, for the purposes of experimentation, and in accordance with the principles of proportionality and equality of competition between operators, to:

  • issue authorisations with a less extensive scope than that provided in general by law;
  • set, in the event of admission, limits to the effect of regulations as opposed to what is provided for otherwise by the law;
  • allow an authority to depart from provisions contained in its own regulations; and
  • allow the adoption of a corporate form/structure different from those envisaged by the Code of Private Insurance.

Lastly, the Decree defines the tasks of a Decree Committee dedicated to overseeing these reforms, including monitoring the evolution of Fintech/InsurTech sector on a national, European Union (EU) and international level, facilitating contact between operators with the relevant institutions and authorities, making assessments of areas of risk, and drafting an annual report. Furthermore, the Committee is allowed to put forward proposals for regulatory intervention in the Fintech field as well as formulate non-binding guidelines and to promote the formulation of regulatory proposals in the field of Fintech at an EU level.

With specific regard to the insurance sector, on 3 November 2021, IVASS issued Regulation No 49 of 2021 (Regulation 49).

By this secondary piece of regulation, IVASS provides detailed guidance on: (1) the application for admission to the experimentation provisions; (2) relevant timing and deadlines; (3) the study phase; (4) the testing procedure; and (5) transmission of the report to the Decree Committee.

Moreover, Regulation 49 addresses the maximum number of eligible projects and timing for regulatory testing and imposes internal organisational rules.

Approved projects

To date, IVASS has approved three projects in the Regulatory Sandbox’s first cycle of applications.

First project: digital register and ownership of velocipedes (bicycles, e-bikes, electric scooters), based on blockchain technology by Sara Assicurazioni S.p.A.

On 31 March 2022, IVASS approved the first project, presented by Sara Assicurazioni S.p.A, an Italian-based authorised insurer. The project consists of the development of a digital register on distributed ledger technology basis (DLT) for bicycles, e-bikes and electric scooters. The concept was viewed favourably by IVASS for its innovation, utility and feasibility and therefore has been admitted for testing.[4]

More specifically, the register is intended to track the existence and ownership of unregistered bicycles, e-bikes and electric scooters by means of a register to create a census of such vehicles. The use of DLT is intended to ensure the integrity, accuracy and durability of records.

Despite the cutting-edge nature of the project, IVASS concluded that it would not require any relevant deviation from IVASS guidelines, acts or regulations. That said, due to the project’s novelty, it may benefit from being subjected to testing in collaboration with IVASS, for the assistance that IVASS can provide in the creation and regulation of digital registers and databases accessible to the public. Furthermore, during the testing, IVASS will focus on the potential for fraud and may seek ways to enhance the efficiency of the service.

According to IVASS authorisation documents, the project has the potential to benefit users and the insurance system overall by: guarantying the certainty of the data accessible through the register; allowing safer economic transactions involving the movable property in question (at present difficult to trace); and including insurance transactions concerning the same (against theft or other adverse events). Insurance in particular can benefit from more efficient processes to verify the value, existence and ownership of the insured property.

Second project: homeowners insurance serving as an ‘insurance drawer’ for the end customer on the platform of the intermediary by SIA S.p.A.

On 30 May 2022, IVASS approved the second project, presented by the information technology company SIA S.p.A.

The project involves: a homeowners insurance ‘drawer’ accessible by the client on the intermediary platform; as well as preparation and completion of insurance (pre)contractual documentation through blockchain technology.

IVASS concluded that the project is innovative in respect of the use of blockchain technology for proving and storing ‘notarised’ (pre)contractual documents regarding insurance policies, therefore guaranteeing that such documents are unmodifiable.

According to IVASS, the project requires two deviations from IVASS Regulation No 40/18 (on insurance distribution): (1) Article 56(8) which currently does not provide for a notification on the insured’s smart-phone in respect of the uploading of the (pre)contractual documents on the website (while the project foresees such kind of notification); and (2) Article 67(4) regarding the storage of documentation (IVASS does not provide further details in this respect).

According to IVASS, the project is beneficial for users, providing a tool characterised by a digital interface, which includes in a single virtual ‘room’ all the documentation regarding insurance contracts taken out thought an intermediary.

Third project: QR code certifying the actual registration of the intermediary in the Italian Register of Insurance Intermediary by X Consulting S.r.l.

On 30 May 2022, IVASS approved the third project, presented by the consulting company X Consulting S.r.l.

The project is based on a QR code that will allow the customer to verify that the intermediary they are dealing with is enrolled within the Italian register of insurance intermediaries. In this respect, IVASS explains that the project does not deviate from the regulatory framework. However, testing is required because of its novelty.

According to IVASS, the project is beneficial for users, as it will confirm via the web the information included in so-called Attachment 3 (or Allegato 3), which currently must be provided to the customer by the intermediary.

Closing remarks

To summarise, the systemic relevance of MEF’s Decree and Reg 49/21 should not be underestimated. Traditional and new market players and IVASS are now poised to cooperate for the further development of the InsurTech sector in Italy, with possible important impacts both on the regulatory level and perhaps even on more general principles of law. Some steps have already been taken but only time will tell the final outcome of this testing environment on the insurance sector and overall legal system.



[1] In 2020 the World Bank reported the existence of 73 Fintech regulatory sandboxes in 57 jurisdictions worldwide, The World Bank, Key Data from Regulatory Sandboxes across the Globe, 1 November 2020, https://www.worldbank.org/en/topic/fintech/brief/key-data-from-regulatory-sandboxes-across-the-globe accessed 18 September 2022.https://www.worldbank.org/en/topic/fintech/brief/key-data-from-regulatory-sandboxes-across-the-globehttps://www.worldbank.org/en/topic/fintech/brief/key-data-from-regulatory-sandboxes-across-the-globe

[2] The Decree implemented Art 36, paras 2-bis of Decree-Law No 34 of 30 April 2019, with amendments, by Law No 58 of 28 June 2019, on the regulation of the Fintech Committee and experimentation, https://www.gazzettaufficiale.it/eli/id/2021/07/02/21G00109/sg accessed 18 September 2022.

[3] On the basis of the provisions of Art 1, para 1 letter (d), ‘those entities that carry out (or intend to carry out), even in a non-prevalent manner, technologically reliant banking, financial and insurance activity and which are subject or not to regulation or supervision by the authorities’ such as Bank of Italy, CONSOB and IVASS.

[4] IVASS ‘Studies and Data Management Service: provision of admission to the trial’, 31 March 2022 https://www.ivass.it/normativa/nazionale/secondaria-ivass/amministrativi-provv/2022/0069658/Provvedimento_0069658_2022_estratto.pdf accessed 18 September 2022.