Outsourcing Policy

Policy Name
Outsourcing Policy
Version No/ Issue Date: 1.2 / 27th July 2022
Page No : Page 1 of 54
Prepared & Approved By Company Secretary & Board of Directors
1. Preamble/ Background:
Outsourcing is a business decision that is often made to lower costs or focus on competencies. Thus,
Outsourcing involves transferring a significant amount of management control and decision-making to the
third parties, and so requires a robust policy mechanism to manage the activities so outsourced functions
or jobs.
Besides, IRDA has laid down stringent regulations to ensure that the attendant risks are addressed and
managed by the Organizations that choose to outsource their activities. Accordingly, this Policy is being
drafted in line with the relevant terms and conditions as specified by IRDA through IRDA (Insurance
Brokers) Regulations, 2018, which broadly defines the principles and guidelines to be followed by
Insurance Brokers in their respective Outsourcing Activities.
2. Purpose ( Objective):
2.1 To ensure sound and responsive risk management practices for effective oversight, due diligence and
management of risks arising from outsourced activities; and
2.2 To ensure that outsourcing arrangements neither diminish the ability of Manappuram Insurance
Brokers Limited (hereinafter referred to as MAIBRO) to fulfill its obligations to customers and IRDA
nor impede effective supervision by IRDA.
2.3 To ensure that MAIBRO at all times is in compliance with extant guidelines of the regulatory bodies
on outsourcing.
3. Scope:
This policy aims to lay down comprehensive guidelines for all outsourcing activities in the MAIBRO
including:
3.1 The criteria for selection of outsourcing activities as well as service providers including the
justification for Outsourcing of an activity or a function or a job.
3.2 Procedures for outsourcing activities including the assessment of risks and materiality of the
management.
3.3 The processes to Identify, manage and mitigate key outsourcing risks through a Risk Management
Programme,
Manappuram Insurance Brokers Limited

2nd Floor, Manappuram House, (Old Building) Valapad P.O., Thrissur, Kerala-680567
Direct Broker (Life & General)
IRDA License No. 335, Validity 02/11/2021 to 01/11/2024
Confidential document of “Manappuram Insurance Brokers Ltd” and shall not be reproduced without permission
Policy Name
Outsourcing Policy
3.4 Systems to monitor and review the operations of outsourcing activities.

3.5 The processes to Identify “Material outsourcing arrangements” and manage them diligently as
prescribed by regulatory guidelines.
3.6 The parameters to analyse cost benefit from the activity being outsourced.
4. Responsibility :-
Company Secretary & Compliance officer.
5. Policy Review :-
Board of Directors will review the policy at least once in a year keeping in mind the changes in the
internal and external environment impacting the outsourcing arrangements.
6. Key Formats / Records :-
Check List for Risks for Outsourcing Arrangements

Checklist for Materiality of Outsourcing Arrangement
Cost Benefit Analysis Parameters
Vendor Risk Assessment
Outsourcing Agreement
Vendor Evaluation Form
7. Definition :-
Outsourcing: For the purpose of this policy, outsourcing means the use of a third party (either an
affiliated entity within a corporate group or an entity that is external to the corporate group) by MAIBRO
to perform activities on a continuing basis that would normally be undertaken by the MAIBRO itself, now
or in the future. ‘Continuing basis' includes agreements for a limited period.

Policy Name
Outsourcing Policy
Third Party: Third party also referred to as service provider in this policy refers to the entity located in
India or elsewhere (Subject to Clause VII of Annexure-1) that is undertaking the outsourced activity,
which may also include a group company of MAIBRO.
Risk Management Programme: Would mean the risk management programme to address the
outsourced activities and the relationship with the third party, as laid down by this policy and approved by
the Board. (Programme outlay is appended as Annexure 1)
5.4 Outsourcing Committee: This is a Management Level Committee constituted by the Board, and
should comprise of the Heads of Departments of the following departments, at a minimum
I. HOD -Operations,
II. Company Secretary & Compliance Officer-
III. HOD- Finance and Accounts,
IV. HOD- IT / CTO
V. HOD - HR &Admin
VI. CEO – Chairperson of the Committee
The Outsourcing Committee’s duties and responsibilities are elaborated in para 2(2) of this policy.
The Head of HR &Admin will act as the secretary of this Committee.
The CEO will chair this committee.
The Quorum will be a minimum of 4 Members with the CEO being in Chair.
5.5 Material Outsourcing: For the purpose of this policy, material outsourcing arrangements are those
which, if disrupted, have the potential to significantly impact the business operations, reputation,
profitability or customer service.
Materiality of outsourcing would be based upon and be assessed for:

Policy Name
Outsourcing Policy
5.5.1 The level of importance to MAIBRO of the activity being outsourced as well as the significance of
the risk posed by the same;
5.5.2 The potential impact of the outsourcing on MAIBRO on various parameters such as earnings,
solvency, liquidity, funding capital and risk profile;
5.5.3 The likely impact on MAIBRO reputation and brand value, and ability to achieve its business
objectives, strategy and plans, should the service provider fail to perform the service;
5.5.4 The cost of the outsourcing as a proportion of total operating costs of the MAIBRO;
5.5.5 The aggregate exposure to that particular service provider, in cases where MAIBRO outsources
various functions to the same service provider; and
5.5.6 The significance of activities outsourced in context of customer service and protection.
8. Policy Guidelines :-
1. Activities which 2. Responsibilities 3. Procedures 4. Grievance Redress

cannot be Mechanism
Outsourced
The following activities 1. Responsibili 1. Screening and approval of MAIBRO to have a robust
cannot be outsourced: - ty of the outsourcing proposals by the grievance redress mechanism,
Board Outsourcing Committee which in no way shall be
1. The functions of the The concerned department desirous compromised on account of
direct/ reinsurance/ a) The Board of of outsourcing an activity (covered outsourcing.
composite broker as MAIBRO shall by this Policy), shall prepare an MAIBRO’s Customer
given in Schedule I have the appropriate note on the same (as per Grievance Redressal
– Form A under responsibility for Annexure), describing in detail the Mechanism shall be
Regulation 4. oversight of the activity, risks involved, the reason applicable in fully to all
outsourcing policy and necessity for outsourcing and all grievances arising out of any
2. Risk management and related other relevant factors leading to the deficiency in the service

Policy Name
Outsourcing Policy
services unless the activities proposed outsourcing, and submit provided by the outsourcing
broker does not undertaken under the same to the Company Secretary service provider.
undertake this the policy. The and Compliance Officer, who will
activity at all. same may be request convene the outsourcing
delegated to the committee to deal with the same.
3. Claims consultancy Outsourcing
services unless the Committee, who The Committee shall deliberate on
broker does not shall furnish the same in a meeting to be held for
undertake this periodic reports to this purpose, which proceedings
activity at all the Board on its shall be minuted.
functioning,
including the After due discussions, the
decisions that has Committee may recommend for
been taken by it approval or reject the proposals and
from time to time. the reasons for the said decision
taken shall be recorded in writing.
b) Approving a
framework to The Outsourcing Committee’s
evaluate the risks recommendations for Approvals will
and materiality of be submitted to the Chairman of
all existing and Board, for his final approval, along
prospective with the MOM of the committee’s
outsourcing and the meeting.
policies that apply
to such
arrangements;

Policy Name
Outsourcing Policy
c) Laying down
appropriate
approval
authorities for
outsourcing
depending on
risks and
materiality.
2. Responsibilit 2. Selection of the third-party

ies of service provider
Outsourcing The selection of the service provider
Committee shall be carried out by the
As delegated by the Department that is proposing the
Board from time to Outsourcing Arrangement.
time, the Outsourcing
Committee as The Selection of the Third-Party
constituted by the Service Provider should always be
Board shall have the based on the principles of fair play –
overall responsibility and opportunity provided to as many
to oversee and vendors as possible (and are
implement the policy eligible/qualified to provide such
as follows: services) through an appropriate
RFI/RFP/RFQ process as may be
1. Ensuring the suitable at the material time and
implementation of depending on the technical focus of
the Board’s the proposed arrangement.

Policy Name
Outsourcing Policy
decisions on this Once the concerned department has

policy; completed the Vendor Assessments
and submitted their
2. Developing, recommendations to the Outsourcing
implementing and Committee, the Committee shall then
periodically - keeping the best interests of
reviewing MAIBRO in mind and after
outsourcing policy recording its satisfaction that the
and related third party has the ability and
procedures to capacity to undertake the provision
ensure that it of the service effectively – finalize
conforms to the the Vendor.
scope and
complexity of the The due diligence shall be carried
outsourcing out in accordance with the terms as
activities; laid out in the Risk Management
Programme. (Annexure 1)
3. Reviewing the
Outsourcing
Proposals and
independently
evaluating the
risks of all existing
and prospective
outsourcing, based
on the board
approved policy

Policy Name
Outsourcing Policy
and recording the

assessment
thereof;
4. Ensuring that
contingency plans,
are in place and
tested as dictated
by the policy vis-à-
vis the outsourced
activities;
5. Ensuring that there

is independent
review and audit
for adherence with
set policies;
6. Informing the
Board on the risks
and provide
periodical reports
connected with the
outsourcing
activities in a
timely manner;

Policy Name
Outsourcing Policy
7. The Head of AR
and Admin as the
secretary, will also
maintain the
central database of
all Outsourcing
Arrangements of
MAIBRO (both IT
and Non- IT) and
will maintain the
same in an up to
date manner
always
8. Report on all
“Material”
contracts for any
period, to the
Board and
directors, at their
immediate next
meeting in an
approved manner
9. The Responsibility
of the Outsourcing
Committee shall

Policy Name
Outsourcing Policy
be for ALL
Outsourcing
activities of
MAIBRO (both IT
and Non-IT)
3. The Outsourcing
Agreement
The whole gamut of the outsourcing
arrangements shall be secured by
legally binding written contracts
which shall cover all material aspects
pertaining to the same, including but
not limited to - the rights & liabilities
of the parties, responsibilities,
termination procedures, contingency
plans, confidentiality, risk control
and audit.
All Outsourcing Arrangements are to

be bound by the Legal Agreement as
found in Annexure 4 here. However,
where the vendor is seeking to bring
in their own contract format, the
same can be ONLY subject to the
condition that such format[s] is/are
vetted by the Company Secretary

Policy Name
Outsourcing Policy
and he/she specifically confirms that

such adoption of vendor-formats
would not impair the rights and dues
of MAIBRO, in writing. Without this
confirmation, no other format would
be acceptable to us.
Where specific
sections/sentences/words of our
format are also sought to be
amended / changed, etc., the same
principle would apply and all such
changes would have to be
specifically approved, in writing, by
Company Secretary.
The Authority to Sign any

Contractual Arrangements will
normally be an Authorized
Signatory, i.e., CEO/Chairman
The Obligatory Clauses of the

Agreement
The obligatory clauses of our Legal

Agreement are as follows:

Policy Name
Outsourcing Policy
a. Clear Definitions of What

activities are going to be
outsourced, including
appropriate service and
performance levels;
b. Mutual rights, obligations and

responsibilities of the parties,
including indemnity by them;
c. Liability of the third party to

MAIBRO for unsatisfactory
performance/other breach of the
contract
d. The services of the third party

being continuously assessed and
monitored with MAIBRO
retaining overall control and
having a right to intervene with
appropriate measures to meet
legal and regulatory obligations;
e. MAIBRO’s Customer
Grievance Redressal
Mechanism shall be applicable
in full to all grievances arising

Policy Name
Outsourcing Policy
out of any deficiency in the

service provided by the
outsourcing service provider.
f. Prior approvals/consent by
MAIBRO and other conditions
of sub-contracting by the third-
party, with MAIBRO
maintaining a similar control
over the risks with the sub-
contracting party as in the
original direct outsourcing;
g. Confidentiality clauses to ensure

protection of proprietary and
customer data during the tenure
of the contract and after the
expiry of the contract; and the
service providers’ liability in
case of breach of security and
leakage of confidential customer
related information.
h. The responsibilities of the third

party with respect to the
i. IT security and

Policy Name
Outsourcing Policy
contingency plans,
ii. insurance cover,
iii. business continuity
and disaster
recovery plans,
iv. force majeure
clause, etc.;
i. Preservation of the documents

and data by third party and the
ability to access all books,
records and information relevant
to the outsourced activity
available with the service
provider
j. Mechanisms to resolve disputes

arising from implementation of
the outsourcing contract;
k. Termination of the contract,

minimum period to execute a
termination provision if deemed
necessary, termination rights,
transfer of information and exit
strategies;

Policy Name
Outsourcing Policy
l. Addressing issues arising from

country risks when MAIBRO
outsources its activities to
foreign third party; such as;
choice-of-law provisions and
agreement covenants and
jurisdictional covenants that
provide for adjudication of
disputes between the parties
under the laws of a specific
jurisdiction;
m. Ensuring that the contract

neither prevents nor impedes
MAIBRO from meeting its
respective regulatory
obligations, nor the regulator
from exercising its regulatory
powers; and provides for
MAIBRO and /or the regulator
or the persons authorized by it
to have the ability to inspect,
access all books, records and
information relevant to the
outsourced activity with the
third party;

Policy Name
Outsourcing Policy
n. MAIBRO with the right to

conduct audits in connection
with the services provided, on
the service provider whether by
its internal or external auditors,
or by agents appointed to act on
its behalf and to obtain copies of
any audit or review reports and
findings made on the service
provider.
o. Our regulatory body IRDA will

have the right to conduct audits,
either by themselves or through
suitably authorised nominees
/agents, in connection with
services provided, without any
disruption, at any time during
the currency of the contractual
agreements.
5. Recording, review and reporting:
Board of Directors shall annually review summary of all outsourced activities of the Company during the
year. Insurance brokers shall report all the outsourcing arrangements where annual payout per outsourcing
service provider is ten lakh rupees or more to their Board of Directors for review.

Policy Name
Outsourcing Policy
6. Generic guidelines:-
1. Due diligence undertaken during the selection process should be documented and evaluated
periodically as part of the monitoring and control process of outsourcing
2. Outsourcing arrangements shall not impair the ability of IRDAI or other Regulators to exercise its
regulatory responsibilities such as supervision/inspection/audit of MAIBRO. Suitable clauses will be
incorporated in all legal documents to ensure and enable the audit of the service provider by the
regulatory Authorities or their Nominees.
3. Outsourcing arrangements shall not affect the rights of a customer against MAIBRO, including the
ability of the former to obtain redress as applicable under relevant laws. In cases where customers are
required to deal with the service providers in the process of dealing with MAIBRO, it should be
ensured that a clause is incorporated in all related product literature /brochures, etc., stating that they
may use the services of agents in sales /marketing, etc. of the products. The rule of agents may be
indicated in broad terms.
4. The customers shall be specifically informed about the company which is actually offering the
product/service, wherever there are multiple group entities involved or any cross selling observed.
5. The management approved ‘Vendor Information Security Requirements’ shall be applicable to all
outsourcing activities.
Annexures
Annexure-1: Risk Management Programme
Annexure-2: Check List for Risks for Outsourcing Arrangements
Annexure-3: Checklist for Materiality of Outsourcing Arrangement
Annexure 4:- Cost Benefit Analysis Parameters
Annexure-5: Vendor Risk Assessment

Policy Name
Outsourcing Policy
Annexure-6: Outsourcing Agreement
Annexure-7: Vendor Evaluation Form
Annexure-1: Risk Management Programme
A risk management programme is conceived herewith, stipulating the performance of a risk assessment,
service provider appraisal, evaluation of contingency plans, estimates regarding the preservation of
confidentiality and such other items that may be relevant to scope and materiality of the outsourced
activity. It shall be the responsibility of the Outsourcing Committee to implement this programme with
respect to each activity outsourced and submit periodic reports to the Board which will include among
other things, the details of the activities outsourced, performance evaluation reports, major failures and
changing risk scenarios.
I. The Key Risks from Outsourcing activities

Policy Name
Outsourcing Policy
MAIBRO shall evaluate and guard against the following risks at a minimum, while evaluating an
outsourcing proposal:
i. Strategic Risk - Where the service provider conducts business on its own behalf, inconsistent
with the overall strategic goals of MAIBRO.
ii. Reputation Risk - Where the service provided is poor and customer interaction is not consistent
with the overall standards expected of MAIBRO.
iii. Compliance Risk - Where privacy, consumer and prudential laws are not adequately complied
with by the service provider.
iv. Operational Risk - Arising out of technology failure, fraud, error, inadequate financial capacity to
fulfil obligations and/ or to provide remedies.
v. Legal Risk - Where the MAIBRO is subjected to fines, penalties, or punitive damages
resulting from supervisory actions, as well as private settlements due to
omissions and commissions of the service provider.
vi. Exit Strategy Risk - Where MAIBRO is over-reliant on one firm, the loss of relevant skills in
MAIBRO itself preventing it from bringing the activity back in-house and
where MAIBRO has entered into contracts that make speedy exits
prohibitively expensive.
vii. Counter party Risk – Where there is inappropriate underwriting or credit assessments.
viii. Contractual Risk – Where MAIBRO may not have the ability to enforce the contract.
ix. Concentration and Systemic Risk – Where the overall industry has considerable exposure to one
service provider and hence MAIBRO may lack control over the service
provider.
x. Country Risk – Due to the political, social or legal climate creating added risk

Policy Name
Outsourcing Policy
xi. Access Risk – Where MAIBRO may not have access to all books, records and information
relevant to the outsourced activity available with the service provider
Each outsourced activity may bring within its wake any or all the above risks and such other risks
that are not identified by the policy. The management and mitigation of these risks is the
responsibility of the Outsourcing Committee.
II. Assessment
The following assessments will have to be performed –
(i) Outsourcing Risk Assessment (Annexure-2)
(ii) Cost Benefit Analysis (Annexure -3)
(ii) Materiality Assessment (Annexure - 4)
(iii) Vendor Risk Assessment (as finalization of Vendor) (Annexure - 5)
Such Risk Assessments should include -
a. Third party’s profile high level appraisal and fitment to this role.
b. The fall out and consequences of a failure of a third party to adequately perform the activity
outsourced on MAIBRO/its clients
c. MAIBRO’s ability to cope up with the work, in case of non-performance or failure by a third
party by having suitable back-up arrangements;
d. Situations involving conflict of interest between MAIBRO and the third party and the
measures put in place by MAIBRO to address such potential conflicts, etc.
After performing the risk assessments as above, if the Outsourcing Committee believes the risks
can be appropriately managed, it shall record its observations as such, before proceeding with the
selection process.
III. Evaluation of the capabilities of the service provider

Policy Name
Outsourcing Policy
For each new arrangement or renewal, the Outsourcing Committee shall exercise due care, skill,
and diligence in the selection/continuance of the third party to ensure that the latter has the
ability and capacity to undertake the provision of the service effectively. Wherever possible this
shall be supplemented by independent reviews and market feedback. All applicable laws, rules
& regulations, conditions for approval, registration/licensing etc. shall be considered as a part of
the due diligence process.
Due Diligence shall involve an evaluation & assessment of all available information about the
service provider, including but not limited to –
a. Experience and competence to implement and support the proposed activity over the
contract period.
b. Third party’s resources and capabilities, including financial soundness, to perform the
outsourcing work within the timelines fixed and ability to service commitments even under
adverse conditions.
c. Compatibility of the practices and systems of the third party with the MAIBRO’s
requirements and objectives
d. Market feedback of the prospective third party’s business reputation and track record of
their services rendered in the past;
e. Level of concentration of the outsourced arrangements with a single third party;
f. The environment of the foreign country where the third party is located.
g. Business reputation and culture, compliance, complaints and outstanding or potential

litigation.
h. Security and internal control, audit coverage, reporting and monitoring environment,
business continuity management.
i. External factors like political, economic, social and legal environment of the jurisdiction in
which the service provider operates and other events that may impact service performance.
j. Ensuring due diligence by service provider of its employees.
k. The service provider, if not a group company*(for Group companies, please refer Para VII),
shall not be owned or controlled by any director of MAIBRO or their relatives; these terms
have the same meaning as assigned under Companies Act 2013.

Policy Name
Outsourcing Policy
Due diligence should include periodic review of the capabilities of the service provider and
should highlight any deterioration or breach in performance standards, confidentiality and
security, and in business continuity preparedness of the service provider
IV. Establishment and maintenance of contingency plans, including a plan for disaster
recovery and periodic testing of backup facilities.
a. Appropriate steps shall be taken to assess and address the potential consequence of a business
disruption or other problems at the third-party level and to ensure that the third party
developed and established a robust framework for documenting, maintaining and testing
business continuity and recovery procedures. Specific contingency plans shall be separately
developed for each outsourcing arrangement and to consider co-ordination of contingency
plans at both MAIBRO and the third party, in the event of non-performance by the third
party.
b. Periodical testing of the BCP and DR plan of the service provider should be ensured. The
service provider may also be insisted upon to carry out combined testing and recovery
exercises.
c. To continue the business operations and services to the customers of MAIBRO, the risk of a
premature/unforeseen termination of the outsourcing arrangement shall be addressed with
proper anticipation and planning on alternative service provider options, resuming the activity
by itself, the time/resources/costs involved.
d. MAIBRO shall ensure that service providers are able to isolate MAIBRO’s information,
documents and records, and other assets. This is to ensure that in appropriate situations, all
documents, records of transactions and information given to the service provider, and assets
of the NBFC, can be removed from the possession of the service provider in order to continue
its business operations, or deleted, destroyed or rendered unusable.
V. Confidentiality, Security & concentration of activities of multiple intermediaries with

single service provider
a. Appropriate steps shall be taken to protect MAIBRO’s proprietary and confidential customer
information and ensured that it is not misused or misappropriated.
b. The third party shall be prevailed upon to ensure that the employees of the third party have
limited access to the data handled and only on a “need to know” basis and the third party
shall have adequate checks and balances to ensure the same.

Policy Name
Outsourcing Policy
c. Where the third party is providing similar services to multiple entities it shall be ensured that
strong safeguards are built so that there is no commingling of information/documents, records
and assets
d. MAIBRO shall review and monitor the security practices and control processes of the service
provider on a regular basis and require the service provider to disclose security breaches.
e. Wherever the activity relates to IT services, it shall be ensured that third party maintains
appropriate IT security and robust disaster recovery capabilities.
VI. Monitoring and Control of Outsourced Activities
a. A record of all outsourcing activities should be centrally maintained and preserved for review
by the Board. The records should be updated promptly and half yearly reviews should be
placed before the Board, by the Head – HR & Admin as the Secretary of the Outsourcing
Committee.
b. The adequacy of the risk management practices shall be subject to regular audits by either
the internal auditors or external auditors of MAIBRO.
c. The respective departments who have outsourced activities should review the check points of
performance as per contract and report on the status of deviations.
d. The Compliance Department of MAIBRO shall also periodically obtain confirmations from
the other departments on status of Outsourced activities to ensure that no activity is
outsourced without it being reviewed by the Outsourcing Committee
e. In the event of termination of the outsourcing agreement for any reason in cases where the
service provider deals with the customers, the same shall be publicized by displaying at a
prominent place in the branch, posting it on the web-site, and informing the customers so as
to ensure that the customers do not continue to deal with the service provider
f. MAIBRO shall ensure that reconciliation of transactions between the MAIBRO and the
service provider (and/ or its sub-contractor), if any, are carried out in a timely manner. An
ageing analysis of entries pending reconciliation with outsourced vendors shall be placed
before the Audit Committee of the Board.
VII. Group Entity acting as Third Party
A group entity / associate of MAIBRO may act as the third party. However, controls shall be
put in place to ensure that the transactions/dealings are at arm’s length between MAIBRO

Policy Name
Outsourcing Policy
and Group entity/associate in terms of infrastructure, manpower, decision-making, record

keeping subject to the provisions of Companies Act 2013.
a. MAIBRO shall have a Board approved policy and Service Level Agreements (SLAs)/
arrangements with their group entities, which shall also cover demarcation of sharing
resources i.e. premises, personnel, etc
b. The customers shall be informed specifically about the company which is actually offering the
product/ service, wherever there are multiple group entities involved or any cross selling
observed
c. Do not compromise the ability to identify and manage risk of MAIBRO on a stand-alone
basis;
d. The risk management practices adopted by MAIBRO while outsourcing to a Group

entity/associate would be identical to those specified in this Risk Management Programme.
X. Sharing of Service with Other Group Entities
Where the proposal to engage the services of an Outsourced Service Provider for common
purpose with other group entities, the same shall be done only where Board approved policies that
define and demand creation of SLAs/arrangements, which among other covers the demarcation of
sharing resources etc, like as in sharing of premises, Legal and other Professional Services,
hardware and software applications etc.

Policy Name
Outsourcing Policy
Annexure-2: Check List for Risks for Outsourcing Arrangements

Outsourcing Arrangement with: here fill in the name of the Vendor)
(S NO Risk Type and Description Mitigative Rating (1-10) Type of Risk

Actions (High/Medium/
(responses below Low)
are just
illustrative)
1 Strategic Risk: The service The MSA will
provider may conduct define what can
business on its own behalf, activities can be
which is inconsistent with performed by the
the overall strategic goals of Vendor
MAIBRO. In this
arrangement, we
have specified
that XXX cannot
provide any
service to a
company that is
also a MAIBRO,
unless a specific
sign-off is taken
from the
MAIBRO, with an
approval from its
Board.
The Compliance
Officer of the

Policy Name
Outsourcing Policy
MAIBRO will be
responsible for
ensuring
compliance with
this clause.
2 Reputation Risk: Poor Customer Service

service from service
provided by XXX
provider, its customer
will be co-
interaction not being
monitored by
consistent with the overall
MAIBRO’s
standards of MAIBRO Outsourcing
Team for quality
and timeliness in
responses, at all
times.
The MAIBRO’s
Customer Service
Guidelines are
applicable to all
its vendors and
so also to XXX
The MAIBRO’s
Customer
Grievance
Redressal Policy
and its
mechanism is
also available to
ensure the
slippages in
standards are
rectified at the
earliest.
3 Compliance Risk: Privacy, Data Protection /
consumer and prudential Privacy practices

Policy Name
Outsourcing Policy
laws not adequately are required to

compiled with. be at the most
stringent
standards
(Clause 8 of the
MSA)
MAIBRO’s
Outsourcing
committee will
constantly
monitor/audit the
XXX Systems to
ensure
compliance in
proactively
Operational Risk: Arising The Business
due to technology failure, Continuity
fraud, error, inadequate Preparedness on
financial capacity to fulfil one-hand ensures
obligations and/ or provide the capacity to
remedies fulfil obligations
as planned at all
times (Clause 12
of the MSA)
XXX is required
to comply with
stringent
standards on the
provision of
service using
suitable
personnel
(Clause 10 of the
MSA) and the
MAIBRO’s
Monitoring of
this constantly
would ensure that
Operational
Risks associated

Policy Name
Outsourcing Policy
with Personnel
are obviated to
the lowest
possible levels of
risks.
Legal Risk: Legal risk The MAIBRO is
includes but is not limited to planning to
exposure to fines, penalties, monitor the XXX
or punitive damages activities that
resulting from supervisory directly expose
actions, as well as private the MAIBRO to
settlements due to omissions such punitive
and commissions of the actions like
service provider. Reports
Generation and
Verification –
well ahead of the
calendar of
reporting
requirements, so
as to be able to
submit the same
as required.
XXX by itself is
not authorized to
perform any
direct interaction
with any other
stakeholder of the
MAIBRO, and as
such its
interactions
would always be
routed only
through the
MAIBRO’s
offices.
Counter party Risk: Due to DOES NOT
inappropriate underwriting ARISE in this
and credit assessments. arrangement

Policy Name
Outsourcing Policy
Contractual Risk: The MAIBRO has

Contractual risk arising from the capability to
whether or not MAIBRO has enforce the
the ability to enforce the clauses of the
contract. MSA, including
arranging to
provide services
through alternate
arrangements at
the shortest
notice.
However,
through careful
management of
the Vendor (XXX
in this case) the
MAIBRO‘s
strategy is to
avoid any such
requirement, in
the first place.
Concentration and The Contract
Systemic Risk: Due to lack with XXX is
of control of individual structured to
MAIBRO’s over a service ensure they
provider, more so when cannot provide
overall finance industry has similar services
considerable exposure to one to any
service provider. MAIBRO/similar
company – within
the Group or
otherwise – and
so this risk is
infructuous in
this case.
Exit Strategy Risk: This While the

could arise from over- MAIBRO is

Policy Name
Outsourcing Policy
reliance on one firm, the loss entrusting the

of relevant skills in the back-office
MAIBRO itself preventing it functions to XXX,
from bringing the activity it is also
back in house and contracts strategizing to
entered wherein speedy exits help XXX develop
would be prohibitively its skill-base in
expensive. such a manner
that the reliance
is mutual on each
other rather than
just exposing the
MAIBRO alone
to a
concentration
risk.
Further, the
Clauses 16 and
17 in the MSA
are structured to
ensure any
possible “exit”
Over All Risk Assessment
Risk HIGH MEDIUM LOW

Rank 8-10 4-7 1-3

Policy Name
Outsourcing Policy
Risk Assessment done by: Risk Assessment Verified by:

Name: Name:
Designation: Designation:
Signature: Signature:
Date: Date:
Annexure-3: Checklist for Materiality of Outsourcing Arrangement
Details the Outsourcing Arrangement assessed for Materiality

Policy Name
Outsourcing Policy
1 Name of the Vendor
2 Details of Service Provided (For e.g.) Enterprise Shared Service Provider – the
agency that will manage the entire back-office
processing of the company’s activities as defined in
greater detail in the SOW[s] to the MSA.
3 Materiality Factor MATERIAL CONTRACT / NOT MATERIAL
4 Reasons Determining Materiality See Checklist below
CHECKLIST FOR ASSESSMENT OF MATERIALITY OF ARRANGEMENT:
S NO CONDITIONS OF DETAILS OF MATERIAL / NOT

MATERIALITY RESPONSE TO MATERIAL
CONDITIONS OF
MATERIALITY
1 Levels of Importance to the
Company of the Business Activity
to be outsourced (H/M/L)
2* Potential Impact of the Outsourcing Impact on
on the earnings, solvency, liquidity, 1. Earnings:
funding capital and risk profile of 2. Solvency:
the Company 3. Liquidity:
4. Funding Capital:
5. Risk Profile:
3 Cost of Outsourcing as a proportion

of total operating costs of the
Company / Unit (for eg. If proposed
cost is >3% of Operating costs)
(outsource activity to an entity
(other than an individual) only
where the activity to be
outsourced is more than 5% of
the total outsourcing expenditure
(Material).)

Policy Name
Outsourcing Policy
4 Nature and extent of data sharing

involved, impact on data privacy
and security
5 Aggregate exposure to a particular
service provider, in case where
various functions are outsourced to
the same service provider.(for eg. If
the total payout to the service
provider is >10% of total
outsourcing cost)
6.* If the service provider unable to
perform the service over a given
period of time
- What is the expected impact on
MAIBRO customers?
- What is the likelihood that it
would harm MAIBRO reputation?
If yes, are we having an alternate

service provider?
7. MAIBRO shall consider, while
evaluating the capability of the
service provider, issue relating to
undue concentration of outsourcing
arrangement with a single service
provider.
OVERALL ASSESSMENT OF MATERIALITY OF

ARRANGEMENT
*(If 2&6 are material then overall =MATERIAL)
Assessment Done by: Verified By

Name: Name:
Date: Date:

Policy Name
Outsourcing Policy
ANNEXURE 4:- CHECKLIST FOR COST BENEFIT ANALYSIS
The analysis can be broken down into four basic steps:
Step 1: Clearly define the business process your organization would like to outsource.
Step 2: Calculate the in-house costs that could be avoided by outsourcing.
Step 3: Calculate the total costs of outsourcing.
Step 4: Subtract the costs of outsourcing from in-house costs to determine savings.
Step 1: Clearly define the business process your organization to outsource.
It is critical that the services to be outsourced are clearly defined, and that all workflow steps are
identified and understood
Step 2: Determine the in-house costs that could be avoided by outsourcing.
After the business process is clearly defined, it is time to identify and calculate the costs that would be
avoided if outsourced the process. To start, first itemize all the costs related to the process, including
direct costs (salaries, equipment, supplies, etc.) and indirect costs (general administration and internal
services).
Do not include “sunk costs,” which are costs that have already been incurred and cannot be recovered.
Decision-making based on a cost analysis should instead focus on avoidable future costs, which in this
case are costs that can be eliminated by outsourcing the process.
Next, itemize all the in-house costs that could be avoided if the business process is outsourced.
Step 3: Determine the total costs of outsourcing.
With in-house costs calculated, next step would be to determine the total costs of outsourcing the business
process.
Step 4: Subtract the costs of outsourcing from in-house costs to determine savings.

Policy Name
Outsourcing Policy
The final step of the cost analysis, will be to calculate the cost savings that outsourcing is expected to
deliver. If the numbers show that outsourcing can significantly reduce the cost of the business process,
then the next step for outsourcing would be initiated.
While conducting Cost benefit analysis, technical person/departments/external/expert advise will be

considered for fair and authentic analysis.
Annexure-5: Vendor Risk Assessment
1 Name of the Vendor

2 Details of Service Provided
3 Reasons for Selection See Checklist below
SN Parameters Yes/No Score Weight Wt. Score

(Y=1, N=0)
1 SELECTION OF
SERVICE PROVIDER-
DUE DILIGENCE
1.1 Were other service

providers considered?
-If No, approvals to be

attached.
1.2 Is the selected Service

Provider, the optimal
Service Provider?
If yes, please provide

criterion used, as a
separate document.

Policy Name
Outsourcing Policy
1.3 Business background- For

how many years they are
in this business? (Tick one
box as applicable)
-Below 3 Years
-Above 3 Years
20%
1.4 Whether the service
provider has appropriate
background verification of
its employees?
1.5 Any current issues facing

by service provider which
may affect the future
financial operational
performance?
-If yes, supporting to be

attached.
1.6 Under adverse condition-
-Does the Service

Provider have financial
soundness?
-Does the Service

Provider have ability to
service commitments?
1.7 Whether independent

reviews and market
feedback on the service
provider has been taken?

attached.

Policy Name
Outsourcing Policy
2. SERVICE PROVIDER CONTRACT
2.1 Does MAIBRO have a 20%

signed contract with the
Service Provider?
2.2. Does the contract ensure

that the Service Provider
must take all reasonable
steps to safeguard and
keep private any sensitive
information provided by
MAIBRO, specifically
information regarding
MAIBRO’s clients?
2.3 Does the contract ensure

that the Service Provider
will notify MAIBRO of
any material change in its
organization within a
reasonable period of time?
2.4 Does the contract clearly

specify the roles and
responsibilities of the
Service Provider?

Policy Name
Outsourcing Policy
-Specifically, does the

contract have a
termination clause?
-Is there a time period to

rectify any failure?
2.5 Are there representations

in the contract that
confirm the financial and
legal viability of the
Service Provider?
-Does the Service

Provider have liability
insurance?
-If yes, What limits? -

Supporting to be attached.
2.6 Does the contract clearly

set out MAIBRO’s right
to conduct oversight of
the Service Provider?
If the service
provider is unable to
perform the service
over a given period
of time, will there be
any expected impact
on MAIBRO
customers?
There will not be any

expected impact on
MAIBRO customers.
- Is there the likelihood it

would harm MAIBRO

Policy Name
Outsourcing Policy
reputation?
2.7 - If yes, do we are we

having an alternate service
provider?
2.8 Whether the Agreement

has been vetted by
MAIBRO legal Dept.
/counsel on their legal
effect and enforceability?
3. CONFIDENTIALITY AND SECURITY OF OPERATIONS

3.1 Do we encrypt/password 10%
protects the data while
sharing the same?
3.2 Whether Type of Storage

of data includes the any of
the following
(magnetic tape; magnetic

disks; optical discs, such
as CDs, DVDs and Blu-
ray disks; flash memory;
main memory (dynamic
RAM); and cache
memory.)
3.3 Location of Data
- Offshore (Y/N) --(Y-0,

N-1)
- Onshore (Y/N) --(Y-1,

N-0)
-Onsite (Y/N)) --(Y-0, N-

Policy Name
Outsourcing Policy
1)
-Offsite (Y/N) --(Y-1, N-

0)
3.4 Have we signed a Non-

disclosure agreement with
service provider?
3.5 Whether the Service

provider systems are
compatible with
MAIBRO System?
If No, what are the steps

taken to make it
compatible (Attach
Annexures)
4. REGULATORY INFORMATION
4.1 Does the Service Provider 10%
or any of its employees or
officers been subject to a
regulatory action,
investigation or warning?

attached.
5. OUTSOURCED FUNCTIONS
further outsource any of
its functions to third party
service providers?
5.2 If yes, does the Service

Provider conduct ongoing
reviews of the quality of
the outsourced services?

Policy Name
Outsourcing Policy
6. COMPLIANCE
6.1 Whether the Service 10%
Provider has an anti-
money laundering policy?
6.2 Whether the Service

Provider has a privacy
policy?
7. LEGAL PROCEEDINGS
7.1 Are there, or has there 5%
been, any criminal or civil
proceedings taken against
the Service Provider or
any of its current or
former key employees or
directors?
If so, provide details.
8. INSURANCE
8.1 Whether the Service 10%
Provider maintain
bonding and insurance, as
required, by applicable
regulatory bodies or
legislation?
9. BUSINESS CONTINUITY
have a business continuity
plan?
9.2 When the BCP was last

tested.
-Within 6 Months

Policy Name
Outsourcing Policy
-Above 6 Months
Total 100%
NOTES:
1. Vendor Risk Assessments should specify the Minimum Score set for the selection of the Vendor – this
is particularly important where multiple vendors have been considered for selection
2. Any deviation to this policy needs to be highlighted to a level above the approving authority for
acceptance or otherwise.
Assessment Done by: Verified By

Name: Name:
Date: Date:

Policy Name
Outsourcing Policy
Annexure-6: Outsourcing Agreement
…………………………AGREEMENT
This Agreement executed on ………………………………. at ………………. Between Manappuram

Insurance Brokers Limited, a company incorporated under the Companies Act, 1956 and having its
registered office at 2nd Floor, Manappuram House (Old Building), Valapad, Thrissur, Kerala- 680567
(hereinafter referred to as the “MAIBRO”), which expression, unless repugnant to the context or meaning
hereof, shall include its group companies, associates, subsidiaries, divisions, successors, administrators or
permitted assignees) of the FIRST PART;
…………………………………………., a company incorporated under the Companies Act, 1956 and

having registered office at ………………………………………………….., (hereinafter referred to as the
“Service Provider”), which expression shall unless repugnant to the meaning of context thereof be
deemed to mean and include herein its successors in business and permitted assigns of the OTHER
PART.
MAIBRO and the Service provider are collectively referred to as “Parties” and individually referred to as
“Party”.
RECITALS
MAIBRO is an Insurance Broking Company, inter alia engaged in the business of Insurance broking
desirous of engaging the Service Provider to provide ……………………………………….
The Service provider is inter alia engaged in the business of ……………………………………………
The Service Provider offered its service to MAIBRO for

……………………………………………………………………...and MAIBRO accepted such service
from the Service Provider.
NOW THEREFORE, in consideration of the mutual covenants and obligations between the parties it is
agreed as follows
1. Definition and interpretations
(to be defined depending on type of Service)

Policy Name
Outsourcing Policy
2. Scope of Services:
(to be defined in Schedule)
3. Obligations of the Parties
4. Tenure of the Contract
5. Fee and Terms of payment
6. Representation and Warranties.
The Service Provider represents and warrants that:
a. The services to be provided are in compliance with all applicable laws, statutes, regulations and
other legal provisions applicable to this agreement.
b. It has the requisite experience, license, expertise, qualified manpower and other requisite resources
to provide the Services and hereby represents and warrants that all Services provided shall at all
times strictly conform to the requirements of this Agreement as set out herein.
c. The execution, delivery or performance by the Service Provider shall not contravene constitutional
documents of the Service Provider.
d. It warrants that there are no legal proceedings instituted or threatened against the Service Provider
before any court or administrative body or arbitral tribunal which might adversely affect the ability
of the Service provider to perform its obligations under this Agreement.
e. It has full power and authority to enter into this agreement and to take action and execute any
documents required by the terms hereof and this agreement is enforceable in accordance with the
terms hereof and the person(s) executing this Agreement on behalf of the Service provider is/are
duly empowered and authorized to execute this Agreement and perform all its obligations in
accordance with the terms herein.
f. Each of the representations is true and correct in all material respect as of the date of signing and
that none of them omits to state any matter which makes any of such representations misleading in
any material respect.

Policy Name
Outsourcing Policy
7. Statutory Compliances:
a. The Service Provider shall observe and comply with all applicable provisions and requirements of the
Contract Labour (Regulation and Abolition) Act, 1970, The Employees Provident Fund and Family
Pension Fund Act, 1952, the Payment of Wages Act, 1926, the Minimum Wages Act, 1948, the
Payment of Bonus Act, 1965, and all applicable statutes, regulations and provisions having the
force of law as also all rules, by-laws and other provisions framed there under in pursuance thereof,
in so far as they are attracted by reason of obligations and rights conferred on the Service Provider
by this Agreement or by reason of duties or responsibilities imposed on the Service Provider by
reason of this Agreement or by reason of the activities or functions discharged by the Service
Provider in pursuance of this agreement and in particular, by reason of the employed or engaging
by the Service Provider of the persons employed or engaged in or connection with rendering of
various services at the said establishment. The service provider shall on demand produce the
documents to MAIBRO for legal compliances.
b. It is hereby expressly agreed and understood between the parties hereto that the Service Provider is
an independent Service Provider and shall be solely responsible as employer/master of the
employees and/or persons engaged by it for the purpose of providing the Services. Further there is
no master and servant relationship between the MAIBRO and the Service Provider or between
MAIBRO and the employees and/or persons engaged by the Service Provider.
c. The Service Provider, being the employer in relation to the persons engaged/employed by it to
provide the services under this agreement shall alone be responsible and liable to pay wages and
salary and all emoluments to such persons and meet the statutory payments /requirements relating to
his employees. In the event of the Service Provider failing in complying with any statutory payments
even after demand, MAIBRO shall be entitled to pay the same to the concerned Department and the
same shall be adjusted against the payments to be made to the Service Provider by MAIBRO.
8. Discipline
a. Service Provider shall issue identity cards, on its own name and trading style, to its personnel
deputed for rendering the said services, which at MAIBRO ’s option, would be subject to
verification at any time. MAIBRO may refuse the entry into the premises to any personnel of the
Service Provider not bearing such identity card or not being tidily dressed.
b. No personnel of the Service Provider shall leave the demised premises where they have been
deployed without permission of MAIBRO.
c. MAIBRO shall always have the right and liberty to do surprise inspection at its sites.
d. Service Provider shall ensure that no personnel engaged by them will engage in any type of
activities prejudicial to the interest of MAIBRO. It is specifically provided that in case any
personnel engaged by the Service Provider for the purpose of security and safety of the properties
of MAIBRO as provided in this agreement, acts or indulges in any activity prejudicial to the
interests or safety of its properties , MAIBRO shall have the right to direct the Service Provider to

Policy Name
Outsourcing Policy
immediately substitute him with another personnel and on such direction being given, the Service
Provider shall implement the direction without any objection whatsoever forthwith.
e. It is understood between the parties hereto that the Service Provider alone shall have the right to take
disciplinary action against any person(s) engaged /employed by it, while no right whatsoever shall
vest in such person(s) to raise any dispute and/or claim whatsoever against MAIBRO. MAIBRO
shall under no circumstances be deemed or treated as the employer in respect of any person(s)
engaged/employed by the Service Provider for any purpose whatsoever, nor would MAIBRO be
liable for any claim(s) whatsoever, of any such person(s).
f. That this agreement does not give any right of license to the Service Provider, save and in respect, to
enter the premises of MAIBRO for the purpose of this agreement as long as this agreement subsists
and also subject to the rules and security procedures of MAIBRO.
9. Termination of the agreement:

a. In case of non-observance and non-performance of any of the provisions of this agreement by the
Service Provider, MAIBRO shall be at liberty forthwith or at any time thereafter to terminate this
Agreement without notice.
b. During the tenure of this Agreement, MAIBRO reserves its right to terminate the Agreement, without
any obligation monetary or otherwise, and / or without assigning any reason thereof, by giving one
Month’s notice. If the Service Provider wants to terminate the Agreement, the Service Provider will
have to give Three Months’ notice to MAIBRO.
c. On termination of this Agreement, the Service Provider shall withdraw his personnel with immediate
effect and forthwith deliver vacant and peaceful possession of the said establishment and handover
fixtures, fitting, furniture, articles and other items if provided by MAIBRO under or in pursuance or
for the purpose of this agreement in the same good order and condition in which they were at the time
of commencement of this agreement or of handling over or installation thereof (reasonable wear and
tear expected) and shall be liable to Company and make good any losses caused in this behalf on
account of any damage, injury of otherwise however.
10. Indemnification:
a. The Service Provider hereby undertakes to perform its obligations and indemnifies and agrees to keep
MAIBRO, its Directors, employees harmless and indemnified against any loss or damage caused to
MAIBRO in any event and make good any loss, damage, suffered or incurred by MAIBRO due to
any theft, pilferage by the employees of the Service Provider in the performance of their duties in the
premises of MAIBRO. MAIBRO further retains the right to deduct such payment from the
consideration payable to the Service Provider for the loss, damage, suffered or incurred by MAIBRO
due to any theft, pilferage by the employees of the Service Provider. MAIBRO further retains the
right to deduct such payment from the consideration payable to the Service Provider for the loss,
damage, suffered or incurred by MAIBRO due to any theft, pilferage by the employees of the Service
Provider.

Policy Name
Outsourcing Policy
b. The Service Provider agrees to indemnify and keep indemnified MAIBRO from time to time and at all
times against any loss, damage, claim and liability that may arise as a result of any act or omission or
commission, error on the part of Service Provider in respect of non-payment or non-observance of
any statutory dues, third party liability or statutory compliances of any nature whatsoever in respect
of its employees or any claims made by, through or under its employees against MAIBRO or any of
its officers, directors, employees, Service Providers, agents etc. during the continuance of this
agreement or after termination hereof. The Service Provider undertakes to take care of any such legal
action initiated against MAIBRO or otherwise and shall defend the same at its own cost and expense.
Without prejudice to any other rights and remedies, MAIBRO further retains the right to claim
liquidated damages from the Service Provider.
c. The Service Provider shall at all times indemnify and keep indemnified MAIBRO against any claim
by any third party for any injury, damage to the property or person of the third party or for any other
claims whatsoever for any acts of commission or omission of its employees or personnel during the
hours of providing the services at MAIBRO’s premises or before and after that.
d. The Service Provider shall at all times indemnify and keep indemnified MAIBRO against any claim
lodged by the personnel of the Service Provider for employment or compensation of any sort financial
or otherwise.
e. That, if at any time, during the operation of this Agreement or thereafter MAIBRO is made liable in
any manner whatsoever by any order ,direction or otherwise of any Court ,Authority or Tribunal, to
pay any amounts whatsoever in respect of or to any of the present or ex-personnel of the Service
Provider or to any third party in any event, the Service Provider shall immediately pay to MAIBRO
all such amounts and costs also and in all such cases /events the opinion of MAIBRO shall be final
binding upon the Service Provider. MAIBRO shall be entitled to deduct any such amounts as
aforesaid, from the security deposit and /or from any pending bills of the Service Provider.
11. Nature of the agreement: The parties hereto have considered agreed to and have a clear
understanding on the following aspects:
a. This agreement is for providing the aforementioned services and is not an Agreement for supply of
contract labour. It is clearly understood by the Service Provider that the persons employed by the
Service Provider for providing services as mentioned herein, shall be the employees of the Service
Provider only and not MAIBRO. The number of persons to be employed and individual person to be
employed for providing the said services shall be decided by the Service Provider who shall be liable
to make payments to its said employees towards their monthly wages/salaries and other statutory
dues.
b. MAIBRO shall not liable for any obligations/responsibilities, contractual, legal or otherwise, towards
the Service Provider’s employees /agents or to the said employees/agents directly and /or indirectly in
any manner whatsoever.

Policy Name
Outsourcing Policy
c. The employees /personnel of the Service Provider rendering the services under this Agreement shall
never be deemed to be the employees of MAIBRO in any manner whatsoever and shall not be entitled
for employment, salary/ wages, damages, compensation or anything arising from their deployment by
the Service Provider for rendering the said services.
12. Dispute resolution:

In the event of difference or dispute arising out or in connection with this agreement, over the rights or
obligation of parties, the dispute would first be attempted to be resolved by consultations between the
parties. Upon failure of such mutual consultations, the dispute or difference would be referred to
Arbitration of a Sole Arbitrator, to be appointed by MAIBRO and the provisions of the Arbitration and
Conciliation Act, 1996 shall be applicable to such Arbitration. In the event of incapacity or resignation or
death of the sole arbitrator so appointed, MAIBRO shall be entitled to appoint another arbitrator in place
of the earlier arbitrator, and the proceedings shall continue from the stage at which the predecessor had
left. The venue of arbitration shall be at Thrissur.
13. Governing law /jurisdiction
The applicable law governing this agreement shall be the laws of India and the courts having
jurisdiction over the place of business of MAIBRO where this Agreement is entered into shall have the
exclusive jurisdiction to try any dispute with respect to this Agreement.
14. Confidentiality
a. The Service Provider and its personnel including but not limited to their sub agents, contractor etc.
will at all times comply with Information Security Requirements policy of MAIBRO as mentioned
therein.
b. The Service Provider acknowledges that all material and information supplied by MAIBRO which
has or will come into Service Provider's possession or knowledge of Service Provider in connection
with its performance hereunder, is to be considered MAIBRO's confidential and proprietary
information (the "Confidential Information"). By way of illustration, but not as a limitation,
Confidential Information includes the Software, trade secrets, processes, data, knowhow, program
codes, documentation, flowcharts, algorithms, marketing plans, forecasts, unpublished financial
statements, budgets, licenses, prices, costs, and employee and customer lists. Service Provider's
undertakings and obligations under this Section will not apply, however, to any Confidential
Information which: (I) is or becomes generally known to the public through no action on
Developer's part, (ii) is generally disclosed to third parties by MAIBRO without restriction on such
third parties, or (iii) is approved for release by written authorization of MAIBRO. Upon termination
of this Agreement or at any other time upon request, Service Provider will promptly deliver to

Policy Name
Outsourcing Policy
MAIBRO all notes, memoranda, notebooks, drawings, records, reports, files, documented source
codes and other documents (and all copies or reproductions of such materials) in its possession or
under its control, whether prepared by Service Provider or others, which contain Confidential
Information. Service Provider acknowledges that Confidential Information is the sole property of
MAIBRO. Service Provider agrees that disclosure of such information to, or use by, third parties,
either during or after this Agreement, will cause MAIBRO irreparable damage. Service Provider
agrees to use best efforts to hold Confidential Information in the strictest confidence, not to make
use of it other than for the performance of its obligations hereunder, to release it only to the Service
Provider’s employees or contractors with a need to know such information and not to release or
disclose it to any other party.
c. Service Provider further agrees not to release such information to any employee or contractor who
has not signed a written agreement between Service Provider and the employee expressly binding
the employee not to use or disclose the Confidential Information, except as expressly permitted
herein. MAIBRO shall be listed as a third-party beneficiary of any such agreement. Service
Provider will notify MAIBRO in writing of any circumstances within its knowledge relating to any
unauthorized possession, use, or knowledge of such Confidential Information. At any time, upon
request, Service Provider will return any such information within its possession to MAIBRO.
d. Service Provider shall (and shall ensure that all persons who are its servants or agents, acting
thereunder, as the case may be) comply with any applicable laws, statutes, regulations and codes
relating to data protection (including without limitation to the foregoing, the Information
Technology Act, 2000, and rules framed thereunder (the “IT Laws”)) as amended, re-enacted,
modified or supplemented and in particular comply with the confidentiality, Data Protection
Principles set out in the IT Law in connection with personal data processed as a consequence of this
Non-Disclosure Agreement or any agreements referenced herein. . Service Provider shall
implement and follow the rules as laid down in the Information Technology (Reasonable Security
Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 [‘the Rules’] and
the Information Technology Act, 2000.
e. Return or Destruction of Confidential Information: Upon completion of the Business Purpose or upon
the written request of MAIBRO owning Confidential Information, Service Provider shall return all
copies of Confidential Information to MAIBRO or certify, if so requested by the directing party, in
writing that all copies of Confidential Information have been destroyed permanently within the time
stipulated by such requesting party. A party may return Confidential Information, or any part
thereof, to the other party at any time. However, MAIBRO may retain a minimum of one copy of all
work product and relevant project documentation for archival and audit purposes
15. Audit
MAIBRO may, at its discretion, audit the software, books and services/System/DC of the Contractor
by its external / internal / IRDA / auditors. Contractor will facilitate the same without any demur.

Policy Name
Outsourcing Policy
Service Provider shall, whenever required, furnish all relevant information, records, and data to
inspecting officials of MAIBRO and the external / internal / IRDA / auditors. MAIBRO reserves the
right to call for any relevant material information/report. MAIBRO will provide the information in
advance to the Service Provider for the same. Service Provider should get the activities and or
functions audited from time to time as per the requirements of MAIBRO, Reserve bank of India or
any other statutory body, where ever applicable. Audits will be at MAIBRO sole expense. In case
any violations in reported by such Auditors, Service Provider shall be liable to reimburse the
expenses of such auditing to MAIBRO.
16. Intellectual Property
Each Party agree, warrant and undertake that it shall take steps aimed at ensuring that other party’s
Intellectual Property Rights or other party’s Products, Services and software are not infringed,
passed off, diluted, reverse-engineered, hacked into, misappropriated, tampered with and/or copied
by a party, its directors, officers, employees, agents, consultants, representatives, subsidiaries,
associates, etc. MAIBRO grants a limited, non-exclusive and limited license in the Mobile
Subscriber’s data as provided by MAIBRO for the sole purpose of provision by ACL of Push SMS
Services to MAIBRO. No other Licenses are being granted by either party, other than those
mentioned in this Agreement.
Trade marks & trade names
Neither Party shall be entitled to use other Party’s Trade Mark/Logo, unless agreed to in writing by
the other party, setting out, inter alia, the terms and conditions, which shall govern such usage.
17. Notice
Unless otherwise provided herein or agreed to in writing by the parties all notices, requests or other
communications shall be served or given to either party by sending it by registered post or facsimile
transmission or shall be personally delivered to the other party at its address specified below:
18. Non-Exclusivity
This Agreement does not prevent MAIBRO from entering into a similar agreement with any other
party. This Agreement is on a non-exclusive basis.
19. Relationship
Nothing contained in this Agreement shall constitute a partnership or joint venture between the
Parties nor shall any relationship of employer and employee be deemed to be created between
MAIBRO and any employee of the Service provider or between the Service Provider and any
employee of MAIBRO.

Policy Name
Outsourcing Policy
This Agreement is on a principal to principal basis and the Service Provider is not an agent of
MAIBRO and no party shall have the authority to bind or shall be deemed to be agent of the other
party in any way.
20. Prevalence of agreement

a. This Agreement along with its Annexure constitutes the whole Agreement between the parties with
regard to the subject matter hereof, and the parties herein confirm that this Agreement supersedes any
and all other prior understanding and commitments between the parties herein, express or implied.
b. In the event of any inconsistency between the provisions of this Agreement and any other document
or writing between the parties hereto, the provisions of this Agreement shall prevail.
21. Entire Agreement

This Agreement, including schedules or annexure attached hereto and all cross references referred to
herein, constitute the entire agreement between the parties hereto, and supersede any and all prior
agreements or understandings between the parties with respect to the subject matter hereof. No party
hereto shall be bound by, and each party hereto specifically objects to, any term, condition or other
provision or other condition which is different from or in addition to the provisions of the Agreement
(whether or not it would materially alter the Agreement) and which is preferred by any other party
hereto in any correspondence or other document, unless the party to be bound thereby specifically and
knowingly agrees to such provision in writing.
22. Amendments and waivers
No amendment to this Agreement shall be valid or binding unless set forth in writing and duly
executed by all parties to this Agreement. No waiver of any breach of any provision of this Agreement
shall be effective or binding unless made in writing and signed by the party purporting to give the
same and, unless otherwise provided in the written waiver, shall be limited to the specific breach
waived.
23. Assignment:
Save and except as provided herein, neither party shall assign this Agreement or all or any of its rights
or obligations hereunder to any person, without the prior written consent of the other party, which
consent shall not be unreasonably withheld. Subject to the foregoing, this Agreement and the
respective rights and obligations of the parties hereto under this Agreement shall inure to the benefit of
and be binding on their respective successors (including successor by reason of amalgamation or
merger or any party) and permitted assigns.
24. Severability:

Policy Name
Outsourcing Policy
If any provision of this Agreement shall be found by any court of law, Government or administrative
body of competent jurisdiction or regulatory body to be invalid or unenforceable, the invalidity or un-
enforceability of such provision shall not affect the other provisions of this Agreement and all
provisions not affected by such invalidity or unenforceability shall remain in full force and effect. The
parties hereby agree to attempt to substitute for any invalid or unenforceable provision a valid or
enforceable provision, which achieves to the greatest extent possible the economic, legal and
commercial objectives of the invalid or unenforceable provision
25. Liabilities and remedies
In the event of failure of the Service Provider to provide the services or part thereof as mentioned in
this Agreement for any reasons whatsoever, MAIBRO shall be entitled to procure services from other
sources and the Service provider shall be liable to pay forthwith to MAIBRO the incremental increase
in payment, if any made to such other sources, besides damages at double the rate of payment.
26. Losses suffered by the Service Provider
The Service provider shall not claim any damages, costs, charges, expenses, liabilities arising out of
performance/ nonperformance of services, which it may suffer or otherwise incur by reason of any
act/omission, negligence, default or error in judgment of their own and/or its personnel in rendering or
non-rendering the services under this Agreement.
27. Service of notice
Any notice or other communication required or permitted to be given between the parties under this
agreement shall be given in writing at the address written in first Para or such other addresses as may
be intimated from time to time in writing
28. Force majeure
Neither party shall be in default if a failure to perform any obligation hereunder is caused solely by
supervening conditions beyond that party’s reasonable control, including acts of god, civil
commotion, strikes acts of terrorism, labour disputes and governmental or public authorities’
demands or requirements.
29. Counterparts

Policy Name
Outsourcing Policy
This Agreement shall be executed in two counterparts, each of which shall constitute the original but
both of which when taken together shall constitute one and the same agreement.
In witness whereof MAIBRO and the Service Provider party above said have here unto subscribed
their hands on the day month and year first mentioned above in the presence of the following
witnesses:
For Manappuram Insurance Brokers Limited
Authorized Signatory
For ………………………………….
Authorized Signatory
Witness:

Policy Name
Outsourcing Policy
Annexure-6: Vendor Evaluation Form
The vendor who are already registered with MAIBRO, shall be periodically evaluated to ensure that the
vendor is consistent in meeting MAIBRO's expectations. Attached the format for evaluation as mentioned
in Procurement Policy.
Vendor Evaluation Form.xlsx


Outsourcing Policy

Uploaded by

Copyright:

Available Formats

Outsourcing Policy

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Outsourcing Policy

Uploaded by

Copyright:

Available Formats

Policy Name

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

3.4 Systems to monitor and review the operations of outsourcing activities.

Company Secretary & Compliance officer.

6. Key Formats / Records :-

Check List for Risks for Outsourcing Arrangements

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

Materiality of outsourcing would be based upon and be assessed for:

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

1. Activities which 2. Responsibilities 3. Procedures 4. Grievance Redress

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

2. Responsibilit 2. Selection of the third-party

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

decisions on this Once the concerned department has

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

and recording the

5. Ensuring that there

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

All Outsourcing Arrangements are to

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

and he/she specifically confirms that

The Authority to Sign any

The Obligatory Clauses of the

The obligatory clauses of our Legal

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors

a. Clear Definitions of What

b. Mutual rights, obligations and

c. Liability of the third party to

d. The services of the third party

Manappuram Insurance Brokers Limited

Version No/ Issue Date: 1.2 / 27th July 2022

Prepared & Approved By Company Secretary & Board of Directors