Online identification and digital signatures revolutionize insurance claims management: an exploration of transformations
IVASS (Istituto per la Vigilanza sulle Assicurazioni) Regulation n. 56/2025 has introduced a series of updates aimed at modernising and digitising the management and reporting of insurance incidents. The regulation emphasises the importance of simplifying user experience while ensuring legal and technical compliance with EU and national digital identity and electronic signature frameworks.
---
## Key Requirements for Digital-Friendly Incident Reports
### 1. Digital Format and Accessibility
Insurance incident reports must be available in a fully digital format and should be user-friendly, enabling seamless submission via dedicated online platforms or mobile applications. These platforms should be designed to integrate with back-office insurance company systems for automated processing.
### 2. Electronic Signature Methods
All submitted incident reports must be signed electronically to ensure authenticity, integrity, and non-repudiation. The permitted electronic signature types should adhere to eIDAS Regulation (EU Regulation 910/2014) standards, including Advanced Electronic Signature (AdES) and Qualified Electronic Signature (QES). Signatures based on national eID schemes that comply with eIDAS (such as SPID in Italy) are also accepted.
### 3. Compliance with eIDAS Regulation
The electronic signature must comply with eIDAS to guarantee cross-border validity and legal recognition within the EU. The regulation requires the use of qualified trust services (e.g., qualified certificates, timestamps) and mandates that report submission platforms automatically verify and validate these signatures during processing.
### 4. Alignment with the Italian Digital Administration Code (CAD)
Document formats, signature, and storage must meet CAD requirements for document authenticity, digital preservation, and interoperability. This means that systems must ensure interoperability with public administration platforms and databases.
### 5. Data Protection and Security
The system must guarantee confidentiality and integrity of personal data in compliance with GDPR. Secure channels (e.g., HTTPS, TLS) must be used for data transmission, and access to submitted reports and signature validation data must be restricted and logged.
---
## Practical Implications for Insurance Companies and Users
- For Users: Ability to file incident reports entirely online with legally binding electronic signatures, possibly using existing national digital identities (like SPID). - For Insurers: Need to update systems to verify electronic signatures automatically, preserve signed documents digitally under CAD standards, and ensure interoperability with public digital services. - For Regulators: Enhanced oversight thanks to transparent, digitally signed, and traceable incident reports.
---
The regulation redefines the process of filling out and transmitting the accident report form (CAI) for motor vehicles and pleasure craft. Companies must adopt technical and organisational measures to provide policyholders with a durable copy of the digital claim. The Intesa Sign solution is mentioned as a potential solution for the digital-friendly incident report.
The digitalization of the CAI form can become a tangible competitive advantage in the market focused on efficiency and transparency. Intesa offers various solutions for the digital transformation of businesses, including Compliance-approved Document Retention, Digital Customer Onboarding, EDI - Electronic Data Interchange, Electronic Invoicing Platform, International Electronic Invoicing, Corporate Electronic Signature, Electronic Seal, Document Management Software, and Supply Chain Management.
Companies can use trusted service providers for the provision of electronic signatures, while respecting GDPR norms on personal data protection. The Intesa Sign solution is designed to respond to new regulatory and operational needs for the digital CAI form. Intesa Sign offers a guided signing procedure accessible via web and mobile. Intesa Sign guarantees compliance-approved document retention with legal validity and integrity.
The regulation requires insurance companies to equip themselves with web-accessible and mobile applications within 12 months of the entry into force (April 8, 2025). Starting March 25, 2025, it will be possible to fill out, sign, and send the friendly incident report online. Intesa Sign ensures full traceability of operations with full GDPR compliance. On March 25, 2025, IVASS Regulation n. 56/2025 will be enforced. Intesa Sign is integrated with Intesa ID, a solution prepared for future European digital wallets.
The shift to a digital model for the accident report represents a concrete advancement towards greater operational simplicity, faster management times, and higher security levels. The new regulatory context is a strategic opportunity for insurance companies to innovate the customer journey, integrating digital tools for user identification and document signing.
- Insurance companies, in compliance with the IVASS Regulation n. 56/2025, must adopt technology-driven solutions to facilitate user-friendly digital submissions of incident reports, such as Intesa Sign, which ensures legal and technical compliance with EU and national digital identity and electronic signature frameworks like eIDAS.
- In the context of business modernization, insurance companies are encouraged to leverage technology, especially digital identity and electronic signature solutions, to streamline finance processes and enhance their competitiveness in the market, as exemplified by Intesa's comprehensive suite of digital transformation solutions for businesses.
