REQUEST FOR QUOTATION

BANK IS PROPOSING TO ENGAGE I N S U R A N C E

BROKER FOR CYBERINSURANCE

IT RISK MANAGEMENT DEPARTMENT,

STATE BANK OF INDIA
1|Page

SCHEDULE OF EVENTS

S. No Particulars
Remarks
1 Contact details of issuing Ramesh Kumar Y.
department Deputy General Manager, IT- Risk Mgmt. Dept.
State Bank of India, 4th Floor, Tower 7, Railway
Station Building, Navi Mumbai PIN - 400 614,
Maharashtra
Mobile: 9949098405
Email: dgmit.risk@sbi.co.in

2. Bid Document Availability Will be emailed to the empaneled IBFs listed in

including changes/ Annexure 1.
amendments, if any to be issued.

3. Pre-bid meeting 11.30 AM on 13.09.2022

(invites shall be sent for e-meeting to the IBFs)

4 Date for responding to pre-bid 16.09.2022

query

5 Last date and time for Bid 04.00 PM on 27.09.2022

submission

6 Address for submission of Bids At the e-procurement portal https://etender.sbi/SBI/

7 Date and Time of opening of 11.30 AM on 28.09.2022

Technical Bids
Authorized representatives of Bidders may be
present online during opening of the Technical Bids.
However, Technical Bids would be opened even in
the absence of any or all of Bidders representatives.

8 Date and Time of Opening of

11.30 AM on 30.09.2022
Commercial Bids

9 Contact details of e- E-Procurement Technologies LTD

Procurement agency appointed Name: Rikin
for e-procurement Email: ravi.s@auctiontiger.net
Phone: 079 6813 6856
Cell: +91 9913326773
2|Page

TABLE OF CLAUSES

S. No. CLAUSES
1 INVITATION TO BID (through e-tendering)
2
DISCLAIMER
3
DEFINITIONS
4
ELIGIBILITY AND TECHNICAL CRITERIA
5
COST OF BID DOCUMENT
6
CLARIFICATION AND AMENDMENTS ON RFQ/PRE-BID
MEETING
7
CONTENTS OF BID DOCUMENT
8
BID PREPARATION AND SUBMISSION
9 DEADLINE FOR SUBMISSION OF BIDS
10 MODIFICATION AND WITHDRAWAL OF BIDS
11 PERIOD OF BID VALIDITY AND VALIDITY OF PRICE
QUOTED IN REVERSE AUCTION (RA)
12 BID INTEGRITY
13 BIDDING PROCESS/OPENING OF TECHNICAL BIDS
14 TECHNICAL EVALUATION
15 EVALUATION OF PRICE BIDS AND FINALIZATION
16 CONTACTING THE BANK
17 RIGHT TO VERIFICATION
18 WAIVER OF RIGHTS
19 SUBCONTRACTING
20 BANK’S RIGHT TO ACCEPT ANY BID AND TO REJECT ANY
OR ALL BIDS
21 APPLICABLE LAW
22 GOVERNING LANGUAGE
23 IBF - SCOPE OF WORK
24 MISCELLANEOUS
3|Page

TABLE OF ANNEXURES

S. No. ANNEXURES
1 List of SBI Empaneled IBFs
2 (i) List of Countries having Foreign Offices of SBI
(ii) List of Subsidiaries
3 Cyber Insurance: Scope of Cover
4 Technical Bid Format with Checklist
5 Glossary
6 Pre-bid Query Format
7 Bid Form (Technical bid)
8 Final Price Bid

INVITATION TO BID (through e-tendering)

4|Page

1. This Request for Quotation (RFQ) has been issued by State Bank of India including
its domestic, foreign branches and subsidiaries (please refer Annexure 2) –
hereinafter referred as ‘the Bank’ – for engagement of Insurance Broker for Cyber
Insurance.
2. To meet the service requirements, the Bank proposes to invite online bids from
empaneled Insurance Broking Firm (IBF), list enclosed in Annexure 1, as per details
& scope of cover mentioned in Annexure 3 of this RFQ document.
3. Bidder shall mean any SBI empaneled IBFs who meets the eligibility criteria given in
Annexure 4 of this RFQ and willing to provide the services as required in this bidding
document. The interested bidders may submit their bids with the information desired
in this bidding document (Request for Quotation).
4. Address for submission of online Bids, contact details including email address for
sending communications are given in Schedule of Events.
5. The purpose of SBI behind this RFQ is to seek a detailed technical and commercial
proposal for procurement of the Services desired in this RFQ.
6. This document shall not be transferred, reproduced or otherwise used for purpose
other than for which it is specifically issued.
7. Interested bidders are advised to go through the entire RFQ before submission of
online bids to avoid getting eliminated on account of non-compliance with the terms.
The empaneled bidders desirous of providing services to SBI are invited to submit their
technical and commercial proposal in response to this RFQ. The criteria and the actual
process of evaluation of the responses to this RFQ and subsequent selection of the
successful bidder will be entirely at discretion of Bank. This RFQ seeks proposal from
bidders who have the necessary experience, capability, and expertise to provide SBI
the proposed services as per the requirements of Bank stated in this RFQ.

2. DISCLAIMER

1. The information contained in this RFQ or information provided subsequently to Bidder(s)

in documentary form/email by or on behalf of SBI, is subject to the terms and conditions
set out in this RFQ.

2. This RFQ is not an offer by State Bank of India, but an invitation to receive responses
from the eligible Bidders. The purpose of this RFQ is to provide the Bidder(s) with
information to assist preparation of their Bid proposals. This RFQ does not claim to contain
all the information each Bidder may require. Each Bidder should conduct its own
investigations and analysis and should check the accuracy, reliability and completeness
of the information contained in this RFQ and where necessary obtain independent
advices/clarifications. Bank may in its absolute discretion, but without being under any
obligation to do so, update, amend or supplement the information in this RFQ.

3. The Bank, its employees and advisors make no representation or warranty and shall
have no liability to any person, including any Bidder under any law, statute, rules or
5|Page

regulations or tort, principles of restitution or unjust enrichment or otherwise for any loss,
damages, cost or expense which may arise from or be incurred or suffered on account of
anything contained in this RFQ or otherwise, including the accuracy, adequacy,
correctness, completeness or reliability of the RFQ and any assessment, assumption,
statement or information contained therein or deemed to form or arising in any way for
participation in this bidding process.

4. The Bank also accepts no liability of any nature whether resulting from negligence or
otherwise, howsoever caused arising from reliance of any Bidder upon the statements
contained in this RFQ.

5. The Bidder is expected to examine all instructions, forms, terms and specifications in
this RFQ. Failure to furnish all information required under this RFQ or to submit a Bid not
conforming to this RFQ in all respects will be at the Bidder’s risk and may result in rejection
of the Bid.

6. The issue of this RFQ does not imply that the Bank is bound to select a Bidder or to
award the contract to the Selected Bidder, as the case may be, for the Project and the
Bank reserves the right to reject all or any of the Bids or Bidders without assigning any
reason whatsoever before issuance of purchase order and/or its acceptance thereof by
the successful Bidder as defined in Award Criteria and Award of Contract in this RFQ.

3. DEFINITIONS:

In this connection, the following terms shall be interpreted as indicated below:

i. “The Bank” ‘means the State Bank of India including its domestic and foreign branches
and subsidiaries listed in Annexure 2.
ii. “Bidder” means an empaneled IBF as per Annexure 1 submitting the Bid in response
to this RFQ.
iii. “Bid” means the written reply or submission of response to this RFQ.
iv. “Preferred IBF” means the successful Bidder found eligible as per eligibility criteria set
out in this RFQ, whose technical Bid has been accepted and who has emerged as L1
(lowest in price bid) Bidder as per the selection criteria set out in the RFQ and to whom
notification of award has been given by the Bank.
v. “Services” means all services, scope of work and deliverables to be provided by a
Bidder as described in the RFQ
vi. “EOI” shall mean Expression of Interest dated 22.08.2019 issued by the Bank for
empanelment of IBF and subsequent letter issued by the Bank in pursuant to such
empanelment or any extension thereto.
vii. Customer is defined as anyone who is having banking relationship including individual,
corporates, Govt. and Govt. agencies. Sandeep bhoi
viii. Expansion of the acronyms used in this document are provided in Annexure 5.
6|Page

4. ELIGIBILITY AND TECHNICAL CRITERIA

Bid is open to all empaneled Bidders who meet the eligibility and technical criteria as
given in Annexure 4 of this document. The Bidder has to submit the documents
substantiating eligibility criteria as mentioned in this RFQ document.

5. COST OF BID DOCUMENT

The participating Bidders shall bear all the costs associated with or relating to the
preparation and submission of their Bids including but not limited to preparation, copying,
postage, delivery fees, expenses associated with any demonstration or presentations
which may be required by the Bank, or any other costs incurred in connection with or
relating to their Bid. The Bank shall not be liable in any manner whatsoever for the same
or for any other costs or other expenses incurred by a Bidder regardless of the conduct or
outcome of the bidding process.

6. CLARIFICATION AND AMENDMENTS ON RFQ/PRE-BID MEETING

i. Bidder requiring any clarification on RFQ (in the Pre-bid Query format as per Annexure
6) may notify the Bank in writing at the address/by e-mail within the date/time mentioned
in the Schedule of Events.
ii. A pre-Bid meeting will be held in-person or online on the date and time specified in the
Schedule of Events which may be attended by the authorized representatives of the
Bidders interested to respond to this RFQ.
iii. The queries received (without identifying source of query) and response of the Bank
thereof will be conveyed to all the Bidders via email.
iv. The Bank reserves the right to amend, rescind or reissue the RFQ, at any time prior to the
deadline for submission of Bids. The Bank, for any reason, whether, on its own initiative
or in response to a clarification requested by a prospective Bidder, may modify the RFQ,
by amendment which will be made available to the Bidders by way of
corrigendum/addendum. The interested parties/Bidders are advised to check their emails
regularly till the date of submission of Bid document specified in the Schedule of Events
and ensure that clarifications / amendments issued by the Bank, if any, have been taken
into consideration before submitting the Bid. Such amendments/clarifications, if any,
issued by the Bank will be binding on the participating Bidders. Bank will not take any
responsibility for any such omissions by the Bidder. The Bank, at its own discretion, may
extend the deadline for submission of Bids in order to allow prospective Bidders a
reasonable time to prepare the Bid, for taking the amendment into account. Nothing in this
RFQ or any addenda/corrigenda or clarifications issued in connection thereto is intended
to relieve Bidders from forming their own opinions and conclusions in respect of the
matters addresses in this RFQ or any addenda/corrigenda or clarifications issued in
connection thereto.
v. No request for change in commercial/legal terms and conditions stated in this RFQ or any
7|Page

addenda/corrigenda or clarifications issued in connection thereto will be accepted and

queries in this regard, therefore will not be entertained.
vi. Queries received after the scheduled date and time will not be responded/acted upon.

7. CONTENTS OF BID DOCUMENT

i. The Bidder must thoroughly study/analyze and properly understand the contents of this
RFQ, its meaning and impact of the information contained therein.

ii. Failure to furnish all information required in this RFQ or submission of Bid not responsive
to this RFQ in any respect will be at the Bidder’s risk and responsibility and the same may
finally result in rejection of its Bid. The Bank has made considerable effort to ensure that
accurate information is contained in this RFQ and is supplied solely as guidelines for
Bidders.

iii. The Bid prepared by the Bidder, as well as all correspondences and documents relating
to the Bid exchanged by the Bidder and the Bank and supporting documents and printed
literature shall be submitted in English.

iv. The information provided by the Bidders in response to this RFQ will become the
property of the Bank and will not be returned. Incomplete information in Bid document may
lead to non-consideration of the proposal.

8. BID PREPARATION AND SUBMISSION

i. The Bid is to be submitted separately for technical and Price on portal of e-

Procurement agency in response to the RFQ No. ETA/RFP/2022-23/26. Documents
mentioned below are to be uploaded on portal of e-Procurement agency with digital
signature of authorized signatory:

(a) Index of all the documents, letters, bid forms etc. submitted in response to RFQ along
with page numbers.
(b) Bid covering letter/Bid form on the lines of Annexure 7 on Bidder’s letter head.

ii. Commercial Bid in response to the RFQ No. ETA/RFP/2022-23/26 should contain
only Commercial Bid strictly on the lines of Annexure 8. The Commercial Bid must
include all the price components mentioned. Prices are to be quoted in Indian
Rupees only.
iii. Bidders may please note:
8|Page

(a) The Bidder should quote for the entire package on a single responsibility basis for
Services it proposes to provide.
(b) While submitting the Technical Bid, literature on the Services should be
segregated and kept together in one section.
(c) Care should be taken that the Technical Bid shall not contain any price information.
Such proposal, if received, will be rejected.
(d) The Bid document shall be complete in accordance with various clauses of the
RFQ document or any addenda/corrigenda or clarifications issued in connection
thereto, duly signed by the authorized representative of the Bidder. Board
resolution authorizing representative to Bid and make commitments on behalf of
the Bidder is to be attached.
(e) It is mandatory for all the Bidders to have class-III Digital Signature Certificate (DSC)
(in the name of person who will sign the Bid) from any of the licensed certifying
agency to participate in this RFQ. DSC should be in the name of the authorized
signatory. It should be in corporate capacity (that is in Bidder capacity).
(f) Bids are liable to be rejected if only one Bid (i.e. Technical Bid or Indicative Price
Bid is received.
(g) If deemed necessary, the Bank may seek clarifications on any aspect from the
Bidder. However, that would not entitle the Bidder to change or cause any change
in the substances of the Bid already submitted or the price quoted.
(h) The Bidder may also be asked to give presentation for the purpose of clarification
of the Bid.
(i) The Bidder must provide specific and factual replies to the points raised in the
RFQ.
(j) The Bid shall be typed or written and shall be digitally signed by the Bidder or a
person or persons duly authorized to bind the Bidder to the Contract.
(k) All the enclosures (Bid submission) shall be serially numbered.

(l) Bidder(s) should prepare and submit their online Bids well in advance before the
prescribed date and time to avoid any delay or problem during the bid submission
process. The Bank shall not be held responsible for any sort of delay or the
difficulties faced by the Bidder(s) during the submission of online Bids.

(m) Bidder(s) should ensure that the Bid documents submitted should be free from
virus and if the documents could not be opened, due to virus or otherwise, during
Bid opening, the Bid is liable to be rejected.

(n) The Bank reserves the right to reject Bids not conforming to above.

9. DEADLINE FOR SUBMISSION OF BIDS

9|Page

i. Bids must be submitted online on portal of e-Procurement agency by the date and time
mentioned in the “Schedule of Events”.
ii. In the event of the specified date for submission of Bids being declared a holiday for the
Bank, the Bids will be received up to the appointed time on the next working day.
iii. In case the Bank extends the scheduled date of submission of Bid document, the Bids
shall be submitted by the time and date rescheduled. All rights and obligations of the Bank
and Bidders will remain the same.

10. MODIFICATION AND WITHDRAWAL OF BIDS

i. The Bidder may modify or withdraw its Bid after the Bid’s submission, provided
modification, including substitution or withdrawal of the Bids, is received on e-procurement
portal, prior to the deadline prescribed for submission of Bids.

ii. No modification in the Bid shall be allowed, after the deadline for submission of Bids.

iii. No Bid shall be withdrawn in the interval between the deadline for submission of Bids and
the expiration of the period of Bid validity specified in this RFP. Withdrawal of a Bid during
this interval may result in appropriate action by the Bank as per this RFQ and EOI.

11. PERIOD OF BID VALIDITY AND VALIDITY OF PRICE QUOTED

i. Bid shall remain valid for duration of 6 calendar months from Bid submission date.

ii. Price quoted by the Bidder shall remain valid for duration of 6 calendar months from the
date of opening of bid.

iii. In exceptional circumstances, the Bank may solicit the Bidders’ consent to an extension
of the period of validity. The request and the responses thereto shall be made in writing.
A Bidder is free to refuse the request. However, any extension of validity of Bids or price
will not entitle the Bidder to revise/modify the RFQ.

iv. Once Purchase Order or Letter of Intent is issued by the Bank, the said price will remain
fixed for the entire Contract period and shall not be subjected to variation on any account.
A Bid submitted with an adjustable price quotation will be treated as non-responsive and
will be rejected.
12. BID INTEGRITY
10 | P a g e

Willful misrepresentation of any fact within the Bid will lead to the cancellation of the
contract without prejudice to other actions that the Bank may take. All the submissions,
including any accompanying documents, will become property of the Bank. The Bidders
shall be deemed to license, and grant all rights to the Bank, to reproduce the whole or any
portion of their Bid document for the purpose of evaluation and to disclose the contents of
submission for regulatory and legal requirements.

13. BIDDING PROCESS/OPENING OF TECHNICAL BIDS

i. All the technical Bids received up to the specified time and date will be opened for initial
evaluation on the time and date mentioned in the Schedule of Events. The technical Bids
will be opened in the presence of representatives of the Bidders who choose to attend the
same on portal of e-Procurement agency. However, Bids may be opened even in the
absence of representatives of one or more of the Bidders.
ii. In the first stage, only technical Bid will be opened and evaluated. Bids of such Bidders
satisfying eligibility criteria and agree to comply with all the terms and conditions specified
in the RFQ will be evaluated for technical criteria/specifications/eligibility. Only those Bids
complied with technical criteria shall become eligible for final price Bid opening and further
RFQ evaluation process.
iii. The Bank will examine the Bids to determine whether they are complete, required formats
have been furnished, the documents have been properly signed, and the Bids are
generally in order. The Bank may, at its discretion waive any minor non-conformity or
irregularity in a Bid which does not constitute a material deviation.
iv. Prior to the detailed evaluation, the Bank will determine the responsiveness of each Bid
to the RFQ. For purposes of these Clauses, a responsive Bid is one, which conforms to
all the terms and conditions of the RFQ in toto, without any deviation.
v. The Bank’s determination of a Bid’s responsiveness will be based on the contents of the
Bid itself, without recourse to extrinsic evidence.
vi. After opening of the technical Bids and preliminary evaluation, some or all the Bidders
may be asked to make presentations on the Service proposed to be offered by them.
vii. If a Bid is not responsive, it will be rejected by the Bank and will not subsequently be made
responsive by the Bidder by correction of the non-conformity.

14. TECHNICAL EVALUATION

i. Technical evaluation will include technical information submitted as per Annexure 4,

demonstration of proposed Services, reference calls and site visits, wherever required.
The Bidder may highlight the noteworthy/superior features of their Services. The Bidder
will demonstrate/substantiate all claims made in the technical Bid along with supporting
documents to the Bank.
ii. During evaluation and comparison of Bids, the Bank may, at its discretion ask the Bidders
11 | P a g e

for clarification on the Bids received. The request for clarification shall be in writing and no
change in prices or substance of the Bid shall be sought, offered or permitted. No
clarification at the initiative of the Bidder shall be entertained after bid submission date.

15. EVALUATION OF PRICE BIDS AND FINALIZATION

i. The envelope containing the price Bid(s), in format provided in Annexure 8 of only those
Bidders, who are short-listed after technical evaluation, would be opened.
ii. The Bidder will be selected as L1 based on net total of the price evaluation as quoted.

16. CONTACTING THE BANK

i. No Bidder shall contact the Bank on any matter relating to its Bid, from the time of opening
of final price Bid to the time, the Contract is awarded.
ii. Any effort by a Bidder to influence the Bank in its decisions on Bid evaluation, Bid
comparison or contract award may result in the rejection of the Bid.

17. RIGHT TO VERIFICATION

The Bank reserves the right to verify any or all of the statements made by the Bidder in
the Bid document and to inspect the Bidder’s facility, if necessary, to establish to its
satisfaction about the Bidder’s capacity/capabilities to perform the job.

18. WAIVER OF RIGHTS

Each Party agrees that any delay or omission on the part of the other Party to exercise
any right, power or remedy under this RFP will not automatically operate as a waiver of
such right, power or remedy or any other right, power or remedy and no waiver will be
effective unless it is in writing and signed by the waiving Party. Further the waiver or the
single or partial exercise of any right, power or remedy by either Party hereunder on one
occasion will not be construed as a bar to a waiver of any successive or other right, power
or remedy on any other occasion.

19. SUBCONTRACTING

As per scope of this RFQ, sub-contracting is not permitted.

20. BANK’S RIGHT TO ACCEPT ANY BID AND TO REJECT ANY OR ALL BIDS
12 | P a g e

The Bank reserves the right to accept or reject any Bid in part or in full or to cancel the
bidding process and reject all Bids at any time prior to contract award as specified in this
RFQ, without incurring any liability to the affected Bidder or Bidders or any obligation to
inform the affected Bidder or Bidders of the grounds for the Bank’s action.

21. APPLICABLE LAW

The Contract shall be interpreted in accordance with the laws of the Union of India and
shall be subjected to the exclusive jurisdiction of courts at Mumbai.

22. GOVERNING LANGUAGE

The governing language shall be English.

23. IBF – SCOPE OF WORK

i. Evaluation of Insurance needs of various assets/products/activities of the Bank,

customization, design and placement of Insurance policy.
ii. Insurance Broker would be functioning as a strategic consultant for SBI and
would be assisting the Bank in pre-placement, placement and post-placement of
Insurance policy.
iii. Facilitate insurer meetings and assist in negotiating the best price from the
insurer/insurers.
iv. Support for expeditious settlement of claims.
v. Assistance in claims SoP preparation, claims monitoring and periodic review.
vi. Validation and forecasting of additional coverage benefits.
vii. Recommendation and placement confirmation

24. MISCELLANEOUS

Except as modified under this RFQ, all other terms and conditions of EOI shall be
applicable for this RFQ.

Annexure - 1
13 | P a g e

List of SBI Empaneled IBFs

S. No. Name of the IBF

1 Marsh India Insurance Brokers Ltd.
2 Global Insurance Broker Pvt. Ltd.
3 Alliance Insurance Brokers Pvt. Ltd.
4 Prudent Insurance Brokers Pvt. Ltd.
5 K. M. Dastur Reinsurance Brokers Pvt. Ltd.
6 Edelweiss Insurance Brokers Pvt. Ltd.
7. Anand Rathi Insurance Brokers Pvt. Ltd.
8. United Insurance Brokers (India) Pvt. Ltd.

Annexure – 2
14 | P a g e

(i) List of Countries having Foreign Offices of SBI and Foreign subsidiaries

Name of
SL
FOs Name of Branches
UAE (Dubai DIFC Branch
1
Operations) Dubai
2 Australia Sydney
RBB
3 Bahrain
WBB Bahrain Bahrain
4 Bangladesh Dhaka Chittagong Gulshan Khulna
5 Belgium Antwerp
Surrey Vancouver
6 Canada
Toronto Brampton Mississauga Scarborough B.C. B.C.
7 China Shanghai
UK- London
8
Main Br London
13 Branches and
one Extension
counter- Retail
Operations,
London Retail
Branch,
Birmingham,
Coventry, East
Ham, Golders
UK- SBI UK
9 Green, Harrow,
Ltd. (Subs.)
Hounslow,
Illford, Leicester,
Manchester,
Southall,
Wolverhampton,
High
Commission of
India Extn
Counter
10 Germany Frankfurt
11 Hong Kong Hong Kong
12 Israel Tel Aviv
13 Japan Tokyo Osaka
South
14
Korea Seoul
FCBU
15 Sri Lanka
Colombo Colombo Kandy
15 | P a g e

14 Branches of
SBI Mauritius
Lltd.: Main
Branch- Port
Louis,
Mahebourg,
Rose Hill,
Curepipe,
Montagne
16 Mauritius
Blanche,
Rodrigues,
Ebene, Quarte
Bornes, Triolet,
Central Flacq,
Goodlands, Rose
Belle, Vacoas,
digital Intouch
Branch.
17 Myanmar Yangon
Seenu
18 Maldives
Male Hulhumale Hithdhoo Mamigili
19 Oman Muscat
Jurong Verdun Marine Ezy
20 Singapore
Cecil Street East Little India Ang Mo Kio Road Parade Remit
Los
21 US Ops
New York Angeles Chicago
South Durban
22
Africa Johannesburg Sub Office
23 India Gift City
Approx. 110
(Branches +
24 Nepal
extension
counters)

List of Foreign Subsidiaries

SBI Canada Bank SBI (Mauritius) Ltd
State Bank of India (UK) Ltd. Nepal SBI Bank Ltd
16 | P a g e

(ii) List of Subsidiaries

17 | P a g e

Annexure - 3

Cyber Insurance: Scope of Cover

Name of Insured: State Bank of India, including its domestic and foreign branches and
subsidiaries.

Communication Address: IT- Risk Mgmt. Dept., State Bank of India, Global IT Center, 4th
Floor, Tower 7, Railway Station Building, Navi Mumbai, PIN - 400 614, Maharashtra

Period of Insurance: One year

Limit: $ 100 Million USD (INR 79.51 Crore)

Deductible: INR 79.5 Lakhs, Time Excess – (BI Waiting Period – 4 hrs.)

Scope of Cover:

S. Item Explanation
No

Exposures to all networks, systems of
service providers, including third party cloud
or other hosted infrastructure under service
contract with SBI, all computer systems,
1 networks, applications and mobile apps
owned by SBI, leading to all or any kind of
losses to SBI including its domestic and
Computer system definition includes systems and
networks that are used in the provision of services
and are leased or made available by the third party
to the Insured or owned by Insured. Definition of
computer system augmented under current policy to
cover third party cloud or other hosted infrastructure
providers under a service contract with SBI. The
policy covers SBI & its subsidiaries including their
foreign and domestic branches.

foreign branches and subsidiaries.

The Policy is essentially a primary policy and, the

The policy shall be on Primary and Non- overlapping covers shall be picked up by the cyber
2
Contributory basis. policy if other applicable insurance covers are
exhausted.

Insuring Agreement to “pay on behalf of Insurer will pay damages and defence costs on
3
insured” instead of “Indemnity”. behalf of the Insured
18 | P a g e

S. Item Explanation
No

This refers to the first-party and third-party liability

Coverage of both first-party and third-party
4 cyber incidents. Cover to be available up to
full limits.
arising due to unauthorized access to the
Company’s Computer System or use or access of
the Company’s Computer System outside of the
scope of the authority granted by the Company and
unauthorized disclosure of information for which the
Insured is responsible.

Subcontractors to the extent that they are working

Insured definition to be extended to include:
for SBI are included as Insured under this definition.
-
The definition also has a provision wherein SBI can
a. Subcontractors working on behalf of add other entities as Insured under their policy
the Bank provided it is a contractual requirement and only if
5 b. Entities the Company is required by there is a claim on such entities for the wrongful acts
contract to add as an insured under of the bank. The scope of Insured is extended to
the policy, but only for the wrongful include any entity becoming a subsidiary during the
acts of the Company. policy period.
c. Include any entity which becomes a
Subsidiary during the Policy Period
Computer system definition includes systems and
networks that are used in the provision of services
Computer Systems definition to not only
and are leased or made available to the Insured. To
include insured’s own systems but also
6 broaden the scope of cover, the definition also
systems made available, leased/licensed by
includes hosted computer infrastructure or
the insured
computing platforms within the definition of
‘computer systems’

Cover for Network, Application and Mobile
App Security Liability – Key policy triggers:
Unauthorized access or use, Denial of
Service Attack, Distributed DOS, Denial of
Access, transmission of malicious code, theft
of passwords or network codes, data breach
7 or leak, Hacking attempts, remote
connectivity / VPN attacks, malware
infection, cyber extortion demand,
ransomware, social engineering attacks,
business email compromise, state sponsored
cyber-attacks or hostile or act of war cyber-
attacks.
The clause covers liability arising on the Insured due
to an act, error or omission of the Insured which
results in transmission of malicious code, Distributed
DOS, denial of access to an authorized third party,
destruction, modification, corruption, deletion of
third-party data, hacking attempts, remote
connectivity / VPN attacks, malware infection, cyber
extortion demand, ransomware, social engineering
attacks, business email compromise, state
sponsored cyber-attacks or hostile or act of war
cyber-attacks..

Cover for Regulatory Investigations for actual Covers cost of legal advice and representation
8 or alleged breach of Data Protection Laws arising from investigations, audit or inquiry on
across the world.
19 | P a g e

S. Item Explanation
No

use/misuse of personal information or other related

activity pertaining to Data protection law

Cover for Regulatory Fines and Penalties for Coverage for fines & penalties levied by a regulator
9 breach of Data Protection Laws/Data Privacy arising out of a possible data breach or privacy
– Wherever insurable by law. breach which are insurable by law

Professional Fees of forensic cyber risk specialists

for the purpose of substantiating whether a
Cover for Pro-Active Forensic Costs – The
Qualifying Breach of Data Security has occurred/is
10 cover to trigger even in the case of suspected
occurring and identifying the cause of the breach
events
and for making recommendations as to how this may
be prevented or mitigated

Cover for Public Relations Consultants Fees Reasonable costs and fees incurred to appoint PR
11 – Incurred for either the Company or Insured firm to manage newsworthy event
Persons

Coverage for reasonable costs and professional

Cover for Notification Costs – Trigger for not
fees to notify data subjects of breach of personal or
12 only notifications mandated by law but also
corporate information & breach of data protection
voluntary notifications
law

Professional fees to appoint an agency to run

Cover for Credit Monitoring Services to avoid
13 credit monitoring for possible misuse of
possible misuse of compromised data
compromised personal information

Cover for restoration/recreation of Electronic
Data – Trigger for both Bank and Third-Party
14 Data, expenses incurred in rewriting of
software/operating systems. Cover to be
amended to increase the scope of cover.
Cover for Multimedia Liability – Liability from
Libel and Slander or harm to the reputation
or character of organization or any person,
15
infringement of copyright, domain name,
title, or slogan, trademark, service mark,
service name, or trade name.
Professional Fees to determine whether data held
by the company including data held on behalf of third
party can be recreated, recreate including
reasonable expenses of the agencies to reload
software operated by the company
Cover for claims by third parties against the
Insured solely in the performance of multimedia
activities (publication or broadcast of any digital
media content) arising out of unintentional IPR
infringement, Defamation, Plagiarism, invasion of
privacy, unfair competition and Insured’s
negligence towards digital media content as
mentioned in the policy.

Cover for Cyber Extortion – Cover to include Coverage for ransom monies provided along with
16 but not limited to ransom payments made the cost of engaging cyber extortion advisor
through ‘Crypto Currencies or the like’ covered
20 | P a g e

S. Item Explanation
No

Emergency costs during the first 48 hours of a

Costs cover in the event of Crisis
Management Expenses like Forensic
17 advisory, Media Liability, PR Expenses,
Notifications, Data Reconstitution & Legal
expenses.
Qualifying Breach of Data Security without the
prior consent of the Insurer can be incurred if the
Qualifying Breach of Data Security is deemed an
emergency by the Insured’s privacy, security and
compliance organisation and General Counsel or
CEO or CFO.

Cover for Business Interruption caused by Insurer will pay to the Insured any Loss (reduction
breach of Network Security, application, and in net profit earned by the company) arising out of
network security, application and mobile app in
Mobile app. respect of a Material Interruption that the Bank
18 incurs.
a. Period of Cover – 120 Days
b. Termination of Cover – Upon
restoration of Insured’s
Business Operations.
Control group established comprising of CRO,
CISO, CIO, CCO or any other holder of equivalent
19 Control Group Clause position. Unless & until the control group comes to
know about the event, obligation to notify insurance
company does not commence.

Policy cover seamlessly extended to subsidiaries

added during the policy period, if the fee income of
New subsidiaries cover – threshold of 25% of
20 the subsidiary does not exceed 25% of the Insured’s
the Insured’s revenues
declared fee income for the most recent financial
year

Cover for Fund Transfer Fraud – Sub limited Covers direct financial loss resulting from the theft of
to 75% of Limit of Liability. the company’s funds or customers funds as a result
of hacking of Company’s computer systems by a
21 · Trigger for pecuniary losses of Insured third party that results in fraudulent Electronic
arising from hacking of computer systems or Instructions directing to debit, transfer, pay or deliver
fraudulent e-communications funds.

War and terrorism is a standard exclusion which

War and terrorism Exclusion amended to
22 is amended to provide a carve back for cyber
cover for Cyber Terrorism.
terrorism

Policy should not have any separate infrastructure

23 No Infrastructure exclusion exclusion except for utility outage which is beyond
the control of SBI with relevant carve backs.
21 | P a g e

S. Item Explanation
No

Cover for assessment cost in case any written

demand is received from a Card Association or
24 PCI DSS Assessment Endorsement
Acquiring Bank to assess the Insured’s compliance
with PCI DSS standards

Definition of ‘damages’ under base policy modified

Damages’ to include non-compensatory
to include punitive, multiple, exemplary damages to
25 damages, including punitive, multiple,
the extent that they are insurable under applicable
exemplary damages where insurable by law.
laws.

Any specific exclusion precluding cover for alleged

26 Unauthorized Data’ exclusion to be deleted. illegal collection of third-party data deleted under the
policy should not be there

Cover would only cede on a final adjudication

Policy to cover fraudulent/dishonest acts of
awarded against the Insured by a court, tribunal or
27 employees except where employees collude
regulator, thereby according continuous coverage
with directors and officer of the company
for all claim redressal.

Waiver of subrogation -wherever required by Policy is amended to waive off insurance company’s
28
written contract subrogation rights, if required by written contract

Reward expenses cover to award a person who has

29 Cover for Reward Expenses. Sublimit 20%
given a tip-off to the Insured about a potential breach

120 days buffer provided to the Insured for reporting

30 Extended Reporting period of 120 Days
claims, in case of non-renewal of current policy

Policy is non-cancellable except in the case Policy cannot be cancelled on any grounds, except
31
of non-payment of premium. in case of non-payment of premium by the Insured

No claim payout under the policy if it exposes Insurer

32 Sanctions Endorsement to any sanction, prohibition or legal restriction.
Standard exclusion applied by Insurers worldwide

Reasonable costs and fees incurred to appoint PR

33 Repair of Company’s Reputation firm to manage newsworthy event against an
insured entity

Reasonable costs and fees incurred to appoint PR

34 Repair of Individual Reputation firm to manage newsworthy event against an
Insured person

Provision for Individual Identity Theft Insurance

Credit and Monitoring amended to include ID policy added, to be offered to affected data
35
Theft insurance subjects whose personal data has been
compromised
22 | P a g e

S. Item Explanation
No

For the purpose of Multimedia liability, definition

Defense Costs to include defense cost
of ‘defence costs’ amended so that no prior
36 incurred for Multimedia Liability without
consent has to be taken from the insurer for
Insurer’s prior written consent
defence costs incurred

Professional Fees to include costs incurred If the incident is deemed to be an emergency,

during the first 48 hours of a Qualifying Insured can incur professional fees during the first
37
Breach of Data Security without the prior 48 hours without taking insurer’s consent and the
consent of the insurer. insurer will give backdated approval for such costs.

Any specific exclusion precluding cover for alleged

No Unauthorized or unlawfully collected data illegal collection of third-party data deleted under the
38 policy should not be there
exclusion

Insurer’s consent is amended to waive off Insurer’s consent clause is modified so that Insured
consent for defense costs incurred for has the right to settle losses below amount of
Multimedia Liability; for any claim where the retention specified under the policy.
total claim value including defense costs and
39
damages combined, is less than 100% of any
applicable Retention, the Insured may settle
the claim without the written consent of the
Insurer.

As per policy conditions, the Insurer may make any

settlement of any claim it deems expedient with
respect to any Insured. If any Insured withholds
Insured’s consent is amended to include 50% consent to such settlement, the Insurer’s liability for
of loss incurred after the date of such refusal all Loss on account of such Claim or Insured Event
(including 50% of the Defense Costs incurred shall not exceed the amount for which the Insurer
40 with the insurer’s prior written consent); this could have settled such Claim or Insured Event, plus
provision shall not apply to any settlement Defence Costs incurred as of the date such
where the total incurred Loss does not settlement was
exceed the applicable Retention amount. proposed in writing by the Insurer plus 50% of loss
after Insured’s refusal (including 50% of the Defense
Costs incurred with the insurer’s prior written
consent)

Subrogation and Recovery is amended to Policy is amended to waive off insurance company’s
include following: “Notwithstanding the subrogation rights, if required by written contract
41 foregoing, where the Insured agrees in a
contract or agreement to waive the Insurer’s
rights of subrogation against another party,
and that contract or agreement is entered into
23 | P a g e

S. Item Explanation
No

prior to any wrongful act by such other party,

the Insurer’s rights of subrogation against
such other party shall be waived.”

Exclusion precluding cover arising out of any act that

42 No Criminal acts exclusion a court or tribunal deems to be criminal, is deleted
under the policy

No claim payout under the policy if it exposes Insurer

43 OFAC Sanctions Endorsement to any sanction, prohibition or legal restriction.
Standard exclusion applied by Insurers worldwide

Exclusion precluding cover arising out of any

intentional, deliberate or reckless act by Bank’s
44 Intentional Acts exclusion deleted
officer, director, principal etc, is deleted under the
Policy

Exclusion precluding cover arising out of any data

45 Data risk exclusion deleted materially different in quality, sensitivity as disclosed
in any proposal, deleted under the Policy

Exclusion precluding cover arising out of any

46 Unsolicited material exclusion deleted unsolicited mail, wire-tapping, recording etc, is
deleted under the Policy.

Policy cover seamlessly extended to subsidiaries

added during the policy period, if the fee income of
47 Auto Acquisition – 25% the subsidiary does not exceed 25% of the Insured’s
declared fee income for the most recent financial
year

Qualifying breach of corporate information Coverage broadened to include any unauthorized

amended to include any unauthorized disclosure or transmission of corporate information
48
disclosure of corporate information by
insured

Coverage for reasonable costs and professional

Special Excess for Notification expenses sub
49
limited to USD 2,000,000 in aggregate.
fees to notify data subjects of breach of personal or
corporate information & breach of data protection
law. Policy includes notification expenses up to full
policy limit

Any inflation in the telephone bill of the Insured as a

Phreaking telecall expenses sub limited to
50 result of unauthorized calls being made due to
USD 500,000
infiltration by hacker will be covered
24 | P a g e

S. Item Explanation
No

Network, application and mobile app security cover

Network, application, and mobile app security
51 includes transmission of malicious code including
failure due to logic bomb to be covered
logic bomb.

Policy to respond to required forensic, monitoring,

52 Post breach remediation cost
notification cost.

Covers direct financial loss resulting from the theft of

the company’s funds or customers funds as a result
53 Theft of funds held in escrow
of hacking of Company’s computer systems by a
third party

Covers direct financial loss resulting from the theft of

the company’s funds or customers funds as a result
Theft of personal funds of directors and of hacking of Company’s computer systems by a
54
officers third party that results in fraudulent Electronic
Instructions directing to debit, transfer, pay or deliver
funds.

For the purpose of Multimedia liability, definition

Defense Costs to include defense cost
of ‘defence costs’ amended so that no prior
55 incurred for Multimedia Liability without
consent has to be taken from the insurer for
Insurer’s prior written consent
defence costs incurred

ATM/POS/Other digital channels like Mobile Current Policy under Fraudulent Fund Transfer
Banking, UPI, Internet Banking, Yono, covers financial loss by theft of Bank’s funds or its
transaction acquiring devices, SWIFT customer’s funds due to hacking of, intrusion in
56
Network Frauds and any other digital channel Bank’s computer systems.
through which the Bank starts its banking
services.

The Insurer may make settlement of any claim it

deems expedient with respect to any Insured. If any
Insured withholds consent to such settlement, the
Insurer’s liability for all Loss on account of such
Claim or Insured Event shall not exceed the amount
Insured’s consent is amended to include 50% for which the Insurer could have settled such Claim
57 of loss incurred after the date Territory and or Insured Event, plus Defence Costs incurred as of
Jurisdiction: Worldwide the date such settlement was
proposed in writing by the Insurer plus 50% of loss
after Insured’s refusal (including 50% of the Defense
Costs incurred with the insurer’s prior written
consent)
25 | P a g e

S. Item Explanation
No

Computer system definition broadened to include

58 Policy to take cognizance of BYOD risk any employee ‘Bring Your Own Device’ used to
access data

Credit monitoring cover to included cost of

Credit expense cover to be inclusive of end
59 customer credit as per the agreement between
user credit costs of cover.
Insured and insurer

Relevant insuring clauses to be covered which is

60 Trading losses Third party liability carve back
arising out of third party trading losses

Third party definition to be amended to Arm’s length wording in the base policy amended to
61
remove people of influence afford broader coverage

Modus operandi of attack should also include all

Policy to provide cover for all types of Social
62 types of social engineering attack and relevant
engineering modus
insuring clauses under the policy should trigger

Professional Fees for recreation, recollection,

Electronic data to include electronic data
63 restoration of data due to both security failure and
incident cover
system failure

Newsworthy Event to broadened to bring a Newsworthy event to include Material Interruption

64
wider plethora of sub triggers or Extortion Threat.

Network loss in respect of unplanned outage of a

Network interruption to be broadened in order computer system or system failure resulting in
65
to make it reactive to systemic failure material interruption of service that an insured
incurs after waiting hours period

All reasonable expenses incurred in engaging

Post Crisis Mental Support expenses.
66 psychologist services, in connection with a covered
Sublimit 20%.
claim accorded

Professional Fees of forensic cyber risk specialists

Forensic services cover to be amended to for the purpose of substantiating whether a
bring in data identification costs, Qualifying Breach of Data Security has occurred/is
67
mitigation/containment costs and change of occurring and identifying the cause of the breach
records costs. and for making recommendations as to how this may
be prevented or mitigated

The extra expense and lost income resulting from a

voluntary and intentional shutdown of a computer
Business interruption due to voluntary
68 system by the insured to limit the cyber business
shutdown
interruption income loss and cyber extra expenses
that would otherwise be incurred.
26 | P a g e

Other conditions:
Reinsurers security – All placements to be backed by A and above rated security (Reinsurers
name to be submitted). We will accept AM Best or S & P.

Disclosure: No previous claim history.

 Annexure - 4

Technical Bid Format with Checklist

Please note: Bidders meeting the following criteria are eligible to submit their Bids along with
supporting documents. If the Bid is not accompanied by all the required documents supporting
eligibility criteria, the same would be rejected.

S. Criteria Minimum Document to be Whether

No. Requirements submitted Submitted?
Yes/No
1. GWP for corporate Greater than 75 Cr. Certificate from Chartered
business in FY Accountant of repute for FY
2021-22 2020-21
2. GWP for Cyber Greater than 15 Cr Certificate from Chartered
Insurance Accountant of repute for FY
placement for FY 2020-21
2021-22
3. Team size - No. of Greater than or equal to Certificate from Compliance
cyber Insurance 3 Dept. of the IBF or
specialists Company Secretary
engaged in Cyber
Insurance
placements. (BQP
certification
mandatory)
4. Details of Cyber BFSI: 5 policies Certificate from Compliance
Insurance policies Non-BFSI – 5 policies Dept. of the IBF or
placed (Data for BFSI/Non- Company Secretary along
BFSI to be given, no with list of entities
benchmarking)
5. No. of Cyber Claim Data for FY Certificate from Compliance
incidents handled 2021-22 Dept. of the IBF or
(Incl. 2020-21 Company Secretary
circumstances)
6 No. of Cyber Claim (Data for FY Certificate from Compliance
incidents handled 2021-22 Dept. of the IBF or
in BFSI segment 2020-21 Company Secretary
(Incl.
circumstances)

Name & Signature of authorized signatory

Seal of Company
1|Page

Annexure – 5

GLOSSARY

S. No. ACRONYMS EXPANSION

1 USD United States Dollar
2 BI Business Interruption
3 PR Public Relations
4 PCI DSS Payment Card Industry Data Security Standard
5 OFAC Office of Foreign Assets Control
6 SWIFT Society for Worldwide Interbank Financial
Telecommunication
7 BYOD Bring Your Own Device
8 GWP Gross Written Premium
9 GST Goods and Services Tax
10 IRDAI Insurance Regulatory and Development Authority
2|Page

Annexure – 6

(Pre-bid Query Format)

IBF Sl. RFP RFP Existing Query/Suggestions

Name No Page No Clause No. Clause
 3|Page

Annexure – 7

BID FORM (TECHNICAL BID)

[On Company’s letter head]

(To be included in Technical Bid Envelope)

Date: ______________

To:

Deputy General Manager

IT- Risk Mgmt. Dept.
State Bank of India,
4th Floor, Tower 7, Railway Station Building,
Navi Mumbai
PIN - 400 614, Maharashtra

Dear Sir,

Ref: ETA/RFP/2022-23/26

We, ______________________ (name of IBF), hereby confirm that our bid conforms to all the
proposed terms, conditions of this RFQ including but not limited to proposed covers, additional
covers, limits of insurance, deductibles, additional clauses as mentioned in the Annexure 3.

We have examined the above RFQ, the receipt of which is hereby duly acknowledged and
subsequent pre-bid clarifications/ modifications / revisions, if any, furnished by the Bank and we
offer to provide Services detailed in this RFQ. We shall abide by the terms and conditions spelt
out in the RFQ. We shall participate and submit the commercial Bid online to be facilitated by
the Bank’s authorized service provider, on the date advised to us.

i. While submitting this Bid, we certify that:

▪ The undersigned is authorized to sign on behalf of the Bidder and the necessary support
document delegating this authority is enclosed to this letter.
 4|Page

▪ Indicative prices submitted by us have been arrived at without agreement with any other
Bidder of this RFQ for the purpose of restricting competition.
▪ The indicative prices submitted by us have not been disclosed and will not be disclosed
to any other Bidder responding to this RFQ.
▪ We have not induced or attempted to induce any other Bidder to submit or not to submit
a Bid for restricting competition.
▪ We have quoted for all the services/items mentioned in this RFQ in our indicative price
Bid.
▪ The rate quoted in the indicative price Bids are as per the RFQ and subsequent pre-Bid
clarifications/ modifications/ revisions furnished by the Bank, without any exception.
ii. We undertake that, in competing for (and, if the award is made to us, in executing) the above
contract, we will strictly observe the laws against fraud and corruption in force in India namely
“Prevention of Corruption Act 1988”.

iii. We undertake that we will not offer, directly or through intermediaries, any bribe, gift, consideration,
reward, favor, any material or immaterial benefit or other advantage, commission, fees, brokerage or
inducement to any official of the Bank, connected directly or indirectly with the bidding process, or to
any person, organization or third party related to the contract in exchange for any advantage in the
bidding, evaluation, contracting and implementation of the contract.

iv. We undertake that we will not resort to canvassing with any official of the Bank, connected directly
or indirectly with the bidding process to derive any undue advantage. We also understand that any
violation in this regard, will result in disqualification of bidder from further bidding process.

v. It is further certified that the contents of our Bid are factually correct. We have not sought any
deviation to the terms and conditions of the RFQ. We also accept that in the event of any
information / data / particulars proving to be incorrect, the Bank will have right to disqualify us
from the RFQ without prejudice to any other rights available to the Bank.

vi. We certify that while submitting our Bid document, we have not made any changes in the
contents of the RFQ document, read with its amendments/clarifications provided by the Bank.

vii. We agree to abide by all the RFQ terms and conditions which shall remain binding upon us.

viii. Till execution of a formal contract, the RFQ, along with the Bank’s notification of award by way
of issuance of purchase order and our acceptance thereof, would be binding contractual
obligation on the Bank and us.
 5|Page

ix. We understand that you are not bound to accept the lowest or any Bid you may receive and you
may reject all or any Bid without assigning any reason or giving any explanation whatsoever.

x. We hereby certify that our name does not appear in any “Caution” list of RBI / IBA or any other
regulatory body for outsourcing activity.

xi. We hereby certify that on the date of submission of Bid for this RFQ, we are not under any
debarment/blacklist period for breach of contract/fraud/corrupt practices by any Scheduled
Commercial Bank/ Public Sector Undertaking/ State or Central Government or their
agencies/departments.

xii. We hereby certify that we have read the clauses contained in O.M. No. 6/18/2019-PPD, dated
23.07.2020 order (Public Procurement No. 1), order (Public Procurement No. 2) dated
23.07.2020 and order (Public Procurement No. 3) dated 24.07.2020 regarding restrictions on
procurement from a bidder of a country which shares a land border with India. We further certify
that we are not from such a country or if from a country, has been registered with competent
authority. We certify that we fulfil all the requirements in this regard and is eligible to participate
in this RFQ.

xiii. If our Bid is accepted, we undertake to enter into and execute at our cost, when called upon by
the Bank to do so, a contract in the prescribed form and we shall be solely responsible for the
due performance of the contract.

xiv. We, further, hereby undertake and agree to abide by all the terms and conditions stipulated by
the Bank in the RFQ document.

Dated this ....... day of ............................ 2022

______________________________________________________________

(Signature) (Name)

(In the capacity of)

Duly authorised to sign Bid for and on behalf of

______________________________________Seal of the company.

6|Page

Annexure – 8

Final Price Bid

The final Price Bid needs to contain the information listed hereunder in a sealed envelope bearing
the identification– “Final Price Bid for Premium of Cyber Insurance for a period of one year”.

Name of the Bidder:

S. No. Type of services / Items Total amount in Rs.
1. Premium for Cyber Insurance exclusive of all
taxes
Total Cost

Breakup of Taxes and Duties

S. No. Name of activity/services Tax 1 Tax 2 Tax 3

Mention Name of Tax

GST%
1.
Grand Total

Name & Signature of authorized signatory

Seal of Company

Please note:

1. Net premium quoted should be valid for a period of 6 calendar months and inclusive of
maximum brokerage as stipulated by IRDAI.