Insurance for Startups & New Economy

ONDC Network Participant Liability: Insuring Seller Apps, Buyer Apps and Logistics Players Across the Transaction Level Contract

ONDC splits a single retail order across a buyer app, a seller app and a logistics participant, each bound by the Network Participant Agreement and a per-order Transaction Level Contract. This post maps where each participant's liability actually sits, how product, third-party and tech errors-and-omissions cover should be allocated across the chain, and the certificate-of-insurance discipline brokers placing these risks need.

Sarvada Editorial TeamInsurance Intelligence
6 min read

Listen to this article

Audio version • 6 min read

ondcnetwork-participantproduct-liabilitytransaction-level-contracte-commercelogisticsstartups-new-economy-insurance

Last reviewed: June 2026

How ONDC unbundles a single order into separate legal parties

The Open Network for Digital Commerce (ONDC) changes the shape of an e-commerce transaction in a way that matters directly for liability placement. Where a traditional marketplace is one platform that owns buyer discovery, the seller relationship and often the delivery, ONDC unbundles e-commerce into Buyer Network Participants and Seller Network Participants, each connecting through separate apps and carrying distinct buyer-facing or seller-facing responsibilities.

The practical consequence is that one order a customer experiences as a single purchase is, in legal terms, a chain of separate parties: the buyer app that surfaced the listing and took the order, the seller app (or seller-side platform) that represents the merchant, and a logistics participant that moves the goods. A broker who treats an ONDC participant like an ordinary online retailer will misjudge where the exposure sits, because the participant is responsible for its own slice of the transaction, not the whole of it.

For a broker advising any of these startups, the first task is to place the client correctly in the chain. A buyer app's risk profile is dominated by the platform and advisory functions it performs, a seller app sits closer to product and fulfilment representations, and a logistics participant carries goods-in-transit and delivery exposure. The insurance stack follows from that placement, not from a generic e-commerce template.

The Network Participant Agreement and the per-order Transaction Level Contract

Two contractual layers govern an ONDC participant, and the difference between them is where liability allocation lives.

The first layer is persistent. Network Participants have a continuing legal relationship with ONDC through the Network Participant Agreement and the Network Policy, the terms on which a participant is admitted to and operates on the network. This is the standing rulebook: it sets out conduct obligations, technical conformance and the participant's general responsibilities to the network and to other participants.

The second layer is per-transaction. Each order is governed by a digital Transaction Level Contract (TLC) formed between the participating apps for that specific order. The TLC is where the obligations of the buyer app, seller app and logistics participant for a single transaction are fixed, who promised what, who is responsible if the goods are defective, late or undelivered.

Mapping the exposure: product, third-party and tech errors-and-omissions

Once the client's place in the chain is fixed, the exposure map follows.

Seller-side participants

A seller app and the merchants it represents sit closest to product liability. If goods sold through the network cause injury or property damage, the claim attaches to the party that put the product into the stream of commerce. A seller-side participant needs product liability cover sized to the categories it carries, and the broker should confirm whether the participant is acting as a principal or purely as a technology conduit, because that distinction shapes how a claimant and an insurer will treat it.

Buyer-side and platform participants

A buyer app's exposure is more about the platform and advisory functions: errors in how listings, prices or order details are surfaced, failures in the digital service it provides, and the professional and technology obligations it owes. This is professional indemnity and technology errors-and-omissions territory, covering financial loss caused by a defect in the service rather than physical injury from a product.

Logistics participants

A logistics participant carries goods-in-transit and delivery exposure, loss of or damage to consignments and the third-party liability that movement creates. Carriers and transit covers respond here.

Across all three, third-party liability runs as a common thread, because each participant can cause loss to a customer or to another participant in the chain. The structuring question is not whether each party needs cover, but how the covers interlock so a multi-party loss does not fall into a gap between three separately bought policies.

Issue and Grievance Management and the multi-party claim

ONDC's design anticipates that a single order can go wrong across several parties, and it routes the resulting disputes through a defined channel rather than leaving the customer to chase each app separately.

Disputes involving multiple parties, the buyer app, the seller app and the logistics participant, are routed through ONDC's standardised Issue and Grievance Management (IGM) framework, which is designed to comply with India's Consumer Protection Act. For a broker, the IGM framework is significant because it produces a structured record of where a complaint originated, which party is alleged to be at fault, and how the issue was escalated.

That record is exactly what a liability insurer will want when a grievance hardens into a claim. A participant that can show, through the IGM trail and the relevant Transaction Level Contract, which party carried the obligation for the failed element of the order is in a far stronger position than one relying on after-the-fact reconstruction.

Certificate-of-insurance discipline across the participant chain

Because an ONDC order depends on parties a participant does not control, the most useful risk-transfer tool is often not the client's own policy but proof that the other participants in the chain are insured.

This is where certificate-of-insurance discipline becomes central. A seller app that relies on independent merchants, or a buyer app that depends on third-party logistics, should require and verify certificates confirming that those counterparties hold the relevant product, transit or liability cover, with sums insured and scope that match the exposure they introduce. Without that discipline, a participant can find itself the only insured party standing when a multi-party loss crystallises, absorbing a loss that contractually belonged elsewhere.

A workable broker checklist for an ONDC participant runs as follows:

  1. Fix the client's position in the chain (buyer app, seller app or logistics participant) before selecting cover.
  2. Read the Network Participant Agreement and the standard Transaction Level Contract to see how liability is allocated order by order.
  3. Match the insurance stack to that allocation: product liability for seller-side goods, professional indemnity and technology errors-and-omissions for platform and service failures, and transit and carriers cover for logistics.
  4. Verify certificates of insurance from counterparties whose failures would otherwise land on the client.
  5. Preserve the IGM and Transaction Level Contract record for every disputed order as claims evidence.

Getting this right depends on reading the actual wordings, how a product liability or professional indemnity policy defines the insured's activity, where its exclusions bite, and whether it responds when the loss originated with another participant. Sarvada gives commercial insurance brokers structured, searchable access to insurer policy wordings and the intelligence around them, so an ONDC liability programme can be built on what the policies actually say rather than on assumptions about how the chain behaves. Request Access to place network-participant risks with that level of wording detail at hand.

Frequently Asked Questions

Why can't an ONDC participant be insured like an ordinary online retailer?
Because ONDC unbundles a single order into separate legal parties rather than one platform owning the whole transaction. A buyer app, a seller app and a logistics participant each carry only their own slice of the order, governed by the Network Participant Agreement and a per-order Transaction Level Contract. A broker who applies a generic e-commerce template will misjudge where the exposure sits, since a buyer app's risk is dominated by platform and service functions, a seller app sits closer to product and fulfilment, and a logistics participant carries transit and delivery exposure. The cover must follow the client's specific position in the chain.
What is the difference between the Network Participant Agreement and the Transaction Level Contract?
The Network Participant Agreement, together with the Network Policy, is the standing rulebook that creates a participant's persistent legal relationship with ONDC, setting out conduct obligations, technical conformance and general responsibilities to the network. The Transaction Level Contract is different: it is a digital contract formed between the participating apps for each individual order, fixing who promised what and who is responsible if the goods are defective, late or undelivered. A broker needs both because the standing agreement sets general duties while the per-order contract allocates responsibility transaction by transaction, and the insurance programme should mirror that allocation.
How should product, professional indemnity and transit cover be split across the chain?
Allocation follows each participant's function. A seller-side participant and the merchants it represents sit closest to product liability, because they put goods into the stream of commerce, so product liability cover sized to the categories carried is the priority. A buyer app's exposure is platform and service failure, errors in how listings, prices or orders are handled, which is professional indemnity and technology errors-and-omissions territory. A logistics participant needs goods-in-transit and carriers cover for loss or damage to consignments and the third-party liability that movement creates. The covers should interlock so a multi-party loss does not fall into a gap between three separately bought policies.
Why does certificate-of-insurance discipline matter so much for ONDC startups?
Because an ONDC order depends on parties the client does not control, so proof that those counterparties are insured is often the most useful risk-transfer tool. A seller app relying on independent merchants, or a buyer app depending on third-party logistics, should require and verify certificates confirming the relevant product, transit or liability cover, with sums insured and scope matching the exposure each counterparty introduces. Without that discipline, a participant can become the only insured party standing when a multi-party loss crystallises, absorbing a loss that contractually belonged to another participant in the chain. Verified certificates keep the loss where it should fall.

Related Glossary Terms

Related Insurance Types

Related Industries

Related Articles

Sarvada

Ready to see Sarvada in action?

Explore the platform workflow or start a product conversation with our underwriting automation team.

Explore the platform