The enforcement wave that turned a hygiene problem into an insurance problem
Through 2025 and into 2026, Indian food regulators stopped treating dark stores as invisible back-end warehouses and started inspecting them like the food businesses they are. In mid-2025 the Maharashtra FDA suspended the food licence of Zepto's Dharavi dark store after finding fungal growth, expired stock that had not been discarded, and edible goods stored next to stagnant water on damp floors. The suspension was later revoked after a re-inspection, but the licence had already stopped for a window. Around the same period the GHMC ran an inspection drive across dozens of dark stores in Hyderabad, drew product samples, and issued notices to warehouses operated by platforms including Zepto, Blinkit, Swiggy Instamart, BigBasket and Amazon Fresh for issues such as pest infestation, food handlers without medical fitness certificates, and food stored alongside non-food items. Through 2026 there have been further reports of FSSAI-flagged products surfacing on quick-commerce listings, and FSSAI has issued notices over spoiled food and missing best-before dates.
For a risk manager, the change is not the hygiene lapse. It is that a state FDA can now suspend the food-business licence of a single node, condemn the stock inside it, and trigger consumer claims, all from one inspection. Most quick-commerce insurance programmes were built around fire, burglary and refrigeration breakdown on the property side. None of those covers respond when the loss is a licence suspension, a regulator-ordered withdrawal, or an illness claim. That gap is the subject of this post.
Why the inventory-led model put the platform on the hook
The placement question turns on who is the food-business operator (FBO) and seller of record. When quick commerce ran as a pure marketplace, the platform could argue it was an intermediary connecting a buyer to a third-party seller, and push food-safety liability down to the brand or local FBO. That argument has weakened sharply.
From late 2025 Blinkit shifted to an inventory-led model, buying directly from brands and holding stock in its own dark stores, with most order value reported to flow through this first-party route where the platform is the legal seller. Under Section 26 of the Food Safety and Standards Act 2006, every FBO that stores or distributes food carries a positive duty to ensure it is safe and not misbranded. When the platform owns the inventory and is the seller of record, that duty lands squarely on the platform, not a distant brand.
This matters for three coverages at once:
- Product liability: the platform, as seller, can be named as a product seller under the Consumer Protection Act 2019, which recognises manufacturing, design and warning defects and lets injured consumers sue sellers, not only manufacturers.
- Product recall: as the FBO holding stock, the platform may itself be the entity that must initiate a withdrawal under the Food Safety and Standards (Food Recall Procedure) Regulations 2017.
- Business interruption: a licence suspension shuts the node, and the resulting loss of margin is a financial, not a physical, loss.
Brokers should ask the client to map, store by store, which entity holds the FSSAI central licence and appears as seller of record. A mixed estate where some nodes are marketplace and some are inventory-led needs the liability programme drafted to the worst case, because the platform brand is sued in the court of public opinion, and increasingly in the consumer forum, regardless of which back-end model technically applied to the order.
What the existing property and cold-chain policy actually pays for
Before selling new cover, a broker should be precise about what the in-force programme does and does not reach. Quick-commerce operators typically carry a standard fire and special perils policy or a Bharat Sookshma/Laghu Udyam wording on the building, fixtures and stock, plus a deterioration-of-stock or refrigeration-breakdown extension for the cold rooms, and a burglary section.
Those sections respond to physical damage to the insured stock. If a freezer compressor fails and the frozen stock spoils, the deterioration-of-stock extension answers, subject to its breakdown trigger and sub-limit. If a fire condemns the inventory, the fire section answers. So far, so familiar.
Now take the three dark-store scenarios that actually generated headlines:
- The FDA finds fungal contamination and suspends the licence. The stock is physically intact, just unsaleable and condemnable on hygiene grounds. There is no fortuitous physical damage to insured property, so the fire and deterioration sections do not engage.
- A consumer falls ill after eating a product bought from the dark store and claims against the platform. This is third-party bodily injury, a liability head the property policy explicitly excludes.
- The platform pulls a contaminated batch across several cities under the 2017 recall regulations and books the cost of retrieval, customer refunds and destruction. None of that is damage to insured property.
In each case the property programme is silent. The exposure has migrated to liability, recall and the financial-loss extensions, which on most q-comm accounts are either absent or carry sub-limits set for a marketplace, not an inventory-owning seller. That silence is the coverage gap a good broker surfaces before a loss, not after.
Product liability and the Consumer Protection Act exposure
Product liability is the foundation cover here, and the Consumer Protection Act 2019 is what makes it bite. The Act created a statutory product-liability action and brought product sellers, not only manufacturers, into scope. A quick-commerce platform that owns and sells the stock is exposed as a seller, and in some configurations as a deemed FBO, for defects that cause consumer harm.
The practical risk is not a single claim. It is aggregation. A contamination event in one batch sold from one dark store can reach hundreds or thousands of consumers in a single afternoon because that is exactly what quick commerce is built to do. A product-liability policy structured for a manufacturer with a slow retail distribution curve will have per-occurrence and aggregate limits set for a different claim shape. Brokers should pressure-test the aggregate against a realistic mass-illness scenario, not a single named claimant.
Key wording points to check on the product-liability section:
- Definition of insured and seller: confirm the platform entity, and any group FBO entity, are named insureds, and that vendor-liability or seller's-interest language is present.
- Bodily injury and consequential financial loss: confirm illness, allergic reaction and food-poisoning claims are within the injury definition and not carved out.
- Defence costs: confirm they are in addition to the limit where possible, because mass food-claim defence erodes the limit fast.
- Recall costs: standard product liability usually excludes the cost of recalling the product itself. That is the precise point where recall cover takes over.
For a national platform distributing food across modern channels, market practice suggests carrying product-liability cover well into the multi-crore range with the recall point addressed separately, rather than assuming a single liability limit absorbs both heads.
Product recall: the separately underwritten cover most accounts skip
Product recall is the coverage that fills the exact hole the property and product-liability policies leave. It is underwritten separately from product liability and is typically triggered by a defined set of events: a government-mandated recall, a voluntary recall following a genuine and demonstrable defect, or an internally discovered defect that creates an imminent risk to consumers.
The Food Safety and Standards (Food Recall Procedure) Regulations 2017 require FBOs engaged in manufacture, import or wholesale supply to keep an up-to-date recall plan, and oblige an FBO who believes its food is non-compliant to withdraw it and inform the competent authority. When the platform is the FBO of record, that obligation, and its cost, sits with the platform.
A recall policy typically responds to:
- First-party recall expense: the cost of communicating the recall, retrieving stock across stores, refunding or replacing affected consumers, warehousing and destroying the condemned batch.
- Consequential loss of gross profit: the margin lost while the affected line is off sale.
- Rehabilitation and crisis-consultancy costs: PR and brand-rebuild expense, which on a consumer platform can dwarf the physical retrieval bill.
Recall underwriting will ask about traceability, batch coding, the recall plan filed under the 2017 regulations, and supplier vetting. A platform that already runs tight FSSAI compliance prices better here, which is a useful lever for the broker to surface at renewal.
Licence suspension and consequential business interruption
The scenario that most cleanly exposes the gap is a licence suspension. The Zepto Dharavi node lost its licence for a window in 2025. For a high-throughput dark store, even a short closure is a real margin loss, yet a standard business-interruption section will not pay, because conventional BI is tied to physical damage at the premises. No fire, no flood, no insured peril, no BI.
The cover that responds to a closure ordered by a public authority for a non-damage reason is a denial-of-access or, more precisely, a public-authority or notifiable-disease/contamination extension, sometimes packaged within a wider non-damage BI wording. These extensions are not standard on a q-comm property programme and have to be asked for, scoped and sub-limited deliberately.
When structuring this, brokers should pin down:
- The trigger: does the extension respond to closure or restriction imposed by a competent authority following contamination or a hygiene order, as distinct from physical-damage-led closure only?
- The indemnity period: a dark-store suspension and re-inspection cycle can run from days to a few weeks, so a short indemnity period may be adequate, but allow for re-stocking and re-certification time.
- The vicinity and per-node basis: with hundreds of micro-nodes, the cover should respond per affected node, and the aggregate should anticipate a cluster of suspensions across a city if a systemic issue is found.
- The interface with recall: a contamination event can trigger both a recall and a node closure, so confirm the recall and BI sections do not each disclaim by pointing at the other.
The honest framing for the client is that physical-damage BI and non-damage BI are different instruments. The dark-store enforcement risk lives almost entirely in the second, and that is the one rarely bought.
How a broker should structure the dark-store programme
Pulling the threads together, the dark-store food-safety programme is a stack, not a single policy, and the broker's value is assembling it so the sections interlock without gaps or double-disclaimers.
A workable structure for an inventory-led quick-commerce or cloud-kitchen account looks like this:
- Keep the property base: fire and special perils, burglary, and a deterioration-of-stock/refrigeration-breakdown extension for the cold rooms. This handles physical loss to insured stock and is necessary but not sufficient.
- Add or upsize product liability: name the platform and group FBO entities, confirm food-illness claims are in scope, stress-test the aggregate against a mass-claim scenario, and keep defence costs outside the limit where the market allows.
- Place product recall separately: first-party recall expense, consequential gross-profit loss, crisis consultancy, and above all a third-party/contingent recall extension for supplier-originated defects.
- Bolt on non-damage business interruption: a public-authority/contamination closure extension that responds to a licence suspension or hygiene-order shutdown on a per-node basis.
- Check public liability and the wider casualty tower so a slip-and-fall or premises injury at a dark store is not orphaned between sections.
The reframing that wins the account is simple. Tell the client that fire and freezer cover protects the building and the stock, while the enforcement headlines of 2025 and 2026 (suspensions, recalls, illness claims) sit in a separate liability-and-financial-loss layer they probably have not bought. Map their FSSAI licence and seller-of-record position store by store, then show, scenario by scenario, which policy pays. On most quick-commerce and cloud-kitchen accounts, that exercise opens a real gap and a real mandate.
One practical sequencing note for renewal. The enforcement risk is now a board-level reputational concern at every major platform, so the conversation lands better with the risk team and the founder than with procurement alone. Bring a one-page loss scenario, anchored on a real 2025 suspension, that walks a single contamination event through all five sections and shows where the current programme is silent. That document does more to move an inventory-led platform than a quote ever will, and it positions the broker as the person who saw the regulatory shift before the loss arrived.