EIOPA Consults on Guidelines on ICT Security and Governance
EIOPA issued a consultation on guidelines on the Information and Communication Technology (ICT) security and governance by insurers. The guidelines covers the areas of governance and risk management, ICT operations security, and ICT operations management. These guidelines shall provide guidance to national supervisory authorities and market participants on how regulation regarding operational risks set forth in the Solvency II Directive (2009/138/EC), the Delegated Regulation 2015/35, and EIOPA Guidelines on System of Governance is applied in the case of ICT security and governance. The consultation period on these guidelines ends on March 13, 2020.
Recognizing the need for being prepared for cyber risk and a sound cyber-security framework by undertakings, these guidelines also cover cyber-security as a part of the information security measures of an undertaking. The objective of these guidelines is to provide clarification and transparency to market participants on the minimum expected information and cyber-security capabilities. The guidelines are intended to help avoid potential regulatory arbitrage and to foster supervisory convergence regarding the expectations and processes applicable in relation to ICT security and governance as a key to proper ICT and security risk management. The guidelines should be read in conjunction with and without prejudice to the Solvency II Directive, the Delegated Regulation, EIOPA Guidelines on system of governance and EIOPA Guidelines on outsourcing to cloud service providers. As a next step, EIOPA will consider the feedback received to this consultation, publish a final report on the consultation, and submit the guidelines for adoption by its Board of Supervisors.
Related Links
Comment Due Date: March 13, 2020
Keywords: Europe, EU, Insurance, Cyber Risk, Operational Risk, Fintech, Solvency II, Cloud Service Providers, EIOPA
Featured Experts
Adam Koursaris
Asset and liability management expert; capable modeler; risk and capital specialist
Cassandra Hannibal
Life insurance actuary; risk management and economic capital specialist
Jerome Ogrodzki
Insurance asset and liabilities modeling specialist; stochastic modeling expert
Previous Article
MAS Consults on Regulatory Approach for Payment Token DerivativesRelated Articles
HKMA Finalizes Policy Modules on Group-Wide Approach and Remuneration
The Hong Kong Monetary Authority (HKMA) revised the Supervisory Policy Manual module CG-5 that sets out guidelines on a sound remuneration system for authorized institutions.
EBA Guide to Monitor Threshold for Intermediate Parent Undertakings
The European Banking Authority (EBA) published the final guidelines on the monitoring of the threshold and other procedural aspects on the establishment of intermediate parent undertakings in European Union (EU), as laid down in the Capital Requirements Directive (CRD).
PRA Finalizes Approach to Supervision of International Banks
In a recent Market Notice, the Bank of England (BoE) confirmed that green gilts will have equivalent eligibility to existing gilts in its market operations.
FCA Issues PS21/9 on Implementation of Investment Firms Regime
The Financial Conduct Authority (FCA) published the policy statement PS21/9 on implementation of the Investment Firms Prudential Regime.
EBA Proposes Regulatory Standards to Identify Shadow Banking Entities
The European Banking Authority (EBA) proposed regulatory technical standards that set out criteria for identifying shadow banking entities for the purpose of reporting large exposures.
IOSCO Proposes Recommendations on ESG Ratings and Data Providers
The Board of the International Organization of Securities Commissions (IOSCO) proposed a set of recommendations on the environmental, social, and governance (ESG) ratings and data providers.
ESMA Group Issues Recommendations on RFR Switch in Interdealer Market
The European Securities and Markets Authority (ESMA) published recommendations from the Working Group on Euro Risk-Free Rates (RFR) on the switch to risk-free rates in the interdealer market.
ECB Study Assesses Impact of Basel III Finalization Package
The European Central Bank (ECB) published a paper as well as an article in the July Macroprudential Bulletin, both of which offer insights on the assessment of the impact of Basel III finalization package on the euro area.
ISDA Finds FRTB Results in Higher Capital Charges for Carbon Trading
The International Swaps and Derivatives Association (ISDA) published a paper that explores the impact of the Fundamental Review of the Trading Book (FRTB) on the trading of carbon certificates.
PRA Updates Remuneration Policy Statement Templates and Tables
The Prudential Regulation Authority (PRA) published the remuneration policy self-assessment templates and tables on strengthening accountability.
