Featured Product

    EIOPA Consults on Guidelines on ICT Security and Governance

    December 12, 2019

    EIOPA issued a consultation on guidelines on the Information and Communication Technology (ICT) security and governance by insurers. The guidelines covers the areas of governance and risk management, ICT operations security, and ICT operations management. These guidelines shall provide guidance to national supervisory authorities and market participants on how regulation regarding operational risks set forth in the Solvency II Directive (2009/138/EC), the Delegated Regulation 2015/35, and EIOPA Guidelines on System of Governance is applied in the case of ICT security and governance. The consultation period on these guidelines ends on March 13, 2020.

    Recognizing the need for being prepared for cyber risk and a sound cyber-security framework by undertakings, these guidelines also cover cyber-security as a part of the information security measures of an undertaking. The objective of these guidelines is to provide clarification and transparency to market participants on the minimum expected information and cyber-security capabilities. The guidelines are intended to help avoid potential regulatory arbitrage and to foster supervisory convergence regarding the expectations and processes applicable in relation to ICT security and governance as a key to proper ICT and security risk management. The guidelines should be read in conjunction with and without prejudice to the Solvency II Directive, the Delegated Regulation, EIOPA Guidelines on system of governance and EIOPA Guidelines on outsourcing to cloud service providers. As a next step, EIOPA will consider the feedback received to this consultation, publish a final report on the consultation, and submit the guidelines for adoption by its Board of Supervisors.

     

    Related Links

    Comment Due Date: March 13, 2020

    Keywords: Europe, EU, Insurance, Cyber Risk, Operational Risk, Fintech, Solvency II, Cloud Service Providers, EIOPA

    Featured Experts
    Related Articles
    News

    EBA Publishes Regulatory Standards to Identify Shadow Banking Entities

    The European Banking Authority (EBA) published the final draft regulatory technical standards specifying the criteria to identify shadow banking entities for the purposes of reporting large exposures.

    May 23, 2022 WebPage Regulatory News
    News

    EU Agencies Update LCR Rule and Macro-Prudential Policy Recommendation

    The European Commission (EC) published the Delegated Regulation 2022/786 with regard to the liquidity coverage requirements for credit institutions under the Capital Requirements Regulation (CRR).

    May 23, 2022 WebPage Regulatory News
    News

    OSFI Discusses Benchmark Rate Transition, Sets Out Work Priorities

    The Office of the Superintendent of Financial Institutions (OSFI) published the strategic plan for 2022-2025 and the departmental plan for 2022-23.

    May 17, 2022 WebPage Regulatory News
    News

    EBA Proposes Standards to Support Secondary NPL Markets

    The European Banking Authority (EBA) is consulting, until August 31, 2022, on the draft implementing technical standards specifying requirements for the information that sellers of non-performing loans (NPLs) shall provide to prospective buyers.

    May 17, 2022 WebPage Regulatory News
    News

    EU Confirms Agreement on Rules on Cybersecurity and Banking Resolution

    The European Council and the Parliament reached an agreement on the revised Directive on security of network and information systems (NIS2 Directive).

    May 13, 2022 WebPage Regulatory News
    News

    EBA Issues Standards for Crowdfunding Service Providers Under ECSPR

    The European Banking Authority (EBA) published the final draft regulatory technical standards specifying information that crowdfunding service providers shall provide to investors on the calculation of credit scores and prices of crowdfunding offers.

    May 13, 2022 WebPage Regulatory News
    News

    EU to Amend Credit Risk Adjustment Rules; ESAs Submit Queries on SFDR

    The European Council published a draft Commission Delegated Regulation to amend the regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.

    May 13, 2022 WebPage Regulatory News
    News

    EU Confirms Agreement on Rules on Cybersecurity and Banking Resolution

    The European Securities and Markets Authority (ESMA) published a paper that examines the systemic risk posed by increasing use of cloud services, along with the potential policy options to mitigate this risk.

    May 12, 2022 WebPage Regulatory News
    News

    MAS Amends Notice 635 and Issues Second Proposal on Green Taxonomy

    The Monetary Authority of Singapore (MAS) published amendments to Notice 635, which sets out requirements that a bank in Singapore has to comply with when granting an unsecured non-card credit facility to individuals.

    May 12, 2022 WebPage Regulatory News
    News

    EC Consults on PSD2 and Open Finance; EU Reaches Agreement on DORA

    The European Commission (EC) published a public consultation on the review of revised payment services directive (PSD2) and open finance.

    May 11, 2022 WebPage Regulatory News
    RESULTS 1 - 10 OF 8201