General Information & Client Service
  • Americas: +1.212.553.1653
  • Asia: +852.3551.3077
  • China: +86.10.6319.6580
  • EMEA: +44.20.7772.5454
  • Japan: +81.3.5408.4100
Media Relations
  • New York: +1.212.553.0376
  • London: +44.20.7772.5456
  • Hong Kong: +852.3758.1350
  • Tokyo: +813.5408.4110
  • Sydney: +61.2.9270.8141
  • Mexico City: +001.888.779.5833
  • Buenos Aires: +0800.666.3506
  • São Paulo: +0800.891.2518
July 05, 2017

The PRA published policy statement PS15/17 and supervisory statement SS4/17 on cyber insurance underwriting risk. PS15/17 provides feedback to responses to the consultation paper CP39/16, titled “Cyber insurance underwriting risk.” SS4/17 sets out the PRA’s final expectations regarding the prudent management of cyber underwriting risk. Both the statements are relevant to all UK non-life insurance and reinsurance firms and groups within the scope of Solvency II, including the Society of Lloyd’s and managing agents.

The SS4/17 expands on the PRA’s general approach as set out in its insurance approach document. By clearly and consistently explaining its expectations of firms in relation to the particular areas addressed, the PRA seeks to advance its statutory objectives of ensuring the safety and soundness of the firms it regulates and contributing to securing an appropriate degree of protection for policyholders. The PRA’s expectations are split into the three broad areas of non-affirmative cyber risk, cyber risk strategy and risk appetite, and cyber expertise. The PRA had received thirteen responses to CP39/16 and has amended the supervisory statement accordingly.

 

In this context, cyber insurance underwriting risk is defined as the set of prudential risks emanating from underwriting insurance contracts that are exposed to cyber-related losses resulting from malicious acts and non-malicious acts involving both tangible and intangible assets. Malicious could include cyber-attack and infection of an IT system with malicious code while the examples of non-malicious attacks are loss of data, accidental acts, or omissions. The PRA expects firms to be able to identify, quantify, and manage the risks emanating from cyber underwriting risk both in terms of affirmative and "silent" cover.


Related Links

PS15/17 (PDF)

SS4/17 (PDF)

CP39/16 (PDF)

Keywords: Europe, PRA, United Kingdom, Insurance, Prudential Risk, Cyber Risk, Cyber Insurance

Related Articles
News

APRA Proposes Changes to Credit Risk Management Standard for Banks

APRA is proposing to update its prudential standard on credit risk management requirements for authorized deposit-taking institutions.

March 25, 2019 WebPage Regulatory News
News

EIOPA Publishes Q&A on Regulations in March 2019

EIOPA updated questions and answers (Q&A) on the implementing and delegated regulations related to the Solvency II Directive.

March 25, 2019 WebPage Regulatory News
News

BCBS Issues Follow-Up Reports on Basel III Implementation Assessments

BCBS published a report summarizing the follow-up actions taken or planned by member jurisdictions as of the end of 2018; these actions are intended to address deviations from the Basel standards identified as part of the Regulatory Consistency Assessment Program (RCAP).

March 25, 2019 WebPage Regulatory News
News

EBA Single Rulebook Q&A: Fourth Update for March 2019

EBA published answers to five questions under the Single Rulebook question and answer (Q&A) updates for this week.

March 22, 2019 WebPage Regulatory News
News

ECB Updates Validation Checks and List of Identifiers Under AnaCredit

ECB updated the AnaCredit validation checks (Version 1.4) and the list of national identifiers (version 2.4) for AnaCredit reporting.

March 21, 2019 WebPage Regulatory News
News

BCBS Publishes Results of the Basel III Monitoring Exercise

BCBS published results of the Basel III monitoring exercise based on data as of June 30, 2018.

March 20, 2019 WebPage Regulatory News
News

EBA, FCA, and PRA Agree on MoU Template for Supervisory Cooperation

EBA, FCA, and PRA announced that they have agreed on a template for the Memorandum of Understanding (MoU) that sets out the expectations for supervisory cooperation and information-sharing arrangements between UK and EU/European Economic Area national authorities.

March 20, 2019 WebPage Regulatory News
News

HKMA Publishes CoP on Loss-Absorbing Capacity Requirements of Banks

HKMA issued, in relation to the Financial Institutions Resolution (Loss-Absorbing Capacity Requirements—Banking Sector) Rules (LAC Rules) a chapter of a code of practice (LAC CoP) under section 196 of the Financial Institutions Resolution Ordinance (FIRO).

March 20, 2019 WebPage Regulatory News
News

EBA Publishes Reports Monitoring the Implementation of Basel III in EU

EBA published two reports measuring the impact of implementing the final Basel III reforms and monitoring the implementation of liquidity measures in EU.

March 20, 2019 WebPage Regulatory News
News

BCBS Publishes Results of Survey on Proportionality in Bank Regulation

BCBS published a report presenting the results of a survey conducted on proportionality practices in bank regulation and supervision.

March 19, 2019 WebPage Regulatory News
RESULTS 1 - 10 OF 2786