The PRA published policy statement PS15/17 and supervisory statement SS4/17 on cyber insurance underwriting risk. PS15/17 provides feedback to responses to the consultation paper CP39/16, titled “Cyber insurance underwriting risk.” SS4/17 sets out the PRA’s final expectations regarding the prudent management of cyber underwriting risk. Both the statements are relevant to all UK non-life insurance and reinsurance firms and groups within the scope of Solvency II, including the Society of Lloyd’s and managing agents.
The SS4/17 expands on the PRA’s general approach as set out in its insurance approach document. By clearly and consistently explaining its expectations of firms in relation to the particular areas addressed, the PRA seeks to advance its statutory objectives of ensuring the safety and soundness of the firms it regulates and contributing to securing an appropriate degree of protection for policyholders. The PRA’s expectations are split into the three broad areas of non-affirmative cyber risk, cyber risk strategy and risk appetite, and cyber expertise. The PRA had received thirteen responses to CP39/16 and has amended the supervisory statement accordingly.
In this context, cyber insurance underwriting risk is defined as the set of prudential risks emanating from underwriting insurance contracts that are exposed to cyber-related losses resulting from malicious acts and non-malicious acts involving both tangible and intangible assets. Malicious could include cyber-attack and infection of an IT system with malicious code while the examples of non-malicious attacks are loss of data, accidental acts, or omissions. The PRA expects firms to be able to identify, quantify, and manage the risks emanating from cyber underwriting risk both in terms of affirmative and "silent" cover.
Keywords: Europe, PRA, United Kingdom, Insurance, Prudential Risk, Cyber Risk, Cyber Insurance
BCBS is consulting on the principles for operational resilience and the revisions to the principles for sound management of operational risk for banks.
The Financial Stability Institute (FSI) of BIS published a brief note that examines the supervisory challenges associated with certain temporary regulatory relief measures introduced by BCBS and prudential authorities in response to the COVID-19 pandemic.
HKMA, together with the Banking Sector Small and Medium-Size Enterprise (SME) Lending Coordination Mechanism, announced a ninety-day repayment deferment for trade facilities under the Pre-approved Principal Payment Holiday Scheme.
The Advisory Scientific Committee of ESRB published a response, in the form of an Insights Paper, to the EBA proposals for reforms to the stress testing framework in EU.
MAS announced several initiatives to support adoption of the Singapore Overnight Rate Average (SORA), which is administered by MAS.
BoE updated the reporting template for Form ER as well as the Form ER definitions, which contain guidance on the methodology to be used in calculating annualized interest rates.
PRA published the policy statement PS19/20 on the final policy for extending coverage under the Financial Services Compensation Scheme (FSCS) for Temporary High Balance.
EBA published the final draft implementing technical standards for disclosures and reporting on the minimum requirements for own funds and eligible liabilities (MREL) and the total loss-absorbing capacity (TLAC) requirements in EU.
EBA published an erratum for the phase 2 of technical package on the reporting framework 2.10.
EC published the Implementing Regulation 2020/1145, which lays down technical information for calculation of technical provisions and basic own funds.