IA of Hong Kong Publishes Cyber-Security Guideline for Insurers
IA of Hong Kong published the guideline GL20 on cyber-security for authorized insurers. The guideline sets the minimum standard for cyber-security that authorized insurers are expected to have in place and the general guiding principles which the IA uses in assessing the effectiveness of the cyber-security framework of an insurer. The guideline applies to all authorized insurers, except for captive insurers and marine mutual insurers, in relation to the insurance business they conduct in, or from, Hong Kong. GL20 shall take effect on January 01, 2020.
Cyber risk is one of the most significant operational risks that insurers face, particularly with regard to the business operations they conduct digitally and online. Cyber-security incidents can result in financial loss, business disruption, damage to reputation, and other adverse consequences to an insurer. Accordingly, this guideline requires authorized insurers to put in place resilient cyber-security frameworks to protect their business data and the personal data of their existing or potential policyholders and to ensure continuity of their business operations. The guideline stipulates that authorized insurers should establish and maintain a cyber-security strategy and framework tailored to mitigate relevant cyber risks that are commensurate with the nature, size, and complexity of their business. The cyber-security strategy and framework should be endorsed by the Board of the insurer. Insurers should also develop a cyber-security incident response plan, which covers scenarios of cyber-security incidents and corresponding contingency strategies to maintain and restore critical functions and essential activities in such scenarios.
Related Links
Keywords: Asia Pacific, Hong Kong, Insurance, Cyber Risk, Guideline, Cyber Guidance, IA
Previous Article
FDIC Proposes to Rescind and Remove Regulatory Reporting StandardsRelated Articles
EC to Defer Application of SFDR Standards Till July 2022
The European Commission (EC) announced plans to defer the application of 13 regulatory technical standards under the Sustainable Finance Disclosure Regulation (2019/2088) by six months, from January 01, 2022 to July 01, 2022.
BoE Consults on Approach to Setting MREL, Publishes Bail-In Guidance
The Bank of England (BoE) published a consultation paper on approach to setting minimum requirement for own funds and eligible liabilities (MREL), an operational guide on executing bail-in, and a statement from the Deputy Governor Dave Ramsden.
EBA Seeks Views on Proportionality Assessment Methodology
The European Banking Authority (EBA) is seeking preliminary input on standardization of the proportionality assessment methodology for credit institutions and investment firms.
US Agencies Propose Changes to Call Reports and Instructions
Certain regulatory authorities in the US are extending period for completion of the review of certain residential mortgage provisions and for publication of notice disclosing the determination of this review until December 20, 2021.
PRA Finalizes Rulebook Definition of Higher Paid Material Risk-Taker
The Prudential Regulation Authority (PRA) published the policy statement PS18/21, which introduces an amendment in the definition of "higher paid material risk taker" in the Remuneration Part of the PRA Rulebook.
EBA Examines Asset Encumbrance in Banking Sector
The European Banking Authority (EBA) published its annual report on asset encumbrance in banking sector.
EBA Publishes Methodological Guide to Mystery Shopping
The European Banking Authority (EBA) published a methodological guide to mystery shopping.
APRA Issues Update on Capital Reform Policy Settings for Banks
The Australian Prudential Regulation Authority (APRA) released a letter to authorized deposit-taking institutions to provide an update on key policy settings for the capital framework reforms, which will come into effect from January 01, 2023.
CPMI-IOSCO Assess Continuity Planning of Market Infrastructures
The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) published a report that assesses the business continuity planning activities of financial market infrastructures or FMIs.
ESMA Responds to Proposal Related to Sustainability Standards Board
The European Securities and Markets Authority (ESMA) has responded to the IFRS consultation on targeted amendments to the IFRS Foundation constitution to accommodate an International Sustainability Standards Board (ISSB) to set IFRS Sustainability Standards.
