IA of Hong Kong Publishes Cyber-Security Guideline for Insurers
IA of Hong Kong published the guideline GL20 on cyber-security for authorized insurers. The guideline sets the minimum standard for cyber-security that authorized insurers are expected to have in place and the general guiding principles which the IA uses in assessing the effectiveness of the cyber-security framework of an insurer. The guideline applies to all authorized insurers, except for captive insurers and marine mutual insurers, in relation to the insurance business they conduct in, or from, Hong Kong. GL20 shall take effect on January 01, 2020.
Cyber risk is one of the most significant operational risks that insurers face, particularly with regard to the business operations they conduct digitally and online. Cyber-security incidents can result in financial loss, business disruption, damage to reputation, and other adverse consequences to an insurer. Accordingly, this guideline requires authorized insurers to put in place resilient cyber-security frameworks to protect their business data and the personal data of their existing or potential policyholders and to ensure continuity of their business operations. The guideline stipulates that authorized insurers should establish and maintain a cyber-security strategy and framework tailored to mitigate relevant cyber risks that are commensurate with the nature, size, and complexity of their business. The cyber-security strategy and framework should be endorsed by the Board of the insurer. Insurers should also develop a cyber-security incident response plan, which covers scenarios of cyber-security incidents and corresponding contingency strategies to maintain and restore critical functions and essential activities in such scenarios.
Related Links
Keywords: Asia Pacific, Hong Kong, Insurance, Cyber Risk, Guideline, Cyber Guidance, IA
Previous Article
FDIC Proposes to Rescind and Remove Regulatory Reporting StandardsRelated Articles
EBA Updates Filing Rules for Supervisory Reporting
The European Banking Authority (EBA) published version 5.1 of the filing rules for supervisory reporting.
ECB Amends Guideline on Procedures for Collection of AnaCredit Data
The European Central Bank (ECB) Guideline 2021/1829 on the procedures for the collection of granular credit and credit risk data has been published in the Official Journal of European Union.
ECB Amends Guideline on Procedures for Collection of AnaCredit Data
The European Central Bank (ECB) Guideline 2021/1829 on the procedures for the collection of granular credit and credit risk data has been published in the Official Journal of European Union.
EBA Publishes Standards on Disclosure of Investment Policy Under IFR
The European Banking Authority (EBA) published the final draft regulatory technical standards on disclosure of investment policy by investment firms, under the Investment Firms Regulation (IFR).
APRA Finalizes Guidance for New Prudential Standard on Remuneration
The Australian Prudential Regulation Authority (APRA) published the prudential practice guide CPG 511 to assist banks, insurers, and superannuation licensees in meeting requirements of CPS 511, the new prudential standard on remuneration.
OCC Updated LIBOR Self-Assessment Tool for Banks
The Office of the Comptroller of the Currency (OCC) published a bulletin that provides an updated self-assessment tool for banks to evaluate their preparedness for cessation of the London Interbank Offered Rate (LIBOR).
TCFD Updates Guidance for Financial Disclosures on Climate Risk
The Financial Stability Board (FSB) published a report that examines the progress made toward disclosures aligned with recommendations of the Task Force on Climate-related Financial Disclosures (TCFD).
BCBS Report Examines Progress on Adoption of Basel III Framework
The Basel Committee on Banking Supervision (BCBS) published the progress report on adoption of the Basel III regulatory framework in member jurisdictions.
ACPR Implements Updates Related to DPM Version 3.1
The French Prudential Supervisory Authority (ACPR) has implemented, in its information system, updates linked to the Data Point Model (DPM) version 3.1.
EBA Note Examines Transition Risks of Benchmark Rates
The European Banking Authority (EBA) published a thematic note that aims to identify and raise awareness of the transition risks of benchmark rates, as the London Interbank Offered Rate (LIBOR) and the Euro Overnight Index Average (EONIA) are close to being phased out.
