General Information & Client Services
  • Americas: +1.212.553.1653
  • Asia: +852.3551.3077
  • China: +86.10.6319.6580
  • EMEA: +44.20.7772.5454
  • Japan: +81.3.5408.4100
Media Relations
  • New York: +1.212.553.0376
  • London: +44.20.7772.5456
  • Hong Kong: +852.3758.1350
  • Tokyo: +813.5408.4110
  • Sydney: +61.2.9270.8141
  • Mexico City: +001.888.779.5833
  • Buenos Aires: +0800.666.3506
  • São Paulo: +0800.891.2518
June 29, 2018

IAIS published a draft application paper on the supervision of insurer cybersecurity. The application paper provides further guidance to supervisors seeking to develop or enhance their approach to supervising the cyber risk, cybersecurity, and cyber resilience of insurers. Insurers are also invited to consider the application paper, to assist in developing and implementing good cybersecurity practices in their organizations. Comments on the proposal are due by August 13, 2018.

The application paper is generally principles-based and builds on frameworks and guidance from multiple sources, including the "G7 Fundamental Elements of Cyber Security for the Financial Sector"; the related "G7 Fundamental Elements for Effective Assessment of Cybersecurity for the Financial Sector"; and the CPMI-IOSCO guidance on cyber resilience for financial market infrastructures. The paper focuses on supervision of insurers’ cybersecurity. It does not cover cyber insurance products nor the use of cyber insurance in the reduction of residual risks. IAIS also published consultations on the revised ICPs 6 and 20 and it will hold a public background session on July 16, 2018 to discuss these revised ICPs. 

Under IAIS procedures an application paper can provide additional material related to one or more Insurance Core Principles (ICPs) that help with practical application of ICPs, but an application paper is not binding and does not establish standards. Application papers can provide examples of good practices, in addition to advice and recommendations on how ICPs may be implemented.

 

Comment Due Date: August 13, 2018

Keywords: International, Insurance, Application Paper, Insurer Cybersecurity, Cyber Risk, IAIS

Related Insights
News

IAIS Publishes Drafts of Revised ICP 8, ICP 15, ICP 16, and ICP 20

IAIS published the drafts of revised Insurance Core Principles on Public Disclosure (ICP 20), Investments (ICP 15), Enterprise Risk Management for Solvency Purposes (ICP 16), and Risk Management and Internal Controls (ICP 8), along with a revised draft of the glossary on enterprise risk management (ERM).

November 14, 2018 WebPage Regulatory News
News

MAS Amends Notice 637 on Capital Adequacy Requirements in Singapore

MAS published the final, revised Notice 637 on the risk-based capital adequacy requirements in Singapore.

November 13, 2018 WebPage Regulatory News
News

ESMA Updates Q&A on Implementation of CSD Regulation and MAR

ESMA updated questions and answers (Q&A) documents on the implementation of the Central Securities Depository (CSD) Regulation and Market Abuse Regulation (MAR).

November 12, 2018 WebPage Regulatory News
News

FSB Finalizes and Publishes the Cyber Lexicon

FSB published a cyber lexicon, following the public consultation earlier this year.

November 12, 2018 WebPage Regulatory News
News

SRB Updates Liability Data Reporting Template for 2019

SRB published version 2.7.1 of the Liability Data Reporting (LDR) Template.

November 12, 2018 WebPage Regulatory News
News

ECB to Conduct Comprehensive Assessment of Six Bulgarian Banks

ECB will undertake a comprehensive assessment of six Bulgarian banks. The exercise, comprising an asset quality review and a stress test, follows Bulgaria’s submission of a request to establish close cooperation with ECB on July 18, 2018.

November 12, 2018 WebPage Regulatory News
News

IMF Publishes Reports on the 2018 Article IV Consultation with Chile

IMF published its staff report and selected issues report under the 2018 Article IV consultation with Chile.

November 09, 2018 WebPage Regulatory News
News

PRA Issues PS27/18 on Implementing the Extension of SM&CR to Insurers

PRA published the policy statement PS27/18, which provides feedback to responses to the consultation paper CP20/18, on implementing the extension of the Senior Managers and Certification Regime (SM&CR) to insurers (Part 2).

November 09, 2018 WebPage Regulatory News
News

EBA Single Rulebook Q&A: First Update for November 2018

EBA published answers to seven questions under the Single Rulebook question and answer (Q&A) updates for this week.

November 09, 2018 WebPage Regulatory News
News

FED Finalizes the Large Financial Institution Rating System

FED finalized the new supervisory rating system for Large Financial Institutions (LFIs), to better align with the current supervisory programs and practices for these firms.

November 09, 2018 WebPage Regulatory News
RESULTS 1 - 10 OF 2204