IAIS published a draft application paper on the supervision of insurer cybersecurity. The application paper provides further guidance to supervisors seeking to develop or enhance their approach to supervising the cyber risk, cybersecurity, and cyber resilience of insurers. Insurers are also invited to consider the application paper, to assist in developing and implementing good cybersecurity practices in their organizations. Comments on the proposal are due by August 13, 2018.
The application paper is generally principles-based and builds on frameworks and guidance from multiple sources, including the "G7 Fundamental Elements of Cyber Security for the Financial Sector"; the related "G7 Fundamental Elements for Effective Assessment of Cybersecurity for the Financial Sector"; and the CPMI-IOSCO guidance on cyber resilience for financial market infrastructures. The paper focuses on supervision of insurers’ cybersecurity. It does not cover cyber insurance products nor the use of cyber insurance in the reduction of residual risks. IAIS also published consultations on the revised ICPs 6 and 20 and it will hold a public background session on July 16, 2018 to discuss these revised ICPs.
Under IAIS procedures an application paper can provide additional material related to one or more Insurance Core Principles (ICPs) that help with practical application of ICPs, but an application paper is not binding and does not establish standards. Application papers can provide examples of good practices, in addition to advice and recommendations on how ICPs may be implemented.
Comment Due Date: August 13, 2018
Keywords: International, Insurance, Application Paper, Insurer Cybersecurity, Cyber Risk, IAIS
EU published Directive 2021/338, which amends the Markets in Financial Instruments Directive (MiFID) II and the Capital Requirements Directives (CRD 4 and 5) to facilitate recovery from the COVID-19 crisis.
The Standing Committee of the European Free Trade Association (EFTA) recommended that a systemic risk buffer level of 4.5% for domestic exposures can be considered appropriate for addressing the identified systemic risks to the stability of the financial system in Norway.
In a recent statement, PRA clarified its approach to the application of certain EU regulatory technical standards and EBA guidelines on standardized and internal ratings-based approaches to credit risk, following the end of the Brexit transition.
In a recently published letter addressed to the G20 finance ministers and central bank governors, the FSB Chair Randal K. Quarles has set out the key FSB priorities for 2021.
EU published, in the Official Journal of the European Union, a corrigendum to the revised Capital Requirements Regulation (CRR2 or Regulation 2019/876).
ESAs published a joint supervisory statement on the effective and consistent application and on national supervision of the regulation on sustainability-related disclosures in the financial services sector (SFDR).
EC published a public consultation on the review of crisis management and deposit insurance frameworks in EU.
HKMA announced that enhancements will be made to the Special 100% Loan Guarantee of the SME Financing Guarantee Scheme (SFGS) and the application period will be extended to December 31, 2021.
EBA launched consultations on the regulatory and implementing technical standards on cooperation and information exchange between competent authorities involved in prudential supervision of investment firms.
BoE issued a letter to the CEOs of eight major UK banks that are in scope of the first Resolvability Assessment Framework (RAF) reporting and disclosure cycle.