IAIS published a draft application paper on the supervision of insurer cybersecurity. The application paper provides further guidance to supervisors seeking to develop or enhance their approach to supervising the cyber risk, cybersecurity, and cyber resilience of insurers. Insurers are also invited to consider the application paper, to assist in developing and implementing good cybersecurity practices in their organizations. Comments on the proposal are due by August 13, 2018.
The application paper is generally principles-based and builds on frameworks and guidance from multiple sources, including the "G7 Fundamental Elements of Cyber Security for the Financial Sector"; the related "G7 Fundamental Elements for Effective Assessment of Cybersecurity for the Financial Sector"; and the CPMI-IOSCO guidance on cyber resilience for financial market infrastructures. The paper focuses on supervision of insurers’ cybersecurity. It does not cover cyber insurance products nor the use of cyber insurance in the reduction of residual risks. IAIS also published consultations on the revised ICPs 6 and 20 and it will hold a public background session on July 16, 2018 to discuss these revised ICPs.
Under IAIS procedures an application paper can provide additional material related to one or more Insurance Core Principles (ICPs) that help with practical application of ICPs, but an application paper is not binding and does not establish standards. Application papers can provide examples of good practices, in addition to advice and recommendations on how ICPs may be implemented.
Comment Due Date: August 13, 2018
Keywords: International, Insurance, Application Paper, Insurer Cybersecurity, Cyber Risk, IAIS
Previous ArticleRBNZ Issues In-Principle Decisions on Capital Requirements for Banks
MAS and Temasek jointly released a report to mark the successful conclusion of the fifth and final phase of Project Ubin, which focused on building a blockchain-based multi-currency payments network prototype.
PRA published a public working draft, or PWD, of version 1.2.0 of the BoE Insurance XBRL taxonomy, along with the related technical artefacts.
CPMI published a report that sets out nineteen building blocks for a global roadmap to improve cross-border payments.
EBA published phase 2 of the technical package on the reporting framework 2.10, providing the technical tools and specifications for implementation of EBA reporting requirements.
APRA updated the lists of the Direct to APRA (D2A) validation rules for authorized deposit-taking institutions, insurers, and superannuation entities.
PRA updated the statement that provides guidance to regulated firms on implementation of the EBA guidelines on reporting and disclosure of exposures subject to measures applied in response to the COVID-19 crisis.
EBA updated the 2019 list of closely correlated currencies that was originally published in December 2013.
ESMA published the final report on the guidelines on securitization repository data completeness and consistency thresholds.
FASB issued a proposed Accounting Standards Update that would grant insurance companies, adversely affected by the COVID-19 pandemic, an additional year to implement the Accounting Standards Update No. 2018-12 on targeted improvements to accounting for long-duration insurance contracts, or LDTI (Topic 944).
APRA updated the regulatory approach for loans subject to repayment deferrals amid the COVID-19 crisis.