Featured Product

    EIOPA Consults on Guidelines on Outsourcing to Cloud Service Providers

    July 01, 2019

    EIOPA launched a consultation on the guidelines for outsourcing to cloud service providers. The guidelines are addressed to insurance and reinsurance undertakings as well as national supervisory authorities in EU. The guidelines specify how the outsourcing provisions set forth in the Solvency II Directive (2009/138/EC), in the Delegated Regulation 2015/35, and in the EIOPA guidelines on system of governance need to be applied in case of outsourcing to cloud service providers. The consultation is open until September 30, 2019. These guidelines apply from July 01, 2020 to all cloud outsourcing arrangements entered into, or amended on or after this date.

    EIOPA developed these guidelines in line with its contribution to Fintech Action Plan of EC and taking into account the outcome of its Fourth Insurtech Roundtable on the use of cloud computing by (re)insurance undertakings. The guidelines aim to provide clarification and transparency to market participants and to help avoid potential regulatory arbitrages. They also intend to foster supervisory convergence regarding the expectations and processes applicable in relation to cloud outsourcing. Annex 1 to the consultation contains the impact assessment to the guidelines whereas Annex II provides an overview of questions for consultation. The key areas covered in the guidelines include the following:

    • Criteria to distinguish whether cloud services should be considered within the scope of outsourcing
    • Principles and elements of governance of cloud outsourcing, including documentation requirements and list of information part of the notification to supervisory authorities
    • Pre-outsourcing analysis, including materiality assessment, risk assessment, and due diligence on the service providers
    • Contractual requirements
    • Management of access and audit rights; security of data and systems; sub-outsourcing, monitoring, and oversight of cloud outsourcing; and exit strategies
    • Principle-based instructions for national supervisory authorities on the supervision of cloud outsourcing arrangements including, where applicable, at group level

    The use of cloud outsourcing is a common practice among all types of financial undertakings, not only for insurance and reinsurance undertakings. Moreover, the key associated risks are similar across sectors. Acknowledging these facts and recognizing the potential risks of regulatory fragmentation in developing these guidelines—in addition to the (re)insurance provisions on outsourcing—EIOPA also considered the most recent guidance published by EBA.

     

    Related Links

    Comment Due Date: September 30, 2019

    Effective Date: July 01, 2020

    Keywords: Europe, EU, Insurance, Reinsurance, Guidelines, Outsourcing, Cloud Service Providers, Governance, Fintech, Insurtech, Regulatory Arbitrage, Supervisory Convergence, Cloud Outsourcing, Solvency II, EBA, EC, EIOPA

    Featured Experts
    Related Articles
    News

    FDIC Releases Economic Scenarios for Stress Testing in 2020

    FDIC released the hypothetical economic scenarios for use in the upcoming stress tests for covered institutions with total consolidated assets of more than USD 250 billion.

    February 14, 2020 WebPage Regulatory News
    News

    EBA Acknowledges EC Adoption of Amended Supervisory Reporting Standard

    EBA acknowledged the adoption, by EC, of an Implementing Act with regard to the common reporting (COREP) and financial reporting (FINREP) changes, in accordance with the Capital Requirements Regulation or CRR.

    February 14, 2020 WebPage Regulatory News
    News

    APRA and ASIC Welcome Proposed Reforms for Superannuation Sector

    APRA and the Australian Securities and Investments Commission (ASIC) have jointly welcomed the proposed legislative reforms increasing the role of ASIC in the superannuation sector.

    February 14, 2020 WebPage Regulatory News
    News

    ESMA Responds to EC Consultation on Review of Benchmarks Regulation

    ESMA published its response to EC consultation on review of the Benchmarks Regulation in EU.

    February 14, 2020 WebPage Regulatory News
    News

    ISDA Guide on Smart Contracts for Equity and Interest Rate Derivatives

    ISDA has published the fourth and fifth installments in a series of legal guidelines for smart derivatives contracts.

    February 13, 2020 WebPage Regulatory News
    News

    FED Paper Describes FLARE, A Top-Down Model for Stress Testing

    FED published a technical paper that describes the Forward-Looking Analysis of Risk Events (FLARE) model.

    February 13, 2020 WebPage Regulatory News
    News

    EC Rule Updates Data for Calculations Under Solvency II Reporting

    EC published the Implementing Regulation 2020/193, which lays down technical information for the calculation of technical provisions and basic own funds for reporting with reference dates from December 31, 2019 to March 30, 2020, in accordance with the Solvency II Directive (2009/138/EC).

    February 13, 2020 WebPage Regulatory News
    News

    EIOPA Publishes Supervisory Convergence Plan and Suptech Strategy

    EIOPA published the strategies for cyber underwriting and supervisory technology (suptech), in response to the evolving insurance landscape.

    February 12, 2020 WebPage Regulatory News
    News

    EBA Proposes Guide on Sectoral Exposures to Apply Systemic Risk Buffer

    EBA launched a consultation on the guidelines on appropriate subsets of sectoral exposures to which competent or designated authorities may apply a systemic risk buffer (SyRB), in accordance with the Capital Requirements Directive (CRD).

    February 12, 2020 WebPage Regulatory News
    News

    ISDA Paper Outlines Developments on Risk-Free Rate Adoption in 2020

    ISDA published a research paper that examines several major upcoming developments on the adoption of risk-free rates in 2020.

    February 12, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 4676