Featured Product

    EIOPA Consults on Guidelines on Outsourcing to Cloud Service Providers

    July 01, 2019

    EIOPA launched a consultation on the guidelines for outsourcing to cloud service providers. The guidelines are addressed to insurance and reinsurance undertakings as well as national supervisory authorities in EU. The guidelines specify how the outsourcing provisions set forth in the Solvency II Directive (2009/138/EC), in the Delegated Regulation 2015/35, and in the EIOPA guidelines on system of governance need to be applied in case of outsourcing to cloud service providers. The consultation is open until September 30, 2019. These guidelines apply from July 01, 2020 to all cloud outsourcing arrangements entered into, or amended on or after this date.

    EIOPA developed these guidelines in line with its contribution to Fintech Action Plan of EC and taking into account the outcome of its Fourth Insurtech Roundtable on the use of cloud computing by (re)insurance undertakings. The guidelines aim to provide clarification and transparency to market participants and to help avoid potential regulatory arbitrages. They also intend to foster supervisory convergence regarding the expectations and processes applicable in relation to cloud outsourcing. Annex 1 to the consultation contains the impact assessment to the guidelines whereas Annex II provides an overview of questions for consultation. The key areas covered in the guidelines include the following:

    • Criteria to distinguish whether cloud services should be considered within the scope of outsourcing
    • Principles and elements of governance of cloud outsourcing, including documentation requirements and list of information part of the notification to supervisory authorities
    • Pre-outsourcing analysis, including materiality assessment, risk assessment, and due diligence on the service providers
    • Contractual requirements
    • Management of access and audit rights; security of data and systems; sub-outsourcing, monitoring, and oversight of cloud outsourcing; and exit strategies
    • Principle-based instructions for national supervisory authorities on the supervision of cloud outsourcing arrangements including, where applicable, at group level

    The use of cloud outsourcing is a common practice among all types of financial undertakings, not only for insurance and reinsurance undertakings. Moreover, the key associated risks are similar across sectors. Acknowledging these facts and recognizing the potential risks of regulatory fragmentation in developing these guidelines—in addition to the (re)insurance provisions on outsourcing—EIOPA also considered the most recent guidance published by EBA.

     

    Related Links

    Comment Due Date: September 30, 2019

    Effective Date: July 01, 2020

    Keywords: Europe, EU, Insurance, Reinsurance, Guidelines, Outsourcing, Cloud Service Providers, Governance, Fintech, Insurtech, Regulatory Arbitrage, Supervisory Convergence, Cloud Outsourcing, Solvency II, EBA, EC, EIOPA

    Featured Experts
    Related Articles
    News

    US Agencies Requests Comments on Use and Impact of CAMELS Ratings

    US Agencies (FDIC and FED) are seeking information and comments from interested parties regarding the consistency of ratings assigned by the agencies under the Uniform Financial Institutions Rating System (UFIRS).

    October 18, 2019 WebPage Regulatory News
    News

    BoE Announces Date for Publication of Stress Test Results for Banks

    BoE announced its plans to publish results of the full UK annual stress tests on December 10, 2019.

    October 18, 2019 WebPage Regulatory News
    News

    PRA Consults on Approach to Supervising Liquidity and Funding Risks

    In consultation paper (CP27/19), PRA published a proposal (CP27/19) to update the supervisory statement SS24/15 on the PRA approach to supervising liquidity and funding risk.

    October 17, 2019 WebPage Regulatory News
    News

    US Agencies Consult on Policy Statement on Allowance for Credit Losses

    US Agencies (FDIC, FED, NCUA, and OCC) are consulting on the policy statement on allowances for credit losses and on the guidance on credit risk review systems.

    October 17, 2019 WebPage Regulatory News
    News

    FSI Paper Examines Use of Suptech Initiatives by Financial Authorities

    The Financial Stability Institute (FSI) of BIS published a paper that examines the suptech developments by analyzing suptech initiatives of 39 financial authorities globally.

    October 17, 2019 WebPage Regulatory News
    News

    ECB Publishes Recommendations on Euro Risk-Free Rates Transition

    ECB published a report, by private sector working group on euro risk-free rates, which contains recommendations, from a risk management perspective, on the transition to new risk-free rates.

    October 17, 2019 WebPage Regulatory News
    News

    US Agencies Publish Notice to Extend Form FFIEC 102 for Three Years

    US Agencies (FDIC, FED, and OCC) published a joint notice regarding extension of the market risk regulatory report for institutions subject to the market risk capital rule (FFIEC 102).

    October 17, 2019 WebPage Regulatory News
    News

    FSB Report Examines Implementation and Impact of G20 Financial Reforms

    FSB published fifth annual report on the implementation and effects of the G20 financial regulatory reforms.

    October 16, 2019 WebPage Regulatory News
    News

    EBA Launches Consultation on Comprehensive Pillar 3 Disclosures

    EBA proposed the new comprehensive implementing technical standard (ITS) for public disclosures by financial institutions.

    October 16, 2019 WebPage Regulatory News
    News

    EBA Consults on Revised Technical Standards on Supervisory Reporting

    EBA launched a consultation on the revised implementing technical standards, or ITS, on supervisory reporting.

    October 16, 2019 WebPage Regulatory News
    RESULTS 1 - 10 OF 3997