EIOPA Issues Cyber Underwriting Proposal, Statement on Open Insurance
The European Insurance and Occupational Pensions Authority (EIOPA) published two consultation papers—one on the supervisory statement on exclusions related to systemic events and the other on the supervisory statement on the management of non-affirmative cyber exposures. Both the consultations are open until July 18, 2022. In addition, EIOPA published a feedback statement on open insurance, following a discussion paper and a public consultation on the topic.
Draft supervisory statements. In the supervisory statement on exclusions in insurance products, EIOPA makes a few recommendations to insurers and competent authorities. The aim of the statement is to promote supervisory convergence in how national competent authorities assess the treatment of exclusions in insurance contracts that arise from risks following systemic events such as pandemic, natural catastrophes, or large cyber-attacks. Additionally, as part of the consultation on the draft supervisory statement on cyber exposures, EIOPA recommends national competent authorities to dedicate higher attention to insurance undertakings’ assessment of the terms and conditions of their existing insurance products. The consultation paper focuses on supervisory expectations and emphasizes the need for:
- a top-down strategy and risk appetite definition for (re)insurance undertakings to underwrite cyber risk.
- identifying and measuring risk exposure with the purpose of implementing sound cyber underwriting practices, with focus on management of non-affirmative cyber exposures.
- cyber underwriting risk management and risk mitigation, including the reinsurance strategy.
Feedback statement on open insurance. The feedback statement provides a high-level summary of the responses received on the discussion paper on open insurance as well as EIOPA’s reaction to them. In its discussion paper, published in January 2021, EIOPA had reflected on the definition of open insurance, analyzed existing use cases across the value chain, presented the risks and benefits of open insurance, and considered regulatory barriers to encourage a broader discussion around the topic. In their responses, stakeholders highlighted additional use cases apart from those featured in the paper, including better risk assessment, preventive measures, and fraud detection. Most stakeholders agreed with the benefits and potential risks of open insurance identified by EIOPA. The results of EIOPA’s public consultation show no strong agreement among stakeholders on the potential next steps. EIOPA will consider the feedback in its ongoing and future work on digitalization. EIOPA will continue monitoring legislative developments that may have a bearing on open insurance and will provide insurance and supervisory input where necessary. Relevant initiatives include the European Single Access Point proposal, the Data Act proposal, and any upcoming proposals for a new open finance framework as signaled in the European Commission’s Digital Finance Strategy. EIOPA might also further work on more concrete open insurance use cases, to facilitate a better understanding of the related implications for consumers, industry, and supervisors.
Related Links
- Press Release on Draft Supervisory Statements
- Consultation on Exclusions in Insurance Products
- Consultation on Cyber Underwriting Exposures
- Press Release on Feedback Statement on Open Insurance
- Feedback Statement on Open Insurance
Keywords: Europe, EU, Insurance, Reinsurance, Systemic Risk, Climate Change Risk, Cyber Risk, Open Insurance, Regtech, Solvency II, Cyber Underwriting, Insurtech, EIOPA
Featured Experts
Blake Coules
Across 35 years in banking, Blake has gained deep insights into the inner working of this sector. Over the last two decades, Blake has been an Operating Committee member, leading teams and executing strategies in Credit and Enterprise Risk as well as Line of Business. His focus over this time has been primarily Commercial/Corporate with particular emphasis on CRE. Blake has spent most of his career with large and mid-size banks. Blake joined Moody’s Analytics in 2021 after leading the transformation of the credit approval and reporting process at a $25 billion bank.
Michael Denton, PhD, PE
Dr. Denton provides industry leadership in the quantification of sustainability issues, climate risk, trade credit and emerging lending risks. His deep foundations in market and credit risk provide critical perspectives on how climate/sustainability risks can be measured, communicated and used to drive commercial opportunities, policy, strategy, and compliance. He supports corporate clients and financial institutions in leveraging Moody’s tools and capabilities to improve decision-making and compliance capabilities, with particular focus on the energy, agriculture and physical commodities industries.
Paul McCarney
Insurance product strategist; insurance domain expert; extensive experience developing risk assessment frameworks for insurers
Previous Article
HKMA Looks at CBDC Cyber Risk and Operational Resilience IssuesRelated Articles
SEC Finalizes Climate-Related Disclosures Rule
The U.S. Securities and Exchange Commission (SEC) has finalized the long-awaited rule that mandates climate-related disclosures for domestic and foreign publicly listed companies in the U.S.
US Regulators Release Stress Test Scenarios for Banks
The U.S. regulators recently released baseline and severely adverse scenarios, along with other details, for stress testing the banks in 2024. The relevant U.S. banking regulators are the Federal Reserve Bank (FED), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC).
Asian Governments Aim for Interoperability in AI Governance Frameworks
The regulatory landscape for artificial intelligence (AI), including the generative kind, is evolving rapidly, with governments and regulators aiming to address the challenges and opportunities presented by this transformative technology.
EBA Proposes Operational Risk Standards Under Final Basel III Package
The European Union (EU) has been working on the final elements of Basel III standards, with endorsement of the Banking Package and the publication of the European Banking Authority (EBA) roadmap on Basel III implementation in December 2023.
EFRAG Proposes XBRL Taxonomy and Standard for Listed SMEs Under ESRS
The European Financial Reporting Advisory Group (EFRAG), which plays a crucial role in shaping corporate reporting standards in European Union (EU), is seeking comments, until May 21, 2024, on the Exposure Draft ESRS for listed SMEs.
ECB to Expand Climate Change Work in 2024-2025
Banking regulators worldwide are increasingly focusing on addressing, monitoring, and supervising the institutions' exposure to climate and environmental risks.
BIS Bulletin Examines Cognitive Limits of Large Language Models
The use cases of generative AI in the banking sector are evolving fast, with many institutions adopting the technology to enhance customer service and operational efficiency.
ECB is Conducting First Cyber Risk Stress Test for Banks
As part of the increasing regulatory focus on operational resilience, cyber risk stress testing is also becoming a crucial aspect of ensuring bank resilience in the face of cyber threats.
EBA Continues Momentum Toward Strengthening Prudential Rules for Banks
A few years down the road from the last global financial crisis, regulators are still issuing rules and monitoring banks to ensure that they comply with the regulations.
EU and UK Agencies Issue Updates on Final Basel III Rules
The European Commission (EC) recently issued an update informing that the European Council and the Parliament have endorsed the Banking Package implementing the final elements of Basel III standards