IAIS published a draft application paper on the supervision of insurer cybersecurity. The application paper provides further guidance to supervisors seeking to develop or enhance their approach to supervising the cyber risk, cybersecurity, and cyber resilience of insurers. Insurers are also invited to consider the application paper, to assist in developing and implementing good cybersecurity practices in their organizations. Comments on the proposal are due by August 13, 2018.
The application paper is generally principles-based and builds on frameworks and guidance from multiple sources, including the "G7 Fundamental Elements of Cyber Security for the Financial Sector"; the related "G7 Fundamental Elements for Effective Assessment of Cybersecurity for the Financial Sector"; and the CPMI-IOSCO guidance on cyber resilience for financial market infrastructures. The paper focuses on supervision of insurers’ cybersecurity. It does not cover cyber insurance products nor the use of cyber insurance in the reduction of residual risks. IAIS also published consultations on the revised ICPs 6 and 20 and it will hold a public background session on July 16, 2018 to discuss these revised ICPs.
Under IAIS procedures an application paper can provide additional material related to one or more Insurance Core Principles (ICPs) that help with practical application of ICPs, but an application paper is not binding and does not establish standards. Application papers can provide examples of good practices, in addition to advice and recommendations on how ICPs may be implemented.
Comment Due Date: August 13, 2018
Keywords: International, Insurance, Application Paper, Insurer Cybersecurity, Cyber Risk, IAIS
Previous ArticleRBNZ Issues In-Principle Decisions on Capital Requirements for Banks
PRA published a set of questions and answers (Q&A) covering common queries regarding residential and commercial property valuations, for the purpose of the Capital Requirements Regulation (CRR), during the period of disruption caused by COVID-19 pandemic.
EBA published guidelines on loan origination and monitoring, which bring together prudential standards and consumer protection obligations, along with the anti-money laundering and the Environmental, Social, and Governance (ESG) considerations.
EBA published a consultation paper on the draft amended regulatory technical standards on own funds and eligible liabilities.
EBA published a report on convergence of supervisory practices in 2019.
IOSCO proposed updates to its principles for regulated entities that outsource tasks to service providers.
MAS announced that the first phase of the Veritas initiative will commence with the development of fairness metrics in credit risk scoring and customer marketing.
BoE published the Statistical Notice 2020/4 to update the buy-to-let (BTL) Phase 2 and Phase 3 definitions for the Interest Rate Type data item.
FSI published a brief note that examines challenges facing the banking sector as a result of the payment deferral programs put in place to support borrowers affected by the COVID-19 pandemic.
RBNZ published the financial stability report for May 2020. This review of the financial system in the country highlights that the economic disruption associated with COVID-19 will present challenges to the financial system.
PRA published the policy statement PS14/20, which contains the supervisory statement SS1/20 and the feedback to responses to the consultation paper CP22/19 on expectations for investment by firms in accordance with the Prudent Person Principle, or PPP, as set out in the Investments Part of the PRA Rulebook.