EIOPA Reports Outline Work Done Under EU-US Insurance Dialogue Project
EIOPA published reports summarizing the work of the big data working group, the cyber insurance market group, and the insurer cybersecurity working group under the EU-U.S. Insurance Dialogue Project. The reports summarize the topics under discussion, work done in 2019, and the next steps for discussion and action. The EU-U.S. Insurance Project started in early 2012, when EC, EIOPA, NAIC, and FIO agreed to participate in a deeper dialog project to contribute to an increased mutual understanding and enhanced cooperation between the EU and U.S. to promote business opportunity and effective supervision in EU and U.S. The high-level common objectives of the EU-U.S. Insurance Dialogue are to promote the free flow of information between EU and U.S. supervisors, establish a robust regime for group supervision, achieve a consistent approach within each jurisdiction, and ensure the consistent application of prudential requirements.
The Big Data Working Group has been focusing on the increased use of large data sets (Big Data) by insurers and the use of data analytics in the insurance sector. After discussion, the Working Group has outlined the following areas for potential discussion in 2020/2021:
- The further development of artificial intelligence principles in the U.S. and EU including ethical aspects
- Regulatory review of predictive models, including but not limited to assessing transparency and explainability issues arising from the use of machine learning algorithms.
- Industry use of Big Data for fraud detection and claims settlement
- Continue monitoring developments on third-party vendors and consumer disclosure issues
The Cyber Insurance Working Group, in 2019, as a follow-up to the work done in 2018, continued discussions with a focus on the assessment of non-affirmative cyber risk and the potential for catastrophic losses; the challenges and opportunities of insuring and reinsuring cyber risk; and the availability of cyber insurance data. One of the main challenges to further development of the cyber insurance markets in the U.S. and EU relates to the limited data to appropriately assess and quantify cyber risk exposure. Against this background, themes for further elaboration may include the following:
- Discussing approaches to collect data and develop techniques supporting more sophisticated assessment of cyber risks. including potential accumulation risks (for example, scenario-based stress testing)
- Sharing U.S. and EU approaches relative to cyber incident reporting and cyber incident response best practices, including discussion of whether global initiatives could facilitate further understanding and underwriting of cyber risks
- Discussing the current role and use of risk
The Insurer Cybersecurity Working Group’s 2019 Target Outcome or deliverables included further discussions to continue to share examples and approaches to insurer cybersecurity and post-incident coordination Another outcome involved further discussions in moving forward with creating an outline or template for scenarios for an insurance supervisor-only exercise on how to coordinate a cross-border response in the event of an international cybersecurity incident. Insurance sector cybersecurity is a continuing challenge and a matter for ongoing supervisory focus in both the U.S. and EU. The Insurer Cybersecurity Working Group, therefore, recommends continuing its ongoing work in the following areas:
- Continue to share information on insurer cybersecurity and operational resilience including, for example, discussing insurance industry approaches to managing cybersecurity risk; supervisory approaches to reviewing insurers’ cybersecurity measures; the challenges of tracking cyber risks in the EU and the U.S.; preventing and managing a cross-border cyber event from both a supervisory and industry perspective; and the cybersecurity implications of insurers’ increased outsourcing to the cloud
- Complete development of an initial cybersecurity exercise template for EU and U.S. supervisors on how to coordinate a cross-border response in the event of an international cybersecurity incident
- Expand current draft scenario(s) in the template, including scenario timelines with a progression of events mimicking those likely during a real cybersecurity incident and include a list of supervisory contacts
- Develop a timeline for conducting an exercise using the template created by the working group
Keywords: Europe, Americas, EU, US, Insurance, Big Data, Artificial Intelligence, Machine Learning, Cyber Risk, Cyber Insurance, EIOPA
Previous ArticleHKMA Consults on Stay Rules on Financial Contracts Under FIRO
CFPB Finalizes Rule on Small Business Lending Data Collection
The Consumer Financial Protection Bureau (CFPB) published a final rule that sets out data collection requirements on small business lending, under section 1071 of the Dodd-Frank Act.
BCBS to Consult on Pillar 3 Climate Risk Disclosures by End of 2023
The Bank for International Settlements (BIS) published a summary of the recent Basel Committee (BCBS) meetings.
FINMA Approves Merger of Credit Suisse and UBS
The Swiss Financial Market Supervisory Authority (FINMA) has approved the takeover of Credit Suisse by UBS.
BOE Sets Out Its Thinking on Regulatory Capital and Climate Risks
The Bank of England (BOE) published a working paper that aims to understand the climate-related disclosures of UK financial institutions.
US Congress Report Examines Data Privacy and Cybersecurity Regulations
The U.S. Congressional Research Service published a report on banking, data privacy, and cybersecurity regulation.
OSFI Finalizes on Climate Risk Guideline, Issues Other Updates
The Office of the Superintendent of Financial Institutions (OSFI) is seeking comments, until May 31, 2023, on the draft guideline on culture and behavior risk, with final guideline expected by the end of 2023.
EU to Conduct One-Off Scenario Analysis to Assess Transition Risk
The European authorities recently made multiple announcements that impact the banking sector.
APRA Assesses Macro-Prudential Policy Settings, Issues Other Updates
The Australian Prudential Regulation Authority (APRA) published an information paper that assesses its macro-prudential policy settings aimed at promoting stability at a systemic level.
BIS Paper Examines Impact of Greenhouse Gas Emissions on Lending
BIS issued a paper that investigates the effect of the greenhouse gas, or GHG, emissions of firms on bank loans using bank–firm matched data of Japanese listed firms from 2006 to 2018.
HMT Mulls Alignment of Ring-Fencing and Resolution Regimes for Banks
The HM Treasury (HMT) is seeking evidence, until May 07, 2023, on practicalities of aligning the ring-fencing and the banking resolution regimes for banks.