Featured Product

    EIOPA Finalizes Guidelines on ICT Security and Governance

    October 12, 2020

    EIOPA finalized the guidelines on information and communication technology (ICT) security and governance for the insurance sector. The guidelines address how rules on operational risks set forth in the Solvency II Directive and in the Delegated Regulation 2015/35 are applied to the ICT security and governance. EIOPA consulted on the draft guidelines between December 2019 and March 2020 and has also published its response to the key issues raised in the feedback. The guidelines are intended for both market participants and the national supervisory authorities, which are expected to apply these guidelines from July 01, 2021.

    The objective of the guidelines is to promote the increase of the operational resilience of the digital operations of insurance and reinsurance undertakings against the risks they face. Operational resilience is key to protecting the digital assets (including their systems and data) of insurance and reinsurance undertakings. The guidelines provide clarification and transparency to market participants on the minimum expected information and cyber-security capabilities and help to avoid potential regulatory arbitrage. These guidelines are also intended to foster supervisory convergence regarding the expectations and processes applicable in relation to ICT security and governance as a key to proper ICT and security risk management.

    Competent authorities should, when complying or supervising compliance with these guidelines, take into account the principle of proportionality. This principle should should ensure that governance arrangements, including those related to ICT security and governance are proportionate to the nature, scale, and complexity of the corresponding risks undertakings face or may face. The guidelines should be read in conjunction with the Solvency II Directive, the Delegated Regulation 2015/35, the EIOPA guidelines on system of governance, and the EIOPA guidelines on outsourcing to cloud service providers. 


    Related Links

    Effective Date: July 01, 2021 (expected)

    Keywords: Europe, EU, Insurance, Governance, Operational Risk, Solvency II, Cloud Service Providers, ICT Risk, EIOPA

    Featured Experts
    Related Articles
    News

    APRA Issues Interim Update to Policy Priorities for 2021 and Beyond

    In a letter addressed to the industry, the Australian Prudential Regulation Authority (APRA) set out an updated schedule of policy priorities for the banking, insurance, and superannuation industries.

    September 24, 2021 WebPage Regulatory News
    News

    EC Adopts Solvency II and Resolution Rules Package for Insurers

    The European Commission (EC) adopted a comprehensive review package of Solvency II rules in the European Union.

    September 22, 2021 WebPage Regulatory News
    News

    OCC Issues Booklets on Regulatory Reporting and Earnings

    The Office of the Comptroller of the Currency (OCC) issued Versions 1.0 of the "Earnings" and "Regulatory Reporting" booklets of the Comptroller's Handbook.

    September 22, 2021 WebPage Regulatory News
    News

    ECB Sets Out Results of Economy-Wide Climate Stress Tests

    The European Central Bank (ECB) published results of its economy-wide climate stress test, which aimed to assess the resilience of non-financial corporates and euro area banks to climate risks.

    September 22, 2021 WebPage Regulatory News
    News

    EBA Examines Implications of Increasing Use of Digital Platforms in EU

    The European Banking Authority (EBA) published a report on the use of digital platforms in the banking and payments sector in European Union.

    September 21, 2021 WebPage Regulatory News
    News

    HKMA Issues Updates on Policy Measures Intended to Ease COVID Impact

    The Hong Kong Monetary Authority (HKMA) published updates on the policy measures that were announced in context of the ongoing pandemic.

    September 21, 2021 WebPage Regulatory News
    News

    ISDA Responds to BCBS Proposal on Treatment of Cryptoasset Exposures

    The International Swaps and Derivatives Association (ISDA), along with several other associations, submitted a joint response to the Basel Committee on Banking Supervision (BCBS) consultation on preliminary proposals for the prudential treatment of cryptoasset exposures.

    September 21, 2021 WebPage Regulatory News
    News

    BIS Quarterly Review Discusses Developments in Fintech and ESG Space

    BIS published the September issue of the Quarterly Review, which contains special features that analyze the rapid rise in equity funding for financial technology firms, the effectiveness of policy measures in response to pandemic, and the evolution of international banking.

    September 20, 2021 WebPage Regulatory News
    News

    BCBS to Consult on Supervisory Practices for Climate Risks by Year-End

    The Basel Committee for Banking Supervision (BCBS) met in September 2021 and reviewed climate-related financial risks, discussed impact of digitalization, and welcomed efforts by the International Financial Reporting Standards (IFRS) Foundation to develop a common set of sustainability reporting standards

    September 20, 2021 WebPage Regulatory News
    News

    OCC Identifies Operational Risk Deficiencies in MUFG Union Bank

    The Office of the Comptroller of the Currency (OCC) issued a Cease and Desist Order against MUFG Union Bank for deficiencies in technology and operational risk governance.

    September 20, 2021 WebPage Regulatory News
    RESULTS 1 - 10 OF 7494