Following an earlier consultation the International Association of Insurance Supervisors (IAIS) has published an issues paper on cyber risk to the insurance sector.
The objectives of the paper are to raise awareness for insurers and supervisors of the challenges presented by cyber risk, including current and contemplated supervisory approaches for addressing these risks.
As an issues paper, it provides background, describes current practices, identifies examples and explores related regulatory and supervisory issues and challenges.
The paper focuses on cyber risk and the mitigation of such risks and does not cover IT security risks, cyber insurance (insurers’ selling or underwriting an insurance product to cover cyber risk) or risks arising from cyber security incidents involving supervisors.
The IAIS states that the paper is intended to be primarily descriptive and is not meant to create supervisory expectations. However, the paper may highlight the need for additional, more specific IAIS material to support supervisors in addressing cyber risk.
The paper builds on a 2015 survey of IAIS members on their approaches to cyber risk.
A summary of the responses to the survey are included in Annex 1 of the paper
- Copies of the issues paper and
- press release are available.