IT Security Regulatory Update | MARCH 2024
Focus: Cybercrime, EIOPA priorities, the german insurance industry
Highlight from March 2024
EU Parliament reflects upon cybercrime
With increasing digitalization, cybercrime is also growing in the EU, making it one of the most significant threats of our time. The EU Parliament is therefore taking a closer look at the issue.
“Stay up to date with our monthly regulatory update on IT Security Management!”
Cybercrime on the rise
With increasing digitalization and the associated rise in the use of digital devices and services by EU citizens, the crime rate in the cyber area is also increasing. The European Parliament is providing a briefing on the background, effects, forms and legal aspects of cybercrime.
It is one of the biggest threats of our time and enables criminals to cause great damage. The threat is constantly growing, the methods are becoming increasingly complex and inventive, the incidents more intricate and damaging. They take place at all levels of society, be it as investment fraud, phishing, in the form of bogus companies or fake charities.
The EU is actively combating cybercrime and promoting cybersecurity in Europe. This can be seen in the cyber security strategy, which addresses critical infrastructures such as hospitals, energy supply and rail networks. At the same time, various pieces of legislation are being enacted and drafted that deal with the prevention of cyberattacks, the elimination of vulnerabilities, resilience and general cybersecurity risks.
The EU wants to achieve the following through regulation, investment and policy:
- Increasing resilience and technological sovereignty
- Assuming a leadership role
- Building operational capacities for prevention, deterrence and response
- Promoting a global and open cyberspace
You can find the briefing of the EU Parliament here on its website.
Source: © European Union, 2022 – EP
EIOPA presents strategic priorities
EIOPA has identified its supervisory priorities for the strategy from 2024 to 2027. In doing so, it took into account relevant warnings and recommendations of the ESRB as well as general risks on the insurance market. In addition, product complexity and the generally high costs and low performance in several markets were considered, as well as possible insurance gaps that could arise from these aspects. The need for a customer-oriented approach, the need to address ESG factors and the increasing demand for products with sustainability features were also being regarded.
Against this background, EIOPA has identified two strategic objectives that should be observed. Firstly, the financial robustness of insurance companies and secondly, consumer protection in a disruptive environment. In view of both objectives, EIOPA identifies three specific areas to be considered as supervisory priorities:
- Continuous monitoring of the impact of the macroeconomic environment;
- Risk transfers, including the capacity and appropriateness of risk transfers;
- The price-performance ratio, also in relation to inflation and current macroeconomic trends.
You can find the EIOPA report here on their website.
Source: European Insurance and Occupational Pensions Authority – EIOPA, eiopa.europa.eu
New BaFin Executive Director addresses the German insurance industry
At the GDV Insurance Summit, the new BaFin Executive Director Julia Wiens spoke about her vision and goals for the German insurance industry. She emphasizes two points as being particularly important:
- Maintaining the stability of German insurance companies;
- Maintaining consumers’ trust in their insurers.
In her speech, she examined the current state of the industry and the current priorities of the supervisory authority. She emphasized the high stability of the German insurance industry and the positive development of risk-bearing capacity. However, she also addresses the expectation that inflation should be taken into account appropriately, especially when calculating technical provisions and HGB results.
Regulatory priorities in this context include, above all, risk management, currently particularly in the context of investments in commercial real estate. The commitment to the insolvent Signa Group continues to be the focus of the supervisors, as well as the issue of sustainability and the constantly increasing risks in the IT sector. IT outsourcing and IT service providers are to be mentioned here. After all, the Executive Director’s focus is on customer benefit.
You can find the speech by Julia Wiens here on the BaFin website.
Source: © German Federal Financial Supervisory Authority / www.bafin.de
Cybercrime should not be a new buzzword for financial companies, which are certainly often confronted with the issue thanks to various regulations. The EU also recognizes cyber risks as particularly significant – cyber security is therefore likely to become even more important in the years to come.
At ADWEKO, we keep an eye on national, European and international regulations for you and support you in their implementation.
- DK publishes statements on the second wave of DORA consultations
- BVI publishes comments on consultation in the context of subcontracting DORA
- BVI publishes comments on consultation in the context of costs of ICT incidents DORA
- BVI publishes comments on the consultation in the context of DORA ICT incident reporting
- Insurance Europe publishes statements on DORA RTS and ITS
- BVI publishes statement on the first draft of the ESAs with suggestions for improvement
talk to
Pia Streicher!