|
|
The proposals in this Prudential Regulation Authority’s(PRA) consultation paper (CP) are based on thematic work carried out by the PRA between October 2015 and June 2016 involving a range of stakeholders including insurance and reinsurance firms, (re)insurance intermediaries, consultancies, catastrophe modelling vendors, cyber security and technology firms, and regulators.
The CP sets out the PRA’s proposed expectations in relation to the ability of firms to exercise prudent management of cyber insurance underwriting risk. Firms are expected to be able to identify, quantify and manage the risks emanating from cyber underwriting risk both in terms of affirmative and ‘silent’ cover.
The results of the PRA’s thematic work highlighted several risks faced by the insurance industry in relation to cyber underwriting risk. The key findings are summarised in a letter to firms – ‘Cyber underwriting risk’ – published on 14 November 2016 (see Related Links).
The proposals have been grouped based on the PRA’s thematic findings in the following sections:
This consultation closes on Tuesday 14 February 2017.