Commercial Risk Europe: Insurance industry risk managers confident in GDPR compliance: AM Best

07 July 2017

Risk managers at insurance companies are reviewing both their own firms’ compliance with the EU General Data Protection Regulation (GDPR) and the opportunities it could deliver from increased demand for cyber insurance, according to a new briefing from AM Best.

The rating agency found that industry players are confident in their preparations and rate their average level of readiness at seven out of ten.

With less than one year to go until the regulation is implemented, AM Best said insurers and reinsurers will be challenged by the GDPR, which aims to make data protection laws more consistent across the EU. As well as imposing new requirements on companies processing personal data, the GDPR imposes mandatory requirements on companies to disclose data breaches or face heavy fines.

Alvise Argenton, financial analyst at the rating agency, said: “European insurers have said they are undergoing a comprehensive review of their data-related risk management, looking at breach response plans and the resilience of their systems.”

AM Best said insurance and reinsurance companies have also increased governance in direct response to the GDPR. Companies have sought new skills to address the challenges of assessing compliance with the new rules and adopting new policies, it added.

Market players told AM Best that preparations for the new rules have led to reviews of roles and functions within their group and a closer integration of core functions including IT, compliance, legal and risk management. The insurance industry’s risk managers are also testing scenarios and implementing emergency response plans in preparation for the GDPR.

Implementation of the regulation, which brings Europe’s data protection rules more into line with the US, is also expected to jumpstart the European cyber insurance market, which until now has been dominated by US demand.

Full article on Commercial Risk (subscription required)


© Commercial Risk Europe