LexGo

Benelux Regulators to Apply EIOPA Guidelines on Outsourcing to Cloud Service Providers by Insurance and Reinsurance Undertakings
14/08/2020

On 24 April 2020, the European Insurance and Occupational Pensions Authority (EIOPA) issued new guidelines on outsourcing to cloud service providers (the "Guidelines") which apply to insurance and reinsurance undertakings, supplementing the general regulatory framework based on the Solvency II Directive and Delegated Regulation 2015/35. 

Pursuant to Article 16(3) of Regulation (EU) No 1094/2010 establishing the EIOPA, which requires the competent authorities of the EU Member States to make every effort to comply with EIOPA guidelines and confirm that they intend to comply with them, the Benelux regulators have indicated their intention to apply the Guidelines. 

In Belgium, the prudential regulator for the insurance and reinsurance sector, the National Bank of Belgium ("NBB"), published a circular on 5 May 2020 (NBB_2020_018) implementing the Guidelines and clarifying the NBB's recommendations on outsourcing to cloud service providers active in the sector (available here). 

For many years, the prudential regulator of the Netherlands, the Dutch National Bank ("DNB"), has been actively been focusing on outsourcing by financial institutions, including insurance companies, to cloud service providers. EIOPA guidelines are deemed authoritative by the DNB, taken into account by the DNB and often form the basis for the DNB's own recommendations. One example is the DNB's Good Practice document for outsourcing insurers, issued in May 2019. In this document, the DNB refers extensively to the outsourcing provisions of the EIOPA Guidelines on System of Governance. The DNB applies these guidelines, specifically when supervising cloud outsourcing, to supplement the Good Practices. The DNB has indicated that it expects insurers to apply the Guidelines from 1 January 2021 to all cloud outsourcing agreements entered into or amended on or after this date. 

In Luxembourg, the supervisory authority for the insurance sector, the Commissariat aux Assurances ("CA"), confirmed in Circular 20/13 of 24 June 2020 that it will fully apply the Guidelines. Luxembourg insurance and reinsurance undertakings are therefore required to abide by the Guidelines. On this occasion, the Luxembourg regulator also recalled that outsourcing operations must comply with the obligation of professional secrecy set out in Article 300 of the amended Act of 7 December 2015 on the insurance sector. 

For further information about the scope, requirements and timeline for implementation of the Guidelines, please refer to our article on the EIOPA Guidelines on outsourcing to cloud service providers by insurance and reinsurance undertakings.

Voir aussi : Nautadutilh Avocats Luxembourg SĂ rl ( Mr. Vincent Wellens )

[+ http://www.nautadutilh.com]

Mr. Vincent Wellens Mr. Vincent Wellens
Partner
[email protected]

Click here to see the ad(s)
Tous les articles Droit bancaire

Derniers articles Droit bancaire

Strengthening the integration and efficiency of capital markets to support economic growth
26/11/2021

Today, on 25 November 2021, the EU Commission published a package of legislative proposals. With the proposed measures, th...

Strengthening the integration and efficiency of capital markets to support economic growth Read more

Assessment of predicate tax offences in an AML/CTF context: The asset management industry should ...
18/11/2021

The new provisions introduced by Circular 17/650, as amended through Circular 20/744, impact the AML/CFT compliance obliga...

Read more

Updated CSSF FAQs on UCI Law and MMF Regulation: Change of regulatory practice concerning the hol...
11/11/2021

On 3 November 2021, the CSSF has announced in its Press Release 21/26 that it has published updated versions of ...

Updated CSSF FAQs on UCI Law and MMF Regulation: Change of regulatory practice concerning the holding of ancillary liquid assets by UCITS Read more

New CSSF administrative practice concerning the holding of ancillary liquid assets by UCITS
09/11/2021

In adapting its administrative practice, the CSSF has provided clarification on the holding of ancillary liquid assets by ...

Read more

Derniers articles de Mr. Vincent Wellens

Why all companies should care about the UN's cybersecurity & software update regulations – less...
26/10/2021

Not in the automotive sector? It doesn't matter: two Regulations adopted by UNECE (a United Nations body) on cybersecu...

Read more

New rules on material IT outsourcing in the financial sector
15/10/2021

Effective 15 October 2021, financial institutions must notify the CSSF of any planned outsourcing of material IT activitie...

Read more

Insufficient cybersecurity measures under GDPR: 100k EUR fine in Belgium & key fines elsewhere
29/04/2021

On 26 April 2021, the Litigation Chamber of the Belgian Data Protection Authority (BDPA) handed down its first fine specif...

Read more

Regulatory changes in the audiovisual media sector
16/04/2021

The Act of 26 February 2021 and certain grand ducal regulations have transposed into Luxembourg law the Audiovisual Media ...

Read more

LexGO Network