Best’s News & Research Service - July 06, 2017 07:42 AM (EDT)
A.M. Best Briefing: GDPR: Implications for European Insurers and the Cyber Insurance Market
- July 06, 2017 07:42 AM (EDT)
London //BestWire// - With less than a year to go before its implementation in May 2018, the General Data Protection Regulation (GDPR) is high on the agenda of (re)insurers operating within the European Union (EU) or providing services to EU residents. The new regulation, which aims to enhance the consistency of data protection rules across the EU and simplify the regulatory environment, will create significant new obligations for companies processing personal data. The GDPR further intends to increase the effectiveness of the right to data protection, and whilst this is expected to provide regulatory challenges for (re)insurers, the requirement for mandatory notification of serious data breaches is also likely to fuel supply of and demand for cyber insurance in Europe.
As part of its monitoring of industry issues, A.M. Best is holding ongoing dialogues with rated companies regarding the steps they are taking to prepare for the implementation of GDPR, and in its new briefing, “GDPR: Implications for European Insurers and the Cyber Insurance Market,” notes that rated entities have disclosed how they expect to be affected as data controllers, as well as how they expect the regulation to impact the cyber insurance market.
Alvise Argenton, financial analyst, said: “European insurers have told A.M. Best they are undergoing a comprehensive review of their data-related risk management, looking at breach-response plans and the resilience of their systems. From an underwriting standpoint, the most significant consequence of the implementation of the GDPR is likely to be a marked growth in cyber insurance revenues, with some carriers suggesting it will represent ‘a shot in the arm’ for the non-U.S. cyber market. The GDPR is, therefore, expected to represent a major change for the European cyber insurance market.”
A.M. Best’s briefing also notes that the introduction of GDPR is expected to affect demand and supply of cyber insurance, albeit over different timeframes. In the short term, as stricter data-breach reporting rules enhance transparency, a considerable increase in reported breaches will likely spread risk awareness and result in higher demand for cyber products. In the medium term, as more and more reliable data becomes available, with positive implications for pricing models, insurance supply should gain momentum, with new products expected to make an appearance on the market.
To access a complimentary copy of this briefing, please visit http://www3.ambest.com/bestweek/purchase.asp?record_code=263354 .
A.M. Best is the world’s oldest and most authoritative insurance rating and information source.