ey-malta-insurance-newsletter-5

Insurance Industry Regulatory Compliance Newsletters

EY Malta is delighted to share another quarterly Insurance Industry Regulatory Compliance Newsletters. In this newsletter, we will be providing a snapshot of publications, updates to legislation and consultations issued in the third quarter of 2023 around the insurance regulatory compliance framework. 

What’s inside this newsletter

  • The extent of voluntary disclosure of principal adverse impacts under the Sustainable Finance Disclosure Regulation (‘SFDR’). 
  • ICT Third party providers under the Digital Operational Resilience Act (‘DORA’). 
  • Access to Cyber Insurance by SME’s. 
  • Consulation on the implementation of the SFDR. 
  • Consultation on amendments and a new chapter to the Insurance Rules. 
  • An overview of the amendments of the Insurance Distribution Rules. 
  • Methodolgies on insurance stress testing for cyber risks. 
  • The reluctancy to NatCat Insurance. 
  • The revised limits of the Professional Indemnity Insurance Coverge. 

The extent of voluntary disclosure of principal adverse impacts under the Sustainable Finance Disclosure Regulation (‘SFDR’)

On the 28th September 2023, the three European Supervisory Authorities, published their second annual report on the extent of voluntary disclosure of principal adverse impacts under Article 18 of SFDR.
The report utilizes a survey which was distributed to national competent authorities to evaluate the current state of principal adverse impact disclosures at both the entity and product levels. In addition, ESA has provided an initial, non-exhaustive overview of areas needing improvement, along with identifying several good practices. The report concludes with recommendations to the European Commission that should be considered for the upcoming comprehensive assessment of SFDR. 
EY Malta insurance

ICT Third-Party Providers under the Digital Operational Resilience Act

On the 27th September 2023, the three European Supervisory Authorities published a report which includes an indicative overview of information and communication technology (ICT) third-party providers (‘TTP’) as part of their preparation for DORA.
Following the above report, on the 29th September 2023, the ESAs also published a joint response to the European Commission’s call for advice regarding two delegated acts under DORA, for which such responses proposed additional criteria for critical ICT third party providers and established oversight fees to be imposed on these providers. The ESAs recommended a set of qualitative and quantitative indicators, along with the necessary information required to develop and interpret them, following a two-step approach. It also suggested methods for determining the amount of fees to be levied and specified the type of payment required.

Access to cyber insurance by SMEs

On the 20th September 2023, EIOPA launched a survey on the access of cyber insurance for SMEs. The objective of the survey is to attain a more comprehensive understanding of the difficulties faced by SMEs as they endeavor to protect themselves against cyber risks, and to assess the level of access to cyber insurance among these businesses.
Through the survey, EIOPA will be gathering information on the integration of cyber insurance into the everyday operations of SMEs, whilst understand their current knowledge regarding cyber insurance, and the extent to which they are aware of cyber risk.
EY Malta insurance

Amendments to the Insurance Distribution Rules

On 26th January 2023 , the MFSA published a consultation paper on the amendments to the Insurance Distribution Directive. Following the lapse of the consultation period and internal discussions held on the feedback received, the MFSA issued a circular on the 8th August 2023 together with a Feedback Statement on the amendments effected to the Insurance Distribution Rules.
In this respect below is an overview of the amendments made by the MFSA in the Insurance Distribution Rules.

Chapter 1

  • Amending the governing law of the professional indemnity insurance policy to clarify that the said policy shall be governed by the law of a European Union Member State or the law of the United Kingdom;
  • Amending the excess under paragraph 1.9.7 to be of a sum not exceeding 1% of the limit of indemnity and subject to a maximum of €50,000; and
  • Including a new limit of €100,000 for loss of and damage to documents and records.

Chapter 2

  • Removal of the bank reference requirement from schedules 4 to 8;
  • The same schedules will also be amended for the term ‘person concerned’ in order to align with the definition;
  • Having an own pre-enrollment course outlined as an Annex;
  • Amendments to paragraph 2.2.11 for authorised undertakings not granting registration to any person in the Tied Insurance Intermediaries Company Register or the Ancillary Insurance Intermediaries Company Register, unless the requirements listed therein are satisfied.

Chapter 4

  • Amendments to the notification requirement from 10 working days to 5 working days after the credit risk transfer agreement enters into force;
  • The First Schedule is to be amended to read that the value of own funds of enrolled persons and share capital of enrolled companies shall be €58,250 or 4% of the annual gross written premium receivable up to a maximum of €1,000,000 whichever is the higher and €19,510 for insurance managers;
  • Amending the definition of ‘insurance undertaking’ in the Second Schedule; and
  • Introducing a new Third Schedule which will contain a declaration form to be submitted and signed by an enrolled individual or enrolled company (either a Managing Director, CEO or General Manager) prior to entering into a Credit Risk Transfer Agreement with an insurance undertaking.

Chapter 8

  • All insurance monies are to be paid into the Tied Insurance Intermediaries Account or Ancillery Insurance Intermediaries Account by not later than fifteen business days; and
  • Amendments in relation to motor vehicle license fees, where intermediaries may use the license fee received to pay directly to Transport Malta.

Chapter 9

  • Where an enrolled person or an enrolled company is part of a group of companies, a guarantee may be provided by an entity within the same group of companies, as the enrolled person or the enrolled company, to the satisfaction of the competent authority as a form of a fidelity bond; and
  • Amendments to the nomination of approved persons to distinguish between instances where the approved person is an individual and where the approved person is a body corporate.

Chapter 10

  • A new section entitled ‘Auditor’s Management Letter’, which lays down certain requirements insurance undertakings need to submit in the auditor’s management letter; and
  • Reference to the term "enrolled person" will aslo be included in the chapter.

Consultation on amendments and a new chapter to the Insurance Rules 

In recent years, whilst conducting reviews, the MFSA noted that the procedures in relation to the transfer of cellular assets of a cell company and the liquidation of a cell in Subsidiary Legislation 386.10 Companies Act (Cell Companies Carrying on Business of Insurance) Regulations were not detailed. In this respect on the 13th September 2023 the MFSA has issued a consultation document on the proposed new Chapter 17 of the Insurance Rules entitled “Cell Companies carrying on Business of Insurance” and the proposed amendment to Chapter 5 of the Insurance Rules.

Paper on methodological principles of insurance stress testing of cyber risks

On the 11th July 2023 EIOPA published the fourth paper on the methodological principles of insurance stress testing, with the main focus on cyber risk. The paper's development was based on feedback gathered from stakeholders during the public consultation held between November 2022 and February 2023, with the aim to establish the necessary groundwork for assessing insurers' financial resilience under severe but plausible cyber incident scenarios, which would help insurers in the design phase for future insurance stress tests aimed at cyber risks.
EY Malta insurance

NatCat Insurance and their reluctance to be taken out

On the  5th July 2023, EIOPA published a staff paper exploring the reasons for the limited uptake of natural catastrophe insurance in Europe, and found a number of barriers that impact the willingness of people and businesses to buy NatCat insurance.
EIOPA is planning to increase risk awareness among consumers through public or independent tools that monitor the level of risk associated with NatCat events and has identified a number of solutions to tackle such barriers.
In this respect EIOPA opened a consultation for stakeholders to submit their feedback and based on the feedback received, the most effective measures that can be implemented to improve customer resilience in the face of NatCat events will be issued.
EY Malta insurance

Revision of the professional indemnity insurance coverage

Following a public consultation that took place earlier on this year, on the 3rd July 2023, EIOPA published draft Regulatory Technical Standards relating to the adaptation of the minimum amounts for professional indemnity insurance based on the rate of inflation. The new base amounts are proposed to read as follows:

  • The base Professional Indemnity Insurance amount applying to each claim increases to €1,564,610;
  • The base aggregate Professional Indemnity amount per year increases to €2,315,610; and
  • The base financial capacity amount increases to €23,480.

More information can be found in the final report of the public consultation paper, which can be accessed through here.

Contact us

Karl Mercieca
EY Malta Financial Services Regulatory Compliance
Partner 
karl.mercieca@mt.ey.com

Karl Mercieca

Leanne Haber
EY Malta Financial Services Regulatory Compliance
Senior Consultant
leanne.haber@mt.ey.com

Leanne Haber

Kira Farrugia
EY Malta Financial Services Regulatory Compliance
Assistant
kira.farrugia@mt.ey.com

kira Farrugia