Regulatory Update: National Association of Insurance Commissioners Summer 2023 National Meeting
The National Association of Insurance Commissioners (NAIC) held its Summer 2023 National Meeting (Summer Meeting) from August 12–16, 2023. Highlights include continued development of accounting principles and investment limitations related to certain types of bonds and structured securities, continued discussion of considerations related to private equity ownership of insurers, a proposed model bulletin addressing the use of artificial intelligence by the insurance industry, and continued development of a new consumer privacy protections model law.
Regulatory Update: National Association of Insurance Commissioners Spring 2023 National Meeting
U.S. Treasury Department Seeks Public Comment On Potential Federal Cyber Insurance Program
The U.S. Treasury Department is seeking public comment on the need and scope for a potential federal insurance response to catastrophic cyber incidents, akin to the one put in place for terrorism insurance after the attacks of September 11, 2001.
Regulatory Update: NAIC Summer 2022 National Meeting
The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. This post summarizes the highlights from this meeting in addition to interim meetings held in lieu of taking place during the Summer Meeting. Highlights include a proposal for a new consumer privacy protections model law, continued discussion of considerations related to private equity ownership of insurers, continued development of accounting principles and investment limitations related to certain types of bonds and structured securities, and initiatives to address climate risks in the insurance sector.
Kentucky and Maryland Recently Joined Other States in Adopting NAIC Model Data Security Law
Kentucky and Maryland recently continued the trend of state insurance departments adopting some version of the National Association of Insurance Commissioners’ (“NAIC”) Insurance Data Security Model Law. Kentucky Governor Andy Beshear signed House Bill 474 into law, and Maryland Governor Larry Hogan signed SB 207. (more…)
Data Breaches are More Expensive than Last Year, New IBM Security Report Finds
Death, taxes and data breaches. Cybersecurity incidents have grown in frequency, scale and seriousness. As articulated in President Biden’s May 2021 Executive Order, Improving the Nation’s Cybersecurity, “[t]he United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.” These threats lead to direct costs on victims, and these costs have also grown exponentially in recent years, as readers of the famed annual Ponemon data breach report well know. This year’s report is out, and confirms the continuation of a troubling trend. (more…)
Regulatory Update: NAIC Summer 2021 National Meeting
The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. As a result of the continuing COVID-19 pandemic, the NAIC met in a hybrid format with attendees participating both in person and virtually. This post summarizes the highlights from this meeting in addition to interim meetings that were held during July in lieu of taking place during the Summer Meeting. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. 71, and an amendment to the purposes and procedures manual to add instructions for review of funds.
New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance
On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. 2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. Issuance of the Framework is notable as it represents the first official guidance by a U.S. regulator concerning the increasingly critical issue of cyberinsurance. And while circular letters do not establish new legal requirements or have the force of law, they do set forth the department’s interpretation of the requirements of existing laws and regulations.1
NAIC Insurance Data Security Law Annual Certifications: Is Yours Due By February 15?
Most cybersecurity professionals are aware of the New York Department of Financial Service’s requirement imposed on DFS-licensed entities to certify their cybersecurity program’s compliance on an annual basis (by April 15th of each year), but less well known is that numerous other states impose similar requirements on regulated insurance entities and that deadline for many states is coming up on February 15, 2021.
Regulatory Update: NAIC Fall 2020 National Meeting
The National Association of Insurance Commissioners (NAIC) held its Fall 2020 National Meeting (Fall Meeting) December 3-9, 2020. As a result of the continuing COVID-19 pandemic, the NAIC once again met in a virtual format. This Sidley Update summarizes the highlights from this meeting in addition to interim meetings that were held during November in lieu of taking place during the Fall Meeting.