Regulatory Alerts2022-10-14 | Circular 10/2018 (VA) in the version of 3 March 2022BaFin Circular 10/2018 (VA) – Supervisory Requirements for IT in Insurance Undertakings
The Federal Financial Supervisory Authority establishes binding IT supervisory requirements for German insurance undertakings and groups, mandating management boards to define and implement a proportionate IT strategy aligned with each entity's risk profile. The framework requires comprehensive governance, information risk and security management processes, alongside strict controls for IT operations, outsourcing agreements, business continuity, and critical infrastructure. Undertakings must continuously monitor these measures to ensure data integrity, availability, confidentiality, and authentic stakeholder oversight while adapting structures to technological advancements and evolving threat levels.
Share