Today, 22.07.2021, at its meeting, the Financial Supervision Commission (FSC) adopted at the second vote an Ordinance on the requirements for the governance system of insurers and reinsurers.
The ordinance completes the national legal framework for the governance system of insurers and reinsurers in accordance with the Insurance Code (IC) and the guidelines of the European Insurance and Occupational Pensions Authority (EIOPA). Thanks to it, conditions are created for better management of the risks faced by Bulgarian insurers and reinsurers, and the guarantees for protection of the interests of the users of insurance services in the Republic of Bulgaria are strengthened. In the course of the public discussion of the Ordinance, the FSC took into account all received opinions, incl. and numerous suggestions, comments and remarks from the Association of Bulgarian Insurers.
With the ordinance, the FSC introduces into the national insurance and reinsurance legislation the following guidelines of EIOPA, which it has stated that it intends to comply with in its supervisory practice with regard to the management system of insurers and reinsurers:
1. Guidelines on the System of Governance (EIOPA-BoS-14/253 EN) and the Technical Annex thereto
These guidelines include the basic guidelines of EIOPA on the main aspects of the governance system of insurers and reinsurers, such as the requirements for the organization and operation of their management and supervisory bodies, the qualifications and reliability of their members and other key functions, risk management, structuring and operation of key functions, policies of the insurer regulating the most important aspects of its activities, internal control, outsourcing and specific aspects of the governance system at the level of a group of insurers and reinsurers.
2. Guidelines on Own Risk and Solvency Assessment (EIOPA-BoS-14/259 EN)
These guidelines include basic guidance on carrying out the important process of self-assessment of risk and solvency within the risk management system of insurers or reinsurers.
3. Guidelines on Complaints-Handling by Insurance Undertakings (EIOPA-BoS-12/069 EN)
These guidelines set out the procedures applied by insurers to deal with complaints lodged by users of insurance services.
In addition, the Ordinance provides for the FSC to issue instructions within 2 months of the Ordinance becoming effective, so as to ensure the application in its supervisory practice and the following guidelines of EIOPA:
4. Guidelines on Outsourcing to Cloud Service Providers (EIOPA-BoS-20-002)
These guidelines provide for specific requirements for the outsourcing to cloud service providers (services provided by data processing in the cloud), which are a source of additional risks for insurers and reinsurers and therefore require higher security requirements.
5. Guidelines on Information and Communication Technology Security and Governance (EIOPA-BoS-20/600)
These guidelines set out requirements to ensure compliance with the confidentiality, integrity and availability of information and information systems, as a guarantee to limit the operational risk to which insurers and reinsurers are additionally exposed as a result of the use of high technologies for storage, processing and access to data.
The new ordinance repeals Ordinance No 5 of 15.10.2003 on carrying out activity as an insurance broker and insurance agent (promulgated, SG 96/2003) and Ordinance No. 32 of 13.09.2006 on the requirements to the organization and the activity of the service for internal control of the insurer, the reinsurer and of the persons included in insurance or reinsurance group (promulgated, SG, 81/2006, amended and supplemented, issue 4 of 2010) which are issued on the basis of the repealed Insurance Act (repealed, SG No. 103/2005) and the repealed Insurance Code (repealed, SG No. 102/2015) and do not comply with the requirements of the current national and European legislation.
The ordinance provides for a 6-month period from its becoming effective, in which insurers and reinsurers should bring their policies, procedures and internal documents in line with the new requirements.