Skip to main content
European Insurance and Occupational Pensions Authority
News article11 February 2020

EIOPA sets out strategies on cyber underwriting and SupTech

The European Insurance and Occupational Pensions Authority (EIOPA) has published its strategies for cyber underwriting and supervisory technology, or SupTech.
The strategies reflect strategic priorities and respond to the evolving insurance landscape, in particular related to digital technology. 

Cyber underwriting to strengthen cyber resilience

The objective of EIOPA’s Cyber underwriting strategy is to contribute to building a strong, reliable, cyber insurance market. 
Increased digitalisation and use of big data has led to a growth in the frequency and sophistication of cyber attacks, highlighting the need for a sound cyber insurance market.  Appropriate cyber insurance coverage, underwriting practices and sound supervision can make a valuable contribution for people, businesses and economies to manage cyber risk.
EIOPA has identified the following conditions which are essential for a resilient cyber insurance market:

  • Appropriate cyber underwriting and risk management practices and the corresponding promotion of such practices
  • Adequate assessment and mitigation tools to address potential systemic and extreme risks
  • A mutual understanding between policyholders and insurers of contractual definitions, conditions and terms; and
  • An adequate level and quality of data on cyber incidents available at European level.

EIOPA will undertake specific actions as part of its own supervisory and regulatory priorities as well as in its capacity as a facilitator and catalyst to provide advice on cyber insurance. Actions include:

  • The periodic assessment and supervision of cyber underwriting and risk management
  • Further investigation into the issue of non-affirmative cyber exposures and accumulation of risk 
  • Inclusion of scenarios related to cyber risk events and incidents in the stress testing framework
  • Working with partners to explore and promote the development of a harmonised cyber incident reporting taxonomy.

Technology to deliver innovative and efficient supervisory solutions

Improving the efficiency and effectiveness of the Supervisory Review Process is a strategic priority for EIOPA, in particular by taking advantage of new technological developments and the opportunities they present.
EIOPA will work closely with national competent authorities to build on the existing use of technology to create innovative and efficient supervisory solutions to support a more effective, flexible and responsive supervisory system.
To support this goal, EIOPA will:

  • Implement a platform for the ongoing exchange of knowledge and experience to promote a culture of innovation and initiative between supervisors; and
  • Organise and endorse the analysis of potential supervisory tools aimed to address specific issues identified by supervisors and to develop them following a positive analysis.

This Supervisory technology strategy will provide the grounds for the establishment of a mid- and long-term coordinated plan for the development of SupTech-based supervisory tools and processes, in line with EIOPA’s strategic objective and annual supervisory convergence plans.


Publication date
11 February 2020