• Insurance regulators zeroing in on cybersecurity

    Recent activity by regulators shows an increased focus on cybersecurity in the insurance industry. The National Association of Insurance Commissioners (NAIC) has published its Principles for Effective Cybersecurity Insurance Regulatory Guidance. In addition, the New York Department of Financial Services (NY DFS) recently released guidance for New York insurance organizations with their Report on Cybersecurity in the Insurance Sector.
  • What insurance organizations can do now to prepare for state regulatory cybersecurity initiatives

    Within the last several months, two significant insurance organizations have announced greater involvement in initiatives to reduce cybersecurity risk throughout the insurance industry. The New York State Department of Financial Services (NY DFS) released the results of its survey on cybersecurity practices and the National Association of Insurance Commissioners (NAIC) recently adopted a set of cybersecurity regulatory principles.
  • Internal audit value optimization for insurance organizations

    The demands on the internal audit departments of insurance organizations have increased significantly in recent years as technology advances, regulation becomes more rigorous, new risks emerge, and companies seek more business insights. Internal audit plays a crucial role in providing assurance on an organization’s governance, risk management, and control processes to help achieve strategic, operational, and financial objectives while balancing compliance objectives and expectations from regulators. Internal audit departments need to leverage an understanding of insurance industry trends, feedback from leadership, and available public information to add value to the organization – to optimize internal audit value.
  • Strengthening collaboration between internal audit and risk management

    To meet OCC requirements and strategically connect the dots on assurance, compliance, and risk management, internal audit functions will need to be part of the risk management ecosystem and provide validation of the execution of risk management responsibilities by frontline units and management. This article outlines what internal audits bring to the table as well as opportunities for driving value through collaboration between risk management and internal audit, using the case example of concern about loan loss reserves.