umraniye escort pendik escort
canli poker siteleri meritslot oleybet giris adresi betgaranti
escort antalya
istanbul escort
sirinevler escort
antalya eskort bayan
bodrum escort
Short Reads

DNB publishes guidelines for outsourcing notifications by insurers

DNB publishes guidelines for outsourcing notifications by insurers

DNB publishes guidelines for outsourcing notifications by insurers

04.12.2020 NL law

Requirements applicable to outsourcing (including intra-group arrangements as well as outsourcing to the cloud) under Dutch and EU financial regulatory regimes have become more stringent in recent years. Outsourcing has therefore been a priority on the Dutch regulators’ supervision agenda.

On 30 November 2020, the Dutch Central Bank (De Nederlandsche Bank, “DNB”) published new guidance with the aim of improving the quality of outsourcing notifications submitted by Dutch insurers.  On the same date, DNB issued a press release indicating that outsourcing contracts between various regulated undertakings and a large IT supplier are structurally non-compliant, for instance because a proper ‘right to audit’ or ‘right to examine’ was not appropriately catered for (link), alerting Dutch financial markets to the paramount importance of compliance with the applicable outsourcing requirements.

Outsourcing activities

The Solvency II Directive sets the requirements applicable to (cloud and non-cloud) outsourcing by insurers. The requirements state that DNB must be informed in a timely manner when a Dutch insurer decides to outsource activities to a third party. Importantly, outsourcing arrangements that qualify as ‘critical or important’ must be reported to DNB before the agreement with the third party to whom the services are outsourced takes effect, or the actual provision of services commences.

Points of attention

In its update, DNB notes that it will continue to focus on the quality of the outsourcing and the timely and correct notification of outsourcing arrangements to DNB. In order to improve the quality of outsourcing notifications, DNB recommends that insurers take the following points of attention into account:

  • In order to examine an outsourcing notification directly in the right context, DNB requests insurers include with their notification a full schematic overview of the outsourcing chain, including a detailed explanation.
  • DNB expects insurers to ensure that the scope and depth of the information they receive from third parties is sufficient to allow them to determine the outsourced parties’ standard of control. For an adequate evaluation of the risk that a service provider may not comply with the agreed quality standards, DNB asks insurers to use DNB’s template when preparing their risk analysis, as DNB states that assurance reports, certifications or in-house audits do not always provide sufficient assurance regarding the service provider's internal control. An ISO27001 certificate, for example, is by itself insufficient to demonstrate the effectiveness of control measures.
  • The rights to audit and examine, which are referred to in the 'outsourcing notification form', extend beyond the service provider with whom the agreement is concluded. DNB emphasises the need for these rights to cover all critical or important outsourced activities throughout the outsourcing chain. Recent cases have provided examples where the rights to audit and examine service providers were not provided for in the outsourcing agreement, meaning that insurers were non-compliant when entering into the outsourcing arrangement (and may remain non-compliant to the present date). These agreements must be updated and amended.

Finally, DNB reiterates that it is important to evaluate the extent to which outsourcing contracts meet the requirements set out in Article 274 of the Solvency II Regulation and the EIOPA Guidelines on outsourcing to cloud service providers.

Given the fact that outsourcing is a key point of supervision by the Dutch regulators, we recommend financial undertakings to ensure that they fully comply with the applicable outsourcing regulations and that they assess whether their outsourcing notifications to DNB comply with the above guidelines.


Related news

24.02.2021 NL law
How certain elements of the Dutch scheme may (or may not) affect ISDA Master Agreements

Articles - On 1 January 2021, the legislative framework for court-approved restructurings of debts outside formal insolvency proceedings (hereafter referred to as the ‘Dutch scheme’, or simply, the ‘scheme’) entered into force. Under the Dutch scheme a debt restructuring plan can be submitted to the creditors for voting, whereby a majority can bind a minority within each class of creditors and the competent court has the power to make the plan binding on dissenting classes of creditors.

Read more

29.01.2021 NL law
Nationale en Europese IMVO-ontwikkelingen

Short Reads - De aandacht voor Corporate Social Responsibility (“CSR”)/internationaal maatschappelijk verantwoord ondernemen (“iMVO”)/Environmental, Social and Governance factoren (“ESG”) blijft toenemen. Wij zien op nationaal en Europees niveau tal van ontwikkelingen. Wij behandelen een greep uit de initiatieven.

Read more

22.02.2021 EU law
EU Regulator’s response to the Reddit rally

Short Reads - A massive stock market rally recently suddenly developed with respect to GameStop’s shares, a moribund chain of video game stores in the United States. The instigators: users of the investment forum r/wallstreetbets on Reddit. On 17 February 2021, the European Securities and Markets Authority delivered its strongest warning yet about the risks of using social media for investing, cautioning that any effort to coordinate trades online could violate EU market abuse regulations.

Read more

29.01.2021 NL law
UBO-register operationeel vanaf 27 september 2020

Short Reads - Het Nederlandse UBO-register is op 27 september 2020 live gegaan. Vennootschappen en andere juridische entiteiten die voor 27 september 2020 zijn opgericht, hebben tot 27 maart 2022 de tijd voor de registratie van hun UBO’s (ultimate beneficial owners). Rechtspersonen die op of na 27 september 2020 zijn opgericht, moeten direct na oprichting bij inschrijving in het handelsregister hun UBO(‘s) registreren. Wij merken dat er in de praktijk nog veel onduidelijk is rondom de kwalificatie en registratie van UBO’s.

Read more