InfoSight Spotlight: FFIEC on cyber insurance

The Federal Financial Institutions Examination Council (FFIEC) members issued a joint statement to describe matters that financial institutions should consider if they are determining whether to use cyber insurance as a component of their risk management programs. The FFIEC members do not require financial institutions to maintain cyber insurance. The evolving cyber insurance market and […]

The Federal Financial Institutions Examination Council (FFIEC) members issued a joint statement to describe matters that financial institutions should consider if they are determining whether to use cyber insurance as a component of their risk management programs.

The FFIEC members do not require financial institutions to maintain cyber insurance. The evolving cyber insurance market and the shifting cyber threat landscape may, however, prompt financial institutions to consider whether cyber insurance would be an effective part of their overall risk management programs.

The joint statement notes that cyber attacks are increasing in volume and sophistication and that traditional general liability insurance policies may not provide effective coverage for all potential exposures caused by cyber events. Cyber insurance could offset financial losses from a variety of exposures—including data breaches resulting in the loss of confidential information—that may not be covered by more traditional insurance policies. Financial institution management should assess the scope of coverage of current insurance and consider how cyber insurance may fit into the institution’s overall risk management framework.

As with any insurance coverage, cyber insurance does not diminish the importance of a sound control environment. Rather, cyber insurance may be a component of a broader risk management strategy that includes identifying, measuring, mitigating, and monitoring cyber risk exposure.

Financial institutions may find additional information on risk management and cybersecurity risk management on the FFIEC’s website here. Read the full InfoSight newsletter here.

Written by
admin
View all articles

About Us

The League of Southeastern Credit Unions & Affiliates represents 342 credit unions in Alabama, Florida and Georgia, with a combined total of $118.63 billion in assets and more than 10.1 million members. LSCU & Affiliates provides legislative and regulatory advocacy; education and training; cooperative initiatives (including financial education outreach); public messaging; information services; and business solutions.

LSCU Mission Statement

To create an environment that enables credit unions to grow and succeed.

LSCU Vision Statement

To be the trusted advocate and preferred source of information for credit unions.

If you need to reach us, e-mail communications@lscu.coop

Social Channels

Follow us on all major social media platforms.