IAFI has published its response to a consultation conducted by the International Association of Insurance Supervisors (IAIS) on its issues paper on operational resilience.

IAFI generally welcomes the IAIS’ intention to promote good practices in operational resilience and agrees with the need for greater convergence in cyber governance and resilience.

Reporting requirements from regional and/or national supervisors could be further aligned. However, it is important to avoid imposing new requirements in jurisdictions where the IAIS’ objectives have already been met, such as in the EU with the Digital Operational Resilience Act.

Digital operational regulations should be principle- and risk-based, as well as proportionate, to be flexible enough to stay in line with technological developments. They should also consider the size, business, and risk profiles of financial entities.