Brought to you by:

APRA digs deeper on cyber insurance data

The Australian Prudential Regulation Authority (APRA) plans to collect data on cyber and management liability insurance products following interest from insurers in separate reporting of the information.

APRA has opened a consultation on starting the collection “on a best endeavours” basis for the National Claims and Policies Database (NCPD) December half-year reporting period.

“Given the recent growth in cyber insurance products and the limited availability of data to assess performance and make pricing decisions for these two products, APRA now proposes to include cyber insurance management liability in the NCPD as standalone categories,” it says in a letter to insurers.

The proposal was supported by the Insurance Council of Australia in a 2016 submission and a number of insurers have expressed interest in specific cyber insurance data reporting, APRA says.

Currently, cyber is included under public liability while management liability is reported under existing professional indemnity product types in the NCPD.

APRA proposes data collection full implementation would take effect from the June 30 reporting period, and it would not collect historical data from before the current period.

Views are also being sought on the publication of the data and the level of aggregation and confidentiality.

The public consultation period closes on December 17. More details are available here.