Our Global Insurance Industry Year in Review is now in its 10th year. In this report, we discuss developments and trends in insurance industry transactions over the past year, with a particular focus on mergers and acquisitions, corporate finance, insurtech, the insurance-linked securities and convergence markets, as well as tax, regulatory and litigation developments.

A

On October 22, 2021, the New York Department of Financial Services (“NYDFS”) issued an interpretive letter that provides guidance on how entities regulated by NYDFS (“Covered Entities”) may comply with the NYDFS Cybersecurity Regulation by adopting the cybersecurity program of an affiliate (“Affiliate Program Letter”).1 According to the Affiliate Program Letter, a Covered Entity

The number of cyber attacks is on the increase and so is their level of sophistication. Because insurance companies are data driven businesses holding vast amounts of customer data (personal information, health and financial data), cyber attacks are a real threat and should be prioritised as one of their key operational risks. Most of the

As the decade comes to a close, new technologies are having a major impact on how insurance industry participants conduct their operations – especially how they collect, process, analyze, store and disseminate vast amounts of data – as well as how they interact with those with whom they do business. In recent years, blockchain technology

The California Consumer Privacy Act (“CCPA”) will impact how insurers collect, store, sell and process the personal information of California consumers. Other US states are likely to soon follow suit—there are currently at least 11 other states with pending privacy laws that incorporate CCPA-like concepts and requirements. In this Legal Update, we examine the history

By any measure, 2018 was a major year for data privacy regulation. The most significant regulatory development in this area was the European Union’s General Data Privacy Regulation (“GDPR”), which went into effect on May 25, 2018 and establishes what is probably the most rigorous data protection regime currently in existence. As adopted, GDPR includes

The cybersecurity regulation (“CyberRegs”) adopted by the New York State Department of Financial Services (“NYDFS”) is almost two years old and will be fully in effect by March 2019. The CyberRegs has already had a broad impact on financial institutions that are authorized to engage in business in New York (“Covered Entities”). Furthermore, even for

On October 24, 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. The NAIC Model Law builds on existing data privacy and consumer breach notification requirements by requiring insurance licensees to comply with detailed requirements regarding their information security program and responding to and giving notification of cybersecurity events.