Regulation in the Insurance Industry

Some examples of regulation in the insurance industry:

Solvency II

Solvency II came into force in January 2016 and allowed insurers and reinsurers to reduce their risks, increase their competitiveness and improve the type and quality of their products and services.


IFRS 17 (International Financial Reporting Standard) is the international standard that establishes the accounting measurement principles for insurance contracts, which is why it is of fundamental importance to the insurance business. The standard is issued by the IASB (International Accounting Standards Board), the independent accounting standard-setting body of the IFRS Foundation.

DORA (Digital Operational Resilience Act)

DORA seeks to strengthen and update the risk requirements posed by information and communication technologies (ICT) in the financial sector (including insurance and reinsurance companies) to ensure that all stakeholders in these industries operate under a common system to avoid the risks derived from the use of certain technologies.

IORP (Institutions for Occupational Retirement Provision)

IORP seeks to promote a high level of protection and security for people who hire pension plans. To do this, it regulates and modifies the governance system of pension funds, requiring the management entities of said funds to have independent professionals in key areas (actuarial, risk management and internal audit functions) and also carry out their own risk assessment.

IDD (Insurance Distribution Directive)

This law aims to regulate the way in which insurance products are designed and distributed in the European Union. Thus, companies must implement internal governance processes to design, control and approve their products. This standard, like others in the insurance field, seeks to protect the clients of these companies and promote transparency in distribution.

PRIIPS (Packaged Retail and Insurance-based Investment Products)

The European Union also regulates the obligation to make available to the clients of insurers what is called KID (Key Information Document) so that retail clients can know in advance of signing the contract information on the product considered relevant (such as its characteristics and identification data, the level of inherent risk, terms, profitability scenarios or associated costs, among others).

Data Privacy

  • Gramm-Leach-Bliley Act (GLBA). USA.

  • U.S.’s Health Insurance Portability and Accountability Act (HIPPA). USA.

  • California Consumer Privacy Act (CCPA) or New York Data Privacy Law. USA.

  • Personal Information Protection and Electronic Documents Act (PIPEDA). Canada.

  • Digital Charter Implementation Act. Canada.

  • Privacy Act. Australia.

  • Privacy Act. New Zealand.

  • Personal Information Protection Act. South Korea.

  • Personal Data Protection Bill. India.

  • Personal Data Protection Law. China.

  • Personal Data Protection Act. Thailand.

  • Act on Protection of Personal Information. Japan.

  • General Law on Protection of Personal Data. Brazil.

  • Personal Data Protection Law. Chile.

  • General Data Protection Regulations. European Union.

  • Protection of Personal Information. South Africa.