Tuesday, November 10, 2020

Treasury Department Publishes TRIA Update NPRM to Include Cyber Insurance

Today the Treasury Department published a notice of proposed rulemaking in the Federal Register (85 FR 71588-71593) concerning “Updated Regulations in Light of  the Terrorism Risk Insurance Program Reauthorization Act of 2019”. This rulemaking would implement technical changes to the TRIP mandated by the Terrorism Risk Insurance Program Reauthorization Act of 2019 which was included as Title V, Division I of PL 116-94 (the second of the FY 2020 spending bills, HR 1856).

Cyber Incident Coverage

PL116-94 did not specifically require the Treasury Department to cover cyber incidents under the TRIP. Rather §502(d) {133 STAT. 3027} required a study and report on cyber terrorism that included a requirement to make “recommendations on how Congress could amend the Terrorism Risk Insurance Act of 2002 (15 U.S.C. 6701 note) to meet the next generation of cyber threats” {§502(d)(2)}. That report is not directly referenced in this rulemaking.

What the rulemaking would do is to incorporate into the regulations guidance that the Department issued in 2016 to address the application of TRIA and the Program regulations to certain cyber risk insurance policies. This is specifically addressed by adding the following language to the definition of ‘property and casualty insurance’ in 31 CFR 50.4(w)(1): “a stand-alone cyber liability policy falling within Line 17”.

The coverage under this program is still limited to ‘terrorist attacks’ certified by the Treasury Department and only apply to Federal guarantees to insurers. The TRIP is designed to insure that a major terrorist attack does not bankrupt insurance companies.

Public Comments

The Department is soliciting public comments on this NPRM. Comments may be submitted through the Federal eRulemaking Portal (www.Regulations.gov; Docket # TREAS_FRDOC_0001-0380). Comments should be submitted by January 11th, 2021.

No comments:

 
/* Use this with templates/template-twocol.html */