Insurance Amendment Act

What this bill does

This bill requires insurance companies, insurance managers, and insurance brokers in Bermuda to immediately report cyber attacks and data breaches to the Bermuda Monetary Authority. It updates existing rules to make cyber security incident reporting mandatory when these events could harm policyholders or clients.

If passed (voted YES)

• Insurance companies and brokers must notify the Authority right away when they experience cyber attacks, data breaches, or system disruptions that could affect their customers
• These companies must provide a detailed written report within 14 days of any cyber incident
• The Authority will have better oversight of cyber threats facing Bermuda's insurance industry and can respond more quickly to protect policyholders

If rejected (voted NO)

• Insurance companies and brokers would not be legally required to report cyber incidents to the Authority
• The government would have less visibility into cyber threats affecting the insurance sector
• Current reporting requirements would remain unchanged, potentially leaving gaps in cyber security oversight

Who it affects

This primarily affects insurance companies, insurance managers, brokers, and insurance marketplace providers operating in Bermuda. It also indirectly protects policyholders and clients who could be harmed by cyber attacks on these companies.