ICP 3 Information Sharing and Confidentiality Requirements

The supervisor obtains information from, and shares information with, relevant supervisors and authorities subject to confidentiality, purpose and use requirements


3.1

The supervisor requests information, including non-public information, from relevant supervisors and authorities with respect to insurers.  



3.1.1    
Information requested by a supervisor from a relevant supervisor or authority may include:
  • information on strategy, business activities and business models including prospective and recent acquisitions or disposals of insurance business;
  • financial data relating to an insurer;
  • organisational structure, both legal and management structure;
  • information on the management and operational systems and controls used by insurers;
  • information on individuals holding positions of responsibility in insurers  such as Board Members, Senior Management, Key Persons in Control Functions and Significant Owners;
  • information on individuals or insurers involved, or suspected of being involved, in criminal activities;
  • information on any failures to comply with supervisory requirements, regulatory investigations and reviews, and on any restrictions imposed on the business activities of insurers;
  • information concerning regulated entities related to the insurance group, whether undertaking insurance business or other financial business which is subject to regulation, and information concerning non-regulated entities related to the insurance group such as service companies or holding companies;
  • specific information requested and gathered from a regulated entity; and
  • reporting information within groups to meet group supervisory requirements, including subsidiaries and non-regulated holding companies.

3.1.2    
Relevant supervisors and authorities, whether in the same or a different jurisdiction, may include:
  • other insurance supervisors;
  • supervisors responsible for banks and other credit institutions;
  • supervisors responsible for investments, securities, pensions, financial markets and other sectors;
  • authorities responsible for the recovery or resolution of insurers;
  • authorities responsible for anti-money laundering or combating the financing of terrorism; and
  • law enforcement agencies.

3.2

The supervisor shares information, including non-public information, with relevant supervisors and authorities at its sole discretion and subject to appropriate safeguards.



3.3

The supervisor requesting confidential information (the requesting supervisor) has a legitimate interest and valid supervisory purpose related to the fulfilment of its supervisory functions in seeking information from another relevant supervisor or authority.



3.4
The supervisor that has received a request for confidential information (the requested supervisor) from another relevant supervisor or authority:
  • assesses each request for information on a case-by-case basis; and
  • responds to requests in a timely and comprehensive manner.


3.5

The requesting supervisor uses confidential information received from the requested supervisor or authority only for the purposes specified when the information was requested. Unless otherwise agreed, before using the information for another purpose or passing it on to others, the requesting supervisor obtains agreement of the requested supervisor or authority.


3.6
In the event the requesting supervisor has received notice of proceedings, which may legally compel it to disclose confidential information which it has received from the requested supervisor, the requesting supervisor:
  • to the extent permitted by law, promptly notifies the requested supervisor; and
  • where consent to disclosure is not given, uses all reasonable means to resist the demand and to protect the confidentiality of the information.

3.6.1    

Where allowed by the laws and practices of the jurisdiction, a requesting supervisor required to disclose confidential information by legal compulsion should place, or seek to place, protections from disclosure on that information. Such protections could include:

  • a protective order placing restrictions on use or further distribution of the confidential information; or
  • limitations on the means and location of the disclosure of the confidential information.