VAIT now available in English
The Supervisory Requirements for IT in Insurance Undertakings (Versicherungsaufsichtliche Anforderungen an die IT – VAIT), which BaFin published in German in July 2018, are now also available in English.
The VAIT aims at clarifying BaFin’s expectations with regard to governance requirements relating to information security and information technology. These requirements are a core supervisory component in the insurance and occupational pension sector in Germany.
The VAIT provide an interpretation of the legal requirements of section 23 of the German Insurance Supervision Act (Versicherungsaufsichtsgesetz – VAG - only available in German). The VAIT describe what BaFin considers appropriate as technical and organisational resources for IT systems, with particular regard to the requirements for information security and information risk management. As undertakings are increasingly obtaining IT services from third parties, including as part of outsourcing arrangements, these requirements also incorporate section 32 of the VAG.