Skip to content

FERMA called on the EU Council to prioritize strengthening cyber insurance resiliency

FERMA called on the EU Council to prioritize strengthening cyber insurance resiliency

The Federation of European Risk Management Associations (FERMA) has called on the Council of the European Union to prioritize strengthening cyber insurance resiliency, addressing cyber insurance gaps, and enhancing economic security in 2025.

FERMA issued its recommendations ahead of Poland’s upcoming presidency of the Council of the EU during the first half of 2025.

The association emphasized the significance of this presidency as the EU navigates its green transition while addressing growing risks from natural catastrophes, geopolitical tensions, and hybrid threats.

Poland’s leadership has outlined seven priorities, including reducing bureaucratic burdens. These plans aim to foster flexibility and promote incentives and rewards rather than penalties. FERMA acknowledged this approach and urged the council to expand the application of risk-based policies.

The association cited the Artificial Intelligence Act and the Corporate Sustainability Reporting Directive as examples of EU legislation utilizing risk-based approaches. The sustainability directive requires large companies to disclose risks and opportunities related to social and environmental factors, as well as their impact on people and the environment.

FERMA noted that clear regulations and robust risk assessments support competitiveness and drive informed decision-making.

FERMA also underscored the critical role of insurance in achieving climate-neutral goals. However, private market capacity currently falls short of meeting the demand for transition-related risk coverage. This leaves businesses forced to choose between competitiveness and climate commitments.

To close the climate protection gap, FERMA proposed forming a commission to evaluate a public-private reinsurance program, echoing similar suggestions from the European Insurance and Occupational Pensions Authority and the European Central Bank.

Addressing cyber insurance gaps, FERMA recommended creating a reinsurance pool or backstop mechanism to stabilize the market in the event of catastrophic cyber incidents, such as the CrowdStrike attack.

The association argued that private insurers alone might be unable to manage losses of such magnitude.

Finally, FERMA called for a review of cyber insurance as part of the Council of the EU’s broader cybersecurity strategy.