Back Custom print Link Text Only Rich Text Print

  • RM-A.2 RM-A.2 Module History

    • RM-A.2.1

      This Module was first issued in April 2005 by the BMA together with the rest of Volume 3 (Insurance). Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: UG-3 provides further details on Rulebook maintenance and version control.

      Amended: January 2007

    • RM-A.2.2

      When the CBB replaced the BMA in September 2006, the provisions of this Module remained in force. Volume 3 was updated in January 2007 to reflect the switch to the CBB; however, new calendar quarter dates were only issued where the update necessitated changes to actual requirements.

      Added: January 2007
      Amended: October 2007

    • RM-A.2.3

      A list of recent changes made to this module is detailed in the table below:

      Module Ref. Change Date Description of Changes
      RM-1.1 01/07/05 Correction to cross-reference.
      RM-6.1 01/07/05 Clarified wording of factors to consider for operational risks.
      RM-2.1 01/10/05 Clarified that the 25% notification for reinsurance exposure is to be applied based on a premium basis.
      RM-8.1 01/10/05 Corrected cross reference in RM-8.1.6.
      RM-1.1 01/01/06 Clarified CBB's requirements for insurance firms to carry out their own assessment of their capital needs.
      RM-2.1 01/01/06 Corrected cross-reference.
      RM-6.1 01/07/06 Added requirements for physical security measures and third party insurance to be put in place by insurance firms.
      RM-A.1.3 01/2007 New Rule introduced, categorising this Module as a Directive.
      RM-7.5.3 04/2008 Clarified that CBB prior approval is required for intra-group outsourcing.
      RM-7.2.1, 7.2.2 and 7.3.6 07/2008 Clarified that CBB prior approval is required for outsourcing arrangements.
      RM-7.5.7 04/2010 Added a Paragraph dealing with restrictions on intra-group outsourcing.
      RM-A.1.3 01/2011 Clarified legal basis
      RM-7.6 04/2013 Section amended on outsourcing of internal audit.
      RM-1.1 04/2014 Enhanced the requirements for the risk management function.
      RM-7.1.3 10/2017 Amended Paragraph to allow the utilization of cloud services.
      RM-7.1.5A 10/2017 Added a new Paragraph on outsourcing requirements.
      RM-7.2.1 10/2017 Amended Paragraph.
      RM-7.2.3 10/2017 Amended Paragraph.
      RM-7.2.6 10/2017 Amended Paragraph.
      RM-7.2.8 10/2017 Added a new Paragraph on outsourcing.
      RM-7.3.1 10/2017 Amended Paragraph.
      RM-7.3.2 10/2017 Amended Paragraph.
      RM-7.3.3 10/2017 Amended Paragraph.
      RM-7.3.6 10/2017 Amended Paragraph.
      RM-7.4.6 10/2017 Amended Paragraph.
      RM-7.4.13 10/2017 Amended Paragraph.
      RM-7.4.14 10/2017 Amended Paragraph.
      RM-7.4.20 10/2017 Amended Paragraph.
      RM-7.4.21 10/2017 Added a new Paragraph on security measures related to cloud services.
      RM-7.5.3 10/2017 Amended Paragraph.
      RM-7.5.4 10/2017 Amended Paragraph.
      RM-9 10/2019 Added a new Section on Cyber Security.
      RM-9 01/2022 New revised Chapter on Cyber Security Risk Management.
      RM-9.1.58 04/2022 Amended Paragraph on cyber security reporting.
      RM-9.1.59 04/2022 Amended Paragraph on the submission of the cyber security report.
      RM-7 07/2022 Replaced Chapter RM-7 with new Outsourcing Requirements.
      RM-9.1.22 10/2022 Amended Paragraph on email domains requirements.
      RM-9.1.22A 10/2022 Added a new Paragraph on additional domains requirements.

    • RM-A.2.3 [Deleted]

      Deleted: January 2007

    • RM-A.2.4

      Guidance on the implementation and transition to Volume 3 (Insurance) is given in Module ES (Executive Summary).

      Amended: January 2007