Chile Financial Market Commission launches consultation on service externalization requirements for insurers and reinsurers

The Chile Financial Market Commission has published for consultation a draft regulation setting principles and minimum requirements for insurance and reinsurance companies to identify, assess, monitor and control risks arising from outsourcing services. The proposal is intended to strengthen CMF supervision in this area and would supplement General Rule No. 454 on operational risk management and cybersecurity. The draft framework covers the identification and management of outsourcing-related risks, including operational, strategic, reputational, compliance and business continuity risks, and requires firms to classify outsourced activities by materiality and criticalness using quantitative and qualitative criteria. It also sets expectations for supervision and auditing of service providers, business continuity planning by both firms and providers, and strengthened cybersecurity and information security where outsourced services involve sensitive or critical data. Further elements include minimum service levels and enforceable contractual clauses, requirements to avoid and manage concentration and technological dependence risks, and provisions to ensure outsourcing does not reduce firms’ responsibility, control, governance or compliance; CMF access to outsourced operations and information is предусмотрено, including remote or on-site supervision abroad in line with existing requirements. Comments can be submitted via the CMF website’s “Regulations Under Consultation” section until September 30, 2025.