Brazilian Superintendence of Private Insurance presents its data protection and cybersecurity supervision agenda at CNseg dialogue event

The Brazilian Superintendence of Private Insurance (SUSEP), represented by Prudential and Reinsurance Supervision Director Carlos Queiroz, participated in CNseg’s “Dialogues on Data Protection with the Insurance Market” event in Brasília, setting out SUSEP’s institutional approach to personal data protection and its implications for sectoral regulation. Queiroz also presented results from SUSEP’s Cybersecurity Working Group and emphasised operational resilience expectations for all operators in supervised systems, including intermediaries and market infrastructure participants. The event brought together the National Confederation of Insurers (CNseg), Brazil’s National Data Protection Authority (ANPD) and SUSEP to strengthen communication and cooperation, support legal certainty in personal data processing in the insurance market, promote regulatory harmonisation and share good practices, challenges and solutions for regulatory compliance and responsible innovation. Queiroz framed data protection for SUSEP as a three-sided prism: supervision of how supervised firms manage data-related risks (including prudential and conduct aspects), regulation aimed at developing and adapting products to address these risks across the economy, and SUSEP’s own obligations as a holder of sensitive data to protect the data and systems it administers and supervises. He referenced SUSEP Circular No. 638/2021 on cybersecurity requirements for supervised entities and cited additional initiatives including internal consultancy work to support SUSEP’s technical approach and the organisation, within Coremec, of the first CORE Summit focused on cybersecurity in the financial system.