Share with your friends

New filing requirements for Insurance Managers

Annual Return Filing

The BMA recently issued a new annual return template and new supplementary rules for Insurance Managers, Brokers and Agents.


Contact Us

Charles Thresh

Head of Advisory

KPMG in Bermuda


Related content


The Bermuda Monetary Authority (BMA) recently issued a new annual return template and new supplementary rules for Insurance Managers, Brokers and Agents. The first filing of the revised template is due on or before June 30, 2019. Brokers and Agents were brought into scope with the release of a BMA consultation paper on the Insurance Brokers and Insurance Agents Code of Conduct, including amendments to the Insurance Act. Comments on the consultation paper were due by September 7 and we expect it to be finalized over the fourth quarter.

Insurance Managers, Brokers and Agents will now be required to complete a comprehensive annual return filing including additional schedules compared to what was required previously. The new schedules include completion of questionnaires on the Company’s Cyber Risk Management Framework, Anti-Money Laundering and Anti-Terrorist Financing Risks and Control Framework, and Corporate Governance and Sanctions and Screening policy. The BMA will expect that additional information is provided or is readily available by each Insurance Manager, Broker and Agent.

Questions and the level of detail required to be submitted in the annual return filing:

  • Cyber Risk Management
    • Do you have a Board approved cyber risk strategy in place?
    • Is cyber risk considered as part of your organizations Internal Control process?
    • Does your organization have a process to identify critical functions, processes and key information assets that are exposed to cyber risk?
    • Do you have a process to identify your organization’s critical functions, processes and key information assets that are exposed to cyber risk?
    • Does your Internal Audit department or third party experts conduct reviews on the organisation's cyber security systems, controls and processes?
    • Do you perform internal regular vulnerability testing and penetration testing?
    • Are all your staff provided with on-going cyber security training?
    • Has an assessment been made regarding cyber/potential contagion risk from third party service providers?
    • Do you have formal policies and procedures and controls in place to protect critical data and sensitive data?
    • Do you have formal policies and procedures and controls in place to ensure maintenance of software including installation of patches and updates in a timely manner?
    • Do you have policies and procedures in place to monitor network and detect anomalous network activity?
    • Do you have a documented response plan with formal thresholds set for events and incidents to determine the appropriate response including reporting to impacted stakeholders and regulators?
    • How do you ensure that outsources functions have equivalent levels of security and protection?
    • What percentage of the current year’s budget is allocated to cyber security?
  • AML/ATF Risks and Controls
    • Do you risk rate risk?
    • Do you manage any Direct Long-Term Insurers (LTIs)?
    • The number of Insurers and other business relationships on boarded for the last 12 months by face to face with clients, via intermediary, by phone, email, fax or post, or other.
    • Country of residence of Ultimate Beneficial Owners (UBOs) of managed entities by direct LTIs, all other managed entities and Politically Exposed Persons (PEP) allocated by geographic zone.
    • Is your AML/ATF policies and procedures designed to identify PEPs.
    • Confirm if the policies and procedure manuals of the company relating to AML/ATF are in line with all applicable laws and regulations.
    • Confirm the frequency for which the Company'sAML/ATF policies and procedures are reviewed. Provide a copy of the AML/ATF policies and procedures if they have been updated in the last 12 months.Corporate Governance and Sanctions.
  • Corporate Governance and Sanctions
    • Are the powers, roles, responsibilities and accountabilities between the board of directors and senior management clearly defined, segregated and understood?
    • Do you review and monitor the structure, size and composition of the Board and recommend improvements to ensure its compliance with the applicable laws, regulations, listing rules and policies?
    • Does the Audit and Risk Management Committee of the Board or any related Board committee, assist the Board in fulfilling its oversight function through the review and evaluation of the financial reporting process and adequacy and effectiveness of the system of internal controls; including financial reporting and information technology security controls?
    • Confirm that the Board receives sufficient AML/ATF information to assess and understand the senior executive’s process for evaluating the system of internal controls?
    • Does the board at least annually monitor senior management compliance with policies set by the board and its performance based on approved targets and objectives? 

KPMG can assist Insurance Managers, Brokers and Agents through an Annual Return Readiness Assessment in order for your organisation to meet these requirements in your annual return filing submission in 2019. Please contact us for more information or to set up an appointment.

© 2020 KPMG, a group of Bermuda limited liability companies which are member firms of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.

KPMG International Cooperative (“KPMG International”) is a Swiss entity.  Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm.


The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.

Connect with us


Want to do business with KPMG?


loading image Request for proposal