๐Ÿ‡บ๐Ÿ‡ธ US 30-yr mortgage rate: 6.55% โ€” Bankrate, June 10๐Ÿ‡ฏ๐Ÿ‡ต BOJ June rate hike: 80% market probability โ€” CNBC๐Ÿ‡ฎ๐Ÿ‡ณ India opens insurance to 100% FDI under automatic route๐Ÿ‡บ๐Ÿ‡ธ Fed holds rates at 3.50โ€“3.75% โ€” third consecutive hold๐ŸŒ Global cyber insurance market: $33.4B projected for 2026๐Ÿ‡ฌ๐Ÿ‡ง FCA: Insurance premium finance APRs down 4.1% since 2022๐Ÿ‡ฐ๐Ÿ‡ท DB Insurance completes $1.65B Fortegra acquisition๐Ÿ‡บ๐Ÿ‡ธ Medicaid cuts: CBO estimates 11.8M to lose coverage๐Ÿ‡ฆ๐Ÿ‡บ APRA CPS 230 amendments effective July 1, 2026๐Ÿ‡ฉ๐Ÿ‡ช BaFin launches dedicated cyber insurance reporting class๐Ÿ‡บ๐Ÿ‡ธ US 30-yr mortgage rate: 6.55% โ€” Bankrate, June 10๐Ÿ‡ฏ๐Ÿ‡ต BOJ June rate hike: 80% market probability โ€” CNBC๐Ÿ‡ฎ๐Ÿ‡ณ India opens insurance to 100% FDI under automatic route๐Ÿ‡บ๐Ÿ‡ธ Fed holds rates at 3.50โ€“3.75% โ€” third consecutive hold๐ŸŒ Global cyber insurance market: $33.4B projected for 2026๐Ÿ‡ฌ๐Ÿ‡ง FCA: Insurance premium finance APRs down 4.1% since 2022๐Ÿ‡ฐ๐Ÿ‡ท DB Insurance completes $1.65B Fortegra acquisition๐Ÿ‡บ๐Ÿ‡ธ Medicaid cuts: CBO estimates 11.8M to lose coverage๐Ÿ‡ฆ๐Ÿ‡บ APRA CPS 230 amendments effective July 1, 2026๐Ÿ‡ฉ๐Ÿ‡ช BaFin launches dedicated cyber insurance reporting class
PG

PolicyGlobal

Insurance & Finance Intelligence

Cyber extortion and ransom insurance regulation in Germany - illustrative image
Insurance๐Ÿ‡ฉ๐Ÿ‡ชGermany

Germany's BaFin Confirms Legal Permissibility of Ransom Insurance Amid Rising Cyber Extortion

Editorial Deskยทยท4 min read
Verified Story

Germany's Federal Financial Supervisory Authority (BaFin) has issued a circular confirming the legal permissibility of ransom insurance under German supervisory law, consolidating prior regulatory requirements and providing clarity for insurers and policyholders. The move comes as cyber extortion and ransomware threats escalate across Europe, and as BaFin separately flags systemic accumulation risks in the rapidly growing cyber insurance market.

Germany's financial regulator, the Bundesanstalt fรผr Finanzdienstleistungsaufsicht (BaFin), has provided important legal clarity on a sensitive and growing area of coverage: ransom insurance. In a circular issued in April 2026, BaFin confirmed the legal permissibility of ransom insurance under German supervisory law, consolidating previously scattered regulatory requirements into a clearer framework for both insurers and policyholders.

Ransom insurance โ€” coverage that helps policyholders manage the financial consequences of extortion events, including kidnap-and-ransom and increasingly cyber-extortion scenarios โ€” has historically operated in a legally ambiguous space in many jurisdictions, given concerns that such coverage might inadvertently encourage criminal demands. BaFin's circular addresses this uncertainty by confirming that, under German law, such insurance is permissible while consolidating the regulatory expectations that insurers must meet. This provides a more stable legal foundation for insurers offering these products and greater certainty for businesses and individuals seeking coverage.

The clarification arrives against a backdrop of intensifying cyber-extortion activity. BaFin has been closely monitoring the cyber insurance market, conducting its third survey of insurance companies on cyber coverage (published May 29, 2026) and introducing a separate insurance class for cyber risks with a dedicated reporting obligation under the German Insurance Reporting Regulation (BerVersV) for the 2025 financial year. The regulator's primary concern centres on 'accumulation risks' โ€” the danger that a single large-scale cyberattack could trigger widespread simultaneous losses across many insurers and policyholders at once, an inherently different and more dangerous risk profile than traditional insurance lines.

The broader European context reinforces the importance of BaFin's guidance. Cyber-extortion and ransomware attacks have surged across the continent, with double-extortion and data-theft schemes becoming more common. The EU's Digital Operational Resilience Act (DORA) treats information and communications technology risk as central to financial-sector resilience, imposing strict incident reporting and testing requirements. As Europe's largest economy and a major hub for industrial and corporate insurance, Germany's regulatory positions carry significant weight for how the European cyber and specialty insurance markets develop.

Key Points

  • 1BaFin issued a circular confirming the legal permissibility of ransom insurance under German law
  • 2The circular consolidates prior regulatory requirements, adding clarity for insurers and policyholders
  • 3BaFin introduced a separate cyber insurance class with dedicated reporting for the 2025 financial year
  • 4The regulator's top concern is accumulation risk โ€” one cyber event causing widespread simultaneous losses
  • 5The EU's DORA framework imposes strict ICT incident reporting and resilience testing on financial firms

Why This Matters

As cyber-extortion threats escalate, legal clarity on ransom insurance gives German businesses and individuals more confidence in obtaining coverage and gives insurers a stable basis to offer these products. For the broader European market, BaFin's stance influences how specialty and cyber insurance products are structured. The regulator's focus on accumulation risk also signals that European supervisors are treating systemic cyber exposure with the seriousness traditionally reserved for natural catastrophes.

#BaFin#Germany#ransom insurance#cyber extortion#cyber insurance#regulation#DORA

Original Source

BaFin / Bird & Bird โ†—
Verified ยท Jun 17, 2026Read Original
Disclaimer: This article is for informational purposes only and does not constitute financial, investment, legal, or insurance advice. Always consult a qualified professional before making financial decisions. PolicyGlobal reports on publicly available information from third-party sources and cannot guarantee the accuracy or completeness of such information.

Related Stories

Oil tanker transiting a narrow maritime strait representing marine war-risk insurance - illustrative image
Insurance

US-Iran MOU Reopens Strait of Hormuz but Iran's Mandatory Insurance Rule Sparks Sanctions Standoff

June 20, 2026

Global insurance risk analysis and protection gap research - illustrative image
Insurance

Triple-I and Munich Re RiskScan 2026 Flags $424 Billion Global Insurance Protection Gap

June 8, 2026

India financial sector and insurance market liberalization - illustrative image
Insurance

India Opens Insurance Sector to 100% Foreign Direct Investment Under Automatic Route

May 2, 2026

London financial district and Lloyd's insurance market - illustrative image
Insurance

Lloyd's of London Launches War, Terror and Political Violence Consortium Amid Middle East Dislocation

June 10, 2026

Daily Intelligence

The PolicyGlobal Daily Brief

Get the top 5 insurance and finance stories every morning, curated and verified by our editorial desk. No spam. Unsubscribe anytime.

Informational newsletter only. Not financial advice. Disclaimer