| | |
| Notice by the General Office of the China Banking and Insurance Regulatory Commission of Issuing the Measures for the Regulation of Informatization Work of Insurance Intermediaries | | 中国银保监会办公厅关于印发保险中介机构信息化工作监管办法的通知 |
| All local offices of the China Banking and Insurance Regulatory Commission ("CBIRC"); and all insurance companies, all professional insurance intermediaries, and all sideline insurance agents: | | 各银保监局,各保险公司、各保险专业中介机构、各保险兼业代理机构: |
| The Measures for the Regulation of Informatization Work of Insurance Intermediaries are hereby issued with the approval of the CBIRC for your compliance and implementation. | | 经银保监会同意,现将《保险中介机构信息化工作监管办法》印发给你们,请遵照执行。 |
| January 5, 2021 | | 2021年1月5日 |
| Measures for the Regulation of Informatization Work of Insurance Intermediaries | | 保险中介机构信息化工作监管办法 |
| Chapter I General Provisions | | 第一章 总则 |
| Article 1 For the purposes of strengthening the regulation of insurance intermediaries, improving the informatization work and operating and management level of insurance intermediaries, and promoting the high-quality development of the insurance intermediary industry, these Measures are formulated in accordance with the Insurance Law of the People's Republic of China, the Cybersecurity Law of the People's Republic of China, the Provisions on the Supervision and Administration of Insurance Agents, the Provisions on the Supervision and Administration of Insurance Brokers, the Provisions on the Supervision and Administration of Insurance Adjusters, and other laws and administrative regulations. | | 第一条 为加强保险中介监管,提高保险中介机构信息化工作与经营管理水平,推动保险中介行业高质量发展,根据《中华人民共和国保险法》《中华人民共和国网络安全法》《保险代理人监管规定》《保险经纪人监管规定》《保险公估人监管规定》等法律、行政法规,制定本办法。 |
| Article 2 These Measures shall apply to insurance intermediaries legally established within the territory of the People's Republic of China. | | 第二条 在中华人民共和国境内依法设立的保险中介机构适用本办法。 |
| Article 3 For the purpose of these Measures, "insurance intermediary" means an insurance agent (exclusive of an individual agent), insurance broker, or insurance adjuster, including an incorporated institution or a branch. An insurance agent (exclusive of an individual agent) shall include a corporate insurance agent or sideline insurance agent. | | 第三条 本办法所称保险中介机构,是指保险代理人(不含个人代理人)、保险经纪人和保险公估人,包括法人机构和分支机构。保险代理人(不含个人代理人)包括保险专业代理机构和保险兼业代理机构。 |
| For the purpose of these Measures, "informatization work of an insurance intermediary" means the work that an insurance intermediary applies modern computer, communication, network, and other information technology in business processing, operation and management, internal control, and other aspects, in order to continue improving operational efficiency, optimizing internal resource allocation, and improving the level of risk prevention. The term "informatization work of a sideline insurance agent" means only the informatization work of such agent in relation to the sideline insurance agent business. | | 本办法所称保险中介机构信息化工作,是指保险中介机构将计算机、通信、网络等现代信息技术,应用于业务处理、经营管理和内部控制等方面,以持续提高运营效率、优化内部资源配置和提升风险防范水平为目的所开展的工作。其中保险兼业代理机构信息化工作,仅指该机构与保险兼业代理业务相关的信息化工作。 |
| For the purpose of these Measures, "informatization emergency" means a failure in or a cyber-attack on an information system or informatization infrastructure resulting in the interruption of the business outlets and electronic channel business of an insurance intermediary in a province for not less than three hours, or in two or more provinces for not less than 30 minutes; or an online fraud or any other information security incident causing a loss of not less than 10 million yuan to an insurance intermediary or client funds, or having a material social impact; or the loss or divulgence of a mass of important data or client information, among others, by an insurance intermediary, which has made or may make a material loss and serious impact. | | 本办法所称信息化突发事件,是指信息系统或信息化基础设施出现故障、受到网络攻击,导致保险中介机构在同一省份的营业网点、电子渠道业务中断3小时以上,或在两个及以上省份的营业网点、电子渠道业务中断30分钟以上;或者因网络欺诈或其它信息安全事件,导致保险中介机构或客户资金损失1000万元以上,或造成重大社会影响;或者保险中介机构丢失或泄露大量重要数据或客户信息等,已经或可能造成重大损失、严重影响。 |
| Article 4 The informatization work of an insurance intermediary shall comply with the laws and administrative regulations of the People's Republic of China and the requirements of the regulatory rules of the China Banking and Insurance Regulatory Commission (hereinafter referred to as the "CBIRC"). | | 第四条 保险中介机构信息化工作应当符合中华人民共和国法律、行政法规和中国银行保险监督管理委员会(以下简称银保监会)监管制度要求。 |
| The informatization work of an insurance intermediary shall comply with the principles of taking into account security, reliability, and effectiveness; the consistency between technical routes and business development directions; and the match between information systems and management needs. | | 保险中介机构信息化工作要遵循安全性、可靠性和有效性相统一、技术路线与业务发展方向相一致、信息系统与管理需求相匹配的原则。 |
| Article 5 An insurance intermediary shall be mainly responsible for its informatization work, for which the legal representative or main person in charge of the insurance intermediary shall assume the primary responsibility. | | 第五条 保险中介机构是本机构信息化工作的责任主体,保险中介机构法定代表人或主要负责人对本机构信息化工作承担首要责任。 |
| Article 6 The CBIRC and its dispatched offices shall supervise and administer the informatization work of insurance intermediaries in accordance with the law. | | 第六条 银保监会及其派出机构依法对保险中介机构信息化工作实施监督管理。 |
| Chapter II Basic Requirements | | 第二章 基本要求 |
| Article 7 An insurance intermediary shall perform the following duties of informatization work: | | 第七条 保险中介机构应履行以下信息化工作职责: |
| (1) Complying with state laws, administrative regulations, and technical standards in relation to cybersecurity and informatization work and the regulatory rules of the CBIRC. | | (一)贯彻国家网络安全与信息化工作的法律、行政法规、技术标准和银保监会监管制度。 |
| (2) Formulating its informatization work plan of which the consistency with the overall business plan shall be ensured. | | (二)制定本机构信息化工作规划,确保与总体业务规划相一致。 |
| (3) Formulating an informatization work system and establishing an informatization management mechanism with reasonable division of labor, definite duties, and clear reporting relations. | | (三)制定信息化工作制度,建立分工合理、职责明确、报告关系清晰的信息化管理机制。 |
| (4) Preparing an informatization budget to guarantee the funds required for informatization work. | | (四)编制信息化预算,保障信息化工作所需资金。 |
| (5) Commencing its informatization construction to ensure complete control of the power to manage its information systems and data. | | (五)开展本机构信息化建设,确保完整掌握本机构信息系统和数据的管理权。 |
| (6) Formulating its informatization emergency response plan, organizing emergency drills, and promptly reporting, quickly responding to, and handling any informatization emergency it incurs. | | (六)制定本机构信息化突发事件应急预案,组织开展应急演练,及时报告、快速响应和处置本机构发生的信息化突发事件。 |
| (7) Cooperating with the CBIRC and its dispatched offices in their supervisory inspection of informatization work, providing relevant documents and materials truthfully, and taking corrective action in accordance with regulatory opinions. | | (七)配合银保监会及其派出机构开展的信息化工作监督检查,如实提供相关文件资料,并按照监管意见进行整改。 |
| (8) Providing informatization training and enhancing its employees' awareness of informatization, information security, and use of genuine software. | | (八)开展信息化培训,强化本机构人员的信息化意识、信息安全意识和软件正版化意识。 |
| (9) Other duties of informatization work as prescribed by the CBIRC. | | (九)银保监会规定的其他信息化工作职责。 |
| Article 8 An insurance intermediary shall independently conduct informatization work. If its informatization work is associated with an affiliated enterprise (including any shareholder, shareholding enterprise, or other affiliated enterprise), the insurance intermediary shall clarify the duties of informatization work between it and its affiliated enterprise, so that each assumes the responsibility for information security management. Any important informatization mechanism or facility of the insurance intermediary and the management thereof shall remain independent and complete, be effectively segregated from any related facility of the affiliated enterprise, and strictly regulate the access to, use, transfer, and copying of information systems and data, without divulging any insurance policy, personal information, or other data or information to the affiliated enterprise in violation of provisions. Such important informatization mechanism or facility shall include without limitation any informatization governance and plan, or any business, finance, personnel, or other important information system or the data and information therein. | | 第八条 保险中介机构应自主开展信息化工作。信息化工作与关联企业(含股东、参股企业、其他关联企业)有关联的,保险中介机构应厘清与关联企业之间的信息化工作职责,各自承担信息安全管理责任。保险中介机构的重要信息化机制、设施及其管理应保持独立完整,与关联企业相关设施有效隔离,严格规范信息系统和数据的访问、使用、转移、复制等行为,不得违规向关联企业泄露保单、个人信息等数据信息。重要信息化机制、设施包括但不限于信息化治理与规划,业务、财务、人员等重要信息系统及其中的数据信息。 |
| If an informatization matter is outsourced to the affiliated enterprise, effective management shall be exercised in accordance with the outsourcing requirements of these Measures. | | 信息化事项外包给关联企业的,应按照本办法外包要求实施有效管理。 |
| Article 9 An incorporated insurance intermediary shall appoint an officer to assume the overall responsibility for informatization management work of the incorporated insurance intermediary and its branches. | | 第九条 保险中介法人机构应指定一名高级管理人员统筹负责法人机构及分支机构的信息化管理工作。 |
| Article 10 An incorporated insurance intermediary shall establish an informatization department or informatization position, and have not less than one full-time employee responsible for informatization work. A branch shall have a full-time employee to assist the incorporated insurance intermediary in informatization work. | | 第十条 保险中介法人机构应设置信息化部门或信息化岗位,负责信息化工作的正式工作人员不少于一人。分支机构应有正式工作人员辅助法人机构开展信息化工作。 |
| Article 11 An incorporated institution that applies for conducting insurance intermediary business shall commence informatization construction in accordance with these Measures, and submit to the CBIRC dispatched office in the place of registration of the business license of the institution a report on the informatization work, the content of which shall include a description of its information management mechanism and system, a description of the compliance of its information systems with the requirements of Article 17 of these Measures, and an information system procurement contract or document of intellectual property. | | 第十一条 申请开展保险中介业务的法人机构应按照本办法开展信息化建设,并向机构营业执照登记注册地银保监会派出机构报送信息化工作情况报告,报告内容应包括信息化管理机制和制度情况、信息系统满足本办法第十七条要求的情况、信息系统采购合同或知识产权证书等。 |
| ...... | | ...... |
Dear visitor,you are attempting to view a subscription-based section of lawinfochina.com. If you are already a subscriber, please login to enjoy access to our databases . If you are not a subscriber, please subscribe . Should you have any questions, please contact us at:
+86 (10) 8268-9699 or +86 (10) 8266-8266 (ext. 153)
Mobile: +86 133-1157-0713
Fax: +86 (10) 8266-8268
database@chinalawinfo.com
| |
您好:您现在要进入的是北大法律英文网会员专区,如您是我们英文用户可直接 登录,进入会员专区查询您所需要的信息;如您还不是我们 的英文用户,请注册并交纳相应费用成为我们的英文会员 。如有问题请来电咨询;
Tel: +86 (10) 82689699, +86 (10) 82668266 ext. 153
Mobile: +86 13311570713
Fax: +86 (10) 82668268
E-mail: database@chinalawinfo.com
|
| | | |
| | | |