๐Ÿ‡บ๐Ÿ‡ธ US 30-yr mortgage rate: 6.55% โ€” Bankrate, June 10๐Ÿ‡ฏ๐Ÿ‡ต BOJ June rate hike: 80% market probability โ€” CNBC๐Ÿ‡ฎ๐Ÿ‡ณ India opens insurance to 100% FDI under automatic route๐Ÿ‡บ๐Ÿ‡ธ Fed holds rates at 3.50โ€“3.75% โ€” third consecutive hold๐ŸŒ Global cyber insurance market: $33.4B projected for 2026๐Ÿ‡ฌ๐Ÿ‡ง FCA: Insurance premium finance APRs down 4.1% since 2022๐Ÿ‡ฐ๐Ÿ‡ท DB Insurance completes $1.65B Fortegra acquisition๐Ÿ‡บ๐Ÿ‡ธ Medicaid cuts: CBO estimates 11.8M to lose coverage๐Ÿ‡ฆ๐Ÿ‡บ APRA CPS 230 amendments effective July 1, 2026๐Ÿ‡ฉ๐Ÿ‡ช BaFin launches dedicated cyber insurance reporting class๐Ÿ‡บ๐Ÿ‡ธ US 30-yr mortgage rate: 6.55% โ€” Bankrate, June 10๐Ÿ‡ฏ๐Ÿ‡ต BOJ June rate hike: 80% market probability โ€” CNBC๐Ÿ‡ฎ๐Ÿ‡ณ India opens insurance to 100% FDI under automatic route๐Ÿ‡บ๐Ÿ‡ธ Fed holds rates at 3.50โ€“3.75% โ€” third consecutive hold๐ŸŒ Global cyber insurance market: $33.4B projected for 2026๐Ÿ‡ฌ๐Ÿ‡ง FCA: Insurance premium finance APRs down 4.1% since 2022๐Ÿ‡ฐ๐Ÿ‡ท DB Insurance completes $1.65B Fortegra acquisition๐Ÿ‡บ๐Ÿ‡ธ Medicaid cuts: CBO estimates 11.8M to lose coverage๐Ÿ‡ฆ๐Ÿ‡บ APRA CPS 230 amendments effective July 1, 2026๐Ÿ‡ฉ๐Ÿ‡ช BaFin launches dedicated cyber insurance reporting class
PG

PolicyGlobal

Insurance & Finance Intelligence

Cyber extortion ransom insurance and German financial regulation - illustrative image
FinTech๐Ÿ‡ฉ๐Ÿ‡ชGermany

Germany's BaFin Confirms Legal Permissibility of Ransom Insurance Amid Rising Cyber Extortion

Editorial Deskยทยท4 min read
Verified Story

Germany's Federal Financial Supervisory Authority (BaFin) has issued a circular confirming the legal permissibility of ransom insurance under German supervisory law, consolidating previous regulatory requirements and providing clarity for insurers and policyholders. The move comes as cyber extortion campaigns proliferate globally and as BaFin separately flags systemic accumulation risk in the cyber insurance market, where it has introduced dedicated reporting obligations for the first time.

Germany's financial regulator has provided important clarity on a sensitive and increasingly relevant insurance product. The Federal Financial Supervisory Authority (BaFin) issued a circular confirming that ransom insurance โ€” coverage that protects against extortion demands, including cyber ransom and kidnapping scenarios โ€” is legally permissible under German supervisory law. The circular consolidates previous regulatory requirements and offers welcome clarity for both insurers offering such products and the policyholders purchasing them.

The guidance is timely. Cyber extortion, particularly ransomware, has become one of the most prevalent and damaging forms of cybercrime globally โ€” a reality underscored by the recent ShinyHunters campaign that struck more than 100 organizations worldwide. Ransom insurance occupies a legally and ethically complex space, raising questions about whether coverage might inadvertently encourage extortion. By formally confirming its permissibility while consolidating the regulatory framework, BaFin has sought to provide a clear basis on which the German market can operate.

The ransom insurance circular is part of BaFin's broader and intensifying focus on cyber and digital risk. The regulator recently conducted its third survey of the cyber insurance market and, as of the 2025 financial year, introduced a separate insurance class for cyber risks with a dedicated reporting obligation under the German Insurance Reporting Regulation โ€” the first time such domestic reporting has been required. This gives BaFin far greater visibility into premium volumes, loss ratios, and coverage terms across the German market.

BaFin's primary supervisory concern in the cyber space centers on systemic accumulation risk โ€” the danger that a single large-scale cyberattack could simultaneously trigger claims across many insurers and policyholders at once. The regulator has warned that the rapidly evolving nature of cyber threats and the limited historical claims data make pricing and reserving especially challenging. BaFin has also gained expanded supervisory and investigative powers under the BRUBEG legislation, which came into force on March 31, 2026, strengthening its ability to oversee insurers and other regulated entities. Together, these developments position Germany โ€” Europe's largest economy and a major industrial and corporate insurance hub โ€” at the forefront of cyber and digital risk regulation.

Key Points

  • 1BaFin issued a circular confirming the legal permissibility of ransom insurance under German law
  • 2The circular consolidates previous regulatory requirements for insurers and policyholders
  • 3BaFin introduced a separate cyber insurance class with dedicated reporting from the 2025 financial year
  • 4Systemic accumulation risk remains BaFin's primary cyber insurance concern
  • 5BaFin gained expanded investigative powers under the BRUBEG legislation effective March 31, 2026

Why This Matters

As cyber extortion becomes more prevalent, the question of whether and how insurers can offer ransom coverage has significant legal, ethical, and financial dimensions. BaFin's confirmation provides clarity for the German market โ€” Europe's largest โ€” and could influence how other European regulators approach the issue. For businesses, ransom insurance is an increasingly considered component of cyber risk management, though it remains controversial. For the insurance industry, BaFin's enhanced reporting requirements and focus on accumulation risk reflect a broader regulatory push to ensure the rapidly growing cyber market remains stable and well-capitalized.

#BaFin#ransom insurance#Germany#cyber extortion#cyber insurance#regulation

Original Source

BaFin / Bird & Bird โ†—
Verified ยท Jun 28, 2026Read Original
Disclaimer: This article is for informational purposes only and does not constitute financial, investment, legal, or insurance advice. Always consult a qualified professional before making financial decisions. PolicyGlobal reports on publicly available information from third-party sources and cannot guarantee the accuracy or completeness of such information.

Related Stories

Cyber insurance accumulation risk and systemic cyber threats - illustrative image
FinTech

Global Cyber Insurance Market Faces Test as ShinyHunters Campaign Hits 100+ Organizations

June 26, 2026

Autonomous vehicle and AI-powered car insurance technology - illustrative image
FinTech

Lemonade Brings AI-Powered Insurance for Tesla Full Self-Driving Vehicles to Colorado

June 24, 2026

Oil tankers and cargo ships in the Strait of Hormuz amid marine war risk - illustrative image
Insurance

Allianz Warns of Major Marine Insurance Claims From Iran War as Hormuz War-Risk Premiums Surge 1,000%

June 24, 2026

Artificial intelligence and digital technology risk management - illustrative image
FinTech

Clyde & Co Survey: 86% of Business Leaders Now Rate Technology Risk as High Impact, Up From 46%

June 25, 2026

Daily Intelligence

The PolicyGlobal Daily Brief

Get the top 5 insurance and finance stories every morning, curated and verified by our editorial desk. No spam. Unsubscribe anytime.

Informational newsletter only. Not financial advice. Disclaimer