4.1 Thematic Review of Reinsurance Companies (June 2026)
In June 2026, CIMA published its Thematic Review of Reinsurance Companies, presenting its findings following a supervisory review of selected Class B(iii) and Class D regulated reinsurance entities conducted between mid-2025 and the first quarter of 2026. The review assessed compliance with the Insurance Act, applicable regulations, rules and statements of guidance across four thematic areas: corporate governance, stress testing, cash flow testing, and capital and collateral adequacy management.
Corporate governance deficiencies were the most prevalent, accounting for 68% of all identified weaknesses, with the principal concerns being inadequate sub-committee governance and Board oversight, poor documentation and lack of oversight over outsourced service providers, insufficient segregation of duties, and the lack of effective internal audit functions. Other findings concerned stress testing (14%) and cash flow testing (9%), including a lack of independent or peer review of testing frameworks and outputs. Capital and collateral adequacy management accounted for a further 9%, where the Authority identified omissions of capital and collateral adequacy from internal audit coverage, and unresolved internal audit findings.
Regulated entities and their advisers should use the review as an opportunity to assess whether corporate governance arrangements are robust and properly documented, including sub-committee governance, Board oversight, outsourcing arrangements and segregation of duties, and the effectiveness of the internal audit function. They should also ensure that stress testing is clearly evidenced, related frameworks and outputs are independently reviewed, and capital and collateral adequacy are covered by internal audit, with any findings addressed promptly.
The Authority expects regulated entities to maintain policies, procedures, systems and controls that are appropriate, effective and proportionate to the nature, scale and complexity of their business, in line with evolving risks, business changes and the applicable regulatory environment.
www.cima.ky/thematic-review-report
4.2 CIMA Regulatory Policy — Approval of an Auditor for a Regulated Entity
The Cayman Islands Monetary Authority has issued a new Regulatory Policy on the Approval of an Auditor for a Regulated Entity (the “Policy”), which consolidates and sets out the criteria, process and ongoing obligations applicable to firms seeking to act as approved auditors of CIMA-regulated entities.
Scope – The Policy applies to all regulated entities that are required under the applicable Regulatory Acts to appoint an auditor approved by CIMA to audit their financial statements. Financial statements must be audited and the audit report issued or signed off by the approved auditor, unless the regulated entity has been granted an exemption from audit by CIMA.
Key approval criteria – To obtain and maintain CIMA approval, audit firms must satisfy requirements across the following areas: physical presence in the Cayman Islands (with adequate local resources); registration as a public practice firm with CIIPA; independence and objectivity in line with the IESBA Code of Ethics; competence and capability of engagement partners (including an expectation that they must have a minimum of five years’ relevant auditing experience at a management level in the industry sectors or businesses they audit); adequate resources and capacity; quality management systems generally aligned with ISQM1 and ISQM2; ethical standards and conduct; and compliance with Professional Indemnity Insurance requirements under the Accountants Act.
Reporting obligations – Approved auditors must notify CIMA of certain matters identified during an audit, including where a regulated entity is or may become unable to meet its obligations, is acting prejudicially to investors or creditors, is operating without adequate accounting records, is operating in a fraudulent or criminal manner, or is otherwise not complying with the relevant Acts, regulations or conditions of its licence.
Approved auditors must also notify CIMA within 21 days of any material change to the information submitted with their application for approval, any material change that may affect the conditions of approval, cessation of business, or other significant matter that could adversely affect their audit of regulated entities.
Effective date and transitional arrangements – The Policy will come into effect on 1 January 2027. Regulated entities must comply starting from the first accounting period beginning after that date. Firms already recognised as approved auditors before the effective date will be deemed to have met the approval criteria and will retain their approved status, provided they continue to comply with all ongoing requirements.
Regulatory Policy on the Approval of an Auditor