Laws, Regulations, Administrative Rules and General Guidance

This page contains information about the relevant legal and administrative provisions as well as general guidance in accordance with Art. 31 (2) lit. a of Directive 2009/138/EC.

Solvency II

Laws, administrative regulations and general guidance relating to Solvency II are allocated to the following four levels:

Level 1: Solvency II Directive

Solvency II based on Directive 2009/138/EC on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II Directive). It replaces and supplements 14 existing insurance directives and introduced solvency regulations for all EU Member States for the first time that are focused on financial risks. The Solvency II Directive has been transposed in Austria by the Insurance Supervision Act 2016 (VAG 2016; Versicherungsaufsichtsgesetz 2016), which fully entered into force on 01.01.2016.

• Directive 2009/138/EC on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II)

National transposition of level 1:

• Insurance Supervision Act 2016 (VAG 2016; Versicherungsaufsichtsgesetz 2016)

Level 2: Delegated Acts

Based on the powers conferred upon the European Commission in the Solvency II Directive, the following legal acts have been issued:

• Delegated Regulation (EU) 2015/35 supplementing Directive 2009/138/EC
• Delegated Decision (EU) 2016/310 – equivalence of the Japanese solvency system
• Delegated Decision (EU) 2015/2290 – provisional equivalence of the solvency regimes in force in Australia, Bermuda, Brazil, Canada, Mexico and the United States
• Delegated Decision (EU) 2015/1602 – equivalence of the solvency and prudential regime for insurance and reinsurance undertakings in force in Switzerland

Level 2.5: Implementing and Regulatory Technical Standards

Implementing and Regulatory Technical Standards are drawn up by the European Insurance and Occupational Pensions Authority (EIOPA) and then are subsequently issued by the European Commission in the form of Regulations or Decisions.

Pillar 1 (Quantitative Standards)

• Implementing Regulation (EU) 2016/1630 – application of the transitional measure for the equity risk sub-module
• Implementing Regulation (EU) 2015/2017 – factors to calculate the capital requirement for currency risk for currencies pegged to the euro
• Implementing Regulation (EU) 2015/2016 – equity index for the symmetric adjustment of the standard equity capital charge
• Implementing Regulation (EU) 2015/2013 – standard deviations in relation to health risk equalisation systems
• Implementing Regulation (EU) 2015/2011 – lists of regional governments and local authorities, exposures to whom are to be treated as exposures to the central government
• Implementing Regulation (EU) 2015/500 – application of a matching adjustment
• Implementing Regulation (EU) 2015/499 – use of ancillary own funds items
• Implementing Regulation (EU) 2015/498 – use of undertaking-specific parameters
• Implementing Regulation (EU) 2015/462 – special purpose vehicles
• Implementing Regulation (EU) 2015/461 – use of a group internal model
• Implementing Regulation (EU) 2015/460 – approval of an internal model

Pillar 2 (Quantitative Standards)

• Implementing Regulation (EU) 2016/1800 – allocation of credit assessments of external credit assessment institutions to an objective scale of credit quality steps
• Implementing Regulation (EU) 2015/2015 – procedures for assessing external credit assessments
• Implementing Regulation (EU) 2015/2012 – procedures for decisions to set, calculate and remove capital add-ons

Pillar 3 (Reporting and Disclosure Obligations)

• Implementing Regulation (EU) 2015/2452 – solvency and financial condition report
• Implementing Regulation (EU) 2015/2451 – disclosure of information by supervisory authorities
• Implementing Regulation (EU) 2015/2450 – templates for the submission of information to the supervisory authorities
• Implementing Regulation (EU) 2015/2014 – submission of information to the group supervisor and for the exchange of information between supervisory authorities

Level 3: EIOPA Guidelines and Recommendations

The European Insurance and Occupational Pensions Authority (EIOPA) may issue Guidelines and Recommendations for the harmonised application of Union law in areas not covered by Regulatory and Implementing Technical Standards. Pursuant to Article 16 (3) of the EIOPA Regulation, competent authorities and financial institutions shall make every effort to comply with the Guidelines and Recommendations issued by EIOPA. Where necessary in accordance with the respective set of Guidelines or Recommendations,the financial institutions report to EIOPA in a clear and detailed manner, whether they comply with the Guidelines or Recommendations (Article 16 (3) EIOPA Regulation). The Austrian Financial Market Authority (FMA) therefore takes EIOPA issued Guidelines and Recommendations in its enforcement activity within the scopte of the corresponding legal supervisory framework.

Pillar 1 (Quantitative Standards)

• Guidelines on the implementation of the long-term guarantee measures (Format: pdf, Size: 143,2 KB, Language: English)
• Guidelines on recognition and valuation of assets and liabilities other than technical provisions (Format: pdf, Size: 250,7 KB, Language: English)
• Guidelines on ancillary own funds (Format: pdf, Size: 112,7 KB, Language: English)
• Guidelines on application of outwards reinsurance arrangements to the non- life underwriting risk sub-module (Format: pdf, Size: 219,0 KB, Language: English)
• Guidelines on application of the life underwriting risk module (Format: pdf, Size: 113,2 KB, Language: English)
• Guidelines on basis risk (Format: pdf, Size: 99,0 KB, Language: English)
• Guidelines on classification of own funds (Format: pdf, Size: 209,6 KB, Language: English)
• Guidelines on contract boundaries (Format: pdf, Size: 109,9 KB, Language: English)
• Guidelines on group solvency (Format: pdf, Size: 156,4 KB, Language: English)
• Guidelines on health catastrophe risk sub-module (Format: pdf, Size: 139,2 KB, Language: English)
• Guidelines on look-through approach (Format: pdf, Size: 109,8 KB, Language: English)
• Guidelines on ring-fenced funds (Format: pdf, Size: 146,7 KB, Language: English)
• Guidelines on loss-absorbing capacity of technical provisions and deferred taxes (Format: pdf, Size: 312,3 KB, Language: English)
• Guidelines on the treatment of market and counterparty risk exposures in the standard formula (Format: pdf, Size: 140,1 KB, Language: English)
• Guidelines on the use of internal models (Format: pdf, Size: 249,1 KB, Language: English)
• Guidelines on treatment of related undertakings including participations (Format: pdf, Size: 152,9 KB, Language: English)
• Guidelines on undertaking-specific parameters (Format: pdf, Size: 131,1 KB, Language: English)
• Guidelines on the valuation of technical provisions (Format: pdf, Size: 438,5 KB, Language: English)

Pillar 2 (Quantitative Standards)

• Opinion on the supervision of remuneration principles in the insurance and reinsurance sector (Format: pdf, Size: 766,9 KB, Language: English)
• Guidelines on outsourcing to cloud service providers (Format: pdf, Size: 398,7 KB, Language: English)
• Guidelines on system of governance (Format: pdf, Size: 205,3 KB, Language: English)
• Guidelines on own risk and solvency assessment (Format: pdf, Size: 148,2 KB, Language: English)
• Guidelines on the extension of the recovery period in exceptional adverse situations (Format: pdf, Size: 162,0 KB, Language: English)
• Guidelines on operational functioning of colleges (Format: pdf, Size: 472,8 KB, Language: English)
• Guidelines on supervisory review process (Format: pdf, Size: 216,5 KB, Language: English)
• Guidelines on the methodology for equivalence assessments by National Supervisory Authorities under Solvency II (Format: pdf, Size: 301,4 KB, Language: English)

Pillar 3 (Reporting and Disclosure Obligations)

• Recommendations on supervisory flexibility regarding the deadline of supervisory reporting and public disclosure - Coronavirus/COVID-19 (Format: pdf, Size: 652,7 KB, Language: English)
• Guidelines on methods for determining the market shares for reporting (Format: pdf, Size: 128,1 KB, Language: English)
• Guidelines on reporting and public disclosure (Format: pdf, Size: 196,8 KB, Language: English)
• Guidelines on reporting for financial stability purposes (Format: pdf, Size: 194,9 KB, Language: English)
• Guidelines on exchange of information on a systematic basis within colleges (Format: pdf, Size: 207,4 KB, Language: English)
• Guidelines on the supervision of branches of third-country insurance undertakings (Format: pdf, Size: 431,2 KB, Language: English)

Level 4: Monitoring of National Implementation Measures

The European Commission monitors – with support from EIOPA – national measures for implementation as well as supervisory practices. A contribution is thereby may to supervisory convergence and the effective enforcement of Union law.

• Insurance Supervision Act 2016 (VAG 2016; Versicherungsaufsichtsgesetz 2016)
• FMA Regulations based on VAG 2016:
• FMA Minimum Standards
• FMA Circular

Distribution and Market Conduct

• Directive (EU) 2016/97 on insurance distribution (transposition date: 23.02.2018)
• Directive (EU) 2018/411 amending Directive (EU) 2016/97 as regards the date of application of Member States’ transposition measures (transposition date: 01.07.2018)
• Implementing Regulation (EU) 2017/1469 – standardised presentation format for the insurance product information document
• Downloadable templates for the insurance product information document (IPID)
• Delegated Regulation (EU) 2017/2358 supplementing Directive (EU) 2016/97 of the European Parliament and of the Council with regard to product oversight and governance requirements for insurance undertakings and insurance distributors.
• Delegated Regulation (EU) 2017/2359 supplementing Directive (EU) 2016/97 of the European Parliament and of the Council with regard to information requirements and conduct of business rules applicable to the distribution of insurance-based investment products.
• Guidelines under the Insurance Distribution Directive on insurance-based investment products that incorporate a structure which makes it difficult for the customer to understand the risks involved (EIOPA-17/651) – FMA: not an addressee of the Guidelines
• Preparatory Guidelines on product oversight and governance arrangements by insurance undertakings and insurance distributors (Format: pdf, Size: 137,1 KB, Language: English)
• Guidelines on complaints-handling by insurance intermediaries (Format: pdf, Size: 229,0 KB, Language: English)
• Guidelines on complaints-handling by insurance undertakings (Format: pdf, Size: 118,7 KB, Language: English)

Packaged Retail and Insurance-based Investment Products (PRIIPs)

• Regulation (EU) 1286/2014 on key information documents for packaged retail and insurance-based investment products (PRIIPs)
• Regulation (EU) 2016/2340 amending Regulation (EU) No 1286/2014 on key information documents for packaged retail and insurance-based investment products as regards the date of its application
• Delegated Regulation (EU) 2016/1904 to supplement Regulation (EU) 1286/2014 with regard to product intervention.
• Regulation (EU) 2017/653 supplementing Regulation (EU) No 1286/2014 on key information documents for packaged retail and insurance-based investment products (PRIIPs)
• Guidelines on the application of Regulation (EU) No 1286/2014 for packaged retail and insurance-based investment products (PRIIPs)

pan-European Personal Pension Product (PEPP)

Regulation (EU) 2019/1238 on a Pan-European Personal Pension Product (PEPP) created a framework for simple, transparent and secure old-age provision products.

The PEPP is a private old-age provision product (the “third pillar”) which complements the state and company old-age provision (“first and second column”).

You can find further information this page: Pan-European Personal Pension Product (PEPP).

Sustainable Finance

Sustainable Finance Disclosure Regulation(SFDR)

• Regulation (EU) 2019/2088 on sustainability‐related disclosures in the financial services sector
• Delegated Regulation (EU) 2022/1288 supplementing the SFDR

Non-Financial Reporting Directive(NFRD)

• Directive 2014/95/EUas regards disclosure of non-financial and diversity information (NFRD)
• Proposal for a Directive amending existing Directives and Regulations as regards corporate sustainability reporting (CSRD)
• Taxonomy Regulation (EU) 2020/852
• Delegated Regulation (EU) 2021/2178
• Delegated Regulation (EU) 2022/1214

Pillar 1

• EIOPA Advice on the integration of sustainability risks and factors in Solvency II and IDD (EIOPA-BoS-19/172)
• EIOPA Opinion on sustainability within Solvency II (EIOPA-BoS-19/241)
• EIOPA Report on non-life underwriting and pricing in light of climate change

Pillar 2

• EIOPA Opinion on the supervision of the use of climate change risk scenarios in ORSA (EIOPA-BoS-21-127)

Distribution

• Delegated Regulation (EU) 2021/1257 regarding the integration of sustainability factors, risks and preferences into the product oversight and governance requirements and distribution for insurance-based investment products
• EIOPA Guidance on the integration of sustainability preferences in the suitability assessment under the IDD (EIOPA-BOS-22-391)

Digitalisation

AI Act (AIA)

• Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence
• EIOPA Consultation Paper on differential pricing practices

Digital Operational Resilience Act (DORA)

Level 1:

• Regulation(EU) 2022/2554on digital operational resilience in the financial sector (DORA)
• Directive (EU) 2022/2556 amending Directives 2009/138/EC etc. as regards digital operational resilience for the financial sector

National transposition / Legal bases for implementation of the DORA Regulation in Austria:

• DORA Enforcement Act
• FMA-Gebührenverordnung in German only
• FMA Incoming Platform Regulation (FMA-IPV; FMA-Plattformverordnung)

Levels 2 to 3:

ICT risk management

• Delegated Regulation (EU) 2024/1774 ICT risk management tools, methods, processes, and policies

Digital operational resilience testing

• Delegated Regulation (EU) 2025/1190 Threat-led penetration testing (TLPT)

ICT-related incidents

• Guidelines (JC 2024 34): on the estimation of aggregated costs/losses
• Delegated Regulation (EU) 2024/1772: criteria for the classification of ICT-related incidents and cyber threats, setting out materiality thresholds and specifying the details of reports of major incidents
• Delegated Regulation (EU) 2025/301: specifying the content and time limits for the initial notification of, and intermediate and final report on, major ICT-related incidents, and the content of the voluntary notification for significant cyber threats
• Implementing Regulation (EU) 2025/302: Reporting details to ICT-related incidents
• Report on the centralisation of reporting of major ICT-related incidents

Managing of ICT third-party risk

• Implementing Regulation (EU) 2024/2956: standard templates for the register of information
• Delegated Regulation (EU) 2024/1773: content of the policy regarding contractual arrangements on the use of ICT services supporting critical or important functions provided by ICT third-party service providers
• Delegated Regulation (EU) 2025/532: specifying the elements that a financial entity has to determine and assess when subcontracting ICT services supporting critical or important functions

Oversight Framework of critical ICT third-party service providers

• Delegated Regulation (EU) 2024/1502: Criteria for the designation of critical ICT third-party provider (CTPPs)
• Guidelines JC/GL/2024/36 on oversight cooperation between the ESAs and the competent authorities on the structure of the Oversight Framework
• Delegated Regulation (EU) 2025/295: Harmonisation of conditions enabling the conduct of the oversight activities
• Delegated Regulation (EU) 2025/420 on the composition of the joint examination team
• Delegated Regulation (EU) 2024/1505: CTPP charges

Link to the European Commission’s DORA Website

Other convergence instruments

• ESAs Decision on reporting of information necessary for the designation of critical ICT third-party service providers (ESA 2024 22)
• EIOPA Opinion on the scope of DORA in light of the review of the Solvency II framework (EIOPA-BoS-24/425)

Motor Vehicle Liability Insurance and Road Accident Victims Compensation Act

• Directive 2009/103/EC relating to insurance against civil liability in respect of the use of motor vehicles, and the enforcement of the obligation to insure against such liability
• Motor Vehicle Liability Insurance Act (KHVG; KFZ-Haftpflichtversicherungsgesetz 1994)
• Road Accident Victims Compensation Act
• Opinion of the European Commission 2010/C 332/01 (Notice regarding the adaptation in line with inflation of certain amounts laid down in the Motor Insurance Directive 2009/103/EC )

Accounting and statutory audit

• Regulation (EU) No 537/2014 on specific requirements regarding statutory audit of public-interest entities and repealing Commission Decision 2005/909/EC.
• Directive 2014/56/EU amending Directive 2006/43/EC on statutory audits of annual accounts and consolidated accounts
• Directive 2006/43/EG on statutory audits of annual accounts and consolidated accounts
• Insurance Accounting Directive 91/674/EEC
• Guidelines on Facilitating an Effective Dialogue between Insurance Supervisors and Statutory Auditors (Format: pdf, Size: 206,7 KB, Language: English)

Standardisation

• Guidelines on Using the Legal Entity Identifier (LEI) (EIOPA-BoS-2021/456)

Reporting requirements to the European Central Bank

• Regulation (EU) 2015/730 of the European Central Bank amending Regulation (EU) No 1011/2012 concerning statistics on holdings of securities
• Regulation (EU) No 1374/2014 of the European Central Bank of 28 November 2014 on statistical reporting requirements for insurance corporations

Money laundering and terrorist financing

• Guidelines on information requirements in relation to transfers of funds and certain crypto-assets transfers (EBA/GL/2024/11)
• The Risk-Based Supervision Guidelines: Joint Guidelines on the characteristics of a risk-based approach to anti-money laundering and terrorist financing supervision, and the steps to be taken when conducting supervision on a risk-sensitive basis (Format: pdf, Size: 200,4 KB, Language: English)
• Financial Markets Anti-Money Laundering Act (FM-GwG; Finanzmarkt-Geldwäschegesetz)

Brexit

• Recommendations for the insurance sector in light of the United Kingdom withdrawing from the European Union (Format: pdf, Size: 360,2 KB, Language: English)
• Further Information about Brexit

Qualifying holding procedure

• Joint Guidelines on the prudential assessment of acquisitions and increases of qualifying holdings in the financial sector (Format: pdf, Size: 583,9 KB, Language: English)

Financial conglomerates

• Financial Conglomerates Act (FKG; Finanzkonglomerategesetz)
• Joint Guidelines on the convergence of supervisory practices relating to the consistency of supervisory coordination arrangements for financial conglomerates (Format: pdf, Size: 310,3 KB, Language: English)

Other

• Rating Agencies Enforcement Act (RAVG; Ratingagenturenvollzugsgesetz)
• 1999 Atomic Liability Act (AtomHG; Atomhaftungsgesetz)
• SFT Enforcement Act (SFT-Vollzugsgesetz)
• Financial Markets Anti-Money Laundering Act (FM-GwG; Finanzmarkt-Geldwäschegesetz)
• Decision No 1/2018 of the EU-Switzerland Joint Committee of 3 July 2018 amending the Annexes and Protocols to the Agreement

EIOPA Regulation (EU) 1094/2010