Private insurance and reinsurance in Greece is primarily regulated by Law 4364/2016 (the “Insurance Regulation Act”) which transposed the EU Directive 2009/138/EC (“Solvency II Directive”) into Greek law. The Insurance Regulation regulates the establishment, operation and governance of insurance and reinsurance undertakings in Greece, the capital and funding requirements, the lines of insurance, the insurance contracts and other regulatory matters. In principle, private insurance contracts may be freely negotiated by the parties, however, there are minimum standards set by Law 2496/1997 (the “Insurance Contract Act”) as regards the rights of the insurers and the insureds, the content of the insurance contracts, the information that should be provided by each party before the signing of the contract and during the term of the contractual relationship, the time frames applicable, the rights to cancel or rescind the contract. Also, matters applying to insurance distribution are regulated by Law 4583/2018 (the “Insurance Distribution Act”) harmonizing Greek Law with the EU Directive 2016/97/EU (the “IDD”).

The competent body for the supervision of the private insurance sector is the Bank of Greece (in Greek “Trapeza tis Ellados”, “BoG”). The BoG exercises prudential supervision through its “Department of Private Insurance Supervision” of Greek insurance and reinsurance undertakings, foreign insurance and reinsurance undertakings operating in Greece through a branch and insurance distributors. Also, it monitors the compliance of EU insurance and reinsurance undertakings operating in Greece under the freedom to provide services with the general good requirements. The decisions and guidelines issued by the BoG concerning details for the operation of insurance and reinsurance undertakings form part of the insurance regulatory framework. The BoG is part of the Board of Supervisors of the European Insurance and Occupational Pensions (EIOPA).

Greek regulatory framework, although it sets similar requirements for the establishment and operation of all insurance and reinsurance undertakings, it regulates differently life and non-life insurers and reinsurers. Insurers are not permitted to exercise both life and non-life activities in Greece under a single license. In exception, insurance undertakings which had obtained a single license on or prior to January 1, 1981, may continue offering both life and non-life insurance under their existing license. Such restriction does not apply for reinsurers, which may obtain a license for both life and non-life reinsurance.

As regards primary insurance contracts, these can be negotiated freely between the parties but should also comply with the minimum requirements set by the Insurance Contract Act to ensure the protection of the insured, usually being the weaker party in the contractual relationship. Such level of protection is not required in the case of reinsurance contracts, where both parties are deemed to be well aware of the risks involved and the market practices.

Insurance distribution is a regulated activity in Greece and insurance intermediaries are subject to the provisions of the Insurance Distribution Act, which transposed the IDD into the Greek legal order.

Insurance intermediaries seated in Greece are divided in three categories: insurance agents, coordinators of insurance agents and insurance brokers. In order to engage in insurance distribution activities, the insurance intermediaries must meet regulatory requirements and professional standards, which include the obligation to:

• hold a certification of professional skill and knowledge and complete training sessions on yearly basis;
• be registered with the insurance intermediaries’ special register (following submission of evidence regarding the absence of criminal offenses, good standing, professional liability insurance et al.);
• comply with professional conduct and client information requirements.

Τhe conduct of insurance and/or reinsurance activities in Greece is subject to prior authorisation granted by the BoG. The Insurance Regulation Act does not provide for a specific timeline within which the BoG should examine the request for establishment and grant authorization. In practice, the process may take three to six months depending on the circumstances of the case. The key criteria for an insurance or reinsurance undertaking to obtain a license are to have the center of their central administration and their constitutional seat in Greece, to be established in a specific legal form (i.e. société anonyme, inter-insurance partnership or European company) and the object of their activities to be the provision of insurance or reinsurance activities or strictly related tasks. Also, they must provide satisfactory evidence for meeting the regulatory requirements for minimum statutory capital, governance structure, officers’ qualifications and compliance with the applicable regulatory framework in general.

EU/EEA insurers and reinsurers may conduct insurance activities in Greece under the freedom to provide services (FOS) or the freedom of establishment (FOE) subject to notifying the BoG prior to the beginning of their operations and complying with the general good requirements applicable in Greece. Non EU/EEA insurance and reinsurance undertakings may operate in Greece through establishing a branch and prior license by the BoG. Non EU/EEA reinsurance undertakings may provide reinsurance in Greece without establishment and local authorization under the principle of equivalence.

No specific restrictions apply with regard to the ownership of or control over an insurance undertaking; however, a prior notification to the BoG, and a relevant regulatory approval are required, in case a legal or natural person intends to obtain, directly or indirectly, either a qualifying holding (i.e. at least 10%, 20%, 1/3 or 50% of the voting rights or share capital) in an insurance undertaking or the control over such undertaking. Following such notification, the BoG shall proceed to the assessment of the intended transfer on the basis of information regarding, indicatively, the proposed acquirer’s reputation and financial soundness, the identity and financial standing of the persons controlling the proposed acquirer, the capability of the insurance undertaking to continue meeting the requirements of its operation license, the transparency of the transaction and the compliance with applicable legislation on anti-money laundering or anti-terrorist financing.

The BoG has the right to make inquiries and request additional information regarding the proposed transfer and must approve or reject the transfer within a period of 60 business days. Such period is extended by 30 business days in case the proposed acquirer is seated outside the EU.

The applicable regulatory framework does not permit the provision of insurance services without obtaining a license by the BoG. As regards third-country reinsurance businesses, the operation on a non-admitted basis is possible under the principle of equivalence as provided under the Solvency II Directive and implemented in Greece by virtue of the Insurance Regulation Act and the decisions issued by the BoG.

Foreign insurers, insurance brokers or other types of market intermediaries establishing a branch in Greece must comply with the regulatory requirements applicable for the same entities incorporated in Greece. EU/EEA entities operating in Greece under the freedom to provide services (FOS) or the freedom of establishment (FOE) must comply with the general good requirements applicable in Greece

Apart from the general obligation to comply with the regulatory requirements applicable for the same entities in Greece, branches of overseas insurers may be established in Greece subject to furnishing the required documentation and information to the BoG and obtaining prior authorization. In general, branches of overseas insurers must ensure inter alia that they have an amount of eligible own funds meeting the solvency criteria of the Insurance Regulation Act, they conduct insurance only for the classes of insurance for which they have obtained authorization, they have appointed a legal representative residing in Greece and they meet any reporting and notification obligations where required. Additional requirements may apply depending on the classes of insurance for which they have obtained authorization (e.g. for the class of motor vehicle liability). Similarly to Greek-based insurance undertakings, transfer of their insurance contract portfolio to either Greek, EU-based or third-country insurance businesses is subject to approval by the BoG and on the condition that certain criteria are met; expansion of their operations to classes of insurance other than the ones included in their licence must be first authorized by the BoG. In the event the supervising authority of the state of origin prohibits the free disposal of the branch’s assets located in Greece, the BoG is obliged to assist in the execution of such decision.

Administrative and criminal sanctions are applicable in case of conduct of insurance activities without prior license.

Natural persons conducting insurance or reinsurance or intermediating in the conclusion of insurance or reinsurance contracts in breach of the principle of authorization may be punished with imprisonment of at least one (1) year. In case a legal entity is operating without license, the criminal sanctions are imposed to the natural persons exercising its management or the administration.

Administrative sanctions may be imposed on both legal entities and natural persons and may consist of a reprimand or of a fine of up to €2,000,000. The criteria for specifying the administrative sanctions and calculating the fine are, mainly, the impact of the breach on the local insurance market or on the systemic stability, the prejudice to the interest of the insureds, the actual damages caused due to the breach and any remedy provided thereof, the taking of measures for avoiding the breach in the future, the level of cooperation with the supervising authority, the needs for specific and general prevention and the continuous or not character of the breach by the same entity.

Insurance contracts concluded without proper authorization in violation of licensing requirements are considered null and void; however, this nullity and invalidity may not be used against the bona fide contracting parties (policyholders and insurance beneficiaries).

Τhe BoG is exercising the prudential supervision of the entities operating in the insurance sector both in terms of their activities and their financial status. The supervision is exercised both ex ante and ex post. The BoG has extensive powers in order to conduct inspections and examine written accusations. During investigations the BoG may access all information and documents pertaining to the entities involved, which are not entitled to invoke the banking secrecy, data protection laws or any other kind of data confidentiality in order to avoid the disclosure of information. Finally, the BoG may impose administrative sanctions, including reprimands, administrative fines, disciplinary penalties and compulsory termination of the insurance activities depending on the severity of the breach.

The Insurance Regulation Act follows closely the provisions of the Solvency II Directive regarding the applicable solvency requirements. The supervision carried out by the BoG is based on an investigative and risk-based approach and depends, in particular, on the nature, complexity and volume of the risks undertaken by each company. Its scope is mainly prudential in nature. The BoG may carry out on-site and off-site inspections, request any information, and have full access to the books and records of the supervised entities. It generally retains great discretion with respect to the frequency and types of regulatory examinations that it may carry out and has extensive powers to impose corrective measures.

The regular and effective supervision of the BoG regarding the solvency of insurance and reinsurance undertakings is based on a set of reporting obligations imposed on the supervised entities, which must inter alia submit to the BoG:

• The annual solvency and financial condition report
• The own-risk and solvency assessment supervisory report (ORSA supervisory report)
• A report regarding the basic own funds, annually and quarterly
• Other special reports may vary for life and non-life insurance undertakings depending on the activities and the covered classes of insurance.

Insurance and reinsurance companies must comply with the solvency capital requirements of the Insurance Regulation Act aiming to guarantee that they are in a position to meet any obligations arising from the conduct of business.

Companies must calculate their solvency capital requirement on the assumption that they will carry out business as a going concern. They must also take into account all quantifiable risks that they are exposed to, cover existing business and business to be written in the following 12 months, and correspond to the value-at-risk of the basic own funds of an insurance or reinsurance undertaking subject to a confidence level of 85 per cent over a one-year period.

As to minimum capital requirements, the Insurance Regulation Act introduces the following minimum thresholds (depending on the type of license):

• €2,500,000 for non-life insurers, including captive insurance undertakings (unless such companies insure risks in classes 10 to 15. in which case the minimum capital requirement amounts to €3.7 million);
• €3,700,000 for life insurers, including captive insurance undertakings;
• €3,600,000 for reinsurance companies (with the exception of captive reinsurers for which the amount is limited to €1,200,000); and
• €6,200,000 for insurance undertakings with a single license for both life and non-life authorised on or before 1 January 1981 (or €7,400,000 in case such companies also cover risks in classes 10 to 15).

The minimum capital requirement shall neither fall below 25 per cent nor exceed 45 per cent of the respective solvency capital requirement, including any capital add-on imposed by the Bank of Greece. Minimum capital requirements must be measured and reported to the Bank of Greece at least quarterly.

Policyholder protection is ensured under Greek law through various schemes, including special guarantee funds, namely:

• the “Private Life Insurance Guarantee Fund” which is established for the protection of life insurance policyholders in the event of bankruptcy or revocation of the license of their life insurance company. The main objective of the Fund, which is supervised by the BoG is to arrange for the smooth transfer of the relevant life portfolio to another insurance company, or to compensate the policyholders for their claims under their respective policies up to the limits set in the law.
• The “Auxiliary Fund Insurance of Liability Arising out of Motor Accidents” which is established and operates under the supervision of the BoG, for the protection of motor-vehicle policyholders in the event of bankruptcy or license revocation of the insurance company, or for the provision of compensation to the policyholders for damage incurred by accidents caused by uninsured vehicles.

Each Fund is financed through mandatory contributions payable, respectively, by the life and non-life insurers writing business in Greece. The contribution is calculated as a per cent over the insurer’s annual gross written premium and a portion of it is charged to the policyholder.

In addition to the above special schemes, the insurance legislation is structured around the protection of the policyholders. In this respect, the Insurance Contract Act mainly consist of mandatory provisions that aim to protect policyholders and insureds and can be derogated only in the direction of enhancing the rights of the policyholders.

According to the provisions of the Insurance Regulation Act, following closely the Solvency II Directive, insurance undertakings belonging to a group are subject to more enhanced supervision, including special solvency calculation methods, intra-group rules for capital generation or deletion, as well as specific arrangements with regard to risk management and internal audit. These provisions apply to captive (re)insurance undertakings, (re)insurance holding companies and mixed-activity insurance holding companies and include inter alia the following obligations:

• the notification to the BoG of any significant concentration risk, at least on an annual basis; and
• the notification to the BoG, as soon as practicable and at least on an annual basis, of any significant intra-group transactions, including transactions between the insurance undertaking and a natural person with close links to such undertaking.

In case solvency risks are identified, the BoG can take appropriate measures at the level of the insurance undertaking, not at group level.

According to the provisions of the Insurance Regulation Act, insurance and reinsurance undertakings are under the obligation to ensure that members of the Board of Directors, as well as any person responsible for the company’s day-to-day management, including those persons who effectively run the business or are in charge of key functions, must at all times:

• be professionally fit, meaning that they must possess adequate professional qualifications, knowledge and experience to ensure the undertaking’s sound and prudent management;
• be reliable, i.e. of good reputation and integrity.

Proof evidencing the fitness and good reputation of the above persons must be submitted to the BoG, such as criminal records, good-standing et al..

The rule of thumb is that the directors and senior management of a (re)insurance undertaking have civil and criminal liability for acts or omissions, unless there is proof that they have exercised their duties with due care and diligence.

The Insurance Regulation Act additionally provides for the personal liability of the directors and senior managers for regulatory breaches by the insurance undertaking. Indicatively, the BoG has the power to impose to senior managers an administrative fine of up to €2,000,000 in case of violation of the applicable insurance regulatory framework, or of up to €200,000 in case there is refusal to cooperate with the regulatory authority, or a regulatory investigation or audit is hindered or impeded.

Apart from other applicable requirements, insurance undertakings must have the centre of their administration and their constitutional seat in Greece and to be established in a specific legal form (i.e. société anonyme, inter-insurance partnership or European company) in order to obtain a license. Also, non EU/EEA insurance undertakings that aim to write insurance in Greece must establish a Greek branch further to authorization by the BoG, and appoint a legal representative residing in Greece. As regards EU/EEA entities operating in Greece under the freedom to provide services (FOS) or the freedom of establishment (FOE), there are no minimum presence requirements.

The outsourcing of critical or important functions or activities, as well as changes thereto is subject to prior notification to the BoG. The Insurance Regulation Act defines the situations where outsourcing is not permitted, hence shall be prohibited by the BoG. In particular, the outsourcing of functions or activities must not result or threaten to result in:

• materially impairing the quality of the governance system of the insurance undertaking
• unduly increasing the operational risk
• impairing the capability of the BoG or any other EU regulator to monitor the compliance of the insurance undertaking with its regulatory or other obligations
• undermining the continuous and full service to the insureds.

The insurance undertaking remains liable for any civil, criminal or regulatory liability or obligation relating to the outsourced services.

Outsourcing to cloud service providers has recently been regulated by the BoG. The BoG Executive Act No 180/17.12.2020 -adopting the EIOPA guidelines on outsourcing to cloud service providers– set specific instructions for (re)insurance undertakings and insurance groups outsourcing activities either to cloud service providers or to service providers not directly providing cloud services but substantially depending on cloud infrastructures for the provision of their services. Accordingly, as of 01.01.2021 the insurance undertakings concerned are under the obligation, inter alia, to update their outsourcing policy, assess the risks relating to each outsourcing arrangement and keep a special registry of such agreements. Additional reporting obligations to the BoG also apply.

Insurance and reinsurance undertakings are required to adopt and maintain risk management policies, including insurance, reinsurance and investment risk management, which shall include principles for the selection of counterparties, provisions for risk reduction and monitoring of creditworthiness and diversification of counterparties. Risk management policies must be consistent with the undertaking’s overall business strategy. In addition, the practices adopted by insurance and reinsurance undertakings  must be compliant with the general legal and regulatory obligations as regards relationships with third parties.

As regards operational resilience, no specific requirements apply to date; however, insurance and reinsurance undertakings are under the general obligation to dispose adequate organizational and operational structures and to be able to adapt such structures to their operations and business environment within a reasonable period of time. Also, insurance and reinsurance undertakings must include in their business continuity policy contingency plans, identifying vulnerable areas and addressing relevant risks, such plans to be updated and tested on a regular basis.

According to Greek law, insurance and reinsurance undertakings are free to decide how they invest their assets, provided that they follow the “prudent person principle”, without being obligated to any kind of limitation, prior approval or notification requirement.

Accordingly, (re)insurance companies investing their assets are required to take into account the best interest of the insured parties and to take steps to secure that the invested capital is always available. Specifically, insurance and reinsurance undertakings with respect to their assets’ portfolio should only invest in assets and securities whose risks can be adequately identified, measured, monitored, managed and reported, by also assessing their overall solvency needs as prescribed by the law. Moreover, the investments, especially the ones that refer to capital associated with the minimum capital requirements and the solvency capital requirements of the company, should take place in a manner that ensures the security, quality, liquidity and profitability of the company’s portfolio. Assets covering technical provisions must, in addition, be invested in a manner appropriate to cover the nature and duration of the insurance liabilities. Finally, certain additional requirements apply in the case of insurance policies associated with investments, where the investment risk is born by an insured natural person.

Insurance (and reinsurance) undertakings are under the obligation to adopt and maintain risk management policy with regard to reinsurance and other risk mitigation techniques. The risk management policy must at least address matters such as the determination of the amount of risk that the undertaking must transfer or mitigate, the principles of selecting reinsurers, the procedures for assessing effective risk transfer, the liquidity risk management procedures, etc. On the condition that insurance undertakings adhere with the principles adopted in their risk management policies, there are no specific regulatory requirements from legal perspective regulating the level or type of reinsurance utilized and insurance undertakings are free to decide the allocation of insurance risks without being required to obtain prior approval or provide notification, provided always that they follow the “prudent person principle”.

The sales of insurance in Greece are controlled mainly through a rigorous and insured-focused legal framework aiming to ensure that the choice of the policyholders to conclude an insurance contract has been shaped in an informed manner, such as the provisions regulating the contents of mandatory pre-contractual information, the insurance intermediaries’ obligations to provide guidance and advice to their customers, the claims handling obligations, the cooling-off rights and the policyholders’ right to rescind in case the insurance contract deviates from the coverage sought under the insurance application.

The general terms and conditions of insurance products are not subject to prior control or approval by the BoG. The BoG has however the authority to request the non-systematic communication of such terms and conditions, to request information with regard to concluded insurance contracts and even to demand the discontinuance of the sale of a specific insurance product, activity or practice if it is found by the BoG to violate the applicable regulatory framework.

Cross-border business operations in Greece by EU insurance undertakings or intermediaries are allowed on the basis of either the freedom of services (FOS) or the freedom of establishment (FOE) and subject to compliance with the general good requirements set by the BoG. On the contrary, third-country insurance undertakings can undertake business operations in Greece only subject to establishment and authorisation granted by the BoG on the basis of reciprocity with the home country of the insurance undertaking concerned.

As a matter of principle, insurance contracts can be concluded through distance selling or online sales, since the application for insurance, the insurer’s proposal and the acceptance of such proposal by the policyholder can take place in writing, orally or via any technological means (e.g. through the exchange of e-mails or an on-line application and acceptance process).  Law 2251/1994, as in force, (the “Consumers’ Protection Act”), also implementing into Greek law the provisions of the EU Directive 2002/65/EC on distance marketing of consumer financial services, recognises additional rights to consumers, including policyholders, in case of distance selling. The Consumer’s Protection Act requires that adequate pre-contractual information is made available to the consumers-policyholders, in writing or though any other durable medium, before undertaking any commitments under the policy, otherwise the policy may be considered null and void. Accordingly, in case of telephone sales, the process must be recorded with the consent of the consumer and specific information must be provided, such as the identity of the person contacting the consumer and his/her relationship with the insurer.

The Greek Insurance Contract Act comprises a set of semi-mandatory rules which aim to protect policyholders and insureds, in the sense that such rules can be deviated only to their benefit and in order to enhance the protection offered to them under the Act. The rule of thumb is that all policyholders and insureds are subject to the same set of protective rules, effectively being treated as consumers, irrespective of whether the insurance relates to their business activities or covers personal needs. Limited scope deviations in favour of the insurer are permitted if the insurance relates to business activities and covers professional needs, and only for deviations against those provisions which are explicitly indicated in the Act. The protective scheme of the Insurance Contract Act is not mandatory when it comes to large risks and the parties concerned may deviate therefrom at their discretion.

Insurance Regulation Act includes a general obligation for compliance with Consumers’ Protection Act for the protection of consumers, setting additional requirements for unfair contract terms, distance selling contracts and misleading advertising in insurance contracts. Insurance contracts are also subject to the applicable legal framework for the protection of personal data of individuals.

According to the Insurance Regulation Act, (re)insurance companies established in Greece or operating in Greece under the FOS or FOE regime may freely form their premiums in accordance with their techno-economic needs. Premiums are not subject to systematic notification to or prior approval from the BoG. Only in the context of general price-control system, the BoG may require, following a relevant decision published in the Government Gazette, the notification of premiums and increases thereof. As regards life insurance, the BoG may require insurance companies based in Greece to systematically disclose the technical nature of the data used to calculate premiums and relevant technical provisions solely for the purpose of monitoring compliance with actuarial principles.

The main protections offered under the Insurance Contract Act are summarized as follows:

• the insurer has specific information duties against the policyholder and insured prior to the conclusion of the insurance contract and during its term;
• any agreement limiting the rights of the policyholder, beneficiary or insured is considered null and void;
• the insurer must inform the insured of its right to object to the insurance contract and the right to withdraw from the insurance contract;

Insurance legal and regulatory framework in Greece does not provide for a special resolution regime applicable to insurers.

In the case of complaints raised by insureds against insurance undertakings and insurance intermediaries established in Greece or operating in Greece under the FOS or FOE regime, regulatory framework provides that the insureds may recourse for an out-of-court resolution of their complaint to the General Secretariat for Consumers or the Ombudsman for Consumers. Insurance undertakings and insurance intermediaries must inform the insureds of their right to ou-of-court resolution, also indicating any applicable deadlines.

Greek courts are well adept at handling complex commercial claims and there is a significant experience and precedent in insurance claims. In Greece courts handling commercial claims consist exclusively of judges. When necessary, the courts may appoint experts to support them in clarifying the technical aspects of the claim. The parties may appeal against the decision of the Court of First Instance before the Court of Appeals, which will review anew the matter on the merits. The decisions of the Court of Appeals may be cancelled before the High Court of Cassation for legal reasons only. This system creates an important level of security for the parties involved, but may often require a material period of time for the finalisation of the case.

The standard market practice is that disputes arising from insurance contracts are subject to the jurisdiction of the competent court – one of the reasons being the high cost of ad hoc and institutional arbitration, which would prevent most insureds from seeking judicial protection. In cases where the risks involved or the claims are considerably high or when the parties prefer to ensure confidentiality of the details of their dispute and faster resolution of the claim, they may address their claim to arbitration. The arbitration agreement must be in writing and may either be included in the insurance contract or negotiated and agreed in a separate agreement.

Under Greek law, insurance disputes can be subject to alternative dispute resolution (conciliation, mediation and arbitration). The Greek Procedural Code has been recently reformed to encourage alternative dispute resolution by introducing a mandatory mediation process on certain civil and commercial disputes (e.g. economic claims of more than €30,000 and family law disputes) as a condition for addressing the dispute to the court. In the case of insurance claims, the insureds are also encouraged to address to the General Secretariat of Consumers or the Consumer’s Ombudsman for the conciliation of their dispute with the insurer. Although the alternative dispute resolution is promoted, the market trend is that the parties continue to have recourse to the competent courts for the resolution of their disputes. Arbitration clauses are not common to the majority of insurance contracts, mostly due to the higher costs involved as compared to court resolution. Arbitration is usually selected by the parties where the risks involved or the claims are considerably high or when the parties prefer to ensure confidentiality of the details of their dispute or resolve the dispute faster. The arbitration agreement must be in writing and may either be included in the insurance contract or negotiated and agreed in a separate agreement. Reinsurance disputes are commonly resolved by arbitration and are usually subject to foreign law.

The transfer of all or part of the portfolio of insurance contracts of a (re)insurance undertaking seated in Greece to a Greek or an EU (re)insurance undertaking is subject to the prior approval by the BoG which is granted provided that the transferee insurance undertaking (i) is licensed to conduct business in the same classes of insurance and (ii) possesses eligible own funds to cover the solvency capital requirements as adjusted further to the portfolio transfer. The approval by the BoG is granted subject to the satisfaction of the following additional conditions:

• In case the portfolio comprises risks situated in other EU member states, the regulator of such member state has granted its consent; consent is deemed to have been granted upon expiry of a three-month period that follows the inter-regulatory request by the BoG;
• the transfer is not prejudicial to the interests of the policyholders or any other persons having rights or obligations under the contracts to be transferred. Policyholders are given the opportunity to object to the transfer of their insurance contracts; however the BoG can still authorize the transfer if the contracts of the opposing policyholders represent no more than 15 per cent of the entire portfolio.

The decision of the BoG approving the transfer is notified to the EU and the regulators concerned.

Special provisions apply in the case of a portfolio transfer by the Greek branch of an insurance undertaking seated in an EU Member State or a third country.

The Greek insurance market is characterized by the dominance of a rather limited number of large and medium size insurance companies especially since a number of acquisitions and mergers -implemented in the recent years and ongoing- have increased the consolidation of the market. New market entrants meeting the Greek regulatory requirements are not discouraged by the Greek regulator from entering the Greek insurance market. However the insurance sector is highly regulated and compliance with the Solvency II Directive and the IDD, as implemented in Greece, will require significant investment by new market entrants. The language barrier should also be considered since Greek language shall be used and insurance policies must in principle be drafted in Greek language, affecting insurance operations as they should be set up accordingly.

Insurance in Greece has traditionally been conducted through distribution channels relying on personal contacts and relations between the parties. Digital sales have emerged over the last years, mainly for non-life lines of business, while the traditional channels have remained dominant. Since the outset of the covid-19 pandemic and the imposition of physical distancing measures, there is a more dynamic shift to the use of digital tools and the development of remote distribution channels.

Furthermore, the continuing technological innovation and the related emergence of new types of cyber security risks has paved the path for an increased appetite by Greek businesses for cybersecurity insurance products, albeit coverage is at present offered mainly through specialized foreign cyber risk insurers rather than Greek insurance undertakings.

In Greece, the digitization of the insurance sector is a highly topical issue and during the last few years many insurers, in the context of their strategy for digital transformation, have implemented digital tools used inter alia for the purpose of selling insurance products and handling claims. Even though these initiatives are ahead of the applicable regulatory framework, where no specific provisions are included to date, the Greek regulator does consider the digitization of insurance transactions as a challenge to be addressed, nonetheless allowing the practice while  safeguarding consumers’ trust in the insurance sector.

It is worth mentioning that Law 4727/2020, published in September 2020 and addressing matters of digital governance, explicitly equates the qualified electronic signature to the hand-written signature and, even though the relevant provisions are not specific to the insurance sector, they could be seen as a significant step towards digitization, considering that the hand-written signature was in market practice hard requirement until recently.

The use of customer data by insurance undertakings is governed by Regulation (EU) 2016/679 (“GDPR”) and Law 4624/2019, which frames the provisions of the GDPR into Greek law. Accordingly, there are no specific rules for insurers in addition to the generally applicable data protection regime. Under the provisions of Article 23 of Law 4624/2019 the processing of genetic data for life and health insurance purposes is explicitly prohibited.

In principle, there are no additional restrictions or requirements on sharing customer data overseas/on a cross-border basis other than those provided for in the GDPR. However, the Insurance Regulation Act implicitly imposes a restriction on the free transfer of customer data outside the EU by providing that the BoG must be able: (i) to monitor the compliance of the insurance undertakings with their obligations and (ii) in case of permitted outsourcing, to have effective access to the business premises of the service provider and exercise this right of access, either directly or through the EU corresponding supervisory authorities.

Within the framework of the initiatives of the EU for sustainable development, the EU, inter alia, has adopted Regulations (EU) 2019/2088 (“SFDR Regulation”) and (EU) 2020/852 (“Taxonomy regulation”), which impose sustainability-related disclosure obligations to the market participants and financial advisers, aiming especially to the promotion of investments which respect the ESG criteria and contribute to sustainable development. In this context, insurers are subject to transparency obligations to the extent that they fall into the following categories: (a) being an insurance undertaking which makes available an insurance‐based investment product (IBIP); or (b) being an insurance intermediary or undertaking which provides insurance advice with regard to insurance-based investment products. Greece has adopted measures for the implementation of the SFDR Regulation and the Taxonomy Regulation, which are also applicable to insurance undertakings. Insurance undertakings are required to self-measure and report on yearly basis their carbon footprint, as well as any measures and actions voluntarily adopted for the reduction or offsetting of carbon emissions.

By way of example as regards transparency obligations, insurers that are also financial market participants or operate as financial market advisers under the EU Regulations mentioned above must publish on their websites as of 10th March 2021 information about the policies they implement for the integration of sustainability risks in their investment decision-making process or in their insurance advice.

There is no special regime applicable to (re)insurance undertakings in respect of diversity and inclusion. Insurance and reinsurance undertakings are subject to the general legal framework applicable in respect to equality of rights, diversity and inclusion.

The next five years are expected to be characterised by new opportunities in the insurance industry stemming from the increasing levels of digitization in all financial sectors. Insurance of cyber risks may also see higher demand, not only targeting the business organisations, but in the form of consumer products alike.

Substantial developments may also emerge in the pensions’ front. The statutory social security system is currently under review and a reform is under discussion through a system of auxiliary pensions to be provided by IORPS and private insurance undertakings in what is called the implementation of a “3-pillar system of public, occupational and private insurance”. The introduction of such model, which will aim at ensuring the viability of the mandatory Greek social security system, would be expected to give a significant boost in the relevant areas of insurance services.