Artificial Intelligence capabilities are quickly becoming a must-have core competency for carriers wishing to succeed in the insurance industry.  Leading carriers, through AI, are materially enhancing operational capabilities, enhancing profitability through improved loss ratios and risk selection, and improving customer experience.

Customers are no longer comparing insurance carriers to other carriers, but rather to digital-first retailers and service providers.  AI can transform a carrier into a personalized insurer, enabling the most relevant customer experience. It can create smarter insurance companies that harness this power to implement data-driven, micro-segmentation strategies that keep bad risks off their books. All of this is transforming an industry that desperately needs these capabilities. Now is an exciting time to be in the industry.

While this is incredibly exciting, one must of course point out that as with any new technology or capability, there is hesitation from some insurers.  Insurance is an industry that is slow to change and incorporating technologies like AI proves that to be true.    Of course, much of the hesitation is caused by the quickly developing, but still uncertain, regulatory guidelines and oversight when it comes to AI. This can either be a stumbling block to growth or an opportunity, depending on how insurers approach it.

Carriers can, and should, address this regulatory hesitation through the diligence process.  With just a few steps, carriers can create confidence in their own processes and the AI-powered solutions insurtechs can offer.  While scrutiny is prudent to avoid potential risks and ethical pitfalls, slow adoption is not an option.  Winning carriers must act now to capitalize on the opportunities, increased growth, better customer experience, and overall operational efficiencies.  Insurance companies pride themselves on being “fast followers” but in this case, that is the surefire way to lose.  Following fast, in a world where consumer expectations are rapidly rising, is the fast lane to irrelevance.

While professionals are raising dozens of potential concerns with AI, in our experience the primary concerns fall into two buckets: Privacy and Security, and Ethical use of AI.

Here are 5 questions an insurance organization should ask when evaluating new potential insurtech AI partners.

  1. What standards are you using to create your policies and procedures and govern the use of data and AI methods?

What to look for in the answer:

Insurtech organizations leveraging AI should be keeping a close eye on the National Association of Insurance Commissioners (NAIC), specifically the NAIC Principles on AI adopted in August of With the conclusion of its December meeting, NAIC indicated that it would quickly be providing updated guidelines. In addition, the National Institute of Standards and Technology in the U.S. Department of Commerce has a goal of cultivating trust in AI technologies (and is furthest along on this issue), and has provided a framework for AI solution providers that will provide a detailed look at how the insurtech is staying compliant and trustworthy.

  1. What have you done to mitigate or manage bias within your methods and, if applicable, predictions?

What to look for in the answer:

Scrupulous monitoring of data and methods should be foremost on the priorities of insurtech AI groups. While there are varied methods to accomplish this, the policies and procedures should be clear and compliance validated.

  1. When was the last time your methods and outcomes were validated by a third party?

What to look for in the answer:

Third-party validation should be part of every AI organization’s compliance platform and adds confidence to internally created policies and procedures. Follow-up question to consider include: How frequently is third-party validation scheduled or conducted?

  1. What steps do you take to protect your carrier and client data?

What to look for in the answer:

Ideally, the insurtech you are partnering with has ongoing monitoring of privacy and security procedures. A very good indicator of the prioritization of privacy and security is a SOC 2 Type 2 certification that is continuously monitored by a third party.

  1. What do you do to stay in compliance with the national, and state-specific, privacy regulations?

What to look for in the answer:

Privacy laws are quickly evolving as technology and access to personal data have proliferated.

While these laws mandate how organizations can use the data, consumers also have increased expectations for the privacy and security of their data. Within the U.S. your insurtech partner should be able to rep and warrant the data they use is compliant with applicable state privacy laws, i.e. CCPA, and give demonstrable evidence that they follow state privacy regulations as well. Follow-up questions to consider include: What monitoring do you have in place to ensure privacy and data protection policies and procedures are followed? When was the last time you updated your policies? When was the last time you changed or removed a method or procedure based on this monitoring?

These questions are not the end, but rather, just a starting point.  Carriers must concern themselves to ask questions, go deep in the diligence process, respect the evolving regulatory environment, and partner with insurtech AI partners that understand the stakes and complexity.  The leading AI insurtech partners are setting the stage for improved privacy, security, and ethical use of AI.

Scott Ham, CEO of Pinpoint Predictive