The recent, rapid expansion of big data has transformed the insurance industry and has shown that it has the potential to increase efficiencies and benefit insurers and consumers alike. However, the unchecked use of big data can unintentionally result in harm to protected groups. To combat this, Colorado has introduced the Senate Bill (SB) 21-169, which aims to protect consumers from insurance practices that result in unfair discrimination on the basis of race, color, national or ethnic origin, religion, sex, sexual orientation, disability, gender identity or gender expression. Insurers in the state may soon be held accountable for testing their big data systems to ensure they are not unfairly discriminating against consumers on the basis of a protected class, and are required to address any concerns as they arise.
The Division of Insurance at Colorado’s Department of Regulatory Agencies recently introduced a revised version of the proposed Algorithm and Predictive Model Governance Regulation that significantly impacts the governance and risk management requirements for life insurers. This regulation specifically targets insurers that utilize external consumer data and information sources (ECDIS), as well as algorithms and predictive models that incorporate ECDIS.
The regulation, which applies to all life insurers authorized to operate in Colorado, mandates the establishment of a risk-based governance and risk management framework. This framework is designed to ensure that the use of ECDIS, algorithms and predictive models does not result in unfair discrimination, particularly with respect to race.
The governance and risk management framework outlined in the regulation mandates life insurers using ECDIS, algorithms and predictive models to:
The updated draft regulation for life insurers has been paired down from the initial version released in February. Most notably, the updated draft no longer emphasizes "disproportionately negative outcomes," which would have included results or effects that "adversely impact a group" with protected characteristics "even after considering factors that define similarly situated consumers." Instead of this term, the updated draft pivots to necessitating "risk-based" governance and management frameworks. This shift is substantial – it not only brings the updated draft in line with conventional insurance regulation, but also signifies a pragmatic, progressive advancement for such regulation.
However, despite being less demanding than the initial draft, the updated version still imposes significant obligations on life insurers. These include mandates for life insurers to set up risk-based frameworks for the utilization of ECDIS in any insurance practice including claims, ratemaking and pricing. Furthermore, the regulation necessitates the execution of these frameworks concerning any algorithms and predictive models that use or depend on ECDIS.
The regulation outlines comprehensive reporting requirements. Insurers using ECDIS, algorithms and predictive models must submit a narrative report to the Division, summarizing their progress towards compliance with the regulation's requirements. Conversely, insurers that do not use ECDIS or algorithms and predictive models are exempt from these requirements but must submit an attestation to that effect.
The regulation stipulates that sanctions may be imposed, including civil penalties, cease and desist orders, and/or suspensions or revocations of license, subject to the requirements of due process.
The regulation is still in draft and proposed status. The Division has released a revised version of the DRAFT PROPOSED Algorithm and Predictive Model Governance Regulation (Version 5/26/23), and was seeking information comments prior to its recent June 8, 2023 meeting. Information can be found here: SB21-169 - Protecting Consumers from Unfair Discrimination in Insurance Practices | DORA Division of Insurance (colorado.gov)
Is your insurance organization properly equipped to effectively and efficiently capitalize on the mountains of data available to you? At Baker Tilly Digital, we help our clients derive new value from their data, whether it’s through advanced machine learning, data visualization or working to implement new data processes. Access a wealth of information on data solutions provided by Baker Tilly’s digital and financial services specialists.