In recent years, the insurance industry has witnessed a profound transformation driven by the exponential growth of artificial intelligence (AI) and machine learning (ML) technologies. While these advancements have ushered in unprecedented opportunities for insurers, regulators are faced with the task of ensuring they have a structured AI governance program in place to ensure these systems comply with incoming regulations.
Before embarking on any AI initiatives, it’s crucial to have a comprehensive understanding of the AI technology landscape, a strong grasp on the business uses, risks and rewards of leveraging these technologies and a robust data governance framework in place to govern these systems and manage risk as your AI systems continue to grow. These, in addition to understanding the incoming AI regulatory implications is essential for the insurance sector to harness the full potential of AI and ML while ensuring responsible and compliant deployment of these transformative technologies.
In 2020, the National Association of Insurance Commissioners (NAIC) introduced the AI Principles – often referred to as FACTS – to serve as a framework to encourage the ethical and responsible adoption of AI technologies within the insurance industry. These principles aim to balance innovation with consumer protection, fairness and regulatory compliance and are as follows:
While these principles are not law and therefore not enforceable, they do set out the regulators’ expectations and will form the basis for future regulatory workstreams.
In 2023, the NAIC released a Model Bulletin on the “Use of Algorithms, Predictive Models and Artificial Intelligence Systems by Insurers” to address the increasing integration of AI in insurance operations, particularly in areas such as underwriting, claims processing, risk assessment and customer interactions. Insurance companies are encouraged to create, execute and maintain a written AI Systems (AIS) program to ensure that decisions are accurate and adhere to both unfair trade practice laws and other relevant legal criteria.
While the bulletin provides additional in-depth details, the following provides a summarized view of the what organizations should have in-place regarding their AI systems:
Your organization’s AIS program should be designed to mitigate risk to ensure that AI systems don’t lead to arbitrary, discriminatory, or unfair trade practice-violating decisions affecting consumers. Get started by ensuring your AIS program has the following:
Your organization’s AIS program should prioritize transparent, fair and accountable AIS design within existing or new governance structures and cover standards, life cycle policies and compliance documentation. Get started by ensuring your AIS program has the following:
Risk management and internal control
Your organization’s AIS program should have a documented risk identification and control framework across all life cycles/stages. Get started by ensuring your AIS program has the following:
Third-party AI systems
Your organization’s AIS program should establish standards, policies, procedures and protocols for using third-party AI Systems. Get started by ensuring your AIS program has the following:
Additionally, the bulletin provides information regarding regulatory oversight and compliance with NAIC’s AI Program, including monitoring and audit activities to confirm compliance such as:
Creating an AI governance framework at the starting point of your AI journey will ensure your insurance organization is able to maintain oversight and controlled growth of your AI systems and will allow you to comply with incoming regulations more easily. When designing your AI governance framework, it’s important to take a strategy-first approach as strategy should be central to everything you do. As you’re thinking about the strategy of your AI program, consider it under the lens of governance and potential regulation timeline. Then, establishing a governance framework to help to control strategic growth as you execute on your strategy.
It’s important to note that continued monitoring and reporting of AI systems should be occurring during development, implementation and use – not just at the end once the system is in place.
Ensuring your insurance organization is properly equipped to adhere to incoming AI regulations by designing and implementing and AI governance framework first will help save your organization time, energy and resources by preventing the need for retrospective efforts.
Baker Tilly Digital can help your organization define your AI strategy, build an AI governance program or, if you already have things in place, we’ll work with you through the execution and implementation of your AI systems. Interested in learning more? Contact one of our professionals today.
Below you will find the presentation and recording from our recent webinar, Artificial intelligence in the insurance industry: How to balance innovation with regulatory and ethical considerations. For more information on the subject, and to learn more about how we can assist your organization with its AI strategy, refer to our artificial intelligence and insurance webpages.