A lack of knowledge about the data science that supports AI, both by insurers and their regulators, is an obstacle to creating appropriate regulatory models, according to insurance compliance experts.
"The insurance company really is not in a position to explain, to the satisfaction of the regulator, where that information comes from and what the models really do," said Scott Harrison, co-founder of the American InsurTech Council, speaking in a recent Insurtech Association webcast.
Regulators want transparency, and while insurers understand the need for consumer protection, they are concerned about regulatory overreach "stifling innovation and creating a model only well-funded companies are going to be able to play in," Harrison added.
Regulation of AI is a relatively new development for the insurance industry. The National Association of Insurance Commissioners issued its regulatory guidance bulletin on the subject in December 2023, and 24 U.S. states have since adopted it.
Abroad, the European Union has its
"The Brussels effect will likely apply to AI governance and insurance. It's a very comprehensive and risk based framework. It will start influencing global regulatory standards for multinational insurance companies, specifically those operating across borders," said Kaul-Green, speaking in a recent Insurtech Insights webcast. "This Brussels effect is likely to be quite a powerful converger of various regulatory regimes, and will drive transparency, accountability and consumer protection in insurance with AI deployment."
Kaul-Green suggested that court cases could end supplementing regulatory guidance and laws concerning AI. "What I hear from U.K. and U.S. regulators is that the risks that they are trying to cover around bias, discrimination, data privacy and violation of unfair trade practices, are covered under various regulations, but AI introduces a new way of doing business," she said. "But overarching feeling outside of the EU is that all of these are covered, and therefore all we need to do is have case law bringing in AI, if there are any AI-specific errors, discriminatory practices and consumer protection breaches which are not already covered."
Insurers deploying AI are basically digitizing previously manual processes, so if a regulator examines their transformation and finds any breakdown, they will want an explanation, as Harrison of AIC related. In the case of a claims denial, he said, "The answer 'that's what the algorithm told me' is not going to be an acceptable answer."
For insurers considering AI regulatory compliance measures and systems, Francesca Blythe, partner at Sidley Austin LLP, said, "You don't need to wait to have the gold standard, perfect framework, before implementing it. You don't need something perfect, straight out of the gate. Rather have something than nothing, so start small, and then just ensure that you can build upon it."
