As artificial intelligence (AI)-driven technology is rapidly developing, so are concerns about its use and potential for numerous negative consequences, including invasion of personal privacy, spread of misinformation and data vulnerability.
Like other industries, the insurance industry is looking carefully at the use of AI in both internal and customer-facing applications. The National Association of Insurance Commissioners (NAIC), has developed a draft set of protocols that will provide a model Artificial Intelligence Systems (AIS program) that addresses governance, risk management controls, internal audit functions and third-party AI systems.
Ultimately, the NAIC’s draft AIS program will serve as a model for state regulatory guidance on use of AI-driven technology by insurers.
The NAIC in July released a model bulletin on regulatory expectations for the use of AI systems by insurers. The recommended AIS program put forth in the model bulletin encourages insurers to implement and maintain board-approved written AIS programs that address governance, risk management controls, internal audit functions and third-party AI systems. The goal of the AIS program is to mitigate the risks of harm to consumers through decisions made or supported by AI-driven systems – including third-party AI systems – that are arbitrary or capricious, unfairly discriminatory, or otherwise violate unfair trade practice laws or other legal standards, or that include data vulnerabilities.
The bulletin also advises insurers of the information and documentation that insurance regulators may request during exams and investigations of the insurers’ AI systems, including third-party systems.
AI Technology Already in Use by Insurers
AI systems are currently used for underwriting and risk analysis in the insurance industry, providing data analytic tools and running models to determine if an insurer can underwrite a policy or accept coverage in a certain geographic area. These systems match all the available data points and provide a richer analysis of risk that helps underwriters make better decisions.
The idea behind the NAIC’s model bulletin is to provide predictability for insurers as they think about risk assessment and risk management and whether they are doing enough to put controls around these systems. Moreover, the NAIC’s guidance will help insurers put in place a framework for determining whether the third-party AI systems used by their vendors are held to the industry’s standards.
Major Areas of Concern
The model AIS program put forth by NAIC covers the following broad areas:
- Risk Management
- Third-Party Systems
- Regulatory Oversight and Requests for Information and Documentation
Insurance Industry Slow to Adopt Technology
The insurance industry is generally slow to adopt new technologies. Still, regulators are scrutinizing technology more closely these days and telling the insurance industry it needs to put in place some standards.
States can be equally slow in adopting regulations and guidance around technology, and most are currently focused more on cybersecurity than AI.
But the speed with which AI technology is entering the mainstream is compelling many industries – including insurance – and their state regulators to assess the potential risks and develop policy guidance and regulations to address them.
In short, the big wave of AI is here, and the insurance industry must define best practices and parameters that will guide individual insurers in using this new technology.