Insurance is a highly regulated industry in the United States. Each state has its own complex insurance code and its own regulator that enforces and monitors compliance with that code.
In recent years, one thing that’s caught the attention of regulators countrywide is the rise of insurtech. The insurance industry is investing heavily into innovative tools that use artificial intelligence (AI), machine learning, robotic process automation, data aggregation and analytics, with the goal of enhancing their operations, reducing costs, and improving the customer experience.
“We’ve definitely seen that these new technologies and new ways of doing business are influencing the issues that state insurance regulators are focusing on,” said Yuliya Feldman, senior associate in Mayer Brown’s Corporate & Securities practice, and a member of the law firm’s global insurance industry group. “There’s definitely been increased interest in, and quite frankly calls for, greater regulatory oversight with respect to things like use of data, data privacy, and cybersecurity.”
Over the past several years, state insurance regulators have been “grappling” with how best to regulate the use of new technologies like AI and machine learning in the insurance supply chain. There have been robust discussions around issues like data integrity and how to ensure that the use of AI doesn’t result in actions or decisions that are unfairly discriminatory.
“However, when we talk about a coordinated regulatory approach, progress has definitely been slow in this area,” said Feldman, who advises US domestic and international insurers, reinsurers, and other insurance intermediaries. “That’s partly due to the complexity and fast-changing nature of the issues, but also because the insurance regulators are having to balance sufficient regulatory oversight over what’s happening in the marketplace, while at the same time not stifling innovation. That’s […] always in the back of their minds, but it’s particularly difficult to keep that balance when products and technologies are evolving so quickly.”
In August 2020, the National Association of Insurance Commissioners (NAIC) unanimously adopted guiding principals on AI. Developed by the NAIC’s AI Working Group, the principals outline five key tenets, summarized with the acronym, FACTS: fair and ethical, accountable, compliant, transparent, and secure/safe/robust.
“Those principles were really meant to provide a uniform approach to guide state insurance regulators in dealing with insurance-specific AI applications,” said Feldman. “But what we’ve seen is that the application of the principles still very much […] varies state by state.”
When insurance companies are thinking about embarking on insurtech journeys – whether they want to develop technology in-house, purchase solutions from technology companies, or support insurtech companies on their quest to market – it’s critically important that they consider insurance regulatory requirements before entering into any sort of contractual agreement, according to Feldman.
“Insurance is a very highly regulated industry,” she noted. “Regardless of your company’s role in a specific transaction, you really do want to be mindful of how insurance regulatory requirements impact and are ultimately incorporated into these agreements – particularly areas of growing regulatory risk, like confidentiality, data privacy, and cybersecurity. I think it’s also important to take these insurance regulatory requirements into account even before putting pen to paper - at the conception program structuring stage.”
The US market has always been an attractive prospect for international firms, but there are some rules imposed by US regulators that may not seem “intuitive” to people who have never operated in such a highly-regulated market – and these rules can catch out firms that have been very successful and have clean compliance checks abroad.
Feldman gave the example of the US prohibition against rebates. She explained: “These so-called anti-rebating or anti-inducement laws generally prohibit the offering of anything of value that’s not plainly described or expressed in the insurance policy. And from this general rule, in practice, you see this prohibition become relevant in a wide variety of ways.”
Some of these regulatory requirements can shock fast-paced innovators that are looking to explode into the US market with new products and solutions. That’s why, as Feldman stressed, it is important for organizations to consider insurance regulatory issues while drafting legal agreements for innovative programs.
