A report out from IAIS (the International Association of Insurance Supervisors) has called for insurers and national regulatory bodies to redouble their efforts in matching the interests of consumers with the emerging wave of insurtech and digitization heading for the industry.

Taking stock of recent developments in insurtech, and growing interest in insurance from ‘outsiders’, including technology firms and venture capitalists, the IAIS said that compliance professionals within insurers and national supervising bodies are being challenged to understand how some of the new innovations work.

The IAIS is a global standard-setting body whose objectives are to promote effective and globally consistent supervision of the insurance industry, and to contribute to global financial stability. Its membership includes insurance regulators and supervisors from more than 200 national jurisdictions.

In its report ‘FinTech Developments in the Insurance Industry’ the IAIS said regulators are having to balance the risks of new innovations against the benefits for policyholders and the insurance sector as a whole. More national supervisory bodies are looking at how to create the proper environment to foster innovation, for example through regulatory sandboxes or innovation hubs as the FCA has done in the UK.

Supervisors and the insurers themselves need to arrange the adequate technical resources, knowledge and skills to be able to deal with insurtech in the future. The collaboration between all the stakeholders needs to be stepped up to build up and maintain an adequate understanding of innovations.

The report concludes that several supply-side and demand-side factors are likely to increase the pace of change in insurance technology – meaning we are likely to see more investment and a larger number of technology firms seeking to disrupt insurance, either successfully or otherwise.

The IAIS analysed the potential impact of insurtech based on three scenarios:

Regulation in a world of insurtech and pay-as-you-go insurance

As an example of disruption, the IAIS looked at insurance potentially becoming an ever-reducing part of a bundled service. In this scenario there is a potential risk that insurance products reflect the firm’s objectives rather than the consumer’s. This is for example seen in the inclusive insurance space where mobile phone operators offer insurance (sometimes for free) as a loyalty mechanism.

In this future scenario, should regulation require a minimum level of transparency for consumers that highlight the potential conflicts of interest?

This is particularly relevant should the insurance value chain become highly fragmented. The same principles would apply with motor insurance being bundled into the lease for a driverless car for example.

The continual rise of the use of connected devices is expected to exponentially increase the policyholder data collected and analysed. Regardless of the regulation of data protection in each jurisdiction, under all scenarios, the IAIS said insurers and technology firms will be challenged to implement appropriate technical and organisational measures to maintain security of personal data and prevent any unauthorised access or processing.

The IAIS said regulation on data protection may need to be reassessed to include provisions on data transferability between providers. For example, data portability is an important element of the upcoming GDPR regulation and it is not yet clear how that will work for consumers in practice.

As more institutions are relying on big data technologies, regulators and compliance professionals will need to focus on prudential and organisational obligations related to IT management, cyber security and internal controls for outsourcing services.

The report points to several challenges for the insurance industry as a whole, including:

  • Balancing the risks and benefits of innovations and creating an environment that fosters innovation through approaches such as regulatory sandboxes or innovation hubs
  • Evaluating and, if needed, adjusting the prudential regulation framework
  • Considering the adequacy of current reporting requirements in monitoring trends and the potential build-up of risk connected to new technologies
  • Understanding how innovations work and are applied to ensure adequate assessment of new product and business models.

Regulation of personalised pricing and personalised products

Developments in big data and AI go beyond simply the product level and are affecting business processes of the insurer as well as the insurtech ecosystem. For the incumbents and innovators, the application of big data and AI is a significant competitive advantage. However, they will need to invest in preventing cyber incidents as well as invest in training or hiring specialised expertise for algorithms design and application.

From the regulatory viewpoint, the IAIS said there is a need for measures to protect the consumer’s personal data in its collection, processing, correction and sharing, as well as to ensure information security and data privacy policies, procedures, methods and tools aimed at protecting data from cyber incidents, breaches or unintended use.

Among the report’s other findings, insurtech may result in more individualised insurance products which could affect (price) comparability and consumer choice. There is also the factor of increased insurance sector interconnectedness based on specific technology platforms, which has the potential to change insurer business models in other ways.

Technology may increase the focus on improving the customer experience and affect the treatment of customers, possibly creating issues of affordability of insurance products or even increased financial exclusion, the IAIS said. It may also create issues concerning the use, ownership and protection of data.

The conventional concept of risk pooling is potentially changing with insurtech, as we move to a world of more granular risk categorisation that creates a breakdown of the current risk pooling principles. The IAIS said this has potential to create issues around affordability of certain insurance products, possibly even leading to exclusion, something that national regulatory bodies are closing watching.

The role of the regulator and the compliance professional working in insurance thus becomes first and foremost in identifying such trends of unconscious bias, in case they should start appearing in insurance processes.

“Insurtech innovations have the potential to change fundamentally the way the insurance sector serves policyholders,” said Victoria Saporta, Chair of the IAIS Executive Committee in a statement.

“Because of both the scope and pace of change, insurance supervisors must be alert to new developments and make necessary adjustments in their supervisory practices and skills.”

Follow the link to the LexisNexis Risk Solutions website to find out more about how we support insurance providers.