Luke Dash, CEO of ISMS.online
Artificial Intelligence (AI) is having a huge impact on nearly every industry, and the insurance and insurtech sectors are no different.
According to the McKinsey Global Institute, generative AI has the potential to add between $2.6 trillion and $4.4 trillion to global corporate profits annually. Meanwhile, an additional study shows that AI can improve employee productivity by as much as 66%.
These statistics speak volumes, which is why global insurers – and insurtechs – are now allocating significant resources to implement AI technology. According to the KPMG CEO outlook and Global Tech Report, insurers are increasingly embracing emerging technologies, and AI is considered to be one of the most important emerging technologies.
The implementation of AI in insurance
As companies that use innovative technologies to revolutionise how insurance products and services are developed, delivered, and managed, many insurtechs are now using AI to enhance customer service, perform risk assessments, and make product recommendations.
AI-powered chatbots and virtual assistants are used to provide instant, 24/7 customer support, improving response times and customer satisfaction. Additionally, AI can be used to analyse customer data to offer personalised product recommendations and dynamic pricing models, ensuring customers receive tailored coverage options and fair premiums.
For insurance companies and larger enterprises, AI can improve risk assessment and underwriting by analysing large datasets to identify patterns and predict risks more accurately. It also enhances fraud detection by spotting anomalies and patterns that humans might miss. Automated claims processing and damage assessment using AI speed up these processes, reduce errors and ensure timely payments.
Furthermore, AI provides valuable customer insights, helping insurers develop better products and proactive engagement strategies, enhancing customer retention and loyalty.
Similarly, AI can support insurtechs and insurance companies by automating and streamlining onboarding and training. It can identify individual skill gaps and create customised learning paths, making training more effective.
Beyond onboarding and training, AI can be used to improve overall operational efficiency and HR management. AI systems can continuously monitor employee performance, provide real-time feedback, and suggest personalised development plans. In HR, AI can aid recruitment by screening resumes and conducting initial assessments while monitoring employee engagement to improve workplace satisfaction. Other AI applications include optimising internal processes, managing resources effectively, and assessing operational risks. If implemented effectively, these applications could collectively lead to a more efficient, productive, and compliant organisation.
AI: The risks and ethical considerations
Using AI in this way raises ethical considerations for customers and employees in this sector. According to KPMG’s 2023 CEO Outlook Survey, 57% of business leaders expressed concerns about the moral challenges posed by AI implementation. And despite AI’s exponential opportunities, organisations face increasing risks that should not be ignored.
For example, insurance companies and insurtechs must guarantee that customer data is collected, stored, and used in compliance with privacy regulations and that AI models used for pricing, underwriting, and claims processing are regularly audited for bias. Customers should also be provided with clear explanations of how AI-driven decisions are made.
From an employee perspective, companies must safeguard employee data, ensure that AI models used for talent management and performance evaluation prevent bias and discrimination, and provide transparency and human oversight in critical decisions.
To mitigate risks and ensure ethical AI usage, insurtechs and insurance companies should develop ethical AI guidelines. They should also regularly audit AI models, provide clear information to customers and employees, ensure human oversight, foster a culture of responsible AI practices, collaborate with regulators and industry peers, and continuously monitor the impact of AI systems on customers and employees.
However, ethical considerations are not the only ones that need attention. The insurance industry also faces significant cybercrime and data storage risks, particularly concerning GDPR compliance. These companies store vast amounts of sensitive customer data, making them attractive targets for cybercriminals. Risks include data breaches, ransomware attacks, and adversarial manipulations of AI systems.
To mitigate these threats, insurtechs and insurance companies must implement robust cybersecurity measures such as advanced encryption, multi-factor authentication, regular security audits, and AI-driven threat detection systems. Ensuring compliance with data protection regulations is crucial to avoid hefty fines and legal actions, which require stringent data handling practices, clear customer consent protocols, and thorough audits of third-party providers. In a recent Allianz survey on how GenAI will impact the insurance industry, nearly half (48%) of respondents believe strict regulation is necessary to mitigate GenAI risks.
So how can companies ensure they follow this regulation and manage these risks?
Leveraging key guidance frameworks
Adopting ISO 42001 and ISO 27001 standards can help insurance companies and insurtechs effectively manage AI usage and associated risks.
ISO 42001 provides guidelines for the governance and management of AI systems, addressing risk management, transparency, accountability, and ethical considerations. By following this standard, companies can establish a structured approach to identifying and mitigating AI-specific risks, ensuring transparency in decision-making processes, preventing bias and discrimination, and fostering a culture of responsible AI usage.
Complementing ISO 42001, ISO 27001 focuses on information security management, helping insurtechs and insurance companies to protect sensitive data in AI systems. Aligning with ISO 27001 enables them to implement robust security controls, comply with data protection regulations, assess and treat information security risks, and establish incident response plans.
By leveraging both standards, companies can take a comprehensive approach to managing AI risks and demonstrate their commitment to responsible AI practices, building trust among customers and stakeholders. However, insurtechs and insurance companies should tailor these standards to their specific needs, assess unique risks and expectations, and continuously improve their AI governance and information security processes.
Looking ahead: Embracing new technology and compliance
Looking ahead, the sophistication of cyberattacks is expected to increase, and regulatory environments will likely become stricter.
Insurtechs and insurance companies must invest in advanced cybersecurity technologies and continuously update their compliance strategies to stay ahead. There will also be a greater focus on AI ethics and fairness, driven by public and regulatory scrutiny, requiring the adoption of ethical AI frameworks and regular audits for bias.
Furthermore, advancements in privacy-preserving technologies, such as homomorphic encryption and differential privacy, will become more prevalent, and organisations should integrate these into their data processing workflows to enhance privacy and security.
Additionally, as AI ethics and data protection regulations tighten, non-compliance may lead to higher legal penalties, fines, and erosion of customer trust. Prioritising compliance becomes essential to protect both an organisation’s operations – and its reputation.
