Article
Various states push momentum towards regulating insurer's use of artificial intelligence
April 1, 2024 · Authored by John Romano, Russell Sommers
The recent, rapid expansion of big data and new technologies has transformed the insurance industry and has shown that it has the potential to increase efficiencies and benefit insurers and consumers alike. However, the unchecked use of these advancements can unintentionally result in harm to protected groups. To combat this, Colorado has introduced the Senate Bill (SB) 21-169, which aims to protect consumers from insurance practices that result in unfair discrimination on the basis of race, color, national or ethnic origin, religion, sex, sexual orientation, disability, gender identity or gender expression. Insurers in the state may soon be held accountable for testing their big data systems to ensure they are not unfairly discriminating against consumers on the basis of a protected class, and are required to address any concerns as they arise.
Following Colorado’s lead, on Jan. 17, 2024, the New York Department of Financial Services (NYDFS) issued a proposed circular letter to all New York state insurers in order to identify its expectations on the management and use of artificial intelligence systems (AIS) and other predictive models in underwriting. Most recently, Alaska, New Hampshire and the Connecticut Insurance Department adopted the NAIC model bulletin on artificial intelligence (AI).
Our financial services risk advisory specialists broke down both of the new regulations below. A table is included summarizing the key takeaways.
| Criteria | Colorado (SB21-169) | New York (NYDFS update) |
Connecticut (Adoption of NAIC Model Bulletin) |
| Scope | Targeted at life insurers in Colorado for overall governance | Broad coverage including all insurers in New York for underwriting and pricing | Aligns with NAIC Model Bulletin focusing on AI systems in insurance |
| Key focus | Governance of ECDIS, algorithms, and predictive models in risk management | Management of ECDIS, AIS, and predictive models in underwriting and pricing | Adoption of national standards on AI systems in insurance |
| Governance and risk management | Mandates a risk-based governance and risk management framework, including documentation, oversight and regular reviews | Emphasis on fairness principles, board oversight, policies, procedures and internal controls | Follows NAIC guidelines, likely focusing on ethical AI use and consumer protection |
| Internal audit | Not specifically mentioned | Requires an insurer to have an internal audit function to provide general and specific audits, reviews and tests necessary to protect assets, evaluate control effectiveness and efficiency, and evaluate compliance with policies and regulations | AIS program should address internal audit functions, but specifics are not mentioned |
| Fairness and discrimination | Focus on preventing unfair discrimination, particularly regarding race, in the use of ECDIS and models | Stringent measures against unfair and unlawful discrimination in the use of ECDIS and AIS | Expected alignment with NAIC’s stance on fair AI usage without discriminatory practices |
| Documentation and reporting | In-depth documentation, testing for discrimination, narrative report submission on compliance | Comprehensive documentation and regular testing for discrimination; detailed reporting requirements | Connecticut requires an annual certification certifying the insurer is in compliance and will make available related information upon request. Certification is due Sept. 1, 2024 |
| Consequences of noncompliance | Civil penalties, cease and desist orders, license suspensions or revocations | Not explicitly detailed, but may include examination by the Department | Not specified, but likely similar to standard regulatory noncompliance penalties |
| Current status | Adopted with recent revisions | Proposed stage, with closed comment period | Adopted, following the NAIC Model Bulletin |
| Additional insights | Colorado's regulation is specific to life insurers with a notable shift towards risk-based frameworks | NYDFS's approach is comprehensive and broad, encompassing various insurance activities | Connecticut's adoption signifies a trend towards uniformity in AI regulations in insurance across states |
Article Tags
