Insurers collect and hold vast amounts of customer data that is used for underwriting, claims processing and incentivising risk reduction. Regulations that govern how this data is used or how technologies can be deployed in insurance is lacking.

Listed below are the key Insurtech regulatory trends impacting the insurtech theme, as identified by GlobalData.

General Data Protection Regulation (GDPR)

The European Union’s GDPR came into force in May 2018. Firms that do not comply with the regulation can face fines of up to €20m ($23.57m) or up to 4% of the company’s annual global turnover. Non-compliant businesses should not expect their insurance to cover the associated fine unless they are located within Norway or Finland. The collection and use of big data is an essential part of creating and evolving policies. The fines associated with this regulation are huge and would be crippling for most start-ups.

Regulation lags behind

Regulation governing the rules of insurtech is lacking like in the case of any new markets. Artificial intelligence (AI) is an example of the lack of regulation. The UK’s Association of British Insurers in March 2020 called on regulators to establish clear ethical rules on the use of big data and AI. It warned that existing regulation may not be sufficient when claims and underwriting decisions are made by a computer. Similarly, policy terms and rates are generally subject to regulatory approval in the US.

Regulators will question whether rates are justifiable if they are decided by AI, using data that is not known to the insured. Consumers are at risk of being unfairly treated due to AI underwriting and claims processes without regulation reform. Machine learning systems also need to be regularly tested to identify whether systematic bias exists, which would lead to unfair outcomes for certain customer groups.

This is an edited extract from the Insurtech – Thematic Research report produced by GlobalData Thematic Research.