In the last several years, we have seen a new crop of digital products and services enter the lexicon of the insurance industry. And with these, inevitably comes a myriad array of insurance regulatory issues. Usage-based insurance, peer-to-peer insurance, machine-learning algorithms, robo-advisory insurance processes, blockchain-based insurance, and the Internet of Things present many challenges. Insurtech has permeated virtually every aspect of the insurance industry.
Regulators, technology providers and insurance companies are frequently grappling with questions like:
- Do digital marketing and advertising activities trigger insurance producer licensing requirements?
- Does the provision of value-added services violate state anti-rebating laws?
- How can insurance referrals be compensated without triggering insurance regulations?
The ability of AI and machine-learning to analyse data at very granular levels has regulators concerned about consumer protection.
Algorithms that utilize geographical data or other individualized information may effectively create proxies for sensitive characteristics such as race, religion, gender, etc. prohibited from consideration by insurance law.
On the one hand, the application of machine-learning to price risk could help insurers reduce moral hazard and adverse selection inherent in selling insurance broadly.
On the other hand, the narrow tailoring of risk and the creation of highly customized policies reflecting unique characteristics of an insured could undermine the risk-pooling function of insurance and lead to groups or categories of risk becoming uninsurable in the private insurance marketplace.
Insurtech firms involved in underwriting and pricing functions must appreciate the regulatory landscape governing insurance product development or risk running afoul of multiple insurance regulations.
For example, a company providing a model that impacts rate filings may be acting as an advisory or rating organization that requires licensure under state law.
And, even where state law may be unclear how far licensing requirements extend, regulators nevertheless may insist on some degree of oversight as a condition to approving an insurer's rate filings.
Regulators are scrutinizing the potential anticompetitive effects of Insurtech vendors that supply similar data and models to multiple insurers serving a particular market. There is a concern also that non-traditional information sources may provide proxies for prohibited discriminatory factors.
In parallel, the National Association of Insurance Commissioners (NAIC) is compiling best practices for regulators to use in reviewing insurance company filings containing predictive models. And such "best" practices may not be the "most streamlined."
One draft under consideration identified 16 best practices to apply and 92 pieces of information a regulator should consider.
The insurance actuarial modelling world is also benefiting from new forms of data collection and analysis, including data-mining, statistical modelling, and machine-learning. It has become increasingly challenging for insurance regulators to evaluate filed rate plans that incorporate sophisticated technology-based predictive models.
To address these issues, insurance regulators are considering methods of field-testing the new technologies in controlled environments similar to the FinTech "sandbox" concepts implemented in the UK and other countries.
Insurers and Insurtech firms that communicate with regulators early in the development of their offerings will be the ones most likely to achieve compliant success.
Many see tremendous potential for blockchain technology in the insurance industry, especially the ability to bring efficiencies and cost savings to existing insurance processes.
Data management and claims administration are ripe for significant improvement.
While there may be some ambiguity in the application of state insurance laws to aspects of blockchain technology, there are also opportunities for innovative legal and technical solutions.
Of course, policy information and personal customer data residing on a blockchain will need to comply with existing privacy and data protection regulations. State insurance laws generally require an insurer's books and records to be maintained in state and be available to the state regulator for inspection and audit.
It is easy to imagine encrypted blockchain technology that is designed to provide such compliant storage.
But even more interesting (and perhaps unsettling to some) is the possibility of significantly streamlining compliance efforts by allowing a state regulator to directly monitor transactions in real-time via a node on the insurer's blockchain.
Smart contracts implemented in connection with a blockchain offer even more potential benefits to the insurance industry.
For insureds, the implementation of smart contracts could remove key pain points in the claims filing process while reducing claims handling expenses for insurers.
A good example of smart contracts' potential is in connection with parametric flight delay insurance policies that run on a blockchain.
The insurance process can be fully automated with a smart contract both determining whether customers are eligible for indemnification and managing the payments.
Customers on a substantially delayed flight would benefit from automatically receiving their payout when they (finally) arrive at their destination. No claim need be filed.
The claims-free, guaranteed-payout features achievable with smart contracts certainly add value for insureds and may provide opportunities for premium pricing for insurers.
As smart contracts and blockchain technology reduce administrative, compliance and claims-handling costs, certain traditionally uneconomic insurance products, such as microinsurance, may become realistically viable.
However, the fundamental nature of smart contracts presents a number of regulatory and compliance hurdles under existing insurance laws.
At the threshold, a determination, on a case by-case basis, is needed whether smart contracts with insurance-like features are actually subject to regulation as "insurance" contracts under state law, or are they derivative contracts subject to other regulatory regimes.
If it is a regulated "insurance" product, are automated payments via smart contract allowed, particularly if funds are to be escrowed?
And, can those payments be made in a cryptocurrency? Will the answer change if that cryptocurrency is pegged to, or floats against, the U.S. dollar currency used to pay the insurance premiums?
State laws prescribing claims-handling procedures will also need to be considered carefully. Much like other algorithmic approaches, a smart contract's automated claim denial may be challenged as a substantive design flaw or as an inadvertent programming error.
Similarly, the immutable and irreversible nature of smart contracts poses an interesting challenge in the context of insurance delinquency proceedings.
The implementation of Insurtech, AI, machine-learning, blockchain technology and smart contracts in insurance is growing. New products, new markets, and new efficiencies are within sight, if not already within grasp. Insurers and regulators will be wrestling with state laws, and looking for ways to collaborate with each other, as each innovation tests the boundaries of existing regulatory regimes.
You can find out more about other recent developements in the insurance industry in our Insurance Horizons 2019 brochure, which also covers topics such as insurance business transfers in the U.S., data protection after the GDPR and preparing for Brexit and international initiatives on sustainability and climate change.
For more news and analysis that is tailored to you, as well as access to Hogan Lovells' cutting-edge interactive Lawtech tools, register for free on Engage.
You can also keep track of all the Engage content by following our LinkedIn page.