Being an Insurtech is Not Just the Technology Bit!

9 July 2024 alastair walker Opinion 0

This piece is by Philip White, Lawyer at The Legal Director.

Phil is an accomplished commercial and regulatory lawyer with over 25 years of General Counsel experience gained in private practice (CMS; DAC Beechcroft) and in-house with insurers, brokers and technology companies (Domestic & General Group; Lockton Companies; Bolttech Group). He has worked with executive management teams in both International FTSE and private, private equity backed, and entrepreneurial Insuretech organisations, in the UK, EEA and other international jurisdictions.

From AI to Big Data, from customer insights to digitisation, from productivity gains to fraud detection and prevention, and improving sustainability, Insurtechs are helping to reshape the future of the insurance market. Innovation in bulkier multi-national insurers is being driven by nimbler SME business – but what makes an Insurtech even better?

It’s all about the technology right?

For SME innovators it’s easy to focus on the technology you have developed, relying on purchasing clients’ desire to reduce costs or regulatory pressures through technology purchasing. In reality, regulated insurers, brokers and agents are themselves subject to an increasing array of rules dictating how they should manage risks in their own supply chains.

As regulated firms focus their attention on operational resilience, outsourcing and environmental, social and governance (“ESG”) challenges, their procurement teams are charged with managing risks arising from dealing with their third-party suppliers (“Vendor Risk Management”). Poor Vendor Risk Management can lead to fines, reputational damage, and regulatory or legal action, and they remain responsible for any supplied services. Failures in supplies from third parties can result in cyber breaches, data losses or serious disruption to key customer services.

Additionally, under operational resilience requirements for key outsourced providers, firms must identify “important business services” which, if disrupted, could cause intolerable levels of harm to its clients, or pose a risk to the soundness of the UK financial system. Requirements for these types of third-party providers will be even more stringent.

Vendor onboarding

Getting procurement approval will often require an Insurtech to step through a series of detailed checks and questionnaires, assessing whether the supplier has adequate processes and controls to manage issues such as: (i) financial security; (ii) ESG compliance; (iii) business continuity and disaster recovery planning; (iv) cybersecurity framework controls (such as ISO27001, Cyber Essentials, NIST, or SOC2) and (v) GDPR
compliance (including any sub-contractors used).

These requests are often deployed as part of a tendering process. Answering an honest “no” to elements of these requirements risks elimination; answering “yes” in the knowledge that such elements are not in place risks contractual misrepresentation and potentially an automatic breach position being set up at the start, as these elements are all likely to be included in any contractual supply terms.

Once approved and onboarded, Insurtech suppliers may need to allocate resource to manage ongoing compliance, demonstrating this annually, as well as submitting to a programme of regular auditing, either by desktop remotely or on-site.

Understanding other regulatory requirements of the client

Beyond requirements applying to an Insurtech as vendor, clients may be relying upon the Insurtech product or service to ensure that they meet additional regulatory burdens imposed upon them. For example, an insurer may rely on a specific technologies to satisfy duties owed to its customers under the FCA’s Consumer Duty regime (perhaps from a CRM reporting dashboard) or successfully detect or prevent fraudulent activities in its claims processes (perhaps detecting AI generated fake images). Insurtech vendors may be asked to give significant contractual comforts in the event of a breach in service delivery, covering risks of fines and regulatory interventions.

Why should a regulated firm choose your Insurtech product or service?

Being able to demonstrate that your Insurtech business really understands the regulated insurance market in which it operates establishes immediate trust and credibility. This can even be a selling point with potential clients. Taking the time, with appropriate resources, to address these requirements can ultimately lead to faster onboarding with purchasers, reduce ongoing legal and contracting risk moving forwards, and add longer term value to the Insurtech’s business.

About alastair walker 19419 Articles
20 years experience as a journalist and magazine editor. I'm your contact for press releases, events, news and commercial opportunities at Insurance-Edge.Net
Twitter

Related Articles

Opinion

Risk: Insurers Need Capacity to Cope With the Unexpected

29 April 2024 alastair walker Opinion 0

Some thoughts here from M-Files on the evolving set of risks and Cat events that insurers might face in the future; The insurance industry acts as a financial safety net for individuals, companies or institutions […]

Technology

Cyber Underwriting? Corvus Has a Platform For That

4 February 2023 alastair walker Technology 0

Corvus Insurance  has announced its all-in-one cyber underwriting platform that arms underwriters with predictive data-driven insights. With the help of Corvus Risk Navigator, underwriters are able to provide superior risk selection, accelerated decision-making, and IT […]

Insurance claims

GSP Achieves Certified Carbon Neutral Status

3 March 2023 alastair walker Insurance claims 0

It’s becoming increasingly important to make sure your supplier partners are meeting Net Zero and ESG regs, so this news is good to know for brokers, insurers and claims specialists involved in repairs and rebuilding; […]

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.