top of page

    Insurance (Insurtech)

 

  • Insurtech is the modern transformation of the previously staid and unexciting insurance industry from a business model of single face-to-face client-salesperson interactions, providing only various types of complex, standardized, non-negotiable, one-size-fits-all, paper policies, to a multiple-simultaneous-transactions, app-based, on-demand, technology-driven, agile environment, in which potential clients may search globally for a product that closely-fits their particular needs at that particular moment (such as a 2-hour duration auto liability policy needed when borrowing a friend’s car to accomplish some quick task) or, if they do not find exactly the policy they may need, then finding an online insurer which may be willing to customize a bespoke policy for them, based on their input through a smartphone app or online, using the customization capabilities of smart contracts (generally cloud-based applications, incorporating artificial intelligence – AI – blockchain and machine learning – ML – technologies, to provide a complete on-demand contract-generation process, from customization through signature).

 

  • Insurtech entities may actually be insurance providers themselves, or more commonly, may be outsourced third-party vendors of particular insurtech-type services to insurance providers (for purposes of this discussion the term “insurtech provider” will be used as a collective term to denote both such types of insurtech-related entities, unless specifically stated otherwise);

 

  • Insurtech developed around 2010, and now provides literally thousands of types of standard and customizable insurance products – including commercial lines, life insurance, personal lines and even reinsurance – through currently more than 3,500 insurtech providers to millions of retail businesses, consumers and industries.

 

  • Insurtech providers attempt to integrate numerous cutting-edge hardware and software technologies into their solutions – such as for example: artificial intelligence; blockchain; bots; car-monitoring devices; chat; cloud-based platforms; data analytics; drones; image analysis; internet of things (IoT) home-based devices; machine learning; online instant payments; predictive modeling technologies; smart contracts; statistical analysis; telematics (a combined system of computer science, electrical engineering, telecommunications and various vehicular technologies); video conferencing; wearable activity trackers; and the like.

 

  • Insurtech providers tout numerous advantages for their solutions, such as for example: fraud prevention (through the use of blockchain and numerous cloud-based fraud-detection platforms); improved customer service (through the use of chat bots to resolve routine issues, and the increased availability of home-based global customer service representatives); improved documentation and records-keeping (through the use of online archives and data repositories); reduced costs to clients (resulting from a decreased reliance on brick-and-mortar facilities); increased underwriting and claims processing speed (through the use of smartphones to provide information and images regarding claims); faster appeal process for clients whose claims were partially or fully denied (due to increased availability of underwriter decision-makers as a result of bots and administrative personnel to perform mundane policy-related issues); more-accurate insurance product pricing (resulting from increased reliance on numerous, vast, big-data databases for better demographics); online quote comparison from many sources;

 

  • However, despite the optimistic hype, the fact remains that the greatest threats to insurtech solutions may be the serious problems of intentional client fraud and inadequate cybersecurity;major financial institutions are generally required to spend millions of dollars and countless hours of due diligence on complying with regulations involving anti-money-laundering (AML), know-your-customer (KYC), sanctions lists, suspicious activity reports (SARs) and the like, all because potential clients (both domestic and foreign) may wish to game the shadow-nature inherent in any online process (through the use of false personal information, false photos – for example for their own identification or when making claims – or worse yet, using other people’s stolen identity information and photos); while for the most part, such major financial institutions have done an efficient job in staving off such potential client fraud and numerous cyber-attacks, the incredible amount of financial resources and human resources such major financial institutions must expend on a daily basis to do so may be too burdensome for insurtech providers, particularly startup insurtech providers, leading such providers to cut corners, thus increasing the possibilities for intentional client fraud and data breaches; even the use of blockchain is not foolproof, since no one has yet been able to explain how several hundred million dollars worth of Bitcoin (which relies on blockchain technology) suddenly went missing several years ago, and has never been found since.

 

  • On the bright side, insurtech providers also routinely conceive and implement innovative new insurance formats, such as for example:

    • decentralized insurance (a/k/a distributed ledger technology-based insurance) uses the combination of blockchain and smart contracts to create an environment in which the client is almost guaranteed that a centralized underwriter’s perhaps arbitrary and capricious decisions will not be the sole basis to justify paying a claim or not;

    • social insurance (a/k/a peer-to-peer insurance or P2P insurance), in which the insurtech provider maintains a detailed database of clients, and whenever a new potential client seeks a particular type of insurance product, the database matches such potential client with a large group of similarly-situated existing clients, all of whom in that particular group pay premiums for only that particular type of insurance, and periodically, if no claims have been filed by any member of that group, the insurtech provider will pay dividends to each member of that group;

    • subscription-based injury insurance that covers injuries and resulting expenses (such as physical therapies, surgeries, X-rays and the like) on demand, but does not provide any other form of health-related coverage;

    • tokenized insurance uses a digital tokens (such as Bitcoin) to represent the ownership of an insurtech-based policy, allowing clients to use the tokens to make payments on such policy, receive dividends, or redeem such tokens for a future payout; usage-based insurance allows a client to pay for a policy in advance only when they may need such policy coverage (such as a homeowner’s policy covering a summer home that will be unoccupied during several specified winter months, but which coverage may not be needed in the summer months when such home is occupied, and covered under other insurance of the client).

 

  • Of course, innovation is not without risk, and with insurtech solutions, the greatest risks involve violations of existing laws in multiple jurisdictions simultaneously, particularly regarding data privacy laws and data security; for example, if a potential client in California – home of the infamous California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), and also subject to the restrictions of the Health Information Technology for Economic and Clinical Health Act (HITECH) and Health Insurance Portability and Accountability Act (HIPAA), and numerous other Federal data privacy and data security laws – uses their smartphone to generate a customized smart contract on a blockchain from an Ireland-based – Ireland is one of the member-states of the European Union (EU) which is governed by the equally-infamous General Data Protection Regulation 2016/679 (GDPR) – to cover a healthcare issue in Canada – regulated by the Personal Information Protection and Electronic Documents Act (PIPEDA) – then in the event of a claim, the question might be the controlling law – whether Federal (based on the location of the insured), or California (also based on the location of the insured), or EU (based on the location of the insurtech provider), or Canada (based on the location of the claim); the smart contract may not address that issue with the necessary definitive specificity, or at least through a descending order of precedence, so the claimant may need to resort to expensive and time-consuming international litigation in order to resolve the claim; the potential client may not have even read the terms of the smart contract before they used their e-signature to execute the smart contract, due to the incredible speed of the entire transaction timeline (some insurtech providers boast about providing a quote within “60 seconds” or “3 clicks” or “5 taps”, and then AI may be able to generate a multi-page smart contract within another minute or so, through the use of online boilerplate templates); perhaps the safest methodology for how to treat regulatory compliance for an insurtech entity may be always to treat an insurtech entity as being required to comply with all the laws and regulations of any jurisdiction that might be applicable to actual insurance companies.

 

  • Compliance with Federal and state (insurance is generally-regulated under state law) insurance-related agencies, guidelines, laws, regulations, rules, statutes and trade associations, such as: Consumer Financial Protection Bureau (CFPB); Employee Retirement Income Security Act (ERISA); Federal Insurance Office (FIO); Federal Reserve Board (FSB); Financial Stability Oversight Council (FSOC); Liability Risk Retention Act (LRRA); McCarran-Ferguson Act (MFA); National Association of Insurance Commissioners (NAIC); NAIC Model Laws; NAIC Quarterly Listing of Alien Insurers; National Association of Registered Agents and Brokers Reform Act (NARABRA); New York State Department of Financial Services Insurance Circular Letter 2019-1; Nonadmitted and Reinsurance Reform Act (NRRA); Terrorism Risk Insurance Act (TRIA); Terrorism Risk Insurance Program Reauthorization Act (TIRPIA); Uniform Certification of Authority Application (UCAA); United States (US) Department of Labor (DOL) Fiduciary Rule; Wall Street Reform and Consumer Protection Act (Dodd-Frank).

 

  • The dilemma of regulatory compliance applicability may be best-illustrated by the language on the web site of a particular insurance department; rather than attempting to describe in detail what insurtech products may possibly be regulated under the laws and rules of that jurisdiction (which would be virtually impossible, due to all the customization features available through the myriad of insurtech provider platforms), the insurance department places the burden of potential regulatory compliance onto the insurtech provider itself, through written instructions requiring that if an insurtech provider wishes to offer any insurtech product to any business or resident of that jurisdiction (whether in-person or online), such insurtech provider must first provide a written description of such proposed product for prior approval by the insurance department, which must contain, at a minimum: a detailed description of any innovation incorporated into the coverage or delivery of such product; an itemization of any benefits or detriments of such product to businesses or consumers in the jurisdiction; an analysis of any potential benefits or detriments of such product on competitors, or other insurers in the jurisdiction; a timeline for marketing and market entry; a detailed description of all data privacy and data security controls for such product; identification of all laws and rules within the jurisdiction that may in any way impact the sale or use of the product, or claims that may in any way result from the product coverage; any requests by the insurtech provider to keep all or any part of the operational details of such product confidential, under trade secrets protections.

 

  • Consultation for typical insurtech-related issues, such as for example: acquisitions, divestitures and mergers (M&A); corporate governance; drafting and negotiating all required agreements, contracts, documents, forms and templates; financing; fundraising (pre-seed – founders’ personal funds; seed – angels, family, friends, founders, incubators, relatives; Series A – anchor, crowdfunding, venture capital; Series B – venture capital; Series C – hedge funds, investment banks, IPO, M&A, private equity, SPAC, venture capital; Series D and E – private equity and venture capital); intellectual property (IP) issues; multi-jurisdictional authorization, formation and licensing; product development; regulatory compliance; representation for governmental audits, enforcement actions and regulatory hearings; restructuring for conversion from insurer only to combined insurer and insurtech provider.

    Progress_Page_Last_Updated_221211_1539

bottom of page