On Feb. 9, 2026, two AI-powered insurance apps went live inside ChatGPT.

The market's reaction was immediate. WTW dropped 12%. Aon fell 9.3%. Arthur J. Gallagher lost 9.9%. The MarshBerry Broker Composite Index was down 8.9% in a single session. Billions wiped from broker valuations before lunch.

Then BofA put a number on the fear: $15 billion in low-complexity insurance commissions at risk from AI disintermediation.

The consensus response was swift: overreaction. Too early. Brokers aren't going anywhere. Goldman Sachs called it "overdone." TD Cowen said near-term commercial broker disintermediation from AI was unlikely. McKinsey concluded AI would "reshape existing models rather than disintermediate them."

They may be right about the timeline.

They are wrong about the direction.

Because this is not a debate about whether AI replaces brokers. It is a debate about who owns the distribution infrastructure when AI becomes the front end — and whether incumbents move fast enough to be part of it.

What Actually Changed on Feb. 9?

The apps that triggered the sell-off were not sophisticated. Insurify launched a car insurance comparison tool inside ChatGPT. Tuio, a Spanish digital insurer, launched a home insurance quoting app. Neither was going to put Marsh McLennan out of business by Thursday.

But what changed was not the products. It was the mechanics.

For the first time, an insurance provider could distribute its products and offer quotes directly inside an AI platform where hundreds of millions of buyers already perform their research. Until that day, AI could only provide generic answers drawn from static Web content. It could not quote a real price for a real person or business.

That changed on Feb. 9. And it has not changed back.

Through OpenAI's App Directory — effectively an app store inside ChatGPT — third parties can embed real products and workflows directly into the conversation. Taken together, these are clear signals that conversational AI is shifting from an information layer to an action layer.

Distribution economics are shaped by whoever controls the customer's starting point. AI assistants are now delivering the first explanation of value, replacing the carrier, its agents, and distribution partners as the initial voice that shapes consumer perception.

When the first interaction happens inside an AI interface, the traditional pathway — website, form, comparison journey, broker call — becomes less central. Value migrates toward the firms that control, integrate with, or are discoverable within that new front door.

And the front door is moving fast. The technology is not limited to OpenAI. AI apps built on the same infrastructure and standards have also been adopted by Anthropic's Claude, and Google's Gemini is expected to publish its own standards for third-party apps in the coming months. The shift toward agent-to-agent distribution is becoming an industry-wide reality.

The list of insurance apps in ChatGPT has grown to include Neptune Flood, Steadily (landlord insurance), and Jerry.ai (auto), joining Insurify and Tuio. Neptune's chief engineer explained that they "architected our proprietary underwriting system as a modular, API-first underwriting system specifically so it could integrate into new digital environments like ChatGPT."

This is not a wave coming. It is already here.

Two Distribution Fronts — Not One

Here is what most of the coverage has missed.

The AI distribution shift is happening on two fronts simultaneously, and most incumbents are only watching one of them.

Front One: AI Chat Platforms. ChatGPT, Claude, Gemini. Consumer and SMB buyers asking insurance questions in natural language and getting real-time quotes from carriers that have built the API connectivity to respond. Tuio's co-founder said: "For the first time, AI can access real offers, quote on behalf of the buyer, and compare coverage in real time. Every insurer will be affected, whether they've built an AI app or not."

Consumers and businesses are already uploading commercial offers and policy documents into ChatGPT to get independent analysis and advice. AI voice agents are calling call centers on behalf of buyers to collect and compare quotes. Procurement teams are using AI to evaluate coverage terms, exclusions, and pricing across multiple carriers simultaneously.

Front Two: Vertical SaaS Platforms. The operational software where SMBs run their businesses every day — ServiceTitan for field services, Toast for restaurants, Procore for construction, franchise management platforms for franchise operators. These platforms are now embedding AI agents that handle procurement on behalf of their users. When that AI agent surfaces an insurance need — a contractor scaling their crew, a restaurant adding a location, a franchisee coming up for renewal — it will fulfill that need through whatever insurance infrastructure is connected to its platform.

These two fronts are converging. The AI agent in a business's operational software will query insurance products through the same API-first, MCP-compatible infrastructure that ChatGPT apps use. The question for every broker and carrier is whether their products are accessible via that infrastructure — or invisible to it.

The Protocol That Changes Everything

To understand why this is moving so fast, you need to understand MCP.

Model Context Protocol is an open standard, originally developed by Anthropic and now governed by the Linux Foundation, that defines how AI agents connect to external tools and data sources in real time. Think of it as USB-C for AI — a standardized interface that lets any AI model query any compatible system, regardless of who built either one.

With MCP in place, AI assistants can respond to a prompt like "How much would it cost to insure my business?" by understanding the user's intent, gathering necessary context from connected systems, and returning an accurate, personalized quote — all in the flow of a natural-language conversation.

Neptune Flood's ChatGPT app is built on MCP. Their chief engineer explained: "Using the Model Context Protocol, a lightweight API layer securely orchestrates data retrieval, risk modeling, and rating in real time on top of our existing underwriting infrastructure. Because our underwriting stack is fully automated and cloud-native, we can extend instant quoting into conversational AI without changing our core workflow."

That is the key phrase: without changing our core workflow. The carriers that move fast in this channel are not rebuilding their systems. They are exposing them through a standardized API layer that AI agents can query.

For a broker or carrier that is API-ready, connecting to the AI distribution layer is not a multi-year technology program. It is a configuration exercise. For one that is not API-ready, it is a multi-year technology program — and the market will not wait.

What the Incumbent Advantage Actually Is

Here is where the narrative gets more nuanced — and more useful.

The carriers and brokers that are panicking about AI disintermediation are asking the wrong question. The right question is not "will AI replace us?" It is "what assets do we have that AI distribution actually needs?"

The answer is substantial.

Capacity and compliance. An AI agent can surface a quote. It cannot underwrite the risk, hold the regulatory authorization, or carry the balance sheet. Every AI distribution channel, whether it is a ChatGPT app or an embedded insurance offer in a SaaS platform, needs a licensed, regulated, capitalized carrier behind it. Berenberg analysts pointed out that the regulatory burden and liability exposure of selling insurance directly are significant hurdles that OpenAI and others may not want to manage independently. The incumbent's regulatory infrastructure is a moat, not a liability.

Product breadth and market relationships. The AI agents quoting inside ChatGPT today are doing simple, single-product personal lines. The SMB that needs a BOP, commercial auto, workers' comp, and an umbrella needs a broker with multi-carrier access and placement expertise. AI accelerates the front of the journey. It does not replace the depth of what a well-positioned broker or MGA brings to complex commercial placement.

Customer data and relationship history. The broker that has a five-year relationship with a growing contractor business has renewal data, claims history, and risk context that no AI agent querying a cold lead can match. The retention economics in an embedded, data-rich context — where the broker is present in the platform the customer uses every day — are structurally superior to cold acquisition.

The distribution network. The brokers and MGAs that thrive will not be those who panic. They will be the ones whose infrastructure lets them plug into every new distribution channel. The broker with 50 carrier relationships and a well-managed delegated authority framework can deploy across AI channels, SaaS platforms, and traditional routes simultaneously. The challenger with one carrier and a ChatGPT app cannot.

The incumbent's problem is not a lack of assets. It is a lack of the connectivity layer that makes those assets accessible to the channels where SMBs are moving.

The Infrastructure Gap — And How to Close It Fast

The gap between where incumbents are today and where the AI distribution channel requires them to be is primarily a technology infrastructure gap. It has three components.

API-first rating and binding. For an AI agent to quote and bind your product, whether inside ChatGPT, Claude, Gemini, or a vertical SaaS platform's embedded AI — your rating engine must respond to real-time API calls. Get API-ready. Can your systems deliver a real-time quote to a third-party platform today? If not, that is the first priority. Not because ChatGPT is coming for your book tomorrow, but because every emerging distribution channel requires this capability. Embedded insurance, partner integrations, comparison platforms, and AI agents all depend on the same thing: open, real-time API access to your rating and binding engines.

Data orchestration across channels. The SMB vertical SaaS channel holds operational data — revenue, headcount, transaction volume, job types — that makes for dramatically better underwriting than a static ACORD form. Real-time underwriting driven by live platform data improves policy accuracy by up to 40%. A broker or carrier that can ingest that data through an API layer and price against it has a structural advantage over one quoting blind. The challenge is connecting those data flows compliantly across multiple platforms without building bespoke integrations for each one.

Compliance architecture at scale. Distributing insurance through third-party AI platforms or SaaS channels is a regulated activity. In the U.S., that means surplus lines compliance, state-by-state authorization, and varying requirements for affinity-style distribution across 50 states. In the U.K., it means FCA authorization, ICOBS, and Consumer Duty obligations. The AI chat platforms are not going to carry this. The SaaS platforms are not going to carry this. The broker or carrier must — and the ones who have pre-built this infrastructure will move in weeks where others move in years.

The purpose-built embedded insurance infrastructure layer — connecting rating engines, data orchestration, and compliance across both AI chat channels and vertical SaaS platforms — is the asset that allows an incumbent to move at the speed the market now requires.

What the market needs is not another distribution channel or a competing product. It is the API infrastructure and compliance architecture that allows a broker or carrier to plug into ChatGPT, Claude, ServiceTitan, Toast, and the next 10 platforms that emerge — through a single integration, with a single compliance framework, without rebuilding their core systems.

The Playbook for Incumbents

The market has already moved past the point where watching is a strategy. The ChatGPT app store is live and growing. Vertical SaaS platforms are embedding AI agents. MCP is becoming the standard interface through which AI accesses everything.

The playbook for incumbents who want to win has three moves, executed in parallel.

Move 1: Get your rating engine API-ready. This is the table-stakes requirement for any channel that matters in the next five years — AI chat, SaaS-embedded, or otherwise. If your products cannot be quoted in real time through an API call, they will not be quoted at all in the channels where SMBs are moving.

Move 2: Partner with the infrastructure layer, not the distribution channels directly. The mistake that slow-moving carriers and brokers will make is to try to build point-to-point integrations with individual AI platforms or SaaS tools. That does not scale. Each integration becomes its own project. The right move is to connect once to an infrastructure layer that handles the distribution mechanics across all channels simultaneously — and focus your resources on product, capacity, and the customer relationships that AI cannot replicate.

Move 3: Reframe your value proposition for the AI-front-end world. Your margin is not in quoting. It never was, really — quoting is about to be free. Your margin is in the depth of coverage, the accuracy of risk assessment, the quality of claims handling, and the retention economics of a customer who never leaves the platform where you are embedded. Position there.

Tuio's co-founder said this about the Feb. 9 launch: "Today is day zero of that transformation."

Day zero was two months ago. The incumbents who move in the next quarter will have a structural head start. The ones who wait for more evidence will be building against competitors who already own the channel.

The Bottom Line

$15 billion in low-complexity SMB insurance commissions at risk from AI disintermediation. The AI chat platforms are live and growing. The vertical SaaS AI agents are being deployed. MCP is standardizing the protocol through which AI accesses insurance products.

The distribution infrastructure is being rebuilt. The question is not whether incumbents are part of that rebuild. The question is whether they are part of it on their terms — or someone else's.

The brokers and carriers that connect to the AI distribution layer now, through infrastructure built for the purpose, will not just defend their SMB book. They will grow it — into channels with better data quality, lower acquisition costs, and retention economics that traditional distribution has never been able to match.

The new front door is open. The incumbents who walk through it first will own what is behind it.

For most agencies, payments are plumbing. Money comes in, policies stay active, and nobody thinks much about the experience in between. But that's starting to change—and the agencies paying attention are seeing real results.

As policyholders grow accustomed to one-click purchases, real-time payment confirmations, and flexible billing everywhere else in their lives, the gap between what they expect and what most agencies deliver is widening. That gap is quietly becoming a retention problem. Not because customers wake up angry about a clunky payment portal, but because friction accumulates and colors how people feel about doing business with you—even when everything else is going well.

The agencies that are getting ahead of this aren't just upgrading their payment technology. They're rethinking what the payment moment actually means for the customer relationship.

Payments Are a Loyalty Signal—Whether You Realize It or Not

Your clients are already evaluating you by the same standards they use for their bank, their favorite retailer, and their streaming service. They want options, clarity, and speed. When the payment experience falls short of that, it doesn't just create a minor annoyance—it raises questions about how the rest of your operation runs.

Think about it from the customer's perspective. A smooth payment process signals competence: this agency has it together. Friction—unclear instructions, limited payment options, manual steps that feel like they belong in 2009—signals the opposite. It may not be fair, but it's how people think.

Transparency matters just as much. Insurance already feels complicated to most people, and billing is where that complexity tends to surface. Clear confirmation messages, real-time updates, and straightforward invoices go a long way toward reducing the low-grade anxiety that comes with financial transactions—especially for small business owners watching cash flow or clients managing high-premium policies.

And then there's choice. Offering ACH, debit, credit, and digital wallets is table stakes at this point. But the agencies that stand out are also giving customers control over scheduling, installment options, and autopay—making it easy for people to manage the relationship on their own terms. That sense of control directly affects how satisfied they feel, and satisfied customers don't shop around at renewal.

Why This Matters More Than Most Agents Think

Renewals rarely come down to one big moment. They're shaped by a series of small interactions that either build confidence or chip away at it. Payments stand out because they happen more frequently than almost any other touchpoint you have with a client. Every invoice, every autopay confirmation, every billing notification is a data point in how that customer feels about your agency.

There's a well-documented pattern in how people evaluate experiences: they tend to remember the most intense moment and the final moment most vividly. For a lot of policyholders, the last interaction of the policy year is the renewal payment. If that moment is frustrating because of a confusing portal, unexpected charge, unclear due date, or something else, it can overshadow 12 months of solid service.

On the flip side, agencies that deliver consistently smooth payment experiences are building trust in ways they might not even realize. Clients who trust the billing process are more likely to renew without shopping the market, enroll in autopay, manage their policies digitally, and say yes when you bring up additional coverages. The easier you make it for your customers to stay with your agency, the more likely they are to do so.

And don't overlook the data. Digital payments generate signals—late payments, partial payments, failed autopay attempts—that often surface well before a customer reaches a true retention tipping point. Agencies that pay attention to these patterns can reach out proactively, addressing billing friction before it turns into a lost client.

The Revenue Angle Most Agencies Are Missing

When payments feel easy, they start working for you in ways that go beyond cost savings. Customers who enroll in autopay, for example, tend to renew at meaningfully higher rates. The renewal shifts from an active decision—do I want to stay with this agency?—to a routine financial transaction that happens in the background. Automated billing also cuts down on missed invoices and payment lapses that can disrupt coverage and create unnecessary back-and-forth. Over time, your agency becomes part of the customer's default financial routine, which is exactly where you want to be.

There's a cross-sell dimension here, too. Customers who've just had a smooth payment experience are more receptive to follow-up conversations. It's a natural opening for coverage reviews, umbrella policy discussions, endorsement additions, or bundling opportunities. When the last interaction someone had with your agency felt professional and painless, they're more inclined to listen to what else you might recommend.

What the Best Agencies Are Doing Differently

The agencies treating payments as a strategic capability—not just a back-office function—tend to share a few common habits.

They design payment journeys on purpose. Rather than letting billing flows, renewal paths, and mobile experiences develop by default, they map them out intentionally and look for friction points before customers find them. They also connect payment data with broader customer data, using those integrated signals to spot behavioral patterns and trigger meaningful follow-up automatically.

Flexibility runs through everything they do: multiple payment methods, recurring billing, automated reminders, one-click options. The goal is to reduce customer effort at every step. They're also deliberate about eliminating ambiguity—clear invoices, visible due dates, accessible payment history—which cuts down on support calls and the frustration that drives them.

Maybe most importantly, these agencies treat every payment notification, confirmation, and receipt as a communication opportunity. Not just a transaction closing, but a chance to reinforce value, surface a coverage reminder, or start a conversation that deepens the relationship.

The Window Is Open—But It Won't Stay That Way

Digital payments have moved well past the back-office upgrade stage. They're now a strategic lever for customer experience—and as more agencies adopt embedded payments, mobile wallets, instant verification, and intelligent billing, customer expectations will keep rising.

Agencies that move early will see it show up in higher renewal rates, stronger satisfaction, clearer operational insights, and more revenue from deeper client engagement. Those that wait risk being defined by friction at exactly the moments their customers interact most.

The agents who win the next phase of customer loyalty won't just process payments efficiently. They'll build payment experiences that feel effortless, transparent, and trustworthy, turning what used to be a routine transaction into a genuine competitive edge.

Insurance companies are experts at managing financial risk. They model catastrophe exposure, monitor capital ratios, and carefully manage reserves. Yet in conversations I've had with insurers across Europe and North America, a quieter challenge continues to surface within finance and treasury teams: many carriers still lack a clear, real-time view of where their cash sits across the business.

This is not because insurers lack discipline or oversight. In most cases, it reflects the operational complexity that has built up over decades. Funds move across billing platforms, claims systems, banking relationships, and external partners throughout the insurance lifecycle. Because each stage manages financial flows differently, these systems were rarely designed to support a single, unified view of liquidity.

In many organizations, each new payment method, banking relationship, or vendor integration has historically been added as a separate connection point. Over time, this creates a patchwork of financial pathways that are difficult to monitor from a single operational view.

As a result, finance teams often rely on reconciliation after transactions occur rather than seeing liquidity positions as funds move through the organization. The problem is rarely missing funds, but rather delays in assembling a complete financial picture.

A treasury challenge hiding in plain sight

For treasury leaders, this lack of visibility creates a difficult balancing act. Insurance companies depend on premiums not only to fund claims but also to support investment portfolios that generate returns. Managing that capital effectively requires confidence in liquidity positions at any given moment.

When financial visibility is fragmented, treasury teams naturally err on the side of caution. They maintain additional reserves to ensure obligations can always be met, even if underlying financial data is incomplete or delayed. That approach is prudent, but it can also introduce inefficiencies.

Capital that could otherwise be invested or deployed strategically may remain idle simply because finance leaders cannot easily track how funds move across operational systems. Over time, this can limit financial flexibility and reduce the returns insurers generate on the assets they hold. In an environment where margins are under pressure, capital efficiency matters more than ever.

What treasury leaders increasingly need is not simply faster reconciliation but a clearer operating layer that normalizes and tracks financial activity across billing, claims, and partner payments as those transactions occur.

The cost of operating without clarity

Limited visibility into financial flows also affects how insurers plan and manage their operations. When liquidity positions are difficult to assess in real time, financial planning may become reactive rather than strategic.

Finance teams can spend significant time reconciling transactions across multiple systems rather than focusing on forward-looking analysis such as liquidity forecasting, capital deployment, or risk planning. This dynamic makes it harder to respond quickly to shifting conditions, whether those involve rising claims costs, economic volatility, or evolving regulatory expectations.

In some cases, the challenge is not the volume of payments that need to be reconciled but the number of disconnected pathways through which those payments travel. Different payment rails, banking partners, and vendor channels often operate independently, limiting the ability to see and manage financial flows holistically.

These operational challenges are becoming more significant as the industry faces growing economic pressure. Person Holding Banknotes says insurers are operating in an environment marked by economic uncertainty, inflation-driven claims costs, and increasing pressure on profitability. In that context, operational efficiency and disciplined capital management are becoming even more important. Understanding how funds move through the organization plays a larger role in that equation than many insurers previously realized.

A shift in how payments are viewed

Historically, payments infrastructure has been treated as a supporting function within insurance operations. If transactions were processed accurately, the infrastructure rarely received the same strategic attention as underwriting systems or distribution platforms.

Finance leaders are increasingly recognizing that payments sit at the center of the industry's financial activity. Every premium collected, every vendor payment issued, and every claim settlement ultimately affects the balance sheet.

This realization is prompting insurers to rethink how payments infrastructure should operate within the enterprise. Rather than treating payments as isolated transactions, many organizations are beginning to view them as a connected network of financial flows that require orchestration and visibility across the entire insurance lifecycle. Seeing those financial flows clearly, rather than reconstructing them after the fact, gives treasury teams stronger control over liquidity, capital deployment, and financial risk.

Why payments visibility must become a strategic capability

The insurance industry has made enormous progress in underwriting analytics, pricing models, and digital customer engagement; however, financial visibility across operational payments has not always advanced at the same pace.

Yet as economic pressures increase and capital efficiency becomes more critical, the ability to see where money sits, and how it moves, may prove just as important as any underwriting insight.

For many insurers, the next phase of operational modernization will not only involve better systems for underwriting or claims, but clearer financial infrastructure that connects payment providers, financial institutions, and internal systems into a transparent operating layer. When financial flows can be understood in real time rather than reconstructed afterward, finance leaders gain a stronger foundation for capital management, liquidity planning, and risk oversight.

Because at its core, insurance remains a financial business. And the insurers that can clearly see how money moves through their organizations will be better positioned to manage both risk and opportunity in an increasingly complex market.

Here is a number that should keep insurance executives up at night: The average cycle time for a property claim is still hovering around 30 days. It's not because the damage itself is complicated; it's because the process is.

From what I've seen across the industry, carriers are burning between $7 and $15 just to manually process a single claim document. Given that the average claim generates 15 to 25 documents, you're looking at up to $375 in administrative overhead before an adjuster even makes a coverage determination. Multiply that by a mid-sized carrier processing 50,000 claims a year, and you're hemorrhaging $10 million to $18 million annually – spent strictly on "paper-pushing."

In my 20-plus years working with insurers, I've watched this problem snowball. The root cause is almost always the same: legacy workflows where "paper" was the default are now buckling under the weight of digital data they were never designed to handle.

Where is the Money Actually Leaking?

Let's break down the anatomy of a manual claim. When a file hits the system, the path is typical: a document arrives – PDF, photo, scan, or email attachment. Someone opens it, reads it, and manually keys the data into the claims management system (CMS). A second person validates that data. A third checks it against policy terms. Only then does it reach an adjuster's desk.

Every handoff is a delay, and every delay is a line item. Your people aren't the problem. The process is. You are forcing high-value specialists to waste their bandwidth on tasks a machine could execute in seconds.

Then there's the "invisible" cost that never makes it onto the spreadsheet: customer churn. A 2025 J.D. Power study found that claim satisfaction drops by 15% for every additional week of processing time. Dissatisfied claimants are 2.5 times more likely to switch carriers at renewal. Manual processes aren't just expensive; they are actively driving your book of business to the competition.

Why Automation Projects Keep Failing

If the solution were as simple as "automate everything," every carrier would have done it by now. The reality is that most initiatives fail because firms try to "boil the ocean."

I've seen carriers sink $2 million and 18 months into building a "total automation" platform, only to find it handles 30% of their claim types while the rest still require a manual "workaround." The project is branded a failure, and the organization develops an allergy to the word "automation" for the next three years.

The mistake is treating claims automation as one monolithic project instead of a series of targeted strikes. You don't need to automate the entire lifecycle on Day One. You need to identify the specific bottlenecks where manual labor drives the highest cost and tackle those first.

What Actually Works?

The carriers successfully modernizing their operations follow a specific blueprint. They start with document ingestion – not because it's the "sexiest" problem, but because it's the costliest.

Intelligent document processing (IDP) powered by large language models (LLMs) can now extract structured data from unstructured sources – medical records, repair estimates, police reports, and invoices – with 90%+ accuracy. It doesn't have to be perfect. Outliers are flagged for human review, while 80–85% of standard documents flow through the system automatically.

The second step is externalizing business rules. If every change to your adjudication logic requires a developer and a release cycle, you'll never move fast enough. Modern firms pull business logic out of the core system and into dedicated rule engines. When a regulation changes or a new fraud pattern emerges, a business analyst updates the rule directly – no IT project required.

The third step – the one most often missed – is building a feedback loop. The system should learn from every decision. Which document types require the most manual corrections? Which rules trigger the most exceptions? That data is gold, but most carriers throw it away because their systems weren't designed to capture it.

The Math Driving the Decision

Let's look at the simulation for a mid-market P&C (property & casualty) insurer:

• Manual processing (50,000 claims/year): ~$12 million in direct OpEx. Add in indirect costs – churn, leakage, and overtime during CAT (catastrophe) season – and you're nearing $18 million.
• Phased modernization program: Typically costs $500,000 to $1.2 million (implementation) plus $200,000–$400,000 in annual maintenance.
• The Result: Optimization through automation typically reduces OpEx by 40–60%.

Even with a conservative 40% savings, that carrier keeps nearly $5 million a year in their pocket. The tech investment pays for itself in just three to four months. Unlike many "moonshot" tech plays, this ROI is driven by hard cost savings, not speculative revenue growth.

The Question You Should Be Asking

The cost of manual claims isn't just what you're spending today. It's what you lose every quarter you delay: in direct costs, in customer NPS, and in market share.

At your next board meeting, I suggest bringing one calculation: the fully loaded cost per claim, including document handling, validation, rework, and churn impact. Benchmark it against these figures. If there's a gap, the business case writes itself.

Don't try to flip the switch on everything at once. Start with document ingestion. Prove the value. Then scale. The winners in this industry won't be the ones with the biggest IT budgets; they'll be the ones who stopped treating claims as a cost center and started seeing it as a competitive edge.e models" (generic concept).

With insurers increasingly operating in hybrid and multi-cloud environments, they have enabled operational agility and advanced data modeling, but they have also introduced a governance challenge: Accountability doesn't migrate just because infrastructure does.

Insurers need to adopt a shared responsibility model (SRM), a strategic risk governance model that has direct implications for regulatory exposure, underwriting integrity, third-party risk management, and board-level oversight.

Why the Shared Responsibility Model Matters at the Executive Level

The SRM defines how security and operational responsibilities are divided between a cloud service provider (CSP) and the enterprise customer. The provider secures the infrastructure of the cloud, and the client remains accountable for what happens in the cloud.

This distinction is operational, but it also shapes your enterprise risk posture. For insurers, the consequences of misunderstanding this model extend beyond cybersecurity incidents. They can affect your financial solvency, regulatory compliance, customer trust, and enterprise valuation.

Governance and Board-Level Accountability

Insurance boards are increasingly expected to demonstrate oversight of cyber and operational resilience. Regulators and rating agencies now view cyber governance as a component of enterprise risk management (ERM), not a standalone IT function.

Delegating infrastructure to a CSP does not eliminate fiduciary responsibility. If policyholder data is exposed due to misconfigured access controls or weak identity governance, accountability rests with the insurer, not the cloud provider.

Security teams must ensure:

• Clear ownership of cloud-related risks within ERM frameworks
• Defined reporting lines between IT, risk, compliance, and the board
• Periodic review of cloud security posture at the governance level
• Integration of SRM responsibilities into internal control structures

The SRM becomes a tool for governance clarity and helps boards understand where operational responsibility ends and strategic accountability remains.

Regulatory Exposure in a Cloud-Dependent Environment

Insurance is one of the most heavily regulated industries globally. Whether operating under state insurance departments, NAIC guidance, international solvency frameworks, or emerging cyber regulations, insurers must demonstrate control over customer data and operational systems.

Cloud providers may hold certifications, but regulators evaluate how insurers configure, monitor, and govern their own environments.

From an executive perspective, this raises crucial questions:

• Who validates that cloud configurations meet regulatory requirements?
• How are audit logs retained and reviewed?
• What controls govern privileged access?
• How is compliance continuously monitored in dynamic cloud environments?

As regulatory scrutiny intensifies, insurers should also assess whether their cloud governance aligns with control frameworks like SOC, ISO, or HITRUST, particularly when handling sensitive policyholder and claims data.

The SRM clarifies that compliance responsibility for data handling, access management, and reporting obligations remains with the client. Misunderstanding this boundary can result in fines, enforcement actions, and reputational damage.

Third-Party and Vendor Risk Increase

Cloud adoption heightens traditional vendor risk. Historically, insurers outsourced discrete services. Now, they embed core operations into cloud ecosystems, creating layered dependencies: cloud infrastructure providers, SaaS vendors, analytics platforms, and API integrations. Each additional layer expands the attack surface and complicates accountability.

Executives should view SRM as a foundational element of third-party risk management:

• Are contractual agreements aligned with actual responsibility boundaries?
• Do vendor assessments account for the "in-the-cloud" obligations retained internally?
• Are incident response roles clearly defined between parties?
• Is there transparency into subcontractors within the cloud supply chain?

Assuming responsibility shifts entirely to vendors is one of the most dangerous misconceptions in modern enterprise environments.

Implications for Underwriting and Risk Transfer Strategy

Understanding SRM is extremely important for insurers underwriting cyber policies. In fact, it directly affects risk assessment.

Policyholders frequently misunderstand their own cloud responsibilities. This creates underwriting blind spots if insurers fail to evaluate how insured organizations manage identity, access, configuration, and monitoring within cloud environments.

Executives overseeing underwriting strategy should consider:

• Incorporating SRM awareness into cyber risk questionnaires
• Assessing insureds' cloud governance maturity
• Evaluating reliance on shared services within documented control frameworks
• Adjusting pricing or exclusions based on configuration risk

Internally, insurers have to recognize that their own cyber risk profile influences capital allocation, reinsurance negotiations, and rating agency assessments. The SRM affects both sides of the balance sheet, both operational risk and underwriting exposure.

Operational Resilience and Business Continuity

Cloud platforms promise resilience, but resilience is not automatic. Clients are still responsible for:

• Backup validation and recovery testing
• Access segregation
• Configuration management
• Application-layer security

Executives should require periodic assurance that cloud resilience assumptions are validated through testing, not just vendor documentation. Operational disruption during claims processing or policy administration can create financial and reputation consequences that exceed the cost of the original cyber event.

Strategic Moves for Insurance Leadership

The SRM is more about disciplined accountability than technology for insurance executives. It's a governance discipline that directly affects enterprise value, regulatory standing, and underwriting performance.

Cloud adoption changes how risk is distributed, but it doesn't change who is accountable. Leadership teams have to ensure that responsibility boundaries are clearly understood, contractually aligned, and operationally enforced.

The executive agenda should include several strategic priorities:

• Embed SRM clarity into enterprise risk management frameworks.
• Align cloud governance with regulatory compliance oversight.
• Strengthen third-party risk assessments to reflect real accountability boundaries.
• Integrate SRM awareness into cyber underwriting practices.
• Elevate cloud security discussions to the board level as part of fiduciary duty.

Strengthen Security with the Shared Responsibility Model

Cloud transformation will continue to accelerate across many aspects of the insurance industry, including underwriting, claims automation, AI-driven analytics, and customer engagement platforms. The insurers that succeed will not be those who outsource responsibility but those who understand where it remains.

Insurance's value is a myriad of things. Insurers' problems are, too.

We can't move without insurance, yet we don't trust it and often don't value it, either. It's a cost, a necessary evil, essentially a direct debit on the balance sheet of our lives and businesses we would rather not have. 

Here we are at the tipping point where math and neurons can think for us, and at levels of "intelligence" we are often told we can't even comprehend. Despite this, most of what we are artificially trying to make more intelligent is simply what we do today. And to many of us, this doesn't seem right at all.

The issue for strategic thinkers remains "value chain" thinking, where we focus on minimizing costs and maximizing distribution (channels, coverage, capacity). This puts us at a permanent disadvantage, where new value, through new working models in new technology, is pushed aside for cost savings and efficiency. Worse, when we try to do this with prediction token engines, we are constantly backpedaling because we live in an industry that needs us to be highly deterministic. This is one of the key reasons we remain in pilot purgatory with AI far too often.

We need to solve the meaningful problems we face and start to evolve our business and technology architectures into ecosystems capable of maximizing the knowledge of a customer (and their risks) and acting on this as near to real time as needed.

To do this, we have to address major issues or misperceptions:

• Many insurers are building houses on sand by layering AI over a "messy middle" of fragmented data and customer-blind legacy processes. AI isn't a repair kit for insurers' broken business models.
• If we apply AI to a fractured, policy-centric design, we just get fractured, policy-centric mistakes - at scale and at speed. We are simply automating the friction, industrializing the silos, and alienating the customer faster than ever before.
• The insurance industry is obsessed with plugging in AI, but it's still in pilot purgatory. And that's because layering GenAI over outdated data structures and silos means we aren't innovating; we're building a house on quicksand.

Framing the answer to this paradoxical state

This is, therefore, an enterprise design problem, where policy-centric architectures have to give way to customer-centric enterprises.

Building AI into this new model is vital, but so is building in risk, regulations, compliance, auditing and legal. If things move in real time and intelligently, so will all these things as well.

We need to move from a "data & AI" strategic frame where these things become almost self-serving toward an "intelligent" business model, where data is seen as a perishable asset, constantly mined for insight and acted on as close to real time as is needed, but in a controlled, deterministic and responsible way.

To make this possible, we need to deal with the messy middle. That's because operations in insurance are the big unlock - where the magic (or the misery) happens. If the middle is a black box of manual hand-offs and disconnected spreadsheets, AI will choke on it anyway.

Insurance is a process-heavy industry, one where simply making a claim also means the insurer understands the wider context we are in, that it will focus communications on the best resolution path, that other communications or needs are sympathetically managed in this context, like a repairer, and so on. It's multi-faceted, and the operations, customer experience, and data that weave it together need to be symbiotic. We are at the point now where operational efficiencies and better customer experiences are mutually beneficial, and not the opposing forces they are all too often seen as.

To get to the end state where AI actually works and starts to create new value, we need an evolutionary model to aim for. And we need to clean up this messy middle and orchestrate the flow of outcomes more intelligently - I tend to call this intelligent orchestration. Systems of intelligence are hyped and relevant, but systems of outcome are needed to make them count.

In conclusion

Foundationally, we need a robust data orchestration layer (not more data storage), but insurers need a unified data model, built around the customer. Data should be fluid, so events are available and usable when they need to be.

Insurers need to be able to interoperate agents, with telemetry across their estates, all the way into employee and customer use. And they need a deterministic framework that harnesses agentic solutions and ensures human intervention. But it also needs to be deliberately designed to maximize human interaction when it's needed.

AI is an outcome, not the goal, and once insurers solve the enterprise design problem and move from policy-centric to customer-centric via intelligent orchestration, AI likely becomes the hero. A hero they can control, manage the risk of, and interoperate and adapt at will.

For a 10-year-old carrier that still has a combined ratio far above 100, Lemonade has never been reluctant about dissing its established competitors or about patting itself on the back. In that vein, CEO Daniel Schreiber recently published a manifesto titled, "Why Incumbents Won't Catch Up." 

The cheeky claim is that Lemonade was founded as an AI-native and thus has a 10-year head start on State Farm, Allstate, Progressive, GEICO, et al. Schreiber says the incumbents are "optimized for yesterday," while Lemonade is "designed for the world as it’s becoming." He argues that Lemonade's advantage will keep growing. 

Schreiber's argument doesn't make me want to rush out and buy stock in Lemonade, which, after some years in the wilderness, has recently surged and now carries a hefty $5.1 billion market valuation. But I don't dismiss his argument, either. He's certainly right that early movers like Lemonade have an advantage that incumbents need to reckon with. He also poses three measures for AI adoption that all insurance companies should test themselves on.

Let's have a look. 

Schreiber writes that "companies who slap technology on top of their legacy businesses are not changing their DNA: their incentives, capital allocation logic, talent mix, data architecture, distribution dependencies, brand promise, investor expectations, and legacy stacks. Those systems and processes co-evolved over many decades. They cannot be reengineered piecemeal; and untangling them is laborious and risky."

He says Lemonade began as an AI-native: 

"The result is a different cost structure. A faster clock speed. A compounding feedback loop that continuously improves underwriting, customer experience, and efficiency.

"The question, then, is not whether incumbents can “use AI.” Of course they can. And they should. The question is whether they can re-architect themselves to close the gap to Lemonade. 

"That seems unlikely."

To buttress his argument, he suggests three tests for whether an insurer is adopting AI at its core. All three, of course, show Lemonade outpacing incumbents. 

The first is what Schreiber calls The Scaling Quotient. You look at how fast you're growing, by whatever measure you use. You then divide that growth rate by the rate at which your headcount is increasing. If you're growing, say, your policies in force far faster than you're adding people, you're winning. If not, not. 

Second is Loss Adjustment Expense Ratio. You take your loss adjustment expenses and divide by your gross earned premium. If you're spending a lower percentage than the industry average, and the percentage is declining, you're winning. If not, not. 

Third is what Schreiber calls Structural Precision. This involves two calculations of gross profit. First is gross profit divided by your exposure — you want as high a profit as you can get based on the risk you're taking on. Second is gross profit divided by your sales and marketing expenses — you want to acquire customers as efficiently as possible. You add the two calculations, then compare yourself to the industry over time. 

Those all strike me as fair enough measures of efficiency for any carrier, and AI is certainly the main driver these days. I think his approach can be extended to other players in the insurance industry, not just carriers. Agencies, for instance, can measure whether AI is making them more efficient in winning clients, in processing renewals and so on. 

If you take Schreiber's piece as a wake-up call for incumbents, I can get behind that, too. They can't just be tacking on bits of AI to become slightly more efficient, and they can't just wait and see. The carriers developed their cultures over decades, and changing them will take many years. People don't change overnight even if the technology does. Incumbents have to be thinking big — NOW — and experimenting with ways to allow for radical change. That may even mean new service-based business models, such as Predict & Prevent, or very different distribution channels, such as through embedded insurance. 

Schreiber can certainly point to lots of industries where upstarts with a head start and momentum overcame incumbent behemoths — look at Kodak, Blockbuster, Nokia and Blackberry, city taxi monopolies and Sears (as well as every other company in Amazon's path).

Now to quibble.

For one thing, Schreiber is focusing almost entirely on overhead, which accounts for maybe 20% of every premium dollar, while claims in P&C account for north of 60%. You can be as efficient as you want in processing claims, but if you're taking on bad risks you're still going to lose — and even after years in the business, Lemonade's combined ratio in the fourth quarter was 139.

In addition, as Simon Torrance writes in this thorough analysis, the sort of AI that will really matter in the long run is AI agents, and the competition is just beginning in that phase. He says:

"The genuine compounding asset — the one that cannot be replicated by purchasing the same technology at a later date — is not automated claims processing. It is what happens [when] deliberative agentic teams capture structured reasoning with every decision, build institutional memory that compounds across thousands of cases, and encode expert judgment that persists independently of the individuals who generated it. This is Intelligence Capital. The question Lemonade's investors should be asking is whether their architecture has built this — or whether it has built a more efficient version of what every insurer will have by 2027."

Lemonade might also want to be careful about lecturing incumbents just yet, given that it is still small and has so many ways it could slip up as it expands into new lines of business and new geographies. (Here is a good analysis of its opportunities and challenges.)

But I suppose being cheeky is in the company's DNA at least as much as AI is. 

I hope the rest of us take the Lemonade manifesto for what it's worth — and devise real metrics that accurately measure our progress with AI (or lack thereof), think boldly about where AI agents can change everything about our businesses and start reshaping our cultures for, as Schreiber put it, "the world as it's becoming."

Cheers,

Paul

Colorectal cancer has long been viewed as a condition primarily affecting older adults, but that assumption is rapidly becoming outdated. Over the past two decades, a marked increase in colorectal cancer diagnoses among people under 50 years old has emerged as one of the most concerning epidemiologic shifts confronting both the medical community and the insurance industry. For life insurers, this rise in early-onset colorectal cancer (EOCRC) brings far-reaching implications, from underwriting and pricing to product development and wellness strategy.

A rising trend with industry-level consequences

Early-onset colorectal cancer, defined as diagnosis before age 50, has grown steadily, with incidence climbing by roughly 30% in the last two decades. Although overall case counts remain lower than in older populations, the rate of increase underscores an unsettling trajectory.

Studies now show an approximate 2% annual rise in diagnoses for adults aged 20-50.

For insurers, this change disrupts longstanding mortality expectations built on age-driven risk curves. Younger applicants have traditionally been priced favorably due to low expected cancer incidence. But the rapid emergence of EOCRC means traditional age-based risk assumptions no longer fully capture early life cancer risk. Compounding this challenge, younger patients often present with a more advanced disease. Symptoms — such as abdominal discomfort, rectal bleeding, or shifting digestive patterns — frequently mimic benign conditions, delaying diagnosis and worsening outcomes.

As a result, underwriting models built around the idea that cancer risk accelerates mainly after age 50 must be reassessed.

Understanding the drivers: Lifestyle, genetics, and environmental factors

The rise in EOCRC stems from a complex interplay of behavioral, genetic, and environmental forces. Lifestyle shifts, including diets high in processed meats and low in fiber, reduced consumption of fruits and vegetables, and increased sedentary behavior appear to play substantial roles. The parallel rise in obesity adds another layer of risk, amplifying inflammatory and hormonal pathways associated with colorectal tumor development.

Genetic risk, while present in a smaller segment of the population, carries significant consequences. Inherited conditions, such as Lynch syndrome or familial adenomatous polyposis, sharply elevate lifetime risk. Mutations in genes, including NTHL1, POLE, POLD1, and RNF43 also contribute to susceptibility, and a family history of colorectal or endometrial cancer is a consistent red flag.

Environmental and medical exposures may also be contributors. Frequent antibiotic use can disrupt the gut microbiome, potentially altering protective bacterial profiles. Long-term inflammatory disorders, such as inflammatory bowel disease, create chronic tissue stress that elevates cancer likelihood.

For insurers, recognizing how these variables interact is essential. Incorporating lifestyle, familial, and clinical risk indicators into modern underwriting frameworks helps ensure high-risk younger applicants are identified earlier and more accurately than age-based approaches alone allow.

Screening guidelines shift — and insurers must follow

One of the clearest responses to rising EOCRC has come in the form of revised screening guidelines. The U.S. Preventive Services Task Force and the American Cancer Society now both advise routine colorectal cancer screening beginning at age 45 for average-risk adults — a notable reduction from the longstanding threshold of age 50. In certain high-risk populations, earlier screening may be warranted. Some European health networks are already exploring screening initiation at age 40.

As screening recommendations evolve, early detection will likely improve, which is particularly crucial for younger adults who tend to present later in the disease process. This shift presents an opportunity for insurers to align underwriting expectations with modern preventive care standards and encourage applicants to stay current with screenings.

Advances in screening and diagnostic technology

Beyond guideline changes, screening technologies are rapidly advancing. While colonoscopy remains the most definitive method, emerging modalities are increasingly accessible and appealing to younger adults who may be reluctant to undergo invasive procedures.

Noninvasive stool-based tests, such as fecal immunochemical tests (FIT) and multitarget stool DNA tests (mt-sDNA), offer convenient at-home screening with promising detection capabilities. Frequent use of these tests tends to boost adherence — an important advantage for younger populations.

CT colonography, or virtual colonoscopy, offers a radiologic alternative, while capsule endoscopy provides a swallowable camera platform with future potential for broader colorectal screening use.

Perhaps most transformative is the rise of blood-based biomarker testing, including liquid biopsies that detect circulating tumor DNA or methylated DNA fragments. Machine-learning-enhanced platforms now combine methylation signatures with DNA fragment analysis to pick up cancer indicators at minimal concentrations. Meanwhile, germline multigene panel testing is uncovering meaningful hereditary risks in approximately 14% of colorectal cancer patients, prompting universal recommendations for genetic testing in EOCRC cases.

For insurers, keeping pace with the strengths, limitations, and cost profiles of each screening approach can inform more accurate underwriting guidelines and create opportunities to promote early detection among policyholders.

Underwriting implications: Rethinking risk in younger applicants

The shifts in incidence and screening warrant a reevaluation of underwriting practices. Traditional risk assessments centered heavily on age must now incorporate:

• More sophisticated risk stratification, combining family history, lifestyle indicators, and screening adherence.
• Adjusted premium models that account for elevated risk in younger demographics while rewarding proactive health behaviors.
• Integration of new data sources, such as medical records, wearables, and — in jurisdictions that allow it — genetic testing results to capture emerging risk more precisely.

However, insurers must also guard against anti-selection, as applicants aware of personal risk may seek coverage before formal diagnosis or symptoms emerge. Balancing comprehensive risk assessment with regulatory and ethical constraints will be crucial.

Product innovation: A strategic opportunity

While EOCRC presents clear challenges, it also invites innovation. Insurers can differentiate themselves by designing products that integrate early detection, lifestyle engagement, and preventive health participation. Potential avenues include:

• Policy discounts or riders tied to completion of recommended screenings
• Wellness incentives for maintaining healthy diet and exercise habits
• Educational programs that inform younger customers about cancer warning signs and the value of screenings

Such initiatives not only enhance customer loyalty but also reduce long-term claims exposure by facilitating earlier diagnosis and intervention.

Challenges ahead

Implementing EOCRC-aligned underwriting and product strategies is not without obstacles. Privacy concerns must be properly managed as the use of genetic or personal health data increases. Evolving screening technology may outpace underwriting updates, creating a lag between best medical practice and insurance assessment. Operationally, insurers must invest in training, systems modernization, and compliance oversight to ensure new processes are implemented safely and efficiently.

Conclusion

Early-onset colorectal cancer represents a fast-emerging risk that the life insurance industry can no longer overlook. By aligning underwriting models with modern epidemiology, embracing new screening technologies, and developing products that encourage proactive health behaviors, insurers can both mitigate risk and empower policyholders. Those who adapt early will not only strengthen market competitiveness but also play a meaningful role in improving health outcomes for a generation facing rising cancer risk far sooner than expected.

Most of my friends are coders—and, disclosure, I used to be one. Smart people. Good people. People who spent years mastering arcane syntax, memorizing AWS service catalogs, stacking certifications like frequent flyer miles, and genuinely believing—with some justification—that they were the high priests of the modern economy.

They automated the travel agents. The paralegals. The loan officers, the radiologists, the customer service reps, even the truckers—at least in theory. And they did all of it with a clear conscience because, hey, that's capitalism, baby. Creative destruction. If we can do it better, faster, cheaper, then by the immutable laws of the market, we should.

They were not wrong. And they were not unkind people. They just never believed, not really, not in their gut, that the logic had a return address.

It does.

Amazon just laid off a cohort of developers whose primary offense was building something that worked. The system they constructed—on AI, with AI, as a monument to AI—became, upon completion, the argument for their own termination. The product was the pink slip. You couldn't script a better parable. These weren't junior button-pushers. Some of them held AWS Solutions Architect certifications. Professional level. The kind of credential that used to mean something in a job interview, that used to justify a salary band, that used to make a hiring manager feel confident they were buying proven expertise.

What they were actually buying, it turns out, was structured knowledge retrieval. Which is a very polite way of saying: a human being who had memorized a lot of things and learned to pattern-match against them quickly. And if there is one thing—one single thing—that large language models do better than humans, it is exactly that. The machine doesn't need a certification. It doesn't need a salary. It doesn't get defensive when you change the requirements at 11 p.m.

So here we are. The hue and cry from the coding community is structurally identical to every argument that was dismissed when the travel agents and the paralegals and the loan officers were in the crosshairs. This is different. This requires real skill. You don't understand the complexity. 

Brother, Sister, those whose jobs you automated said the same thing. You just didn't listen because you were the one holding the compiler.

The real question—the one worth asking these days—is, what skills actually don't have a shelf life problem? Some of them seem obvious in retrospect, and most of them aren't technical.

Regulatory judgment under uncertainty is one. Not knowing what a rule says—AI can read the Federal Register faster than any human—but knowing what it means when a specific auditor in a specific regional office has been interpreting it a certain way for three years. That's pattern recognition built from exposure and consequence, not training data. A friend of mine who works in healthcare private equity says the top three risks related to any deal are regulatory in nature—gray area, subjective.

Organizational power mapping is another. Every failed technology implementation in history failed for the same reason: someone built the right thing for the wrong power structure. The CMO thinks she controls the data. The CFO controls the budget. The VP of operations controls the workflow. The IT director controls the timeline through "security review." No AI maps this. No certification covers it. This is human intelligence in the original meaning of the phrase.

Cross-domain translation may be the rarest and most durable skill of all. The ability to stand in a room and make a CMS actuary, an Epic build team, and a 55-year-old case manager all feel heard, and then synthesize what they need into something that actually ships—that's not a technical skill. It never was. We just told ourselves it was adjacent to technical skill so the coders could claim it.

And finally, accountability. The willingness to put your name on a recommendation and mean it. AI is a brilliant, tireless, unaccountable collaborator. In regulated industries—healthcare, insurance, finance, law—where the downside of being wrong is measured in dollars with a lot of zeroes or people with actual problems, someone has to own the outcome. That someone is still a human being with a name and a reputation and something to lose.

The coders who survive this aren't the ones who fight the AI. They're the ones who understand that the job was never really about the code. It's about the judgment surrounding the code. Which explains why Stanford CS grads can't find jobs—while McKinsey is hiring liberal arts majors again. Coders just got away with charging for the code because nobody had built the machine yet.

Now somebody has.

AI is moving well beyond experimentation and into everyday insurance operations. As this happens, the wow factor of introducing new forms of automation to insurance use cases is giving way to the how factor of sustaining these innovations at scale. Once AI influences underwriting decisions and claims outcomes in a heavily regulated environment, success depends far less on the sophistication of models and far more on the operational systems that support them.

Earlier phases of AI adoption proved that insurers can deploy advanced models. The priority now is to embed those models into the deeply regulated, process-driven realities of underwriting, claims, and distribution without creating new friction or risk. All this must happen while taking into account what may be an outdated back office tech stack, and with a level of integration that doesn't create the next issue on the horizon of agent sprawl. Here are five operational trends that are emerging as the differentiators between AI programs that compound value over time and those that stall under complexity:

Treat document intelligence as foundational infrastructure, not a point solution

Document intelligence is a prime focus for AI modernization, yet many organizations still approach it as a tactical automation limited to intake. At scale, this narrow view leaves significant value unrealized. Documents and work items remain central to underwriting, claims adjudication, and compliance. Manual handling introduces delay, inconsistency, and risk at every handoff. As AI adoption matures, document intelligence and rigorous contextualization functions should exist as shared operational infrastructure embedded directly into workflows, rather than bolted on at the edges. This shift reduces cycle times, improves data quality, and strengthens auditability; and it further informs future agentic capabilities stemming from those same work items. That's why insurers that move fastest stop treating document intelligence as an isolated capability and start treating it as a prerequisite for operational scale.

Make AI governance an enterprise operating model

As AI becomes embedded in decision-making, the ability to maintain explainability, accountability, and auditability of AI systems must be designed into processes from the outset, not retrofitted after systems are already in production. At scale, this allows insurers to deploy AI confidently across regions, lines of business, and regulatory regimes without fragmenting their operating model. This enterprise-wide discipline of clear ownership, transparent decision logic, and consistent oversight of machine processes helps position AI governance as a C-suite priority that strengthens risk posture, customer trust, and long-term resilience.

Keep humans in the loop strategically

When human involvement is applied too broadly, productivity gains erode and trust in automation declines. Human-in-the-loop AI is most effective when experienced underwriters or claims professionals are only pulled into cases where their judgment, oversight, and exception handling add the most value in assessing complex risks, edge cases, and decisions with material financial or regulatory impact. Emerging governance models increasingly reinforce this principle. For instance, Singapore's IMDA Model AI Governance Framework on agentic systems describes a spectrum of oversight that includes human-in-the-loop, on-the-loop, and over-the-loop to help selectively scale automation while preserving accountability and control.

Connect underwriting and claims workflows end-to-end

Siloed workflows are increasingly untenable as customer expectations rise and loss events grow more complex and costly. End-to-end visibility from first notice of loss through settlement, or from submission through bind, enables AI to coordinate decisions across the full lifecycle, rather than optimizing individual steps in isolation. This coordination reduces cycle times, improves broker/agent/customer experience, and strengthens risk selection and pricing accuracy. It also provides the transparency needed to support governance, oversight, and continuous improvement. AI delivers its greatest operational value when it serves as a connective layer across workflows, aligning data, decisions, and actions inside of a process.

Modernize legacy integrations iteratively

Best-in-class agents and tools cannot operate in a silo and must take into consideration the complex legacy systems that remain a reality for most insurers. Because large-scale replacements often span multiple years, waiting for perfect conditions before deploying AI is rarely viable; yet fragmented pilots that never scale introduce their own risks. Insurers that maximize their AI investments at scale focus on incremental modernizations that deliver early operational value while progressively addressing data and system complexity. This approach avoids the trap of pilots that prove concepts yet fail to translate into production impact with quantifiable benefit. By modernizing iteratively, insurers can improve workflows, connect disparate systems, and strengthen data foundations without discarding prior investments.

Conclusion

As AI becomes embedded in core insurance operations, the conversation is shifting from capability to durability. Most insurers now understand what AI can do. The more consequential question is whether it can be integrated into underwriting, claims, and compliance in ways that improve performance without eroding trust, operational integrity, or compliance. As such, sustaining AI at scale is a matter of organization-wide discipline. It requires aligning automation with real insurance cycles, protecting scarce expert judgment, and ensuring transparency as non-deterministic agentic-driven decisions expand. Insurers that approach AI through this lens position themselves not just to automate faster, but to operate smarter, more resiliently, and with greater confidence in the outcomes their systems produce.