The cyber threat landscape is evolving from an era of large data breaches (Yahoo, Vodafone) to the modern ransomware economy (banking Trojans such as Emotet, TrickBot and Ryuk).

Understanding this backdrop is crucial as businesses need to think carefully about how they can protect themselves from an attack but also insure their assets. Cyber risks used to be almost uninsurable; however, as the landscape continues to change, cyber insurance is becoming essential for CISOs. Yet insurance also has its limitations and therefore must be integrated into a layered defense strategy to be effective.

Minimum Requirements for Cyber Insurance

Insurers today are primarily concerned with claims emanating from human-operated ransomware attacks, which disrupt systems and operations through encryption and data exfiltration and ransom demands. To purchase insurance cover, companies must demonstrate their ability to defend against threats by deploying controls to block attackers' strategies. Notable strategies include the following:

1. Preventing Attacker Footholds

• Multi-factor authentication for end users and external access

• Endpoint protection and endpoint detection and response (MDR/XDR) solutions

• Cybersecurity awareness training and phishing campaigns

• Email filtering and web security

• Comprehensive patch and vulnerability management policies

• Hardening techniques, including addressing common issues such as remote access, bring your own device, and cloud security configuration

2. Stopping Lateral Movement and Reducing Blast Radius

• Network segmentation and segregation of high-risk/high-value networks

• Privileged access management (PAM) for administrator and service accounts

• Logging, monitoring, and correlation

• Digital and service supply chain risk management

• Cyber incident response planning and testing

• Replacing or protecting end-of-life systems

3. Protecting Key Digital Assets

• Encrypted and secured, tested backups

• Enhanced protections for critical assets (encryption at rest, second-layer authentication, zoning of critical applications)

How to Improve and Obtain Value From Conversations With Insurers

The best insurer relations are developed through regular and open dialogue.

By offering you insurance, insurers make your risk their risk. Good insurers will thus offer what I call "loss intelligence": information relating to the most recent and significant claims in the cyber insurance space.

This free intelligence can help you prioritize your cyber program investments. For instance, I put "multi-factor authentication" first in the list above because insurer data tells us that over 80% of all cyber incidents are malicious and start with a compromise of user credentials.

Another example is looking at what questions insurers focus on. They will ask detailed questions about how you back up your data because they see many insureds suffer data loss, exfiltration, and extortion attacks as a result of poor controls in this area.

Measuring and Protecting Value at Risk

All modern organizations are evolving and transforming digitally, but all do so in a unique manner and at different pace. Measuring how dependent an organization is on its technology for generating revenue, meeting compliance obligations, and avoiding reputational harm is critical.

If an organization's operational resilience is materially the same as its digital resilience -- meaning there is no possibility to revert to paper-based or traditional processes in the event of a technology failure -- then its cyber program is critical. Conversely, if the organization can continue to operate unhindered, then it is not digitally dependent. For most organizations, the degree of dependence can be measured on a sliding scale we can refer to as the "percentage of value at risk."

Regulators are now also aligning to this approach to avoid major disruptions, losses, and harms, as can be seen in DORA, NIS2, and GDPR, all of which look at the criticality of assets under protection as a means for determining control level requirements.

Carrying out a Risk Assessment

To best understand and measure the value at risk, a structured risk assessment should be carried out with some key and distinctive phases. These should look at determining value at risk in the digital domain (impact), quantum of risk exposure (in financial terms), and probability of risk occurrence through expert-led assessments as follows:

• Assess Impact by developing and stress-testing key loss scenarios and areas of exposure. This is a qualitative assessment that looks at the material exposures of a business to technology loss and develops a small number of significant events it wishes to avoid, mitigate, or reduce impact on.

• Quantify Cyber Risk of each material scenario through the use of actuarial methods such as stochastic modeling or other industry standards such as Factor Analysis of Information Risk. This step is critical to compare cyber and digital risk with other strategic risks such as supply chain, environmental, political or competitive risk.

• Expert-Led Controls Assessment via direct and indirect means. Direct, independent, expert-led controls testing through audit, penetration testing, and code review are essential for material control requirements on both first-party and third-party technology implementations. Having this independent attention is crucial should an organization's insurance attestations be challenged during a cyber insurance claim or a regulatory investigation. Indirect methods such as digital, open-source and dark web assessments are becoming commonplace as well, with insurers often conducting their own due diligence to determine if an insured has been compromised or mandating direct scans to detect vulnerabilities as a precursor to offering cyber insurance.

To Transfer or Not

Once an organization has carried out such risk assessment, it is able to determine how much insurance it may need, as well as how likely it is to suffer a cyber incident and what the severity could be.

The organization should have evaluated its cyber resilience to its key scenarios and will be in a position to discuss with insurers the feasibility and cost of insuring certain scenarios.

It is important to understand that insurance may not be the most cost-effective option for transferring risk. For example, if an insured is worried about data being stored and processed in an outsourced HR system, other efficient routes could include negotiating effective risk transfer mechanisms such as contractual penalties, security assurance, and financial liabilities directly with its third-party supplier. Another common approach is to invest in better mitigations as a precursor to cyber insurance if one of the key controls mentioned above is not yet effective.

AI adoption in the insurance industry is gaining traction. According to Earnix's recent Industry Trends Report, 70% of insurance executives plan to implement AI models that use real-time data predictions within the next two years — more than double today's adoption rate. It's clear that insurers are increasingly relying on real-time predictive analytics as AI adoption accelerates.

As AI technology advances within the industry, insurers are leveraging both traditional AI, which analyzes data and predicts outcomes, and generative AI, which creates content and explains concepts. As they adopt these technologies, insurers can expect significant improvements across operations. 

Here are six trends shaping the future of AI in insurance.

1. AI-Powered Next Best Actions for Underwriting and Claims

Currently, insurers use AI for tasks like processing straightforward data inputs or automatically categorizing claims. In the future, insurers will also leverage AI to provide next best action recommendations for both underwriting and claims management.

"Next best action" recommendations will provide underwriters with specific suggestions such as adjusting coverage limits or gathering additional data sources to better assess risk, based on AI-driven insights. Similarly, for claims adjusters, AI will suggest next best actions such as seeking out additional documentation or identifying an optimal settlement path based on previous claims data. By automating complex decision-making, AI enhances efficiency, consistency, and speed across underwriting and claims operations.

2. Industry-Specific GenAI for Insurance

While many insurance companies have experimented with general generative AI tools, these often fall short when it comes to the industry-specific needs of insurers, like analyzing policy language or understanding regulatory requirements.

As demand grows, insurers will increasingly adopt specialized GenAI models designed specifically for the insurance sector. These advanced tools efficiently interpret intricate policy documents, generate custom pricing models, and draft precise policy language, far beyond the capabilities of general models. This shift enables insurers to better navigate complex regulatory environments and improve their ability to design personalized insurance products, ultimately leading to greater accuracy and customer satisfaction. As technology evolves, insurers will increasingly rely on these specialized solutions to enhance efficiency, streamline operations, and deliver more customized coverage for policyholders.

3. Phased Digital Transformation

Nearly half (49%) of insurers report falling behind in updating legacy systems, according to Earnix's report. While many insurers have attempted to modernize their legacy systems, these efforts often fail due to their complexity and scope. Replacing all core systems at once often overwhelms insurers, leading to costly setbacks.

In the future, insurers will increasingly rely on a phased approach to digital transformation, implementing targeted upgrades instead of complete system overhauls. This approach allows companies to focus on specific areas like customer portals or underwriting modules, integrating AI gradually and minimizing disruption to existing operations. This incremental strategy helps insurers avoid the pitfalls of past modernization attempts while still improving efficiency and competitiveness in the market. The key is to focus on smaller, high-impact projects that deliver immediate value, driving change and building momentum over time.

4. Specialized Data Sources for Smarter Risk Assessment

Insurers today typically rely on broad data sets like historical loss data, demographic information, and general weather reports to assess risk.

In the future, we will see AI models that incorporate more specialized data sources to improve the accuracy of risk assessments. For example, insurers may use climate change information from coastal surveillance or community-based environmental organizations to better assess property or health risks. Health insurers may leverage fitness-related information from smartwatches to differentiate between policyholders who may look the same in a policy application but actually represent vastly different risk profiles (e.g., active triathletes vs. sedentary individuals with significant latent health risks). By integrating precise data into their models, insurers gain a holistic view that enhances risk assessment and policy pricing accuracy.

5. Smarter, Scalable Document Processing

Currently, many insurers use basic document automation for tasks like summarizing brief records or extracting information from structured documents. However, processing large, complex files like medical records still requires significant manual input.

In the future, AI-driven document processing will change how insurers manage documents at scale. Insurers will be able to process thousands of lengthy, multi-format documents efficiently, handling everything from de-duplicating redundant data to categorizing unstructured records. For example, AI will swiftly summarize and organize critical information, eliminating time-consuming, manual reviews for complex claims. This means that claims processing will be faster and more accurate, allowing insurers to manage even higher volumes of claims while reducing error rates and improving customer satisfaction.

6. AI Models That Align With New Regulatory Demands

As insurers expand their use of AI to streamline underwriting and claims management, industry standards for responsible AI use are becoming more uniform across states. Recently, the National Association of Insurance Commissioners (NAIC) adopted a model bulletin outlining compliance requirements for insurers' AI systems. This bulletin clarifies expectations for development, deployment, and documentation of AI technologies to ensure adherence to state and federal laws. So far, at least 11 states, along with Washington, D.C., have issued bulletins incorporating NAIC's language. They are: Alaska, Connecticut, Illinois, Kentucky, Maryland, Nevada, New Hampshire, Pennsylvania, Rhode Island, Vermont, and Washington.

This year, expect to see insurers adopt transparent, AI-driven models that align with both NAIC guidelines and specific state regulations. These models include explainable AI components to ensure clear, auditable insights into predictive processes to meet compliance demands. For insurers operating across state lines, these advancements streamline regulatory adherence and enhance consumer trust by offering transparent, ethical risk assessments. This shift establishes responsible AI use as a foundational standard in the industry.

AI is now an integral part of the insurance industry, helping insurers streamline operations, enhance processes, and navigate regulatory requirements. As its role expands, so does its value, providing deeper insights that support better business decisions. The future of insurance will depend on how effectively companies adopt AI to meet evolving expectations while building customer trust and confidence.

As California once again faced devastating wildfires, insurers are now dealing with the inevitable surge in claims.

Among the avalanche of genuine cases, however, lies a likely darker reality: opportunistic fraud. From outright false claims to sophisticated scams, bad actors are poised to exploit the chaos, risking both financial loss for insurers and delays for those in desperate need of payouts.

Balancing the detection of fraud and opportunistic fraud with the need to validate and prioritize severe vulnerabilities -- while ensuring fair treatment of legitimate claimants -- will be a critical challenge. At the same time, insurers must oversee extensive repair and rebuilding efforts, implement new risk-mitigation measures, and navigate the potential for misconduct across all these activities.

If the situation weren't serious enough as it is, all of this unfolds against the backdrop of an already highly challenging economic landscape. Insurance Insider reported that State Farm has around $2.5-$4 billion of reinsurance cover specifically for California risk.

However, reinsurers are braced for a total loss on the State Farm program as wildfire-related claims are estimated to reach around $8 billion. Commenting on LinkedIn, Adam Denninger, global insurance leader at Capgemini, painted a concerning picture, "Expect genuinely massive changes to rates and insurance availability over the next couple of years. Nobody can sustain these types of losses."

It's the perfect collision of scale, complexity and capital intensity, and it will test insurers like never before. So if we add human error, IT failure and bad behavior into the mix, this problem will only intensify. As I heard an industry professional say at a conference recently, "It's like pouring gasoline onto this bonfire, only we are burning actual money now."

A Homeland Security official says, "In every large-scale tragedy, greedy individuals seek to line their pockets and divert critical funds from those most in need." It's no wonder that District Attorney Nathan Hochman's office, along with Homeland Security, and every law enforcement agency from the FBI to the sheriff's office have formed a Joint Regional Fire Crimes Task Force specifically to investigate and prosecute criminal actors seeking to exploit the wildfire crisis.

Wherever there is money to be made, good or bad, you are going to have humans who are willing to take it. The GAO reported in July 2023 that the federal government has made an estimated $2.4 trillion in improper payments out of emergency assistance programs since 2003. So this is significant and systemic.

Of course, this isn't just a huge problem during a disaster; fraud is rife all the time. It is a long-term threat that demands immediate action. An estimated $308.6 billion annually is lost to insurance fraud in the U.S., according to the Coalition Against Insurance Fraud. That equates to insurance fraud costs passed on in premiums of an estimated $900 per consumer. Breaking this down further, property and casualty insurance fraud alone is around $45 billion. 

These are huge numbers, and broadly these estimates suggest that in some way or another this means that about 20% of claims are fraudulent. 

Now imagine that in the context and scale of the LA wildfires.

Fraudsters also evolve their tactics over time. Therefore, implementing advanced predictive models now will provide lasting protection against medium- and long-term schemes.

To effectively combat evolving fraud risks, insurers need advanced AI-driven models that can identify unique policy and fraud patterns. By leveraging rapid learning, contextual analysis, and adaptive technology, these models enable insurers to stay ahead of both known and emerging fraud threats across the entire claims lifecycle.

A well-designed anti-fraud system can train on an insurer's proprietary data, ensuring it adapts to their specific fraud risks rather than relying only on generalized market trends. This approach allows insurers to pinpoint fraud, streamline claims processing, and flag cases that require careful handling at an earlier stage.

Equally important is the ability to customize fraud detection thresholds and adapt to new types of fraud methods. This will ensure insurers can dynamically adjust to shifting fraud patterns while maintaining fast, efficient payouts for legitimate claims.

By centralizing all relevant internal and external data into a unified investigative platform, insurers can analyze fraud risks across multiple dimensions -- such as policy type, region, and exposure -- enabling more precise decision-making and cross-departmental insights.

Advanced fraud detection solutions like our ClaimSmart solution ensure insurers can not only detect fraud more effectively but also future-proof their fraud prevention strategies against evolving threats. However, to leverage the maximum potential from AI models, it is essential we also see a breakdown of data silos for rapid adaptation, and we need to see fraud detection applied to a full lifecycle from policy inception and in shared fraud data bureaus. This will ensure we can build ever stronger data models.

This is also why creating data-fluid ecosystems is critical for AI and machine learning to thrive generally, offering rapid learning and adaptability in the fight against fraud.

Staying one step ahead also means applying tools like Clearspeed, which can quickly assess risk through voice. When people are asked a yes/no question of consequence, their voice characteristics may change in ways that are called voice response signals. They are imperceptible to humans but can be detected and measured by Clearspeed, providing a way to fast track and help low-risk, genuine customers get back on their feet, while focusing stretched resources where high risk is alerted.

Adopting this kind of technology can make a huge difference, but to do it efficiently and effectively needs data-fluid, highly adaptive core technologies in the cloud, offering the ability to apply this technology easily to claims processes.

There will be bumps in the road to combating fraud, but if there's one thing we must see, it's more adaptive insurance businesses. Ones capable of applying risk mitigation, embedding themselves into home ecosystems and inter-operating with governments, fire departments and others.

Insurance needs to enter a new era of dynamism, and it needs to do it sooner than many might have predicted.

As we progress through 2025, several groundbreaking technologies in artificial intelligence (AI) and machine learning (ML) are emerging. Each is poised to address complex challenges and unlock unprecedented opportunities. 

Below, we explore the most important trends shaping the AI landscape.

1. Domain-Specific Generative AI Models

Generative AI has demonstrated remarkable versatility, but its future lies in specialization. Enterprises are increasingly adopting domain-specific generative AI models tailored for industries or business functions. These models leverage vast amounts of specialized data to produce highly accurate outputs, making them invaluable in areas like healthcare (e.g., personalized treatment planning) and finance (e.g., risk analysis). In the insurance space, this includes automated policy generation, risk assessment and underwriting, fraud detection or customer profiling.

By 2027, over 50% of generative AI models used by enterprises are expected to be domain-specific, a sharp rise from just 1% today.

By leveraging domain-specific generative AI, insurers can significantly improve efficiency, reduce costs, and deliver superior customer experiences across various aspects of their operations.

2. Multimodal AI as the New Standard

Multimodal AI assimilates diverse data types—text, images, audio, and video—into cohesive models capable of delivering more personalized and sophisticated user experiences. Applications range from healthcare diagnostics using combined visual and audio inputs to automotive assistants that respond to voice commands while analyzing visual cues. This capability is revolutionizing customer interactions across industries by enabling seamless, context-aware solutions.

3. Optimization of the AI Stack

2025 marks a shift from experimentation to optimization in AI deployment. Organizations are focusing on maximizing the value of their AI investments by refining infrastructure for training and inference. For instance, advancements in hardware like GPUs and TPUs have reduced processing times by over 50%, significantly cutting costs while improving efficiency. The emphasis on optimization also extends to selecting the most suitable models for specific use cases, ensuring long-term relevance and effectiveness.

4. Agentic AI: Autonomous Collaboration

Agentic AI refers to systems capable of performing tasks independently with minimal human intervention. These autonomous agents are expected to collaborate across networks to execute complex workflows efficiently. While still evolving, agentic AI holds promise for automating routine tasks and enabling human-in-the-loop systems that boost productivity and innovation across sectors like logistics, customer service, and software development.

5. AI for Sustainability

AI is playing a pivotal role in addressing global sustainability challenges. From optimizing energy consumption in smart grids to enhancing climate modeling accuracy, these technologies are helping industries reduce their environmental footprint. AI-driven solutions are also being employed in agriculture for precision farming and in manufacturing for waste reduction.

6. Quantum Computing Meets AI

Quantum computing is beginning to intersect with AI, offering exponential processing power for specific tasks such as cryptography and molecular simulation in drug discovery. Although still nascent, this technology has the potential to solve problems that are currently intractable for classical computers, further expanding the horizons of what AI can achieve.

7. Breaking Down Silos With Generative AI

Generative AI is democratizing access to advanced tools within organizations by breaking down departmental silos. This fosters collaboration and accelerates innovation by enabling non-technical users to leverage AI for creative problem-solving. For example, Generative AI-powered chatbots and virtual assistants can access information from various departments to provide comprehensive customer support, bridging gaps between sales, service, and claims teams.

Conclusion

The emerging technologies in AI and ML for 2025 underscore a shift toward greater specialization, enhanced collaboration, and optimized performance across industries. From domain-specific applications to the integration of quantum computing, these advancements promise not only to drive business growth but also address broader societal challenges like sustainability and efficiency. Organizations that embrace these trends early will be well-positioned to lead in an increasingly competitive landscape shaped by intelligent systems.

Protecting data, closely adhering to pertinent rules and regulations, cleanly importing existing architecture, and controlling costs are all imperative for insurance companies when they migrate to and work in the cloud.

Recent survey data shows that 91% of banks and insurance firms are migrating to the cloud. And no wonder: Cloud migration offers significant benefits, such as better security, effective resource management, and cost optimizations. But these benefits don't come without challenges. 

Addressing Data Security and Compliance Concerns

Properly managing the vast amounts of personal data insurance companies handle – which are so critical to day-to-day operations – involves changing the infrastructure, networks, access controls, and firewalls, among other things. All of these changes create big security challenges. Fortunately, cloud providers offer multilayered security measures, such as advanced network protections, continuous monitoring, end-to-end data encryption, secure backups, and rigid user permissions.

Combining these approaches with employee best practices such as multifactor authentication, secure awareness training, and role-playing scenarios around social engineering can give insurers a multilayered data defense posture.

Cloud providers also help insurance companies adhere to industry-specific regulations (e.g., GDPR and HIPAA) that require detailed security audits to monitor access to restricted data. They do this by automatically creating and updating those logs to better prepare them for quarterly or annual compliance audits.

Clearing Legacy System Integration Hurdles

Insurance firms have huge hurdles to clear to successfully integrate legacy systems into the cloud. That's because a typical company's traditional infrastructure is weighted down with a mainframe administration system that may contain decades of policy information, claims and customer data. Systems that use obsolete programming language, unique architecture, or ancient data formats face a formidable challenge.

Maintaining legacy systems can waste time, retard digital transformation, and impair network performance. This is a priority concern for insurers, which say they spend 70% of their IT budget on that task. Moreover, per-policy IT costs can be 41% higher on legacy platforms.

Installing a modern system lowers maintenance costs by making legacy skills less necessary, fostering automation, cutting the time and energy businesses need to introduce new initiatives, and making IT and business teams more efficient.

There are ways to effectively migrate these systems:

1. Moving one or two systems at a time, in phases, reduces the likelihood of downtime and improves customer satisfaction. Testing and validating each migration ensures the highest-level performance.
2. By adopting a hybrid cloud approach, insurers can keep immovable, critical systems on-site or in legacy infrastructure while moving testing environments, data warehouses, or customer-facing software-as-a-service (SaaS) applications into public or private clouds. This lets insurers scale more modern systems cost-effectively without importing traditional architecture before it's ready.
3. Microservices disassemble siloed, legacy infrastructure into smaller, independent applications, making it easier to modify outdated software. APIs take it from there, communicating in real time to cloud servers or third-party vendors so insurance companies can improve their reliability, build faster deployments, and conduct a controlled, well-paced cloud migration over time.

Optimizing Cloud Costs

Migrating to the cloud requires insurers to apply careful IT cost management to efficiently store data and process workloads. Most cloud providers have built-in cost management tools, mostly user-friendly, easy-to-understand interfaces that provide high-level pre-configured views and granular customer reports. This way, companies can see what they're spending, how to better control costs, and project costs as their businesses grow.

By right-sizing cloud resources, insurers can auto-scale to accommodate peak demand periods (e.g., the major increases in server capacity that health insurance providers experience during open enrollment season when potentially hundreds of thousands of users try to register all at once). Dynamically expanding server capacity makes it easy for customers to sign up for new policies – which cuts downtime and boosts revenue.

There are two most effective ways to optimize cloud costs. The first is reserved instances – which strengthen core business functionality with a stable, consistent system purchased for longer periods. The second is spot instances, which help use idle cloud capacity at a lower cost for testing or data processing tasks.

Taking a Strategic Approach

Providers confront unique data security, legacy systems, and cost management challenges in moving to the cloud. But the long-term benefits – faster, nimbler digital transformation, a competitive edge, greater employee productivity, and more secure network infrastructure – frequently outweigh the short-term process frustrations.

The adage, "There's just not enough hours in a day," often resonates with commercial underwriters. In addition to policyholder expectations, they grapple with mounting competition, limited visibility into risk factors, and resource constraints that hinder comprehensive exposure analysis. 

These challenges persist as insurers and program administrators/managing general agents (MGAs) strive to enhance risk-assessment capacity and proficiency. Fortunately, generative AI advancements offer solutions and relief, enabling underwriting teams to alleviate capacity constraints and improve operational efficiency.

Generative AI is already making waves in the insurance industry by automating repetitive tasks, extracting insights from documents, and supporting critical functions like risk evaluation, fraud detection, and claims adjudication. The next evolution of this technology—reasoning and self-learning AI assistants—promises to revolutionize commercial underwriting. 

Agentic AI in the form of cognitive, persona-based assistants can be tailored to specific roles, automating workflows and executing complex tasks with precision. By functioning as digital co-workers, they empower underwriters to focus on high-value activities while gaining reliable, data-driven AI assistant support to manage essential responsibilities such as classification, risk appetite determination, and portfolio management.

Enhancing Underwriting Efficiency

AI assistants offer scalable solutions for business classification, risk analysis, and decision-making, bolstering risk assessment across various lines of business. Take Lessor's Risk Only (LRO) policies, which can be challenging to underwrite due to the dynamic nature of tenant occupancy. 

Insurers and MGAs can mitigate reliance on policyholder or agent inputs by deploying a role-based AI assistant. The digital teammate can ingest underwriting guidelines and apply them alongside real-time occupancy data, enriching workflows with expedient insights. The AI assistant can be trained to immediately alert underwriters if a high-risk tenant—such as a sports bar, liquor store, or gun shop—moves into a property. This enables timely reviews of the property owner's policy (and potentially adjacent tenant policies), ensuring adequate coverage and risk mitigation.

AI assistants also enhance productivity in high-volume segments like small and medium business (SMB) policies. Insurers and MGAs must rapidly assess risk and bind policies to maintain profitability in this competitive market. AI assistants streamline this process by swiftly determining whether submissions align with risk appetite and consistently addressing risk-assessment queries. By automating these tasks, underwriters can dedicate more time to complex risks, accelerate quote-to-bind timelines, and improve submission throughput.

Strengthening Premium Audit Processes

Beyond underwriting, AI assistants can optimize connected processes, such as premium audits, critical for ensuring accurate coverage and pricing based on actual exposures. Premium audits are particularly valuable in assessing business exposures, where operational changes can occur rapidly. For example, when purchasing a workers' compensation policy, a small construction company might initially classify employees in less risky roles. However, if the company pivots its operations mid-term, a reclassification may be necessary, affecting coverage scope and premium pricing.

Traditional premium audit processes are often time-consuming and prone to backlogs. A premium audit expert AI assistant can alleviate these inefficiencies by automating tasks such as applying insurer guidelines and state-specific regulations to submission documents. They can identify missing or incomplete information and autonomously conduct audits, ensuring compliance with standards. Insurers can enhance customer experience, foster loyalty, and improve retention rates by expediting audit completion and providing policyholders with timely advisory guidance.

Fostering Collaboration Across Functions

AI assistants are not confined to isolated tasks; they can be trained to collaborate across insurance functions, creating a cohesive ecosystem. For instance, an AI assistant supporting underwriting teams in risk analysis and eligibility determination can seamlessly integrate with a claims-focused counterpart. Those assistants can share information and learn from each other, establishing a valuable feedback loop. If a claims AI assistant detects an unusual volume of submissions in a specific risk category, it can alert the underwriting team to review and potentially adjust eligibility guidelines. This approach enhances decision-making and ensures consistency across workflows.

Driving Enterprise Growth Through AI Integration

Integrating autonomous AI assistants into underwriting and operational workflows represents a consequential shift in the operational advancement of insurers and MGAs. By streamlining processes, enhancing risk assessment capabilities, and fostering cross-functional collaboration, smart digital co-workers enable organizations to scale operations and achieve cost-efficient growth. From expediting SMB policy underwriting to improving premium audits and providing real-time insights in a rapidly evolving risk landscape, AI assistants can enable efficiency and precision in commercial lines underwriting.

As generative AI technology evolves, its potential to boost competitive advantage and reshape insurance operations grows exponentially. Commercial insurers and MGAs that embrace these advancements will be better positioned to navigate the complexities of an increasingly dynamic market, fortify their risk-assessment proficiency and agility, and deliver superior value to policyholders.

The insurance industry is at a crossroads. Consumer resentment about insurance affordability and fairness of premiums is brewing. The insurance industry is taking needed action on rates, but insurers find it difficult to inform and educate a customer base that views pricing as opaque and overly complicated. 

All of this raises the question: Can adequate premiums and trustworthiness coexist?

Eroding Trust

As consumers grow increasingly skeptical, the industry faces mounting challenges. Recent lawsuits involving individuals’ driving data from connected cars and consumer apps being sold to insurers without clearly informed consent has struck a nerve. Allegations of improper home insurance cancellations based on flawed aerial imagery and related concerns of insurers “spying” on their customers have surfaced. Even more attention has been attracted by the recent reports of non-renewals for many homeowners just before the Los Angeles-area wildfires, generating a mix of angst and wake-up calls. But each of these actions is deemed necessary for carriers to ensure viability, despite the obvious criticism that the decisions lack transparency.

Concern about insurer profitability has been in the forefront as the P&C industry experienced significant underwriting losses over the last three years. Attendant rate increases and tightening underwriting practices are having the desired outcome with, at least, financial recovery in personal auto lines. However, increasing rates are a new reality as climate exposure, repair cost inflation, social inflation, and fragile supply chains persist and costs are passed on via premiums.

Premium Leakage

Premium leakage, a problem fueled by outdated and inaccurate data, continues to contribute to underwriting losses and undermine profitability. Such leakage occurs when insurers are unable to align premiums with the actual risks of their policyholders. This often stems from reliance on stale, incorrect, or incomplete data. The problem doesn’t stop there. After policy inception, specifics like garaging location, undisclosed drivers, vehicle use and mileage can become a moving target. Inaccuracies create a ripple effect—insurers lose revenue, or customers may pay more than they should.

Adding to the complexity is the industry’s reliance on third-party providers that create a snapshot of information based on public records and other sources. Data providers sell information to counteract insurance application shortcomings. Insurers needed another way to size up risk with confidence beyond a short list of application questions and biased responses. These third-party sources, while in standard use, are not real time, can be flawed and can lead to broken feedback loops where errors compound.

In some cases, policyholders’ details are “grandfathered in” from the initial application snapshot without updates for years, further widening the gap between actual risk and premium pricing.

Personalization and Policyholder Engagement for the Win

As the outlook for auto lines improves, competition is intensifying in early 2025 and is expected to stay heated for at least two years. At present, carriers are addressing high shopping rates and seeking to grow market share in the long term. Customer retention has suddenly been reprioritized to the top as carriers see a profitable growth pathway. With the right approach, current conditions can become opportunities to build stronger, more transparent relationships with customers while improving operational efficiency.

Direct engagement with policyholders offers a pathway to address premium leakage and rebuild trust at the same time. By going directly to policyholders and offering them incentives to share their verified information, insurers can ensure accurate, up-to-date information that informs their underwriting decisions. This approach not only improves underwriting decisions and pricing accuracy but also creates a more transparent relationship with customers.

• Gather verified first-party data: Policyholders can directly share critical details, such as real-time mileage and the condition of their vehicles. Unlike with third-party reports, this data is both accurate and timely.
• Address stale or missing data points: Insights into garaging locations, prior vehicle damage, and undisclosed drivers can close significant gaps in risk assessment.
• Enhance customer participation: Encouraging policyholders to share their data while giving them full control fosters engagement and trust. When customers understand that their data directly contributes to fairer pricing, they are more likely to participate willingly.

The foundation of successful engagement and personalization is trust. Many consumers view the insurance industry as opaque and unresponsive, often associating it with unwelcome surprises like non-renewals or claims disputes. To counter this perception, insurers must prioritize transparency.

Imagine receiving a clear message from your insurer: “Here’s why your policy is changing, and here’s how we calculated your rate based on verified data you provided.” Such communication demonstrates fairness and builds confidence. Customers feel valued and empowered, which can translate into long-term loyalty.

Transparency also serves as a deterrent for misrepresentation. For instance, policyholders who understand the importance of accurate garaging information are less likely to provide misleading details, knowing it could affect their claims or coverage down the road.

A Win-Win for Insurers and Policyholders

Personalization and transparency are not just customer-centric strategies; they also drive profitability and operational excellence. By adding personalization and direct engagement with policyholders, insurers can:

• Reduce premium leakage by optimizing pricing accuracy, leading to fairer premiums for all customers
• Reduce friction and administrative costs of handling disputes and errors
• Build a loyal customer base that values engagement and honesty

For policyholders, the benefits are equally compelling. Fair pricing, clearer communication, and the assurance that their data is used responsibly creates a more positive experience. These factors foster trust, making customers more likely to renew their policies and recommend their insurers to others.

Looking Ahead

The year ahead offers a pivotal opportunity for the insurance industry to redefine itself. By prioritizing transparency and personalizing policies, insurers can address premium leakage while restoring trust. Companies that lead with these values will not only strengthen their bottom lines but also reshape the industry’s reputation for the better.

Joe Powell joined Gallagher Bassett in 2014. He serves as chief digital officer, overseeing data, analytics, and product innovation functions. His team manages GB's innovation road map, including Luminos RMIS, Waypoint decision support, and GB's suite of AI technologies. The team also provides a wide range of analysis, reporting, and insight services, from basic loss runs to state-of-the-art machine learning-based benchmarking. Previously, Powell served as a management consultant at Bain, focusing on initiatives involving growth strategy, corporate investment planning, IT strategy, post-merger integration, and cost reduction across numerous industries. He holds a bachelor of science degree and a master of science degree in management information systems, both from the Kelley School of Business at Indiana University.

Insurance Thought Leadership

How would you describe the transition from basic generative AI to agentic AI?

Joe Powell

I'll start with AI as it existed when ChatGPT was launched in 2022. It was this raw foundation model that you could ask questions of, and it would give you a cogent -- maybe not completely accurate, but at least coherent -- response. It sounded like a human. It was magical.

From there, the progression has been a relatively natural evolution toward better and better accuracy, to the point where eventually that accuracy becomes so good that you can begin to use it to take action. That's the nature of agentic AI -- you're going from something that is error-prone to something that hopefully is highly accurate and is driving action for your organization.

You could imagine the progression: When we first got into AI, having a chatbot like ChatGPT was impressive in itself. Eventually, it evolved to allow handling documents and asking questions about them. The next step was allowing the AI not just to get you the answer from that document but to show you where in that document it found the answer, thus getting a little bit more action-oriented. Eventually, the AI gets to a place where you've implemented this seamlessly in an organization's process, and through that process, it's handling a step or helping with a step and presenting information to a person to make a decision. Finally, you get to a place where the AI is taking that action out of a person's hands, and operating autonomously. That’s when you achieve the true goal of agentic AI.

Insurance Thought Leadership

What are some examples of AI taking actions traditionally performed by humans, either at Gallagher Bassett or in the industry at large?

Joe Powell

In the industry, we're generally not at the point where AI can make major decisions yet. There are two important dimensions to consider when thinking about agentic AI and what actions it should take. First, how critical is the decision? Another way to think about this is: What are the consequences if the decision is wrong? And second, how autonomous do you want the AI to be?

As decisions become more critical, you're less likely to want AI making them. For instance, you're not going to have AI deciding the settlement on a $10 million claim. Instead, you'll start with AI handling relatively routine, day-to-day decisions. As it becomes more sophisticated and accurate, you'll trust it with increasingly critical decisions.

The same principle applies to autonomy. The right approach is to begin with AI providing information to help you make decisions. Then, as it progresses, AI will help make recommendations. Eventually, you'll reach a stage where AI is making decisions with human oversight, and finally, it will make decisions with full autonomy.

Insurance Thought Leadership

What are some current examples of AI applications that meet appropriate risk and reliability standards?

Joe Powell

Around the industry, we're seeing organizations take a cautious approach by starting with low-risk decisions. Much of what we're seeing involves having AI review work that humans have already completed – for example, reviewing completed policy work or double-checking the coding on a claim.

At Gallagher Bassett, we're developing a tool to help flag urgent emails. This addresses a micro-decision that people make every day when reviewing their inboxes -- determining which messages are critical. Having AI serve as a second set of eyes to identify important demand letters and determine what needs immediate escalation is highly valuable.

These are the types of low-risk applications where we're starting to see AI step in -- relatively small day-to-day decisions where having an automated helper or second set of eyes can provide significant value.

Insurance Thought Leadership

It seems AI could be a good verification tool, given the recent story about AI quickly detecting a mathematical error in research about black plastic spatulas that was overlooked by human researchers?

Joe Powell

Absolutely. There are analogs for our industry, as well. You could imagine somebody entering a plan of action on a claim and having AI double check to make sure it aligns with what was prescribed in the prior plan of action -- what was going to be done, what was going to be followed up on, and whether those action items were addressed. 

AI can also be a huge help in ensuring adherence to best practices and consistent product delivery. At Gallagher Bassett, we use both generative AI and machine learning models to help us make more consistent decisions in various ways.

We tend to leave the power in the hands of our claims experts but still have AI offering recommendations or acting as a check. A simple example is determining the right reserve at a given time. We ultimately equip our adjusters to make a decision on the most likely ultimate financial outcome on that claim, but we have AI models running in the background that are constantly checking to say, "Is this what the AI would come up with?" If not, we have a conversation about why, and whether a reserve change is needed.

Insurance Thought Leadership

How do you ensure that AI implementation genuinely helps adjusters and customers rather than becoming technology in search of a problem?

Joe Powell

A few ways. One is getting those people involved early in the decision-making process. We have a team of former adjusters, whom we call AI specialists, that are engaged in our AI design team. These individuals advocate from the very beginning of an AI project in terms of how to make the AI effective in the adjuster’s workflow.

Second, as the product progresses to something usable, you want to begin testing it in multiple ways. There's automated testing for accuracy, which includes head-to-head tests with actual people to see which one's more accurate. You do automated tests to see how consistent the AI is in its decision-making and whether that reveals areas where we might need to improve the model. Finally, you gain feedback early in the process from a pilot group.

As an example, we launched a tool that summarizes claim files. You can imagine, if you're an adjuster handling an insurance claim that's been open for a few years and is highly complex, it can have hundreds of pages of documentation. It can be extremely helpful to have the AI scan through those hundreds of pages and give you a tight summary.

The summary covers what happened with the claim, the medical situation, how legal has progressed, whether we're nearing settlement, and what next steps have been documented. It also provides the ability to drill into any one of those areas to find out more. The user can then dive deeper into specific pieces of information, like all the medical visits that have happened.

We had the AI specialists involved upfront, but we also piloted it and got phenomenal feedback from adjusters in the field. We also asked what more we could provide. The input was key to the tool’s success when we launched this across our entire North America operation.

Insurance Thought Leadership

How do you envision teams of AI agents working together, particularly in claims processing?

Joe Powell

This is an interesting problem because as an organization and industry we're launching more and more AI tools, and they all tend to report back to the human user -- typically the adjuster, in our world. 

I like to use the analogy of a basketball team. If you're playing basketball and you can only talk to the coach, you as a team are not going to communicate well. The players need to be able to communicate with each other, not just with the coach.

I think that's the next stage, especially as we see more agentic AI that's actually taking action. Those actions, just like human decisions, need to be based on information from other agents and what they're seeing. For example, if you have an AI that handles claim intake and asks various questions, being able to distill that information down and perhaps having a back-and-forth between that AI agent and one that's concerned with detecting fraud could equip the fraud agent to do an even better job.

The interplay between these AI agents is something we're just beginning to experiment with, but it's really powerful. In the same way that a human would be much less productive if they could only work by themselves and never ask anybody questions, AI agents will be much more productive when they can begin to interact and share knowledge.

Insurance Thought Leadership

How will you approach integrating AI agents that span different organizations, ones that maybe start with Gallagher Bassett and eventually expand to carriers and brokerages?

Joe Powell

For the foreseeable future, it's much more realistic to do this within a controlled environment. But we're laying the groundwork for broader implementation.

For example, we have that AI that engages with email -- flagging important messages and gleaning critical information from them. We've got an AI that covers claim documentation and another AI that listens to phone calls, creating transcription summaries, checking if we're following best practices, and analyzing the sentiment of the person on the other end of the call.

When you've got these various sources of information available to AI, we can begin to pull relevant pieces from each to make things like litigation predictors or reserve predictors even more powerful. Whatever you could dream up becomes possible when you can access and integrate these various sources of information.

Insurance Thought Leadership

What are your thoughts on the trend of moving from large language models to small language models that are specific to industries and business functions?

Joe Powell

It'll be interesting to see how this develops. There's a lot of experimentation happening around whether to use large language models (like ChatGPT 4o), small language models (smaller, more efficient models), or large language models that have been fine-tuned for specific industries.

Which approach fits best with which use case is something we'll likely gain better insights about in the coming months and years. Right now, there’s a bias toward large language models because they tend to be more accurate and thus are lower risk, but there could theoretically be a place for small language models for very low risk use cases.

Insurance Thought Leadership

AI processing capacity is reportedly doubling every 3.4 months, so there’s certainly a lot of runway in front of us. 

Joe Powell

There are some interesting rumblings about whether AI is hitting a plateau. While I don't have a strong opinion on that, I think this discussion misses a crucial point: There's a tremendous amount of value we can derive from applications of AI even if the underlying technology itself doesn't get dramatically better.

It's similar to what happened with the internet. At a certain point, even if bandwidth doesn't massively increase, there's still so much you can do with it simply by connecting people -- you just have to figure out creative ways of using the technology. That was true 30 years ago, and it's still relevant today.

We've got the foundational AI technology now.

Insurance Thought Leadership

I'm sure some amusing situations will come up as AI agents talk to each other. I remember moderating a panel in the late 1990s, when a senior partner at a major VC firm talked about using early versions of speech recognition in his car and in his phone. At one point, he said, his car said something unprompted. The phone responded, "I don't understand you." The car started talking back, the phone responded, and so on. His car and phone had this long conversation that he couldn't figure out how to stop.

Joe Powell

You do have to tightly prescribe those interactions. I'm probably making it seem like you just put the two together and say, "Have a conversation," but there's going to have to be a lot of forethought in terms of the architecture. You need to consider what information you want them to share and how it will be shared so you don't have these surprises, but instead have the right information flowing from the right agents to the right agents.

Insurance Thought Leadership

What advice would you give readers looking to begin their AI journey?

Joe Powell

There are several ways companies can get started. One is to build your own, which is what big, well-resourced claims organizations are going to want to do. You build a team of AI experts and invest in the infrastructure -- specifically a private and secure in-house AI environment. It's quite an investment, which is why this path is typically for larger organizations.

Smaller organizations can take different approaches. One option is to work with AI startups and organizations that are selling their services on an ad hoc basis. This is a fast way to get to value. However, longer term, this option presents some risks in terms of what I described -- if you eventually want your AIs taking action and working together, you need them to be cohesive. If you've gone with a multi-vendor approach where you're taking very specific skill sets from each of them, the question becomes whether they'll be able to work well together in the future.

The other option, and probably the better option for most organizations that have claims or claim handling needs, is to partner with an organization that offers an end-to-end solution -- one that has a vision that you share. The key then becomes a matter of making sure you do indeed share a vision -- in terms of their adherence to privacy and security, accuracy, where you think the technology will go, and the organization’s capability to improve your outcomes in terms of better claims results, better communication, and better employee experience.

Insurance Thought Leadership

How do you determine which functions to outsource? The case of Borders Bookstores outsourcing their online book sales to Amazon in the 1990s seems like a cautionary tale.

Joe Powell

Yeah, 100%. That's a fantastic point. At Gallagher Bassett, when we think about what we should build, we look at our core competencies.

The claims summarizer is a great example. We're experts at handling claims -- it's a huge part of what we do as an organization. So naturally, when we want an AI to help us digest claims into tight summaries, that's something we feel we're better than anybody else at taking on. But when you look at something like building the foundation model, that's not something we're going to try to do. There are other examples where we might say OpenAI or Google would be better because that's their game.

Insurance Thought Leadership

This is great. Thanks, Joe. 

Today’s complicated, fast-moving risk environment is forcing changes to traditional roles across claims and insurance management, safety, and Governance, Risk and Compliance (GRC). How will you stay ahead?

While these roles may historically have been heavily weighted toward administration and reporting functions, the modern risk professional is increasingly a strategic role looked to for insight and context that factors heavily in the decisions made by organizations’ leadership teams.

The transformation to a more strategic and impactful approach to risk requires a move toward 4 key ways to level up.

Download Now  

Sponsored by: Origami Risk

Munich Re’s global medical team recently collaborated on a wide-ranging thought leadership project intended to help life insurers better understand and navigate the most prevalent emerging medical trends and risks across five critical topics: AI in Healthcare, Improving Cancer Outcomes, Prevention, Obesity, and Climate Change. 

The Obesity chapter examines how new anti-obesity medications can reduce obesity-related mortality and morbidity risks. As many adverse medical conditions are associated with obesity, if these medications can stop or reverse the upward obesity prevalence trends, the potential impacts on mortality and morbidity could be significant, with an impact on life, disability, and critical illness portfolios.

Key takeaways

• Forecasted obesity trends: Obesity prevalence continues to rise, with forecasts predicting that more than half of the global population will be obese by 2035. This trend poses significant risks to health outcomes and insurance portfolios.
• Impact of new medications: If these medications can stop or reverse the upward obesity prevalence trends, the potential impacts on mortality and morbidity could be huge.
• Weight loss outcomes: The current literature on newer drugs for adults with obesity supports weight loss outcomes never seen with prior weight loss medications.
• Impact on insurance portfolios: This chapter provides a plausible estimation of the revolutionary impact weight loss medications may have on life, disability, and critical illness portfolios.

Visit our Life Science Report page for more information and to access additional chapters. 

Sponsored by ITL Partner: Munich Re