Insurance has always been grounded in a quiet but powerful discipline. At its core, the industry was never just about transferring risk. It was about understanding which risks deserve to be transferred in the first place.
For decades, the logic held firm. Risks had to be measurable, diversifiable, supported by capital, and structured with aligned incentives. That discipline is what made insurance one of the oldest continuously profitable institutions in modern finance.
Today, that foundation is being tested — and in many cases, quietly abandoned.
The Industry Is Scaling Faster Than Its Assumptions
In the race toward growth, digital distribution, embedded products, and AI-led underwriting, insurance is increasingly operating at the edges of its own logic. We are no longer just insuring factories, fleets, and homes. We are underwriting cyber ecosystems with non-linear aggregation risk, climate exposures with deep correlation across geographies, businesses built almost entirely on intangible assets, embedded products that blur the line between insurance and software, and a fast-emerging category of AI-agent liability that no traditional form was designed for.
These are not incremental risks. They are structurally different risks. And yet many of them are being evaluated using frameworks designed for a very different world.
The Real Problem Isn't Data. It's Discipline.
The common narrative says we need more data, better models, smarter AI. Here is the uncomfortable truth: the challenge is often not a lack of data or technology. It is a failure to revisit the first principles of insurability.
Before asking "Can we price this?", we should be asking:
- Can this risk actually be measured with confidence?
- Can it be pooled without hidden correlation breaking the model?
- Is there sufficient capital to absorb tail events?
- Are incentives aligned — or are we underwriting behavior we cannot control?
- Where are the boundaries of this risk under stress?
If these questions are not rigorously answered, pricing becomes an illusion of control.
The Five Foundations of Insurability
First-principles thinking is about stripping a problem down to its irreducible truths and rebuilding from there. In insurance, those truths have not changed. I refer to them as the *Five Foundations* — and every underwriting decision, every product launch, and every AI investment should be tested against them.
1. Risk Must Be Measurable
If you cannot define frequency and severity with reasonable confidence, you are not underwriting. You are speculating.
This is where many emerging risks struggle. Cyber loss data exists, but threat vectors evolve faster than the data describing them. Intangible-asset valuations have no historical benchmarks to anchor severity. AI-agent liability has neither —frequency is unknown, severity is open-ended, and the causal chain runs through a model nobody can fully audit.
2. Pooling Must Work
Insurance depends on the independence of risks. But today's risks are increasingly correlated. A single cyber event can affect thousands of firms simultaneously. A wildfire season can trigger losses across entire regions that were modeled as independent. A single cloud provider outage can take down policyholders across industries that share no other common feature. When correlation increases, pooling breaks. And with it breaks the economic engine of insurance itself.
3. Capital Must Be Adequate
Every risk ultimately resolves to a capital question. Are insurers holding enough capital for extreme scenarios? Are they accurately modeling tail risk? Are they accounting for systemic shocks that cross lines of business?
If not, growth today becomes solvency pressure tomorrow. The history of financial crises is the history of institutions that mistook a benign environment for permanent capital adequacy.
4. Incentives Must Be Aligned
Poorly structured products create moral hazard at scale. Cyber policies that pay without enforcing basic hygiene. Parametric triggers that pay when there was no real loss — or refuse to pay when there was. Embedded covers sold at checkout to confused buyers. When incentives are misaligned, losses stop being random. They become predictable — and expensive.
5. Tail Risk Must Have Boundaries
Not all risks have containable downside. Some exposures cascade across industries, amplify through shared technology, and escalate faster than capital can respond. These are not traditional insurance problems. They are systemic risk problems, and they require structures — government backstops, mandatory mitigation, layered retentions — that no single carrier should attempt to absorb alone.
Where the Foundations Change Day-to-Day Decisions
Underwriting
First-principles discipline reframes the underwriter's job from "approve or decline at a rate" to "decide whether the structure fits the risk." An underwriter who can articulate which foundation a risk strains — and propose a structural fix — is far more valuable than one who simply applies a guideline. This is also where AI tools earn or lose their keep. A model that surfaces correlated exposure across a book is strengthening the foundation. A model that simply accelerates quote turnaround on a structurally fragile risk is accelerating the problem.
Product Design
Not every emerging risk should become a product. Before launching, leaders should ask whether the coverage structure itself needs to change — sub-limits, exclusions, parametric layers, captive participation, mandatory mitigation, or co-insurance with the insured retaining meaningful skin in the game. Sometimes the answer is that the risk is better retained by the customer than transferred to the carrier. That is not a failure of innovation. It is innovation doing its job.
Regulatory Strategy
Regulators are increasingly focused on aggregation risk, capital adequacy, climate stress testing, and systemic exposure. Carriers that have already internalized the Five Foundations are several steps ahead of their filings — because they can show why a product is structured the way it is, not merely that it complies.
Technology and AI Adoption
AI can optimize pricing, but it cannot fix flawed assumptions. If the underlying risk is not measurable, not poolable, and not bounded, then AI simply scales the error faster. The most useful question to ask of any AI investment is not "does it make us faster?" but "which foundation does it strengthen?" Faster bad decisions are not progress.
The Hard Truth
This is where the industry needs to be brutally honest. Some risks should not be insured in their current form. Some require entirely new structures beyond traditional insurance. Some demand collaboration across public and private sectors that no carrier can build alone.
Trying to force-fit these exposures into existing models does not create innovation. It creates fragility — the kind of fragility that does not show up in a quarterly result but is sitting in a portfolio waiting for one correlated year.
First principles are not about slowing innovation. It is about making innovation durable.
Most failures in financial history share a pattern. They are not caused by a lack of information or a shortage of intelligent people. They are caused by the quiet conviction that a new structure, a new technology, or a new market condition has somehow repealed the old foundations. The foundations do not get repealed. They get violated — and the violation only becomes visible when a correlated event arrives that the model had assumed away.
Insurance is now operating in exactly that kind of environment. Correlation is rising. Capital is under pressure. Innovation is accelerating faster than the assumptions underneath it can be retested. The temptation to write everything, embed everywhere, and let AI sort it out is real, and the short-term economics often reward it. The long-term economics are governed by the foundations whether the market acknowledges them or not.
