Insurtech is the fusion of technology and business models to enable, enhance and disrupt the provision of insurance services, and it is becoming a key growth driver for early adopters worldwide. At its heart is the ability to enhance the customer experience, making buying insurance, paying premiums and making claims easier than under traditional business models.
Innovative insurtech solutions provide an ability to enhance business operations and scale rapidly, presenting a risk (including possible market share erosion) to insurers that are slow to adapt to digital business solutions.
However, there are inherent risks in technology-driven solutions, especially if a business’s underlying infrastructure cannot cope with rapid growth, or change management strategies are limited or non-existent. Understanding and managing the relevant business and regulatory risks to your insurance business when developing insurtech solutions will therefore be an essential component of your digital transformation journey.
Market disruption
Disruption in the insurance market is inevitable. New Zealand has already seen the rapid impact of FinTech in the financial services sector, and insurers can certainly take cues from the banking industry, which has encountered similar disruption.
New entrants providing technology-driven insurance solutions are putting impetus on insurers to adapt to these technological advancements. The ability for technologically savvy start-ups to develop innovative business solutions and customise those solutions for the regulatory environment in different jurisdictions is intensifying competition between traditional insurance companies, established technology companies and start-ups.
In New Zealand, Cyber Indemnity Solutions (CIS) is one such new entrant. CIS recently announced a new cyber insurance product, has now launched in Australia, and expects to expand further internationally. CIS used New Zealand’s scale and expertise in programming to test their product (which provides digital asset protection insurance) in a micro space. CIS is not a licensed New Zealand insurer. Instead, it licenses insurers to use its policies (which includes a cyber insurance product), systems and software. Insurer partners can embed the insurance policy content into their own cyber policies and/or provide it concurrently with their policy offerings.
Established insurance companies are also investing in insurtech solutions. Sovereign has recently announced that it has created a cloud data centre through Amazon, capable of powering “innovations, integrations and automations” for Sovereign and its customers. In practice, a cloud data centre can be scalable to a business’s needs, and when coupled with an integration suite, can produce customer-centric, data-led experiences in various forms (including through applications and platforms).
Planning and preparation are essential to performing strongly in an insurtech market.
Globally, Insurtech is appearing in various guises with start-ups targeting all areas of the insurance value chain. These include, for example:
In addition to the above insurtech uses, there are examples of start-ups looking to remove the need for a traditional insurer altogether by using peer-to-peer business models. A peer-to-peer business model allows insureds to pool their capital, self-organise and self-administer their own insurance.
Be prepared
Planning and preparation are essential to performing strongly in an insurtech market. Identifying and managing the risks presented by insurtech will be a key aspect of any digital transformation project. Insurers that develop clear growth strategies that incorporate technology driven, customer-centric solutions, that use technology to strengthen their identity (ensuring cultural identity and brand are not compromised), and that have a keen understanding of the regulatory framework and risks, will be better positioned to provide sustainable business models.
Regulatory considerations
Regulatory ambiguity is perhaps one of the biggest challenges facing regulators in this area. Insurance legislation written as recently as seven years ago did not anticipate the way technology would be developed and applied in today’s market. Ultimately, regulation will need to evolve to ensure the right balance between policyholder protection and encouraging innovation.
Below is a brief summary and some observations of the key legislation affecting the provision of insurance in New Zealand:
Insurance (Prudential Supervision) Act 2010 (IPSA)
The draft Code is still being written, so it is not yet clear how robo-advisory services will be monitored and assessed under the new Code.
However, areas where IPSA could benefit from ‘future-proofing’ amendments include:
New financial advisers’ regime
The draft code is still being written, so it is not yet clear how robo-advisory services will be monitored and assessed under the new code. However, maintaining the standards of consumer protection provided by the legislation, while encouraging providers to harness emerging technologies, will likely be a key objective of the Code Working Group (the group tasked to establish the code).
In addition to the code, the conditions that the Financial Markets Authority (FMA) will likely impose on a robo-advice licence may include strict governance and disclosure obligations on Financial Advice Providers offering advice via a robo-advice platform. The Australian Securities & Investments Commission’s (ASIC) guidance for digital-advice licensees provides some indication as to what licensees might expect under the new regime. ASIC’s expectations in respect of digital advice licensees include (among other things):
Principle 5 (storage and security of personal information) is especially critical as insurers now have access to ever- increasing quantities of policyholder data.
Class exemption for robo-advice
The FMA has indicated that the requirements under the exemption may be different from those that will finally apply once the law reform takes place. Importantly, based on the FMA’s indicative timing, the exemption anticipates the ability to provide digital-advice in New Zealand by late 2017, supporting the growing demand for digital-advisory services.
Importantly, based on the FMA’s indicative timing, the exemption anticipates the ability to provide digital-advice in New Zealand by late 2017, supporting the growing demand for digital- advisory services.
Financial Markets Conduct Act 2013 (FMCA)
The FMCA, which regulates the offering of financial products in New Zealand, is a modern Act designed to be flexible and to encourage innovation in the market. The fair dealing provisions under part 2 of the FMCA apply to persons providing a financial service (which includes “acting as an insurer”). The provisions (which include the obligations not to engage in conduct that is misleading or deceptive, or make a false or misleading representation, in respect of a financial service) are broad and will apply to insurance services provided through both traditional channels and via online platforms or mobile applications.
These fair dealing provisions, together with the financial adviser regime discussed above, provide the FMA with oversight over the way in which insurance products are marketed and sold. The FMA has already signalled that it will be looking closely at life insurance sales and advice. With the added complexity, and potential risk around digital sales channels, we see it as a real possibility that the FMA will focus on insurtech innovation and compliance with the fair dealing provisions of the FMCA.
Privacy Act 1993
While the 12 privacy principles in the Privacy Act apply broadly to any personal information collected by an insurer (including any third-party platform provider), advances in technology have dramatically changed how information is collected, stored and shared. Principle 5 (storage and security of personal information) is especially critical as insurers now have access to ever-increasing quantities of policyholder data.
The Privacy Commissioner has recently recommended changes to the Privacy Act and a new Privacy Bill is expected to be introduced this year (although timing is currently unclear). The recommendations are based on rapid changes in data science and information technology in the five years since the last review and, if adopted, could mean, among other things, an increase in the penalty for a serious or repeated breach of the Privacy Act to a fine of up to NZ$1 million for body corporates. Additional guidelines for data use are being developed by the New Zealand Data Futures Partnership, which is currently consulting the New Zealand public in relation to how information about them is used and shared.
Enforcing stricter penalties and narrowing defences under the new Privacy Bill will go some way to ensuring companies invest heavily in security and data management. However consideration should also be given as to whether more prescriptive regulation is needed in respect of technical / organisational measures – including, for example, in relation to data transferability between providers, IT management, cyber security and internal controls for outsourcing services.
Conclusion
Increasingly, there is an impetus on insurers to compete against, and/ or work with, new entrants and established technology companies to improve customer engagement through technology, and to digitise certain back-office functions to create more efficient and nimble business models.
While existing laws and regulation have tended to lag behind technological developments, there is an increasing awareness and acceptance by regulators of the need to accommodate technological innovation in the delivery of business products and services. Awareness of changes in the way in which regulation applies in this new environment must be maintained as a key developer and user requirement at all stages of the digital transformation journey.