Insurance Sector AI Documentation Standards
Establish documentation standards for AI systems used in insurance underwriting, claims adjudication, pricing, and fraud detection that meet state insurance commissioner market conduct examination expectations, NAIC model bulletin requirements, and applicable state-level algorithmic accountability obligations.
Objective
Ensure AI systems used in insurance functions can withstand regulatory market conduct examination by producing documentation that demonstrates actuarial soundness, non-discrimination in prohibited classes, adverse action explanation capability, and governance oversight — without requiring a disruptive documentation effort at examination time.
Maturity Levels
Initial
AI systems used in underwriting, pricing, and claims are documented under general enterprise AI standards. Documentation does not address insurance-specific regulatory requirements including actuarial justification, adverse action explainability, or non-discrimination in prohibited classes.
Developing
Compliance team is aware of NAIC model bulletin requirements and state-level AI obligations. Some AI systems have actuarial sign-off documentation, but documentation standards are not uniform and coverage is incomplete for all AI-assisted insurance decisions.
Defined
An insurance AI documentation standard defines required documentation for each AI-assisted insurance function (underwriting, pricing, claims, fraud): actuarial justification, prohibited class testing, adverse action explanation capability, model validation records, and governance approval documentation. All AI systems in scope are documented to the standard before deployment.
Managed
Documentation is maintained on a defined refresh cycle aligned to model change management. Market conduct examination preparation includes a documentation readiness review for all AI systems in scope. Adverse action explanation outputs are tested and validated for accuracy before deployment. Prohibited class proxy testing is conducted annually and after material model changes.
Optimizing
Documentation standards are updated annually to reflect evolving state-level AI requirements and NAIC guidance updates. The organization monitors insurance regulatory developments in all operating states and translates requirements to documentation standard updates. Documentation packages are pre-prepared for examination in high-risk states.
Evidence Requirements
What an auditor or assessor would expect to see for this control.
- —Insurance AI documentation standard defining required documentation elements for each AI-assisted insurance function.
- —Actuarial justification documentation for all input variables used in AI-assisted underwriting and pricing models, with actuarial sign-off.
- —Prohibited class testing results for AI systems used in underwriting, pricing, and claims, conducted within the past 12 months or following the most recent material model change.
- —Adverse action explanation documentation including methodology, sample explanations, accuracy testing, and consumer readability assessment for models in scope.
- —Independent model validation reports for AI systems used in insurance decisions, confirming performance, calibration, stability, and non-discrimination.
Implementation Notes
The insurance AI regulatory landscape
AI systems in insurance are regulated at the state level in the US, creating a patchwork of requirements across the organization's operating footprint. Several developments have crystallized the regulatory environment:
NAIC Model Bulletin on the Use of Artificial Intelligence Systems by Insurers (2023, updated 2026): The National Association of Insurance Commissioners model bulletin establishes governance expectations for AI systems used in insurance decisions. States that have adopted the model bulletin (or similar guidance) require insurers to:
- Maintain a governance and risk management framework for AI systems
- Ensure AI systems used in insurance decisions comply with applicable laws (including non-discrimination)
- Be able to explain adverse actions taken based on AI system outputs
- Conduct testing for potential unfair discrimination, including proxy discrimination through correlates of prohibited classes
State-level algorithmic accountability: Colorado's Division of Insurance Rule 10-1-1, New York DFS guidance, California's insurance AI guidance, and similar regulations in other states impose documentation requirements that vary by state. The documentation standard must be designed to satisfy the strictest requirements across all operating states.
FCRA and adverse action requirements: When an AI system is used in whole or in part to deny, cancel, or modify an insurance policy based on information in a consumer report, adverse action notice requirements under the Fair Credit Reporting Act apply. The notice must identify the principal reasons for the action — which requires the AI system to produce explanation output that is accurate, consumer-understandable, and legally adequate.
Required documentation by function
AI-assisted underwriting:
-
Model purpose and scope: What risks does the model assess? What inputs does it use? What output does it produce and how is it used in the underwriting decision?
-
Actuarial justification: Why is each input variable actuarially justified? The actuarial justification must demonstrate a relationship to risk. Variables that are correlates of protected classes (geography used as a proxy for race; credit score used as a proxy for protected characteristics) require additional justification or exclusion. Actuarial sign-off required.
-
Prohibited class testing: Results of testing for disparate impact on prohibited classes under applicable state laws. Testing methodology (disparate impact ratio, adverse impact ratio) and threshold criteria. Evidence that the model does not unfairly discriminate on the basis of race, color, national origin, religion, sex, marital status, age, or any other prohibited class under applicable state law.
-
Adverse action explanation: For models that inform declinations, cancellations, or surcharges: documentation of the explanation methodology, sample explanations, accuracy testing of explanations (do the stated reasons actually reflect the model's decision factors?), and consumer readability assessment.
-
Model validation: Independent validation of model performance including accuracy, calibration, stability, and non-discrimination. Validation conducted by staff independent from model developers.
AI-assisted claims adjudication:
The same core documentation requirements apply, with additional elements:
- Outcome equity analysis: Does the model's claim approval/denial rate differ across protected classes in ways not justified by claim characteristics? Testing methodology and results.
- Human review override documentation: When claims are adjudicated by the AI model, what is the human review process? For denials, is there a mandatory human review?
- State regulatory compliance: Some states impose specific requirements on automated claims adjudication. These must be documented and the AI system's compliance with each requirement confirmed.
Market conduct examination preparation
State insurance departments conduct market conduct examinations that increasingly include review of AI systems. Preparation requires:
-
Document inventory: A complete index of AI documentation for all systems that could be in scope for examination, organized by function and state of operation.
-
Examination readiness gap analysis: Review current documentation against examination criteria for each state's market conduct examination framework. Identify and remediate gaps before examination.
-
Examiner briefing preparation: Prepare briefing materials explaining AI governance structure, model validation process, and adverse action explanation methodology in language accessible to insurance regulators.
-
Examination response protocol: Define who is responsible for responding to examiner requests related to AI systems, and the process for producing documentation and explanations within examination timeframes.
Example Implementation
Insurance AI Documentation Index — Market Conduct Examination Readiness
Prepared by: Compliance | As of: [Date] | States in scope: All operating states
AI system documentation status:
| System | Function | States in scope | Actuarial sign-off | Prohibited class test | Adverse action explanation | Model validation | Gap status |
|---|---|---|---|---|---|---|---|
| Auto underwriting model v3.2 | Underwriting | All | Yes (date) | Conducted Q1 2026; within threshold all states | Implemented; accuracy tested | Complete (independent) | Ready |
| Property pricing model v1.8 | Pricing | 42 states | Yes (date) | Conducted Q4 2025; Colorado re-test required for v1.8 | Not required (pricing) | Complete | Gap: CO re-test needed |
| Claims AI — medical | Claims adjudication | 28 states | N/A | Conducted Q2 2026; outcome equity analysis complete | Required (8 states); docs complete | Partial (independent) | Gap: NY human review documentation incomplete |
| Fraud detection model v2.1 | Fraud detection | All | N/A | Adverse impact analysis complete | Not applicable (not adverse action trigger) | Complete | Ready |
Priority gaps:
- Colorado prohibited class re-test for property pricing model v1.8 — Required by [date] per Division of Insurance Rule 10-1-1; in progress
- New York claims AI — human review documentation — NY requires documentation that a licensed adjuster reviews all AI-assisted claim denials; documentation in progress, estimated completion [date]
Examination response protocol owner: VP Compliance ([name])