How insurers can put AI agents to work on claims, underwriting, and service while satisfying a global wave of AI regulation, keeping sensitive data home, and bending a cost curve that is quietly getting worse. This is not a list of use cases. It is the architecture.
Insurance is a business built on a promise: pay the premium, and when the worst happens we will be there. Everything about how the industry is regulated flows from protecting that promise. So when AI agents arrive offering to triage claims, summarize medical records, draft underwriting narratives, answer policyholder questions, and reconcile books of business, insurers face a sharper version of the question every industry is asking.
The capability is real. Claims, underwriting, and service are document-heavy, judgment-heavy, and volume-heavy, which is exactly the work agents are good at. But insurance is also one of the most heavily regulated environments in the world for algorithmic decision-making, and the regulation is getting more specific, not less.
This article is about the architecture that resolves that tension: a single governed trust layer that every agent, model, data source, and vendor tool plugs into. The same pattern we covered for manufacturing in Part 1, focused here on what makes insurance different: a global wave of AI regulation, data that is almost all sensitive, and an economic problem that grows as token prices rise.
The body of this piece is product-agnostic. The patterns matter more than any vendor. There is a short note at the end about how we build toward them.
Insurers do not get to treat AI governance as an emerging best practice. In most major markets it is now written down, and the requirements rhyme with each other.
The EU AI Act classifies AI used for risk assessment and pricing of natural persons in life and health insurance as high-risk, triggering risk management, data governance, logging, transparency, human oversight, and robustness obligations. EIOPA adds supervisory expectations across the insurance lifecycle.
The NAIC Model Bulletin on insurers' use of AI, adopted by a majority of states, requires a written AIS program, lifecycle governance, and accountability for third-party AI. Colorado's SB 21-169 regime requires testing for unfairly discriminatory outcomes. NYDFS Circular Letter No. 7 (2024) sets expectations for AI in underwriting and pricing, including board-level governance.
The FCA's Consumer Duty reaches algorithmic decisions that affect customer outcomes. Singapore's MAS FEAT principles and Veritas methodology set fairness and explainability expectations. Canada's OSFI Guideline E-23 brings model risk management obligations to insurance AI.
The details differ. The demands converge on five things:
Every one of those five demands is an architecture requirement wearing a compliance costume. You cannot satisfy them with a policy PDF. You satisfy them with a layer that enforces and records them at runtime.
The regulatory pressure lands on an environment with specific structural hazards.
Claims files hold medical records, police reports, financial details, and photographs of the worst day of someone's life. Sending that to a third-party model endpoint is not a casual decision, and in some jurisdictions it is not a permitted one.
A claim denial, a nonrenewal, a rated-up premium: regulated outcomes with notice requirements and appeal rights. An agent that drafts or influences one is participating in a decision the insurer must defend, sometimes years later.
Policy admin, claims platforms, rating engines, actuarial models, and a thick web of third-party data vendors. Point-to-point AI integrations into that estate multiply risk: no single place to see, control, or prove what the AI did.
Adjusters and underwriters are pasting claim narratives into public chatbots wherever no sanctioned alternative exists. The choice is not whether AI touches your book of business. It is whether it does so through a governed path.
The response to all of this is the same structural move: a single, ubiquitous middleware layer that everything AI-related plugs into. Agents, frontier models, local models, data vendors, core systems, and partner tools all connect through it, and nothing connects around it.
Its layers will look familiar from Part 1, tuned for insurance:
The distinction that matters most, in insurance more than almost anywhere: runtime enforcement, not after-the-fact review. A fairness policy that is checked quarterly cannot stop a bad outcome in the moment. A layer on the request path can.
There is a second pressure building alongside regulation, and it is economic.
Frontier model pricing has not followed the steady-decline curve many planned for. Providers are charging more for their most capable models, usage-based pricing compounds as agents chain calls together, and agentic workflows multiply token consumption by design: a single claim triage might touch a dozen model calls across summarization, extraction, drafting, and checking. Multiply that by claim volume and quote volume, and AI spend becomes a line item the CFO asks about.
Treating cost as an afterthought produces the same failure mode as treating governance as an afterthought: unbounded, invisible, and discovered late. A governed layer makes cost a managed property of the system:
Every model call flows through one path, so spend is attributable per team, per workflow, per product line.
Caps, quotas, and model-routing rules live in policy, not in each application's code.
Repeated questions over the same policy language or claim documents are served from cache instead of being re-billed.
The biggest lever of all: most insurance AI traffic does not need a frontier model, which leads directly to the next section.
Because every model call, tool invocation, and human correction flows through the one governed layer, the layer accumulates something no individual application ever sees: the complete exhaust of AI activity across the enterprise. The prompts, the documents, the outcomes, and the corrections adjusters and underwriters made. For an insurer, that exhaust is a precise record of how your organization actually adjudicates, underwrites, and communicates.
A well-designed layer turns that exhaust into small, specialized local models, tuned automatically to your lines of business, your policy language, your claim types, and your decisions. Frontier models keep handling the novel, hard reasoning. The high-volume, familiar work routes to a small model that has effectively been trained on your book of business, by your book of business: classifying a first notice of loss, extracting fields from an ACORD form, summarizing a medical record, drafting a routine coverage letter.
Routine work is most of the volume. Serving it from a tuned small model cuts per-call cost by orders of magnitude, and it decouples your unit economics from providers' pricing decisions.
A small model tuned to a narrow task responds far faster than a large general one, which matters at claims-queue and quote-funnel volumes.
The models run inside your perimeter. Medical records, claim files, and underwriting data never have to leave to get a useful answer, converting a hard regulatory problem into a non-event.
The models improve from your traffic and no one else's. No cross-tenant leakage, no generic internet noise, and the improvement compounds the more the governed layer is used.
The same controls apply regardless of which model serves a request. The gateway, the identity binding, the policy checks, and the audit chain do not care whether the answer came from a frontier model or a local one. Governance stays constant while cost falls.
The layer you route everything through for compliance is the same layer that can quietly learn your book of business, turning the cost of oversight into a durable economic advantage.
Regulators across every market in Section 1 converge on one non-negotiable: consequential decisions require accountable human oversight. For insurance, the architecture pattern is precise.
This single pattern lines up with the EU AI Act's human-oversight article, the NAIC bulletin's accountability expectations, Colorado's governance requirements, and the FCA's outcome duties simultaneously. Build it once in the layer, and every workflow inherits it.
The architecture only holds if the organization around it is explicit.
Someone owns the trust layer as a product. Someone owns the capability catalog and the standards for publishing into it. Someone owns the adverse-action approval queues. In insurance there is a natural ally: the model-risk and actuarial governance functions already know how to own model inventories. The layer gives them a live one.
A runtime-enforced, evidence-producing layer maps directly onto the regimes insurers answer to:
| Regime | What it expects | What the layer provides |
|---|---|---|
| EU AI Act (life & health pricing is high-risk) | Risk management, logging, human oversight, data governance | Runtime policy, tamper-evident audit chain, verified-human holds |
| NAIC AI Model Bulletin | Written AIS program, lifecycle governance, vendor accountability | The catalog is the AI inventory; vendor tools enter only through governed entries |
| Colorado SB 21-169 / Reg 10-1-1 | Testing for unfairly discriminatory outcomes | One path for all model traffic makes outcome testing and evidence collection tractable |
| NYDFS Circular Letter 7 | Board-level governance, third-party oversight | Live per-workflow evidence and attribution, exportable on demand |
| FCA Consumer Duty / MAS FEAT | Fair customer outcomes, explainability | Decision records with inputs, model identity, and human approvals attached |
The first deployment is the hard one because you stand up the layer. Every subsequent agent, line of business, and vendor integration is a composition problem inside controls that already exist. That is how AI in insurance moves from proof-of-concept purgatory to an operating capability with a defensible story.