Open Review of Management, Banking and Finance

«They say things are happening at the border, but nobody knows which border» (Mark Strand)

Insurtech and interoperability of fintech firms

by Alessandro Engst and Valerio Lemma

Abstract: This research aims at understanding if the current regulation would allow to an alternative market for risks and their coverages, due to the possibility that insurtech firms can offer the same insurance products and services, under different regulatory and prudential regimes then those provided for traditional insurance undertakings.

We focused on the perspective of new licensing approaches to the insurtech and, therefore, on the possibility that European authorities will supervise any business model used in the insurance industry, including the one based on an intensive use of financial innovation and technological improvement.

As a result of such analysis, we highlight that insurtech firms could have a competitive advantage based on their tools for client’s management, but these new intermediaries should be regulated in order to allow a fair competition between traditional businesses and fintech ones (excluding any benefit due to an asymmetry in the EU regulatory framework).

Summary: 1. General overview. – 2. Financial innovation and new ways of interoperability. – 3. The perspective of licensing for insurtech. – 4. New business models towards a shadow financial system.

1. Licensing approaches to the insurtech raises the attention of insurance companies on the possibility that European authorities aim at regulating and supervising any business model used in this industry, including the one based on an intensive use of financial innovation and technological improvement to cover risks or manage uncertain exposures[1]. Moreover, national authorities are showing their interest to enhance a more systematic control regime over insurtech start-ups and therefore to adapt their internal processes to manage the impact of digital transformation on these business[2].

This first observation aims at understanding the possibility that a new supervising approach can rely on a stricter interpretation of current rules and therefore a new standard for the application of the principle of proportionality to peer-to-peer insurance agreements, as well as to new technological activities to transfer risk (to a professional manager), thus the need for clarifying the current level playing field for all market participants within the insurance industry. Public intervention over the insurance companies and insurtech firms is going to explore specific options to set the scope of its supervision, taking into account both the impact of tech-fuelled innovations on the traditional insurance business, the role of innovation facilitators (as significant or ancillary service providers of regulated firms) and the perspective of new networks of market participants aimed at sharing, managing, cover and transfer risks (and other uncertain exposures). In this context, the supervisor are also assessing the use of insurtech-related data, and therefore the need for protection due to the systematical collection and use of clients/counterparties relevant information[3].

2. The Joint Committee Report of the ESAs on the results of the monitoring exercise on ‘automation in financial advice’ (2018)[4], in its conclusions, does not remark on any significant change in the previously-identified risks. However, considering the overall importance of the topic, ESAs highlight the emergence of ongoing changes to the current business models of fintech firms.

In this context, regulatory issues are related to the algorithms supporting the partially automated activities in insurance undertaking (and other advanced technique of risk mitigation)[5]. The absence of any significant change of the national legislative framework should suggest a complete freedom in starting up a fintech firm that would support the business of insurance companies or distributors. This is supported by the EIOPA’s view on the development of automated advisory services in this sector, even if national authorities are dealing with the possibility to publish specific guidelines in order to clarify whether public intervention shall oversee the servicing of certain insurtech activities (which are the ‘perfect substitute’ of risks’ coverage)[6].

In this perspective, we should consider that insurance undertaking and distribution are both regulated (by Directive (EU) 2016/97 on insurance distribution (IDD) and Directive 2009/138/ECon the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II)). This is also true for banking, asset management and financial services, and leads to the conclusion that regulators could make no distinction between automated and physical provision of regulated activities. Therefore, both shall meet the same high-quality standards and duty of care, in order to satisfy the need to protect consumers/savers.

We expect that the success of insurtech firms will strengthen the impact of financial innovation on traditional insurance business models with regard to prudential risks and distributing issues. The same refers to anti-money laundering regulation and the need for money to flow through the safest conduits.

Lastly, any insurtech firm is going to be able to provide automated advice for clients. The common approach to automated advice is based on the application of machine learning, and therefore there are specific rules on the classification of data (and linear regression) having regard to the statistical inference (as it provides the foundation for most of the methods covered). This requires a high level of accuracy for the clients’ onboarding and therefore also in the setting up of any relation between the output of the data made by a client (provided as a human) and the collection of the same by the firm (prepared by a machine) big data.[7]

From another perspective, strict rules shall control the information that should be provided to clients on insurance products. The algorithm chooses ‘what and how’ from amongst a set of combinations made by the firm, so that there is full responsibility of the managers for setting up both the algorithm and information[8].

As a result, insurtech firms rely on new tools for assessing the suitability of risk, the adequacy of the insurance product with particular attention to the use of cookies and other tools with limited or without human interaction. In this context, banks have a competitive advantage based on the knowledge of any transaction recorded on the clients’ bank account. Therefore, this advantage should be regulated in order to allow a full competition between regulated firms and fintech ones.

3. The insurance industry is facing the possibility to improve the performance of its business by relying on artificial intelligence[9]and big data analytics[10]. In this context, ‘client risk-profiling algorithms’ and knowledge of client habits/characteristics is going to be designed and implemented adequately, resulting in clients classified and assigned an accurate risk profile, together with the possibility to offer the necessary products at the exact price.[11]

Insurance companies are developing automated tools for various products. This type of bundling (insurance and data-recording machine or security automation mechanism) is being used increasingly for products that have significant impact. Automated and semi-automated data recording tools are rapidly expanding in use in the consumer world, along with artificial intelligence tools that protect people and goods (and therefore reduce the probability and economic relevance of events covered by the relevant insurance policies). New technological developments are able to enhance the accessibility and quality of both data and algorithms.[12]

From a general perspective, a legal analysis of automated and semi-automated tools used in the insurance business encountered grey areas with respect to fulfilment of the duty of care, data protection and treatment parity. In addition, the review found that insurance companies’ internal regulation should control the use of technologies and data, and its adoption should aim to improve the quality of the service provision. Based on this consideration, the regulator must prepare guidance to clarify the fulfilment of the duty of care in insurtech.

Therefore, insurtech does not refer only to sales of insurance and pension products via the Internet. Even if these activities could be based on smart contracts and tech-filled business models, they shall easily considered within the scope of the rules provided for the insurance distributing activities.[13]Such sales require the necessary and proportionate supervisory actions to ensure that online distributors comply with a duty of advice, the application of innovation to the insurance business goes far beyond increasing the saturation of potential clients’ life (through the manipulation of information and risk perception).

This perspective also goes far beyond online comparisons of insurance products.[14]This involves the management of arising litigations, whereby the disputes concerning certain relationships does not involve the outcome of significant negotiations, but the automatic acceptance of standard agreements used to support other deals.[15]

The use of big data analytics in unsolicited marketing and other relevant areas (such as pricing, underwriting, claims management, sales and/or risk measurement) requires a safe and sound approach, in order to analyse the benefits of the innovation and potential risks related to any unfair treatment of consumers.


4. Automation in financial services is growing and the EU bodies have not yet regulated the insurtech nor have European Supervisory Authorities already taken immediate actions on this sector. In this respect, the need for protection of the investors requires EU directives or regulation on the tech-filled business models used in the internal capital market, whilst there are not evidences of the efficiencies due to the current absence of rules or to the immobilityof the ESAs[16].

In this context, we shall consider that the current legislative approach for the adoption of a EU directive would not be timely for driving the innovation in this industry, anyway new rules should be able to set common standards (in order to ensure a fair competition in this market). There is no doubt that new technologies and different business models are spreading in the insurance business so the monitoring of outsourcing (and then the perspective of certain developments in licensing the ancillary service provided to traditional insurance companies) should allow the starting of new form of supervision without jeopardizing the ‘market for servicing’. This requires to verify the possibility to extent the supervision up to the firms that are not involved in the coverage of risks, but perform processes, provide services or run activities which have an impact on the performance of the insurance or reinsurance undertaking itself[17].

In conclusion, the current framework for providing and receiving high-tech services allows fintech firms to execute more than one kind of activity in the capital market, and therefore to supply cross-industry demands. The current lack of regulation could allow to an alternative to insurance companies, as well as to banks and other financial intermediary; this also cast shadows on the efficiency of the market for risk and coverages and, therefore, on the whole capital market because of the possibility that firms subject to different regulatory and prudential regimes can offer the same services (under different conditions).


Alessandro Engst is partner in the Banking and Finance practice and the head of the Financial Services area at Dentons Law Firm.

Valerio Lemma is Full Professor of Law and Economics at the Law Faculty of Università degli Studi Guglielmo Marconi in Rome, and Coordinator of the Master programme in «Financial market regulation» at Luiss University.

Although this article is the result of a joint reflection of the authors, Valerio Lemma wrote the paragraphs 1 – 2 and Alessandro Engst wrote the paragraph 3, whilst both authors wrote paragraph 4.


[1]See the first draft on “Report on Best Practises on Licencing Requirements, Peer-to-Peer Insurance and the Principle of Proportionality in an Insurtech Context” published by EIOPA on April 2018. As part of the European Commission’s Fintech Action Plan, EIOPA presents a draft of the mapping of current authorising and licencing approaches to financial innovation, including an assessment of how the principle of proportionality is applied in practice. The Report also includes an analysis of the approach to insurtech start-ups operating as peer-to-peer (P2P) insurers.

[2]For an overview of Italian Insurance Supervision Authority approach on insurtech, see the proceedings of the IVASS meeting on “Insurtech – Technological innovation in the insurance market” held in Rome on 15 December 2017.

[3]See EIOPA Insurtech Roundtable How technology and data are reshaping the insurance landscape, Summary from the roundtable organized by EIOPA on 28 April 2017, (EIOPA-BoS/17-165 05 July 2017). See also the current debate over the contents of the mandate from the EIOPA to a multidisciplinary Insurtech Task Force (ITF). Reference is made also to the tasks of the ITF include mapping current authorising and licensing requirements and assessing how the principle of proportionality is being applied in practice, specifically in the area of financial innovation (e.g.regarding Insurtech start-ups such as peer-to-peer (P2P) insurers), also with a view of determining efficient and effective supervisory practices in the form of best practices.

[4]See Joint Committee Report on the results of the monitoring exercise on ‘automation in financial advice,published by thethree European Supervisory Authorities (ESAs) – EBA, EIOPA and ESMA. On this topic, see also Brummer – Yadav, Fintech and the Innovation Trilemma, in Georgetown Law Journal, 2018 and in Vanderbilt Law Research Paper No. 17-46.

[5]With regard to the application of artificially intelligent algorithmic systems in the insurance industry, see Borselli, Insurance by Algorithm, in European Insurance Law Review, No. 2, 2018; see also Peters, Statistical Machine Learning and Data Analytic Methods for Risk and Insurance, in Lecture series on Statistical Machine Learning for Risk and Insurance; Jabłonowska -Kuziemski – Nowak – Micklitz – Pałka – Sartor, Consumer Law and Artificial Intelligence: Challenges to the EU Consumer Law and Policy Stemming from the Business’ Use of Artificial Intelligence – Final report of the ARTSY project, in EUI Department of Law Research Paper No. 2018/11.

[6]On the adoption of regulatory sandbox for insurtech firms, see, Chen,Regulatory Sandbox and Insurtech: A Preliminary Survey in Selected Countries, November 2018.

[7]See Cornelius, Smart contracts and the Freedom of Contract Doctrine, in Journal of Internet Law, 2018, p. 3 ff.

[8]See Baker – Dellaert, Regulating Robo Advice Across the Financial Services Industry, in Iowa Law Review, 2018, p.  713 ff.

[9]See note VI.

[10]See Powell,Big Data and Regulation in the Insurance Industry, April 2017; Hacker – Lianos – Dimitropoulos – Eich, Regulating Blockchain: Techno-Social and Legal Challanges, 2018

[11]See Wright – De Filippi, Decentralized Blockchain Technology and the Rise of Lex Cryptographia, March, 2015

[12]See Susskind – Susskind, The Future of the Professions: How Technology will Transform the Work of Human Experts, Oxford, 2015

[13]See Raskin,The Law and Legality of Smart Contracts, 1 Geo. L. Tech. Rev., 2017, p. 305 ss.; Kôlvart – Poola – Rull, Smart Contracts, in VV.AA., The Future of Law and eTechnologies, London, 2016, p. 133 ss.; Mik, Smart Contracts: Terminology, Technical Limitations and Real World Complexity, in Law,Innovation & Technology, 2017, p. 269 ff.

[14]See Weber, “Rose is a rose is a rose is a rose” – what about code and law?, in Computer Law & Security Review, 2018, p. 701 ff.

[15]See Koulu,Blockchains and Online Dispute Resolution: Smart Contracts as an Alternative to Enforcement, ScriptEd, 2016; Surden, Computable Contracts, in U.C. Davis Law Review, 2012, p. 629 ff.

[16]Regarding the developing regulatory approaches to the intersection of data, finance and technology, see also Buckley – Arner – Barberis, FinTech, RegTech and the Reconceptualization of Financial Regulation, in Northwestern Journal of International Law & Business and University of Hong Kong Faculty of Law Research Paper No. 2016/035.

[17] With regard to the increasing number and variety of new TechFininto the financial sector see Zetzsche – Buckley – Arner – Barberis,From FinTech to TechFin: The Regulatory Challenges of Data-Driven Finance, in New York University Journal of Law and business  and European Banking Institute Working Paper Series 2017– No. 6.


This entry was posted on 04/09/2018 by in Finance, law and tagged , , , , , , .
%d bloggers like this: