AI Sigil Logo
Contact Us
Back to all insights
A shield

Sections

EIOPA’s Insights on AI Governance in Insurance

EIOPA’s Draft Opinion on AI Governance and Risk Management

On February 12, 2025, the European Insurance and Occupational Pensions Authority (EIOPA) published a consultation regarding its draft opinion on artificial intelligence (AI) governance and risk management. This opinion addresses supervisory authorities and encompasses the activities of both insurance undertakings and intermediaries, collectively referred to as Undertakings, that utilize AI systems within the insurance value chain.

Objective of the Opinion

The main objective of the Opinion is to clarify the core principles and requirements within the insurance sectoral legislation concerning AI systems that are neither prohibited nor classified as high-risk under Regulation (EU) 2024/1689, commonly known as the AI Act. The guidance aims to assist Undertakings in applying existing legislation to AI systems that were not prevalent at the time the AI Act was enacted.

Key Principles and Responsibilities

The Opinion establishes high-level supervisory expectations regarding the governance and risk management principles that Undertakings should adopt to utilize AI systems responsibly. The following key points summarize the expectations:

  • Risk Assessment: Undertakings must evaluate the risks associated with various AI use cases, acknowledging that different levels of risk exist among those that are not deemed prohibited or high-risk under the AI Act.
  • Proportionate Measures: Following risk assessment, Undertakings should implement tailored governance and risk management measures to ensure responsible AI usage.
  • Legal Compliance: In accordance with Article 41 of the European Directive 2009/138/EC and other relevant directives, Undertakings should establish governance and risk management systems focusing on:
    • Fairness and ethics
    • Data governance
    • Documentation and record-keeping
    • Transparency and explainability
    • Human oversight
    • Accuracy, robustness, and cybersecurity
  • Policy Development: Undertakings are encouraged to define and document their AI usage policies, which should be regularly reviewed for effectiveness.
  • Accountability Frameworks: Implementing accountability frameworks is recommended, regardless of whether AI systems are developed internally or by third parties.
  • Customer-Centric Approach: EIOPA advocates for a customer-centric approach to AI governance, ensuring fair treatment of customers in line with existing regulations.
  • Data Integrity: The Opinion emphasizes the necessity of utilizing complete, accurate, and unbiased data for training AI systems, along with regular monitoring and auditing of AI outcomes.
  • Redress Mechanisms: Adequate mechanisms should be established to allow customers to seek redress if adversely affected by AI systems.
  • Internal Controls: Effective compliance and risk management programs should include:
    • Designated individuals responsible for AI system oversight
    • Compliance and audit functions
    • A data protection officer ensuring adherence to data protection regulations
    • Training for staff to enhance human oversight
  • Performance Metrics: AI systems should demonstrate consistent performance regarding accuracy, robustness, and cybersecurity, with metrics established to measure performance.

Conclusion

The Opinion does not propose additional legislation or amendments to existing laws but seeks to provide sector-specific guidance on the operation of AI systems under current EU regulations. EIOPA is collaborating with the European Commission’s AI Office, with potential future commentary expected.

Responses to the draft Opinion must be submitted by May 12, 2025, after which EIOPA will consider feedback and revise the Opinion as necessary.

More Insights

A fortress

Enhancing AI Safety through Responsible Alignment

August 17, 2025 AI,AI Ethics,AI Governance,AI Safety Regulations
The post discusses the development of phi-3-mini in alignment with Microsoft's responsible AI principles, focusing on safety measures such as post-training safety alignment and red-teaming. It...
Read More
A digital blueprint of a manufacturing plant

Mastering Sovereign AI Clouds in Intelligent Manufacturing

August 17, 2025 AI,AI Governance,Regulatory Compliance
Sovereign AI clouds provide essential control and compliance for manufacturers, ensuring that their proprietary data remains secure and localized. As the demand for AI-driven solutions grows, managed...
Read More
A tree with data branches

Empowering Ethical AI in Scotland

August 17, 2025 AI,AI Ethics,Ethical AI
The Scottish AI Alliance has released its 2024/2025 Impact Report, showcasing significant progress in promoting ethical and inclusive artificial intelligence across Scotland. The report highlights...
Read More
A compass illustrating guidance and direction in navigating AI legislation.

EU AI Act: Embrace Compliance and Prepare for Change

August 17, 2025 AI,AI Regulation,European Union AI Governance,Regulatory Frameworks
The recent announcement from the EU Commission confirming that there will be no delay to the EU AI Act has sparked significant reactions, with many claiming both failure and victory. Companies are...
Read More
A shield

Exploring Trustworthiness in Large Language Models Under the EU AI Act

August 16, 2025 AI,EU AI Compliance
This systematic mapping study evaluates the trustworthiness of large language models (LLMs) in the context of the EU AI Act, highlighting their capabilities and the challenges they face. The research...
Read More
A roadblock sign

EU AI Act Faces Growing Calls for Delay Amid Industry Concerns

August 16, 2025 AI,AI Regulation Awareness,EU AI Compliance,Regulatory Framework
The EU has rejected calls for a pause in the implementation of the AI Act, maintaining its original timeline despite pressure from various companies and countries. Swedish Prime Minister Ulf...
Read More
A puppet on strings

Tightening AI Controls: Impacts on Tech Stocks and Data Centers

August 16, 2025 AI,AI Governance,AI Regulation,Regulatory Framework
The Trump administration is preparing to introduce new restrictions on AI chip exports to Malaysia and Thailand to prevent advanced processors from reaching China. These regulations could create...
Read More
A compass

AI and Data Governance: Building a Trustworthy Future

August 16, 2025 AI,AI Governance,Data Security,Regulatory Compliance
AI governance and data governance are critical for ensuring ethical and reliable AI solutions in modern enterprises. These frameworks help organizations manage data quality, transparency, and...
Read More
A shield with a digital interface

BRICS Calls for UN Leadership in AI Regulation

August 15, 2025 AI,AI Governance,AI Regulation,Global AI Policy
In a significant move, BRICS nations have urged the United Nations to take the lead in establishing global regulations for artificial intelligence (AI). This initiative highlights the growing...
Read More