Written by Sabine VanderLinden

• A Frontier Insurer isn't a carrier that uses AI — it's one re-architected around an intelligence layer. Every insurer uses AI in 2026: 80% of Fortune 500 firms already run AI agents in live production (Microsoft), and 90% of US carriers are evaluating generative AI (Conning). The Frontier Operating Model is what separates the orchestrators from the integrators, bolting a copilot onto a 1990s stack.
• You don't buy AI — you hire it, which makes the human-agent ratio your real constraint. The F.R.O.N.T.I.E.R. framework reframes AI as a workforce that needs identity, accountability, oversight, and performance management, supervised by "agent-bosses," not committees. The binding limit on Frontier transformation isn't engineering talent; it's AI-fluent underwriters and adjusters who can manage agents without becoming the bottleneck or the rubber stamp.
• Recovery is the model insurance was built on; resilience is the model it has to become. As climate, cyber, and AI-amplified fraud converge into one risk surface — 98% of claims professionals see deepfake fraud rising, only 32% can detect it (Verisk) — and regulators move (NAIC, Colorado SB-205), the Frontier Insurer engineers trust into the architecture itself. Read the eight letters as a sequence, and a carrier becomes Frontier in 18–36 months.

 There's a moment in most enterprise AI conversations where someone produces a framework. Three letters. Four pillars. Five horizons. Six imperatives. The diagram lands in the deck, gets a polite nod from the CFO, and quietly never appears in an operating decision again.

I have built one anyway. With apologies and a defense.

The defense is this. The Frontier Insurer is not a slogan. It is a real category of carrier — one that has re-architected the business around intelligence, not just bolted AI onto a 1990s operating model — and the operators trying to become one need language that holds up under operational pressure. A board paper that says "we will deploy AI strategically" is not language. A bullet that says "AI-first" is not language. A diagram with five empty boxes labeled "transformation pillars" is not language. Operators need eight things you can put on a Monday-morning agenda and argue about for 45 minutes. So here are eight.

“The Frontier Insurer is not an insurer that uses AI. Every insurer uses AI in 2026. The Frontier Insurer is one that has re-architected the business around intelligence.”

Each of the eight letters below is a position. I have tried to make every one of them inconvenient, easy to nod at, and harder to actually do. If your firm can credibly answer yes to all eight, you are a Frontier Insurer. If you can answer yes to four, you are on the path. If you can answer yes to zero, you are an integrator pretending to be an orchestrator, and the gap will compound against you over the next four years.

The framework spells F.R.O.N.T.I.E.R. I know. It is intentional to anchor the transformation we are all trying to grasp. The letters do work in order — each one builds on the one before it. Read them as a sequence, not a checklist.

F - Frame Agentic AI Systems as a Workforce.

Stop calling them tools. They aren't tools. A tool sits inert until you pick it up. A tool doesn't make decisions, doesn't access data, doesn't talk to other tools, and doesn't surprise you on a Sunday night. The thing now operating inside your underwriting, your claims, your service desk, your fraud triage, and your finance reconciliation is none of those things. It's a workforce.

80% of Fortune 500 firms now run active AI agents in some live production capacity. That number, from Microsoft, has roughly doubled in a year. Specifically in insurance, Conning's 2025 C-Suite Verdict finds that 90% of US carriers are at some stage of generative AI evaluation, with 55% in early or full adoption. Furthermore, 34% of these carriers have achieved full implementation, embedding large language models directly into core underwriting, marketing, and claims triaging workflows. These are not pilots in a corner anymore. These are systems that hold permissions, see customer data, draft regulated documents, and recommend financial decisions at scale.

Which means the management practice you apply to them has to change. A workforce needs identity — you need to know which agent is which.

• A workforce requires accountability: someone must be responsible for each agent's decisions.

• A workforce needs oversight: someone has to supervise the agent as they would a junior analyst.

• A workforce needs permissions: you cannot let every agent see every dataset, any more than you would hand a new hire your master file.

• And a workforce needs performance management: agents drift, hallucinate, learn the wrong lessons, and quietly degrade. Without continuous evaluation, your AI workforce will produce decisions you would never let a human produce.

Microsoft has started using the term agent-boss for the human who supervises and orchestrates agents alongside their own work. It is a useful term. Every senior employee at a Frontier Insurer is an agent-boss at some point in their day.

Your job, as a CEO or CIO or COO, is to design the conditions under which agent-bossing actually works, which is to say, the conditions under which a 50-year-old underwriter can hold three AI agents accountable without becoming the bottleneck or the rubber stamp.

“You don't buy AI. You hire it. And it doesn't matter how many copilot licenses your CIO signed last quarter — if you can't tell me which agents are operating in your underwriting workflow tonight, who supervises them, and what data they touched yesterday, you have an AI workforce running unmanaged.”

R - Redesign Operations Around Resilience — Not Recovery.

For 170 years, the insurance industry has organized itself around recovery. A house burns; we pay. A truck crashes; we pay. A hurricane lands; we pay, eventually. The business model is mathematically elegant — pool the risk, price the probability, settle the claim. It is also, in 2026, becoming structurally inadequate to the risks the industry is now asked to absorb.

Climate volatility, geopolitical instability, infrastructure fragility, cyber compounding, AI-amplified fraud, demographic shifts — these are not independent line items in a CRO's annual risk report. They are converging into a systemic exposure that the recovery model can no longer absorb economically. The Insurance Day reporting through 2025 and 2026 has been consistent on this. Capital markets are starting to listen. So are regulators.

And yet. The International Insurance Society's recent research found that only 25% of insurers say resilience is deeply embedded in strategic planning. 3/4 of the industry has heard the message but has not yet rewired its operating models around it. That gap is going to close in the next thirty-six months, one way or another — either because individual carriers redesign around resilience as a strategic operating model, or because the regulators force them to.

The Frontier Insurer is the one redesigning. Not adding a resilience overlay. Redesigning the business itself. That means moving from "we pay after the loss" to "we engineer the conditions under which the loss is less likely."

It means partnering with sensor networks, smart-home and smart-property platforms, climate-adaptation infrastructure, and predictive analytics — not as fraud detection but as core product design. It means underwriting becomes a continuous activity rather than an annual one, because the risk surface changes weekly in an AI-powered insurer operating model. It means treating loss prevention as a higher-margin business line than loss settlement — because it is.

The Financial Times has been blunt about where this leads. Climate adaptation is not an ESG initiative. It is a capital allocation decision. The carriers who treat it as the latter are about to acquire a strategic advantage. The carriers that treat it as the former will spend a decade trying to catch up.

“Recovery is the business model insurance is built on. Resilience is the business model insurance has to become. You can either rebuild around it deliberately, or you can wait for the regulator to rebuild your industry without you in the room.”

O - Observe AI Models Continuously — Static Governance is Obsolete.

Here’s the uncomfortable truth about governance in most enterprises. It is built for a world where decisions were slow, paper-trailed, made by humans, and reviewed quarterly. In 2026, the decisions are fast, machine-generated, made by agents, and changing weekly. In artificial intelligence, frontier safety frameworks have emerged as industry-wide protocols for managing severe risks posed by advanced models before deployment. The governance hasn’t caught up.

Most insurers still audit AI models annually. They review model risk quarterly. They test for bias periodically. They write a policy, ratify it at a committee, and revisit it next year. This is not governance. This is performative compliance — the institutional equivalent of locking the door once a month and assuming the building stays secure between checks.

The Frontier Insurer treats observability as the control layer, not the reporting layer. Risk identification starts by determining high-severity catastrophic risks and the threat models that malicious actors could exploit, including cyberweapons and the misuse of Chemical, Biological, Radiological, or Nuclear materials. Every model decision logged in real time. Every agent action traceable. Every output testable against bias, drift, and regulatory threshold continuously, not annually.

Kill-switch capability built in, not as an emergency feature, but as a default expectation. Frontier frameworks also account for unknown AI capabilities that can emerge at scale, which is why they emphasize upstream validation before final runs or public release. The control plane sits between the intelligence layer and the core systems, always on, watching.

This sounds expensive. It is. It is also less expensive than the alternative, which is finding out from a regulator or a plaintiff’s counsel that an agent has been making a decision incorrectly for nine months, and you couldn’t tell.

The NAIC Model Bulletin on AI Use, in force since December 2023, has already moved most US carriers toward exactly this architecture. They just haven’t quite admitted it to themselves yet. Colorado SB-205, effective 2026, will accelerate the move. Google DeepMind, Microsoft, and Meta have each helped develop frontier frameworks to test for and mitigate severe risks before deployment. The NIST AI Risk Management Framework is now the procurement floor, with safety, security, and governance as the control objectives these systems are trying to achieve.

Here’s the paradox no vendor will put on a slide. Critical Capability Levels define clear thresholds for when stronger controls, compliance, and oversight should activate. The Google DeepMind Frontier Safety Framework is explicitly focused on managing future risks posed by powerful models, particularly in autonomy and cybersecurity.

A well-architected, observable AI agent is more auditable than a human adjuster on file 47 of the day, which is exactly the shift described in the agentic frontier firm playbook. Every decision logged. Every input traceable in context. Every output interpretable. Manual processes have the opposite property — they’re invisible until something goes wrong. Mitigation works best when goals are measured, and feedback loops keep models aligned over time. A claims handler at four in the afternoon, after eight hours and three coffees, produces a decision nobody can reconstruct cleanly two years later when the regulator audits it. An observable agent produces an audit trail that holds up in court. So when regulators ask which system they prefer, the honest answer is the Frontier one.

“Static governance is a snapshot of the building taken last quarter. Continuous observability is the camera that’s on right now. Which one tells you the building is actually safe?”

N - Navigate Interconnected Risks in a Polycrisis — Stop Running Them in Silos.

If you walk into a typical Chief Risk Officer's office in 2026, you'll find the risk register organized by category. Climate risk. Cyber risk. AI risk. Operational risk. Regulatory risk. Geopolitical risk. Reputational risk. Each one has an owner, a color-coded heat map, and a quarterly update slide. The architecture made sense in 2010. It is now actively misleading.

The risks have stopped behaving like independent variables. A wildfire in California disrupts the supply chain that depends on a satellite network targeted by a state-sponsored cyber actor using AI-generated phishing to compromise the contractor that maintains the infrastructure. A claims-fraud ring uses generative AI to forge documents at scale, and the SIU's fraud-detection model has never seen the new pattern. A regulatory action in Colorado on algorithmic accountability will change the procurement landscape for AI vendors in 28 other states within 18 months. These are not separate risks. They are a single converging risk surface.

Swiss Re's Sonar 2025 reporting has been explicit on the disinformation, deepfake, and AI-amplified fraud category. The Verisk State of Insurance Fraud Study in March 2026 was sharper still — 98% of US claims professionals say AI editing tools are fuelling a rise in digital media fraud, but only 32% are confident they could detect a deepfake. The fraud problem is not the biggest challenge corporations face. That is climate, cyber, AI, and trust collapsing into the same line item.

The Frontier Insurer redesigns the risk function for the convergence. The risk register stops being a list and becomes a network — a graph that shows how risks compound and propagate. The risk owners stop reporting in isolation and start running cross-cutting scenarios continuously.

Source: Verisk State of Insurance Fraud Study 

Capital allocation stops being optimized inside silos and starts being optimized against the systemic exposure that the silos collectively produce, mirroring the scenarios explored at AI Horizons 2030 on autonomous insurance. This is not consulting-speak. This is the actual job change that needs to happen across most CRO functions over the next 24 months.

“Polycrisis is a risk category that is expending across the operating environment. The carriers who keep modeling climate, cyber, and AI as separate risks will keep being surprised by the same event hitting all three at once.”

T - Tap Generative AI Innovation — Industrialize the Venture-Client Model.

There is a structural mismatch that most carriers haven't admitted to themselves. AI evolves weekly. Climate exposure compounds yearly. Customer expectations shift in months. And procurement still moves quarterly... when it's working well. The build-everything-in-house model that has served insurance for 50 years is now mathematically incapable of keeping pace with the rate of change in capabilities.

The Frontier Insurer solves this with a venture-client engine. Not a corporate VC fund. Not an innovation lab with kombucha and beanbags. A real, institutionalized operational pipeline for sourcing, validating, and scaling external capability. The model is simple. Source emerging solutions fast — typically inside 90 days from first contact to live environment. Validate in real workflows, not sandboxes. Scale what works commercially, with clear contracting on the way in and clear retirement triggers on the way out. Retire what doesn't work without ceremony or career risk, as illustrated by many of the venture-client insurtech success stories now reshaping the market.

Most insurers cannot do this today. The procurement function isn't built for it. The legal function isn't built for it. The IT integration cadence isn't built for it. The talent isn't built for it. So the carrier accumulates pilot debt — thirty, fifty, sometimes a hundred concurrent AI initiatives across the enterprise, each one with a champion, most of them with a positive ROI on paper, almost none of them connecting to each other or compounding. This is the bolt-on era. It produces motion without compounding.

The orchestrator-class carrier rebuilds the procurement and integration function so the venture-client model becomes the default, not the exception. Aon, Marsh, and Gallagher are doing this — not by accident. They are now among the largest human-capital-management firms in the world, precisely because they industrialized their external capability sourcing three years before the rest of the market, a pattern echoed in the Global Insurtech Summit’s venture-client insights. Ping An, the original Frontier example, got there because one leader decided the business would source intelligence externally at scale rather than build it within its walls. That leader is now at SunLife. The pattern matters more than the carrier.

“Stop running AI procurement like it's 2018. The carriers who win the next four years will have a venture-client engine that sources external capability faster than their competitors can build it internally. Everyone else will keep buying vendor sprawl.”

I - Integrate Ecosystems — Competitive Edge is Now Relational.

The carrier that competes on internal capabilities alone in 2026 is competing with one hand tied behind its back. The competitive advantage is increasingly relational: who is in your ecosystem, what data flows between you and them, what capabilities you can call on without owning, and how quickly you can reconfigure the partner stack when the market shifts. Organizations using the Frontier framework do this to optimize business processes, improve employee experience, and reinvent customer engagement through intelligent agents and data platforms.

This is the structural difference between the Frontier Insurer and the merely digital insurer. The digital insurer has rebuilt the customer journey on a cleaner stack and called it a transformation. The Frontier Insurer has rebuilt the partner stack around intelligence — sensors, smart-home and smart-property platforms, climate-adaptation infrastructure providers, embedded distribution partners, regulatory-tech vendors, identity and trust-architecture firms, telematics aggregators, and parametric data providers. Agentic AI extends generative AI by turning outputs toward specific goals and execution in real workflows. Each of those partners contributes a signal, a capability, or a distribution that the carrier could not credibly build alone, fast enough, at scale.

Embedded insurance — insurance sold at the point of need through someone else’s customer relationship — has been the easy ecosystem example for half a decade. The harder examples are starting to matter more. Resilience ecosystems, where the carrier sits inside a network of climate-adaptation partners and the product is co-designed with the partner. Trust ecosystems, where the carrier integrates with identity and behavioral-signal partners to underwrite continuously rather than at the point of application. Distribution ecosystems, where brokers, MGAs, and platforms increasingly serve as orchestrators of multiple carrier capacities rather than agents of any single one.

A few examples include customer-support environments where agentic AI helps human teams solve more complex problems and deliver personalized responses. In supply chain management, AI can automate complex processes such as supplier orders, production adjustments, demand prediction, and logistics by analyzing data from sales, inventory, and shipping databases — exactly the kind of digital transformation future-mapped at ITI EU.

Gallagher’s rise to the third-largest broker in the world over a decade, which most analysts didn’t see coming, was driven by exactly this ecosystem-orchestration play. Today, Gallagher generates $9.91 billion in revenue and executes 51 acquisitions in 2023 alone. They built the partner stack and the human-capital-management capability before the rest of the market understood they would have to. Specialty insurers — particularly Lloyd’s syndicates serving SME and HNW lines — are now moving in the same direction.

The composite personal-lines carrier with a 200-year-old culture and a 15-year core systems modernization program that’s still going to have a harder time competing with this on its own. The ecosystem is now the moat.

“Your competitive advantage in 2030 will not be the technology you own. It will be the ecosystem you orchestrate. The carriers who are ecosystem-native will compound. The carriers who are still asset-only will commoditize.”

E - Engineer Trust — it’s Architecture, not Assurance.

Every senior insurance executive I have talked to in the last 18 months has said some version of the same sentence. “Trust is our biggest asset.” Then most of them treat it as a marketing problem. Build the brand. Train the agents. Improve the customer service scripts. Run the satisfaction survey. None of those things is wrong. None of them is sufficient.

Trust in 2026 is no longer earned at the brand layer. It is earned — or destroyed — at the architecture layer. Customers, regulators, capital providers, brokers, and employees are all asking the same question of insurance: can I trust what your AI is doing? And the honest answer for most insurers, right now, is “I’m not sure, let me get back to you.” That answer ages badly.

The Frontier Insurer engineers trust into the system rather than asserting it from the marketing department. Every agent decision is observable, explainable, and traceable. Every model output can be interrogated in plain language by an adjuster, a regulator, or a customer service rep.

Every data input has a documented provenance, a clear permission boundary, and an audit trail. The trust mechanism is not bolted on after the fact — it is the architecture itself. This is the deep version of the auditability paradox. A well-architected AI workforce, continuously observed, with clear permission and provenance trails, is structurally more trustworthy than a manual process that relied on a tired human and a yellow legal pad. The regulators, if they are honest, will end up preferring the Frontier system. The customers will, too, once they understand what they are being shown.

This connects to a broader thesis I have been developing for two years now and will continue to develop. Trust is the new operating system. The firms that scale trust fastest will scale transformation fastest. Not because trust is morally superior — though it is — but because in a regulated, complex, high-stakes industry like insurance, the binding constraint on growth is increasingly the customer’s, the regulator’s, and the capital provider’s willingness to let you move. Trust is the permission slip that lets the business scale, especially when AI is combined with empathy in claims and other sensitive customer journeys. Without it, every initiative slows down. With it, every initiative compounds.

“The firms that win this decade won’t have the biggest AI budgets, the flashiest innovation labs, or the most pilots. They’ll have something rarer — the ability to scale trust faster than complexity. That may, in fact, be the most valuable insurance policy of all.”

R - Rewire Culture — The Human Layer is Now The Bottleneck.

Technology scales instantly. Capital scales quickly. Culture scales slowly. The Frontier Insurer transition is, structurally, a culture transition wearing a technology costume. And most carriers are about to discover that they have been investing in the costume while the underlying culture stays exactly where it has always been.

Here is what culture rewiring actually means inside an insurance carrier becoming Frontier. The job of underwriting changes. The job of claims handling changes. The job of an adjuster, a broker liaison, a contact-center lead, a fraud investigator, and an actuary all change. None of those jobs will disappear, though some headcount will. What changes is what those jobs DO.

Agentic AI can learn from feedback and improve over time, thereby raising the bar for training and supervision and underpinning AI-transformed insurance underwriting. The underwriter becomes an agent-boss orchestrating three AI agents and supervising a workflow that used to be six separate steps. The claims handler becomes an adjuster of edge cases, while the routine decisions flow through observable, explainable agents. The actuary becomes a designer of algorithmic underwriting 2.0 systems rather than a calculator of risk-pricing tables.

These transitions are uncomfortable. They threaten identity, status, and tenure. McKinsey’s Claims 2030 research and Selby Jennings’ 2025 actuarial-talent reports both flag the same pattern. According to Selby Jennings' actuarial talent research, 94% of insurance professionals view flexible working hours and remote options as critical career motivators, and 68% to 70% state they would reject a job offer that mandated a full-time, office-based schedule. Yet, approximately 70% of insurance employers are actively tightening in-office mandates, creating a direct clash between talent expectations and corporate policies.

The binding constraint on insurance AI deployment is not engineering talent. It is AI-fluent adjusters, underwriters, and business leaders who know how to operate alongside intelligence rather than under or against it. There aren’t enough of them. The Frontier carriers are building the training programs, the career paths, and the incentive structures to produce them. The other carriers are running unconscious selection — the AI-comfortable employees stay and rise, the AI-resistant employees disengage and leave, and the carrier loses both halves of the workforce it needs to make the transition work.

The leadership pattern that produces this rewiring is consistent across every Frontier example I have studied. One leader, with conviction and runway, makes the decision that the business will be redesigned around intelligence — and protects the redesign through the 18-to-36 months it takes for the culture to follow. Ping An. Gallagher in a different way. Several specialty Lloyd’s syndicates. A handful of mid-size US carriers I’m not yet at liberty to name. The pattern is single-leader-driven rather than committee-driven, echoing many of the leadership stories shared in the Beyond Tech Frontiers series. Boards do not produce Frontier Insurers. Individual operators with conviction do.

“Technology scales instantly. Trust scales slowly. Culture scales slowest of all. The Frontier Insurer rewires the culture deliberately — because if it doesn’t, the technology investment buys you faster failure, not faster success.”

Reading The Framework as a Sequence

The 8 letters are not independent. They are sequential. They are stacked. The F.R.O.N.T.I.E.R. framework is a strategic planning tool for managing complex organizational transitions.

1. Frame the AI workforce first, because without that mental shift, every subsequent move will misfire.
2. Redesign around resilience, because the business model itself has to change before the capabilities make sense.
3. Observe continuously, because once you have a workforce and a redesigned model, governance has to keep up in real time.
4. Navigate interconnected risks because the new operating environment is converged, and the old siloed risk register is now actively misleading.
5. Tap external innovation, because no carrier can build the capability stack alone fast enough.
6. Integrate ecosystems, because the partner network is now the moat.
7. Engineer trust, because trust is the permission slip the rest of the business runs on.
8. And finally, rewire culture, because all seven of the previous moves fail if the human layer hasn’t been redesigned to absorb them.

If you read the framework as a checklist, it will not help you.

If you read it as a sequence, it will.

Each letter unlocks the next. Skip one, and the structure collapses.

In high-risk cases, it may require firms to pause development or deployment until safeguards are in place. Run them in order, and the carrier becomes a Frontier Insurer in 18 to 36 months.

“A Frontier Insurer is not built in a quarter. It is built in a decision, one leader, one conviction, eighteen months of protection while the culture catches up. The framework tells you what to protect, and in what order. The conviction is yours.”

That is the Framework. F.R.O.N.T.I.E.R.

8 letters, 8 positions, one sequence. I am bringing this onto the Main Stage of Insurtech Insights New York on the third of June, alongside Denise Garth, Jim DeMarco, and Manish Shah.

The panel will pull pieces of it. This document is complete, and one you can sit with for an hour over a coffee and decide which of the eight your firm has cracked, which it is faking, and which it hasn’t yet noticed it needs to start.

If you are operating inside a carrier, a broker, a specialty syndicate, or a TPA, and you would like to compare notes, my inbox is open. The Frontier transition or destination is not a journey to take alone. The whole point of the framework is that you don’t have to. 

Frequently Asked Questions

What is a Frontier Insurer? 

A Frontier Insurer is a carrier that has re-architected its operating model around intelligence — agents, observability, ecosystem orchestration — rather than bolting AI onto legacy workflows. The category distinguishes carriers actively rebuilding around agentic AI from those treating it as a software upgrade. By 2026, with 90% of US insurers in some stage of generative AI evaluation (Conning), the operational gap between Frontier and non-Frontier carriers has become a structural divide in the industry.

What does the F.R.O.N.T.I.E.R. Framework stand for? 

The F.R.O.N.T.I.E.R. Framework is an eight-step operating model for insurers re-architecting around AI: Frame AI as a workforce, Redesign around resilience, Observe continuously, Navigate interconnected risks, Tap external innovation, Integrate ecosystems, Engineer trust, and Rewire culture. Each letter is a sequential operational position — skipping any stage introduces structural fragility, vendor sprawl and regulatory exposure. The framework is designed as an eighteen-to-thirty-six-month commitment, not a quarterly initiative.

How is a Frontier Insurer different from an insurer that uses AI? 

Every insurer will use AI in 2026. A Frontier Insurer is distinguished by how it uses AI architecturally. MIT research identifies three modes: integrators deploy AI inside existing processes; transformers redesign processes around AI; orchestrators rebuild the entire business around intelligence. Only the orchestrator is a Frontier Insurer. With 80% of Fortune 500 firms running active AI agents (Microsoft) but only 10% having a formal governance framework, most carriers today are still integrators.

What is the Venture-Client model in insurance? 

The Venture-Client model — pioneered by BMW's Startup Garage in 2014-2015 — is a corporate-startup approach in which the enterprise acts as a paying customer to a startup rather than an equity investor. For insurers, it resolves “pilot purgatory”: 88% of innovation pilots fail to reach commercial scale. A Frontier Insurer institutionalizes a 90-day pipeline from sourcing to live workflow integration, replacing legacy procurement cycles that take nine to twelve months.

Why does AI governance matter for insurers in 2026? 

AI governance is the binding constraint on safe AI deployment in insurance. Microsoft research shows the average enterprise runs 37 AI agents — yet only 10% have a formal governance framework, and 29% of employees use unsanctioned AI tools. For insurers, this exposure is regulatory: the NAIC Model Bulletin on the Use of AI Systems by Insurers (adopted December 2023, now in 24+ US states) requires written AI Systems Programs with continuous bias testing, executive accountability, and third-party vendor oversight.

References

1.  Building Insurance Modernization That Sticks — SAP Fioneer
2.  Legacy to Modern: How US Insurance Carriers Modernize Core Systems in 2026 — Decerto
3.  Microsoft Cyber Pulse: Why AI Agent Governance Matters — Microsoft
4.  2025 Survey on AI & Insurance Technology: The C-Suite Verdict — Conning (via PRNewswire)
5.  2026 Resilience Report — International Insurance Society
6.  Travelers History — The Travelers Companies
7.  Hanover Insurance Group: More Than 170 Years in the Game — Hanover Insurance Group
8.  170 Years of the Shipowners' Club — Shipowners' Club
9.  Promutuel Insurance, There for 170 Years — Promutuel Insurance
10.  Model Bulletin on the Use of Artificial Intelligence Systems by Insurers — NAIC (December 2023)
11.  What the NAIC Model Bulletin Means for Insurance AI — WaterStreet Company
12.  Colorado Scales Back AI Law, with Targeted Implications for Health Care — Ropes & Gray
13.  Ctrl + Alt + Legislate: Colorado Reboots Its AI Act — JD Supra
14.  Artificial Intelligence Risk Management Framework (AI RMF 1.0) — NIST
15.  SONAR 2025: New Emerging Risk Insights — Swiss Re Institute
16.  2026 State of Insurance Fraud Study — Verisk
17.  From Innovation Theatre to Commercial Reality: How Venture-Client Specialists Are Rewriting the Rules of Insurance — Alchemy Crew Ventures
18.  The Venture Client Model and Its Challenges for Established Companies — Design Society
19.  Top Global Insurance Brokers (July 2024) — AM Best — Best's Review
20.  Claims 2030: A Talent Strategy for the Future of Insurance Claims — McKinsey & Company
21. USA Insurance & Actuarial Talent Report 2025 — Selby Jennings