NAIC | December 06, 2023
The National Association of Insurance Commissioners (NAIC) Membership voted to adopt the Model Bulletin on the Use of Artificial Intelligence Systems by Insurers during the 2023 Fall National Meeting.
The bulletin reflects the work of the NAIC Innovation, Cybersecurity, and Technology (H) Committee, chaired by Maryland Insurance Commissioner Kathleen A. Birrane. Michael Conway, Commissioner of the Colorado Division of Insurance, and Doug Ommen, Commissioner of the Iowa Insurance Division, are co-vice chairs of the committee.
"This initiative represents a collaborative effort to set clear expectations for state Departments of Insurance regarding the utilization of AI by insurance companies, balancing the potential for innovation with the imperative to address unique risks,"
said Commissioner Birrane.
As the insurance sector navigates the complexities of AI, the NAIC's Model Bulletin on the Use of Artificial Intelligence Systems by Insurers provides a robust foundation to safeguard consumers, promote fairness, and uphold the highest standards of integrity within the industry.
[Source -PR Newswire]
The H Committee, comprised of representatives from 15 states, began drafting the bulletin in 2023 with the goal of establishing comprehensive regulatory standards to ensure the responsible deployment of AI in the insurance industry. The bulletin addresses critical issues related to the usage of AI, such as potential inaccuracies, unfair biases leading to discrimination, and data vulnerabilities.
While not a model law or regulation, the AI model bulletin serves as a guiding document, fostering uniformity among state insurance regulators regarding expectations for insurance carriers deploying AI. The bulletin comprises four key sections, each addressing crucial aspects of AI usage by insurers. It emphasizes the importance of responsible governance, risk management policies, and procedures to ensure fair and accurate outcomes for consumers.
The bulletin reminds insurance carriers that decisions impacting consumers that are made or supported by advanced analytical and computational technologies, including AI, must comply with all applicable insurance laws and regulations, including unfair trade practices. The bulletin also sets forth state insurance regulators' expectations on how insurers should govern the use of such technologies by or on behalf of the insurer to make or support such decisions, including the creation and implementation of a written AIS Program, commensurate with an assessment of the risk in accordance with the guidelines established by the NAIC's 2020 Principles of Artificial Intelligence, and to ensure that decisions impacting consumers made or supported by AI are accurate and do not violate unfair trade practice laws or other applicable legal standards. The bulletin also advises insurers of documentation that a state Department of Insurance may request during an investigation or examination.
The initial draft was presented to the working group on June 29, 2023, and subsequently exposed for public comment periods, allowing for extensive input from industry stakeholders, consumers, and legislators. The process involved two exposure periods, with the first public comment period ending on Sept. 5, 2023, and the second ending on Nov. 6, 2023. The review process also included in-person comments during the 2023 Summer National Meeting in Seattle, WA, and during the 2023 Fall National Meeting in Orlando, FL.
Significant updates were made to the model bulletin based on the feedback received. These updates addressed concerns raised during the review process, including a shift in focus toward outcomes, revisions to key definitions aligned with National Institute for Standards and Technology (NIST) standards, and updates to language on third-party contracting and testing and validation protocols.
Commissioner Birrane expressed gratitude for the collaborative efforts of the H Committee, drafting groups, and all stakeholders involved. The completion and adoption of the model bulletin mark a significant step forward in adapting regulatory frameworks to the evolving landscape of AI in the insurance industry.
About the National Association of Insurance Commissioners
As part of our state-based system of insurance regulation in the United States, the National Association of Insurance Commissioners (NAIC) provides expertise, data, and analysis for insurance commissioners to effectively regulate the industry and protect consumers. The U.S. standard-setting organization is governed by the chief insurance regulators from the 50 states, the District of Columbia and five U.S. territories. Through the NAIC, state insurance regulators establish standards and best practices, conduct peer reviews, and coordinate regulatory oversight. NAIC staff supports these efforts and represents the collective views of state regulators domestically and internationally.
Global Atlantic | December 11, 2023
Global Atlantic Financial Group a leading insurance company meeting the retirement and life insurance needs of individuals and institutions, today announced it has signed a $10 billion reinsurance agreement with Manulife Financial Corporation.
Key Highlights of the Transaction
Third block transaction Global Atlantic has executed with Manulife, a leading international financial services provider and wealth manager. Highlights successful partnership between organizations.
Showcases Global Atlantic’s unique ability to underwrite, structure and execute on multiple liabilities and across the global insurance market and includes Global Atlantic’s first block reinsurance transaction in Japan.
The transaction, signed between subsidiaries of the companies, will reinsure a seasoned and diversified block of Manulife’s life, annuity, and long-term care insurance business originated in the US and Japan.
Following a concurrent transaction where 100% of the long-term care (“LTC") insurance risks are simultaneously reinsured with a highly rated third-party global reinsurer, Global Atlantic will only retain the underlying spread-based risks on the subset of the block that involves the LTC business.
Similar to Global Atlantic’s other spread-based reinsurance transactions, the predictable nature of the retained risks makes this an attractive profile for Global Atlantic and Ivy II, its co-investment vehicle.
With this deal, Global Atlantic further advances its position as a reinsurer of choice in the annuity and life insurance marketplace. The company has established a 20-year track record, successfully completing more than 40 transactions with nearly 30 clients and reinsuring more than $140 billion of assets since inception.
“Throughout this process, we partnered closely with Manulife teams in Canada, the US and Japan to gain a strong understanding of their goals”
said Manu Sareen, Co-President of Global Atlantic.
Due to our organizations’ close collaborative process, we were able to develop a tailored solution that aligns with all parties’ strategic objectives. Our innovative LTC structure separates the insurance risks from the underlying investment and spread-based risk, and enables Global Atlantic to reinsure the insurance risks to a highly regarded reinsurance partner. With this structure, our retained liability cashflows on this part of the transaction are not subject to any lapse, longevity or morbidity risks.
[Source -Business Wire]
The block currently has approximately $10 billion in general account assets across multiple product lines including payout annuities, whole life policies and long-term care policies. The Japan whole life block represents approximately $4 billion USD equivalent (¥574 billion) assets making the transaction one of the largest Japanese reinsurance deals in recent history and further advancing Global Atlantic’s presence and commitment across Asia. Global Atlantic will retrocede the long-term care insurance risk to a well-established and highly rated third-party reinsurer.
Under the terms of the agreement, Manulife will reinsure the blocks and transfer general account assets to Global Atlantic. Manulife will also retain servicing and administration of the policies.
The transaction is expected to close in the first half of 2024, subject to satisfaction or waiver of customary closing conditions specified in the agreement, including the receipt of required regulatory approvals.
About Global Atlantic
Global Atlantic Financial Group is a leading insurance company meeting the retirement and life insurance needs of individuals and institutions. With a strong financial foundation and risk and investment management expertise, the company delivers tailored solutions to create more secure financial futures. The company's performance has been driven by its culture and core values focused on integrity, teamwork, and the importance of building long-term client relationships. Global Atlantic is a majority-owned subsidiary of KKR, a leading global investment firm. Through its relationship, the company leverages KKR's investment capabilities, scale and access to capital markets to enhance the value it offers clients. KKR's parent company is KKR & Co. Inc.
Certain information contained in this press release constitutes “forward-looking statements,” which can be identified by the use of forward-looking terminology such as “may,” “will,” “should,” “expect,” “anticipate,” “project,” “estimate,” “target,” “intend,” “continue” or “believe,” other variations thereon or comparable terminology. The forward-looking statements speak only as of the date hereof and are based on Global Atlantic’s current beliefs, assumptions and expectations. Due to various risks, uncertainties and contingencies, including but not limited to obtaining required regulatory approvals, closing on signed transactions and whether the anticipated benefits of a transaction can be achieved within expected timeframes, actual events or results or performance may differ materially from what is reflected or contemplated in such forward-looking statements. Global Atlantic undertakes no obligation to update or revise any of these forward-looking statements, whether to reflect new information, future events or circumstances or otherwise. Past performance is not a guarantee of future results.
PR Newswire | January 10, 2024
Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections, announces Granular Sharing Enforcements will soon be available for all products in the Keeper® platform. Granular Sharing enables administrators to enforce detailed creating and sharing permissions at the user level. By implementing these permissions, organizations can ensure employees only have access to the resources necessary for their roles, minimizing the risk of unauthorized access, data breaches and lateral movement within a network.
"It's critical for organizations to have security solutions that help them adhere to increasing regulations and compliance requirements," said Craig Lurey, CTO and Co-founder of Keeper Security. "Granular permission control helps organizations enhance their security posture by restricting access to sensitive information and systems. With Granular Sharing Enforcements, it's easier than ever for IT administrators to better control the principle of least privilege and streamline operations within their organizations."
Keeper's added Granular Sharing Enforcement policies provide more detailed restrictions that administrators can apply to users for both creating and sharing records. Most employees do not need access to all of the data or functionalities within an organization, and many industries and geographical regions have specific regulations and compliance requirements regarding data protection and privacy, including HIPAA, GDPR, PCI DSS and SOX. Granular permission controls enable organizations to align with local and industry regulations by allowing them to define and enforce access policies. This helps in ensuring the organization is compliant with industry standards and legal requirements.
Key features of Keeper's Granular Sharing Enforcements include:
Auditing: Keeper provides clear alerting and reporting on over 100 different event types.
Version control: Only a small subset of users have permissions to update or share records, helping teams ensure information is consistent and accurate.
Seamless access on any device: Keeper provides the same user experience across platforms, ensuring cross functionality and ease of use, whether on web, desktop or mobile.
Encryption: Keeper provides secure sharing with elliptic curve encryption, ensuring cybercriminals cannot intercept passwords or other shared records in transit.
Keeper Administrators can easily customize permissions to best suit the compliance needs of their organization. Administrators modify permissions in the Enforcement Policies section of the Admin Console for the chosen role by selecting Creating and Sharing. Most permissions are activated by default for maximum security. Enforcements have been designed to be simple and powerful, allowing admins to choose the appropriate settings for their unique needs.
Granular Sharing Enforcements will be available for all sharing needs within Keeper's Enterprise Password Manager, Keeper Secrets Manager and KeeperPAM. With Keeper's zero-knowledge password management and security platform, IT administrators have complete visibility into employee password practices, enabling them to monitor password use and enforce password security policies, including strong, unique passwords, Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), and other security policies. Keeper Secrets Manager is a fully managed cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data.
Its latest offering, KeeperPAM, provides next-generation Privileged Access Management (PAM) that is disrupting the traditional PAM market. KeeperPAM delivers enterprise-grade password, secrets and privileged connection management within a unified SaaS platform that is cost-effective, easy to use and simple to deploy. KeeperPAM enables least-privilege access with zero-trust and zero-knowledge security. Enterprises select Keeper because of its strong security architecture, ability to support federated and passwordless authentication with any identity provider, seamless integration into on-premises, cloud or hybrid environments and ease of use across desktop and mobile devices.
About Keeper Security
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper's affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging.