Open insurance solutions should meet data protection consideratons, insurance, and competition regulations while supporting innovation, efficiency, consumer protection and financial stability.
What is open insurance?
There is no uniform definition of open insurance or open finance. EIOPA has considered open insurance in its work so far in the broadest sense, covering accessing and sharing insurance-related personal and non-personal data usually via APIs.
The discussion around open finance focused so far mainly on the banking sector. In some jurisdictions, concrete legislative steps have been taken to facilitate open finance (data sharing and third party access to data), e.g. Payment Services Directive (PSD2) in the EU. Antitrust law considerations (to promote innovation and competition), and the principle that personal data belongs to the data subject have been significant drivers. In other jurisdictions, the developments are more market-led, e.g. open insurance/finance is developing via new business models and private sector initiatives.
Internal APIs in insurance (for example, back-end communications and interactions with third parties) have been in place for some time, and recently the focus has shifted towards opening up APIs to the outside world to offer better services to policyholders and/or greater market competition. Consequently, the infrastructure for some services similar to open insurance is partly in place – though in a partial and local manner.
However, developing such services currently entails bilateral negotiations, agreement and contracts, and working to bridge different standards. The issue of a full standardisation or a sufficient interoperability among existing standards could be discussed in different scenarios, including regulatory or self-regulatory requirements (other than general data portability rules). Future developments in open insurance could entail further standardisation and/or possible compulsory data sharing (at the initiation and consent of the customer) and should define how controlled security and better consumer protection could be provided.
What are the risks and benefits?
Enhanced data sharing and openness, in compliance with data protection and competition rules, could enable the insurance sector to fully embrace data-driven innovation.
This could lead to creating innovative products:
- for consumers, such as making it easier for consumers to compare offerings and switch providers; new advice services
- for businesses, such as increased efficiency and interaction with third parties or more efficient compliance practices - RegTech.
- for supervisors, such as SupTech and more effective and responsive oversight capabilities
However, this could also give rise to new/amplified risks such as data security, cyber risks, interoperability, liability, ethical issues and broader consumer protection risks.
Collecting and sharing data about insurance policies or other open insurance-related data can reveal sensitive information about the health, sexuality, and political views or other personal details of a person. Increased data sharing, especially if combined with Artificial Intelligence/machine learning tools, could also increase financial exclusion.
It could also raise the question of level playing field, for example the question of providing equal access to data for all insurance undertakings/intermediaries, including small ones and/or through reciprocity in the sharing of consumer data between all market participants.
How is EIOPA addressing open insurance?
EIOPA has started a broad discussion with different stakeholders on possible balanced, forward-looking and secure approaches to open insurance and its risks and benefits to the insurance industry, consumers and supervisors.
EIOPA published a discussion paper on open insurance and launched public consultation. In the discussion paper EIOPA explored whether and to what extent insurance value chains should be ‘opened’ up by the sharing of insurance-related and specific policyholder data amongst insurance and non-insurance firms, with a view to protect policyholder rights and to allow for innovation in products and services.
EIOPA concluded there might be potential on open insurance for consumers, for the sector and its supervision, if handled right. A key consideration on possible open insurance solutions is how to find a balance between data protection, insurance, and competition regulations while supporting innovation, efficiency, consumer protection and financial stability.
Furthermore, open finance could provide further opportunities for Pension Tracking Systems, as pointed out in the Pension Tracking System (PTS) Advice that EIOPA submitted to the European Commission. Indeed, some national PTSs already allow consumers to give some third parties access to their data (e.g. to download a pdf. file). Open insurance could facilitate this further allowing certain regulated third parties (e.g. insurers/intermediaries/pension providers) access to PTS data directly through API integration based on consumer explicit and informed consent. This can facilitate advisory processes including through robo-advice and can help to build different financial management tools.