Open insurance: defining the roadmap

INTRODUCTION

It’s a pleasure to be here with you today at the Insurance Innovators Summer Festival in Munich where so many from the world of insurance have come together to discuss where our sector is headed in these rapidly digitalising times.

I’m especially pleased to be representing EIOPA at such a forward-looking, future-oriented conference. Our participation here shows that regulators and supervisors do not only react retrospectively to developments, but that we are actively engaging with market participants and stakeholders throughout the process of innovation. Today’s exchanges are just one channel of this dialogue.

In my speech today I’ll touch upon what opportunities and risks are connected to open insurance, what the legislative landscape looks like at the moment and how it might evolve in the future. While I will not be defining a concrete roadmap – indeed certain elements are beyond insurance supervisors’ realm – I will highlight some important aspects to consider.

 

INCREASED AVAILABILITY OF DATA AND COMPUTING POWER

One of the key building blocks for innovation is data. Insurers have always relied heavily on it. What has changed now is the availability of data as well as the capacity to consolidate or analyse large quantities of data, which has increased exponentially over the years. The volume of data produced in the world is expected to grow from 33 zettabytes in 2018 to 181 zettabytes in 2025. Just to put things into perspective, 1.4 trillion conventional CDs would be needed to store one zettabyte of data.

In this ever-more digital world, financial service providers, including insurers, will be making an even greater use of data than they already have. We see that insurers are already increasingly combining new data sources with traditional ones and increased business applications across the entire economy are to be expected. Data is oozing from everywhere. From watches that count our steps, time our sleep and measure our pulse, from semi-automatic cars with telematics devices that log every move we make during our drive to work, from smart fridges that can reconstruct our diet with a fair amount of precision. All of these devices generate data points that could potentially be used by insurers to assess risks more accurately and develop increasingly tailored products.

Given this multitude of new data, it is fair and safe to assume that the bulk of the innovation that’s to come in the insurance industry will have as its focal point the use and management of data. And here is where open insurance enters the stage.

 

EVOLVING INTO OPEN FINANCE

The discussion around open finance has been in place for some time, primarily focusing so far on the banking sector (Open Banking). In some jurisdictions, concrete legislative steps have been taken to facilitate open finance (data sharing and third-party access to data).

Internal application programming interfaces in insurance have been in place for some time, but the focus has only recently shifted towards opening up APIs to the outside world to offer better services to policyholders or achieve greater market competition.

However, in the absence of any regulatory or self-regulatory requirements, developing such services entails bilateral agreements and the bridging of different standards to ensure interoperability. Open insurance would entail some standardisation or possible compulsory data sharing at the initiation and consent of the customer.

From a supervisory perspective, there are still many questions on how certain new open insurance services would look like and should be treated, what existing regulation should be applied or whether new regulation should be developed. Moreover the interplay of data across different sectors will call for increased co-operation with supervisors from areas such as competition and data protection.

For if consumers feel that they have lost control over access to their data, they might choose to opt out from participating in any open finance initiatives in the future. So we, insurers, policyholders, supervisors have to get it right from the start. Clear information and solid consent mechanisms can help earn their trust and keep their trust.

The ultimate goal for regulators would be to allow innovation and new solutions to flourish on the insurance market, but to flourish according to the rules of digital ethics and not at the altar of consumer protection.

Let’s take a look at relevant regulation as it stands today.

 

CURRENT REGULATORY FRAMEWORK

Current legislation surrounding the use of data allows data sharing only to a limited degree and the mandatory sharing of data sets across financial industry participants or third-party companies is not foreseen.

While the General Data Protection Regulation (GDPR) does grant consumers the right to move their data freely from one company to another, this relates specifically to personal data and third party service providers only have direct access when that is technically feasible, meaning that access is not guaranteed. It is often highlighted that for this very reason the framework is not viable or innovation-friendly.

The amended Payment Services Directive, PSD2, has opened the door to Open Banking, where third-party solutions, such as budgeting apps, are already helping users get a better overview of their expenditures. Some insurers have developed cross-sectorial open finance solutions leveraging PSD2 data such as for suitability assessments when providing life insurance products.

To date, however, no such legislation exists yet for pensions savings and insurance products, neither for third parties outside financial services. Access to customer data outside the payment sector therefore remains very difficult.

Mind you, moving from Open Banking to Open Insurance is not something that our sector would want to rush into. It is reasonable to tread very carefully here for the stakes are high and there are risks on all sides. The information insurers already hold and especially the data consumers might share is much more complex and sensitive than a record of payments. This needs to be given due consideration.

Data protection, security issues and the question of exclusion or discrimination are major concerns here. The more information insurance undertakings have about a given individual, the higher the probability that some parameter or combination of parameters could negatively affect the coverage or pricing that individual gets. Exclusions may not only come as a result of excessive data. Coverage might be denied to people who are unwilling to share certain information. Those among us that are not very tech-savvy and do not use modern devices might be left behind for lack of analysable data or other barriers. Moreover, the risk-pooling nature of insurance provision could be threatened, potentially resulting in uninsurable groups and higher prices for many.

Nevertheless, it is clear that Open Insurance has the potential to bring wide-ranging benefits. These include increased efficiency and transparency, the development of products better tailored to the demands and needs of consumers and cost reduction. Furthermore, Open Insurance could also lower the bar for new entrants to the market and thus create more lively competition. Consumers would be able to better compare offerings and choose the most suitable solution or switch providers with greater ease. A free marketplace of insurance-related data could give rise to peer-to-peer insurance, which would bring the business models of Uber and Airbnb into our sector. The opportunities are plentiful, but the need to look at risks as well

The European Commission already announced that it would put forward a proposal for open finance within the EU’s digital finance strategy. The Commission argued that it’s difficult to access and reuse customer data as, under the current environment, the interoperability of data within the financial sector is low. In their view, this does not only hinder business innovation and constrain customers’ choice, but also prevents consumers from reaping the full benefits of digitalization. They are currently in the public consultation phase with the first proposal expected towards the end of this year. I use the opportunity to encourage all of you to participate in this consultation to make sure that the risks and benefits for our sector are duly reflected.

 

DOES REGULATION HAVE A ROLE?

As part of our forward-looking approach to innovation we at EIOPA already analysed the topic of Open Insurance in a report published early last year. In this discussion paper we explored whether and to what extent insurance value chains should be opened up and we analysed use cases across the insurance value chain.

Besides the analysis, our aim was to also start a broader discussion on the topic with stakeholders. What role regulation should play in the process was an important pillar both in our exploratory work and our dialogue with stakeholders. Is regulation necessary or will a workable market-led, voluntary data sharing system emerge without regulatory intervention?

Our consultation with stakeholders revealed that the sector itself does not have a clear vision for the way forward. 39% of the respondents believed that Open Insurance will develop without regulatory intervention while 30% said that this would not be the case. On a similar question, almost half of all respondents chose a mixture of market-led and regulatory solutions. Moreover, it became clear that the policy issues raised by the debate on open insurance touch upon objectives and stakeholders that go beyond the financial sector itself.

For a number of reasons, I believe that agile regulation could materially facilitate the development of Open Insurance and help it unlock its potential without undermining consumer protection.

While insurers are already exchanging some data through application programming interfaces (APIs), stakeholders pointed out that regulation was necessary to standardize and harmonize these for greater efficiency and interoperability. Data governance and data reciprocity regimes have been suggested as areas where regulatory impetus would be needed to drive developments forward.

It is widely believed that a voluntary data sharing system would result in a fragmented market though there are different views in what way. Some fear that the strongest players might refuse to participate while others believe that early adopters could form an oligopoly and cut off laggards, thereby hampering competition. If Open Insurance practices were only adopted by a segment of the insurance market, data sets would likely be skewed or non-representative and their use could result in inadequate insurance products.

For all of the above reasons and while acknowledging that Open Insurance could develop through private solutions, it seems that some level of regulation is needed. Standard-setting regulation could act as a catalyst and help deliver a more balanced and efficient form of this new world.

The approach to open insurance is unquestionably a broad policy question. EIOPA’s engagement at this stage has been of a diagnostic approach and aimed at facilitating discussions by providing technical input. In our discussion paper we highlighted certain areas to consider for a sound open insurance framework. These include the need for a broader discussion and impact assessment on different open insurance approaches, proper supervision, safeguards from a digital ethics and data protection perspective, interoperability rules for data sharing frameworks and workable API standards. Any future Open Insurance framework should also seek to ensure a level-playing field and for that the question of data reciprocity should be duly considered.

We are convinced that the emerging data economy will have a significant impact on the way insurance is done around the world. Some form of Open Insurance is likely to emerge – the interest shown for this very festival is a clear sign of that.

As we enter into this new chapter of Open Insurance, it’s our shared responsibility to make Open Insurance a success by putting consumers and their needs for good and fair products that offer value at the centre of the discussion. EIOPA will therefore continue to facilitate discussions among stakeholders by also providing technical input from regulatory and supervisory perspectives. Further, we will keep monitoring legislative developments that have a bearing on Open Insurance and provide our insurance and supervision-specific guidance as necessary. Initiatives such as the European Single Access Point proposal, the Data Act proposal and the previously mentioned Open Finance Framework are all important steps.

Insurers, consumers, third-party providers and our societies as a whole stand to gain a lot from well-developed Open Insurance solutions. I’m looking forward to working with you to ensure that we can create a thriving, efficient and fair system!

Thank you!