Skip to main content
European Insurance and Occupational Pensions Authority
General publications

Supervision in a fast-paced digital world


Publication date
9 February 2022


Keynote speech by Petra Hielkema at the Afore Consulting 6th Annual FinTech and Regulation Conference



Good morning, ladies and gentlemen,

Thank you so much for inviting me to speak to you today about supervision in the digital world.

It’s clear that how we manage the digital transformation continues to be a top priority. And I say we in the broadest sense – not just industry or supervisors, but society as a whole.

Because no-one can doubt that digital technology has permeated every aspect of our life. From dawn to dark, from home to work, from travel to shopping to fitness – there’s always an app. 

Did anyone ever think that we would be synching our electric toothbrush to our phone? Itsn’t it just amazing that when travelling I connect with my children at the end of the day by joinging them in their game with my own avatar.

So it’s no surprise that digitalisation features so heavily in the financial services sector – and particularly the insurance sector. And as in so many other cases, COVID-19 has accelerated the digital transformation.

This digital transformation is also one that is spreading globally at a new pace, with ideas and business models that spring up in one part of the globe rapidly being developed at scale in other parts of the globe. While in Europe we may not be always at the forefront of every innovation, the depth, complexity and interconnectedness of our internal market makes it a critical forging ground for the innovations that are going to endure. 

It is this very pace and breadth of activity that must be addressed by the supervisory community.  

In my speech today, I would like to highlight some of the key trends in the sector: where we see the use of digital technology today and how this might evolve.

Then I would like to outline some of the implications for supervision: how we need to adapt to address the fast-pace of change.

Because both of these aspects – understanding how technology changes and how supervision adapts – are key to fostering insurance and pensions sectors that thrive.

New technology, new trends

Let me start then with some trends.

And I have to begin with data. Not only the increase in the amount of data that is available, but the growing capacity we have to crunch the data.

The European Commission has estimated that the volume of data produced in the world will go from 33 zettabytes in 2018 to 175 zettabytes in 2025. That’s a five-fold increase in only seven years. And just to put that into context, a zettabyte is a 1 with 21 zeros after it!

And all that data is driving the use of artificial intelligence, or AI, across the entire insurance value chain. 
From product design to claims handling, AI is there already and more will come.

Now how does this trend impact does on the sector? For policyholders it can mean better pricing and more personalised products.

Telematics might be comparatively old technology, but it continues to transform our driving habits – and our insurance premiums. The safer we drive, the less we pay. In the same way, we can have more accurate premiums based on the actual not estimated number of kilometres we drive. In the future, perhaps we will receive incentives for leaving our cars at home when air pollution is especially bad.

In terms of new trends, we’re seeing new co-operation models – not only start-ups, but also with Big Tech companies and other platform providers. Amazon in India now offers car and motor-bike cover, having partnered with an Indian insurance provider.

And we’re seeing new kinds of insurance offers: peer-to-peer insurance and new types of parametric insurance, linked to smart contracts.

Indeed, new technologies are already enhancing efficiency in the back office of many insurers.

For example, blockchain technology – which is behind many smart contracts, has enormous potential in terms of process and cost efficiency, as well as enhanced customer experience. While blockchain is still relatively under-used in the European insurance sector, and does need further development itself, our recent report and public consultation showed that many blockchain-based solutions already exist in the EU either in full commercial use or in proof of concept stage, and the number is growing. 

So in the future, we could imagine a policyholder with a smart contract automatically receiving a payment from their travel insurer within minutes of their flight being cancelled. No need to contact a call centre or complete a claims form.
Or what about smart parametric insurance for policyholders likely to experience natural catastrophes, like flooding, with an amount automatically paid based on the severity of an event that took place. 

EIOPA is currently analysing the responses to our consultation to define the role of insurance supervisors in these blockchain and DLT developments. In the next weeks we expect to publish a summary report and our feedback. EIOPA will also continue monitoring market activities in this field, being conscious of the opportunities as well as the risks involved including accountability, finality, interoperability, use of energy and data quality. 

More quality data in general will help insurers better assess risks including climate risk and then enable or incentivise policyholders to adapt, to take mitigating actions. 

At EIOPA, we are currently piloting a natural catastrophe dashboard that identifies the drivers of climate-related insurance protection gaps to identify measures that will help to decrease losses when natural catastrophes occur.
A last trend I want to mention is the move towards open finance and, more specifically, open insurance. 

Here the idea is that, insurers together with other service providers all have access to a person’s personal and non-personal data upon receiving consent from that individual. 

We see this enhanced data sharing – through application programming interfaces, or APIs –in different products and services already happening.

Like insurance products offered on airline or car-sharing websites. Or perhaps a platform where policyholders can see all their policies in one place so that they can see where they might be underinsured or have overlaps in different policies.

And in the area of pensions specifically, pension tracking systems can take information shared by different providers to give a person a simple and understandable overview of the state of their retirement savings and help inform their decision-making.

Open insurance is another area offering opportunities, but also requiring close montoring and so EIOPA is following closely and has recently consulted on this topic. Overall, EIOPA considers that – if the risks are handled well – there are certainly use cases for open insurance that can bring significant benefits to consumers. 

So as you can see, the spread of digital technology across the insurance and pensions sectors is vast – and it keeps growing.

As well as leading to new products and services, rapid developments are also leading to broader social change – the sharing economy, new ways of working and new ways of saving and investing.

As we consider the role of supervisors in the digital transformation, we also need to make sure that we don’t ignore the new risks and liability issues that develop as well. That we recognize things like pension and insurance issues for freelancers, gig workers or mobile workers, and how we insure transportation – e-scooters, drones and driverless cars.  And we will need more interaction with other authorities for example data protection authorities.

There is a lot to consider.

The implications for supervision

So where do we start? How do we in the supervisory community keep pace with the digital transformation? I will mention three points that will be crucial in my opion.

Consumer protection

First and foremost consumer protection is key.

Remember those data zettabytes I mentioned earlier? That’s a lot of data, a lot of data processing and a lot of data sharing.

So we need to make sure that all that data is kept securely. That there are sufficient measures in place to protect against cyber attacks.

And we also need to make sure that people’s data is used fairly. That those AI algorithms are free from bias so that people are not excluded from policies or products.

Transparency and explainability are two important concepts here. Insurers must be able to explain how their algorithms work and be accountable for their systems, enabling consumers to have access to adequate redress mechanisms. And consumers need to be aware of what is being done with their data and if they agree to share data, it must be a conscious decision to do so – so they need to really be clear on that they are sharing, what they are sharing and how it will be used.

Our consultative expert group on digital ethics has been looking at issues like these and last year published principles setting out key governance pillars for the ethical and trustworthy use of AI in insurance. A very helpful step.

And that is not all. We also need to consider financial inclusion, or rather digital inclusion. 

There are two sides to this story, on the one hand digital technology can foster micro-insurance initiatives, providing insurance to vulnerable groups, often delivered through a smart phone.

But the other side of the story are the people who are not digitally savvy and cannot benefit from online offers. Then there are those who don’t want to share so their data, or those who find themselves priced out of policies because of the amount and granularity of data shared. 

At EIOPA, we will assess the topic of financial inclusion from a broad perspective, and regularly assess our own supervisory and policy work to make sure that we are looking at accessibility and inclusion.

Fit-for-purpose regulation

Now good supervision also relies on good regulation. 

At EIOPA, this means that we have to do all we can to make sure that regulatory frameworks are fit for purpose when it comes to digitalisation. 

When it comes to AI, we already have a lot. As insurance is a heavy regulated activity it will be no surprise that our regulatory frameworks – Solvency II and the IDD – already cover the use of AI. Then we have cross-sectoral frameworks, such as the General Data Protection Regulation (GDPR) that provide a sound basis for the use of AI in the insurance sector as well.

In addition, the European Commission’s legislative proposal for an Artificial Intelligence Act will provide a legal framework for the use of AI in the European Union. 

Here EIOPA supports the Commission’s risk-based approach reflected in the AI Act. Not all AI systems pose the same opportunities and risks, so there is definitely a need for proportionality. We also believe that any further regulation should specifically take into account AI use cases in insurance.

But we’re also aware that some of our regulation does not always allow for a digital approach. A well-known example is the requirement for paper-based disclosures in the IDD and PRIIPs. This is something that could change.

Our work on the information documents and benefit statements for the pan-European personal pension product, or PEPP, are digital first. We can learn from this approach and see how we can adapt it to other information documents.
More generally, as part of our work to support the development of a digital internal market, we will assess what needs to change in our regulatory frameworks, including IORP II, from a digital perspective and how we can address ‘same activity, same risk, same rules’ issues, while remaining technology neutral.

We will also assess the legal frameworks that we need to protect the industry from cyber threats and attacks. 
We have long highlighted cyber security and ICT resilience as critical factors and will focus our immediate work on the implementation of our recently adopted cloud computing and ICT guidelines, as well as the implementation of the Digital Operational Resilience Act, or DORA.

After all, the success of digitalisation depends on trust and security.

Enhancing the capacity of supervisors

And now to my third point – we need to build our own skills as supervisors.

On the one hand, this means looking at technology itself for more agile and efficient supervision and regulation. And here I am talking about RegTech – or regulatory technology and SupTech – supervisory technology.

On the other hand this is about how we keep pace with the technology developments. This is important to make sure that consumers remain protected, but also to make sure that our approach to supervision fosters rather than hampers innovation.

Consultation, cooperation and dialogue are central to this.

We have found that close stakeholder cooperation – through forums like the European Forum for Innovation Facilitators – helps us as supervisors to understand new technology and tools, and helps innovators understand what we, as supervisors, find important.

We also cooperate closely with our sister European Supervisory Authorities and I pleased to see both Chairs of the other two ESAs on the agenda of this conference.  We work together on digital finance issues and earlier this week, the three ESAs published a joint report in response to the European Commission’s call for advice on digital finance. In this context, our overall recommendation is rapid action to ensure that the EU’s financial services regulatory and supervisory framework remains fit-for-purpose in the digital age.

And of course, we work closely with colleagues at international level, in particular in the International Association of Insurance Supervisors (IAIS) to ensure a common coordinated approach at global level.


Let me conclude by saying that when EIOPA first started its work on digitalisation, it was sometimes seen as a ‘nice-to-have’ or a means of providing a better consumer experience.

Now digitalisation is an essential part of the insurance and pensions sectors and on everyone’s agenda.In light of this, to bring together all strands of our work, we recently published our digital transformation strategy. 

The strategy sets out how we at EIOPA can contribute best to the sound transformation of the insurance and pensions sectors in Europe and their transformation.And the points that I have outlined to you today are at the heart of our strategy. 

If I had to summarise, I would say that we want to support the market and supervisory community through the digital transformation. Because this is what we need to do if we are to make sure that the digitalisation and financial innovation works to its full potential.

Ladies and gentlemen, thank you very much.