Digital Transformation in Insurance: lessons learned and future priorities

Digital sectoral legislations and horizontal frameworks adopted during the previous European legislature have laid the groundwork for a more resilient, innovative, and consumer-focused financial sector. Therefore, further refinement and prioritisation are needed to ensure objectives are fully achieved, particularly in safeguarding consumer interests.

The implementation of these frameworks underscores the need to balance risk mitigation and innovation. DORA, for instance, is being crucial in enhancing the operational resilience of financial entities, essential for consumer trust in an increasingly digitalised world and amid geopolitical tensions. However, concerns exist that administrative burdens, particularly for smaller insurers, could stifle innovation. 

Similarly, MiCAR has provided clarity for crypto-assets, creating a regulatory framework that promotes innovation while addressing risks such as market manipulation and consumer fraud. Yet, applying it to decentralised finance (DeFi) remains complex, with concerns about consumer protection. The borderless and decentralised nature of DeFi poses challenges for regulators and insurers, particularly in ensuring transparency, fairness, and accountability. 

For insurers that rely heavily on data, the interaction between sector-specific digital laws and broader frameworks like GDPR and the Data Act has highlighted key lessons. While these frameworks aim to harmonise the digital single market, challenges of overlapping requirements exist, which add on complexity and hinder consumer protection.                                                                                                                                                                                               Greater coherence and consistency between sector-specific and cross-sectoral rules is needed. For example, GDPR’s data protection requirements sometimes clash with the need for data-driven innovation in insurance, such as personalised products. Moreover, beneficiaries of insurance or pension products are not necessarily the policyholders, which is not always recognised in legislation. Further, while the AI Act only applies to health and life insurance, Solvency II applies to the use of AI for all insurers, requiring careful monitoring when implementing the AI Act for health and life insurance. Thus, sector-specific guidelines are needed to address the supervision of other lines of business, to ensure convergent EU supervision and that AI doesn’t lead to excessive segmentation or exclusion of certain consumer groups. 

Priorities for the European Commission should focus on effectively implementing existing legislation, including the AI Act and FiDA. Ensuring these frameworks are operational, will be crucial for the sector's development. For instance, the FiDA framework needs to be rolled out in a way that enhances data sharing and interoperability while safeguarding consumer rights, especially regarding data ownership and consent. Ongoing oversight is also essential to ensure digital innovations align with regulatory standards and consumer interests remain protected. This includes regular assessments and updates to existing regulations as the digital landscape evolves. EIOPA’s Expert Group on data use is well-positioned to contribute to these efforts, offering insights into the role of data in insurance and helping to shape a regulatory environment that fosters both innovation and consumer protection. 

Meanwhile, enhancing digital infrastructure is vital for integrating new technologies and services within the insurance sector.  Many insurers are still burdened by legacy systems, hindering their ability to take full advantage of digital advancements. Addressing these challenges through targeted investment will be key to ensuring a competitive and innovative insurance landscape. The Commission could prioritise equipping consumers with the knowledge and tools to navigate new technologies and products. Empowering consumers to make informed decisions is essential for maintaining trust and ensuring fair outcomes. The digital transformation of the insurance sector progressed significantly during the previous legislature, but consumer protection must keep pace with innovation. While frameworks such as DORA, MiCAR, and the AI Act have provided a solid foundation, further efforts are needed to address emerging risks, clarify regulatory uncertainties, and support innovation in a way that prioritises consumer interests. EIOPA stands ready to support these efforts and continue to contribute to a regulatory environment that fosters innovation, resilience, and consumer protection.

Thanks to Pascale Lamb for her contribution to this article.