6 August 2025
The European Insurance and Occupational Pensions Authority (EIOPA) today published an Opinion addressed to national supervisors to clarify the key principles and requirements in insurance-sector legislation for the use and supervision of AI systems. The Opinion follows a risk-based and proportionate approach in order to reach a balance between the benefits and risks of AI systems.
Artificial Intelligence (AI) is set to play a pivotal role in the digital transformation of the insurance sector, where the use of AI solutions is already increasing across the value chain – in pricing, underwriting, claims management and fraud detection.
Since the AI Act entered into force in the European Union in the summer of 2024, it has governed the use of AI systems across all sectors of the economy including insurance. The act places special focus on so-called high-risk AI systems, which need to comply with a comprehensive set of requirements. In the insurance sector, AI systems used for risk assessment and pricing in life and health insurance are deemed as high-risk under the AI Act.
Importantly, AI systems used in insurance are already subject to existing sectoral legislation. This sectoral legislation establishes broad, technologically neutral principles and responsibilities for governance and risk-management, laying the foundation for a sound approach to innovative new tools.
This Opinion provides further clarity to supervisors on how to interpret these provisions in insurance-sector legislation – such as the Insurance Distribution Directive and the Solvency II Directive – in the context of AI. AI systems categorised as high-risk or prohibited under the AI Act are excluded from the scope of the Opinion to avoid regulatory complexities. The Opinion does not set new requirements and does not alter the scope of either the AI Act or existing sectoral legislation.
The supervisory expectations put forward in this Opinion follow a risk-based and proportionate approach and aim to promote greater supervisory convergence among National Competent Authorities (NCAs). They also provide clarity to the market on the supervisory expectations regarding the use of AI systems in insurance under sectoral legislation.
The Opinion clarifies existing governance and risk management principles while remaining flexible so as to allow tailoring for the specific characteristics of different AI systems. The proposed framework aims to ensure the responsible use of AI systems in insurance and includes data governance, record-keeping, fairness, cyber security, explainability and human oversight considerations.
Next steps
Based on the proposed AI governance and risks management framework in this Opinion, EIOPA plans to develop more detailed analyses of specific AI systems or emerging issues related to their use in insurance, and to provide further guidance where appropriate.