What is open insurance? Tech versus data sharing
The insurance industry is still working out how to share consumer data, but more examples are emerging in Asia.
The insurance company of the future is not one that exploits a particular technology. Artificial intelligence, blockchain, cloud, predictive analytics: all have existed for some time. What’s changing is how insurers are using these technologies to change their relationship with their end consumers.
This is indeed new, because until recently, the only customer relationships that insurance companies had were with intermediaries, such as tied agents, relationship managers, brokers, or banks.
The only time a policyholder dealt with the insurance company was when it came time to submit claims. This disconnect is one reason why people often mistrust the insurance industry.
Today, insurers are connecting more directly with customers, via social media to sell, chatbots to provide service, and with a view to hoover up customer data to generate insights and predictions.
Although insurance companies are now hungry for such data, and the insights they provide, they still have an intermediary between themselves and the policyholder. The arm’s-length relationship is becoming an impediment.
Fumbling toward open insurance
Thus the industry is groping towards “open insurance”, in the footsteps of consumer banks. Many banks have embraced open banking. In Europe, they are required to do so, with the UK and European Union regulators mandating the sharing of customer data with third-party service providers, if the customer asks for this. Such arrangements in Asia are left to markets, although regulators are proactively encouraging them.
Insurance regulators have been slow to take up the idea of open insurance, and the industry is considered several years behind banks. The industry is still grappling with what “open insurance” means.
- Read more:
- Flipkart’s fintech agenda: insurtech, cards and CBDCs
- Insurers fall behind | Ben Quinlan| DigFin VOX Ep. 48
- Tech alone can’t save Hong Kong’s insurers
InsureTech Connect, a Singapore-based industry group, recently hosted a discussion on open insurance in Hong Kong. The primary challenge to the industry is the cultural shift to treat data as belonging to the customer, rather than to the carrier.
There is promising news. Alfred Cheung, chair of the insurtech task force at the Hong Kong Federation of Insurers, provided three examples of open insurance in action, based on three strategies: new technology, new ecosystems, and new environments.
- New tech: Cheung cited Bank of China Life launching an app that can guess a customer’s biological age from a variety of data sources, including wearables. This insight lets it offer customers lifestyle suggestions to improve wellness. Something that sounds so simple, however, requires a huge effort behind the scenes. BoC Life works with 50 partners, including physical stores, healthcare companies, charities, and wearable companies.
- New ecosystems: Singapore-based CXA Group has created an interlocking set of business relationships to promote its employee-benefit business. It removes intermediaries at two points in the value chain of offering benefits: the third-party administrator (or TPA, a company that manages claims processing or recordkeeping) and the insurance broker. Instead, CXA has a cloud-based platform to let employers integrate a range of insurance business solutions and data into a single company-funded wallet that workers use to spend benefit monies across a range of partner companies.
- New environments: CoverGo, a Hong Kong insurtech, is using a suite of APIs to enable insurers, banks, and brokers to create, manage and distribute insurance products. Powered by more than 500 APIs that link different software systems, the network enables firms to go to market with new products very quickly. Open API frameworks are still new, and Cheung says regulators are keen to have insurers and insurtechs submit use cases.
Assembling such simple-sounding models is, however, difficult. Open insurance can be thought of in two ways: as a technology solution, and as a sharing solution.
Open insurance as technology
Arvind Swami, senior director at Red Hat, an open-source vendor, defines the tech version as an organization, such as an insurance company, issuing a template for other companies to connect to its software. APIs, application programming interfaces, are tools to enable such connections, but API management is a bigger undertaking that handles cybersecurity threats, data privacy, and user-consent management.
Open insurance relies on open-source development, in which anyone can contribute to the software code. This can build in resilience, because having lots of developers testing the code makes it robust.
But open source also means more aspects of an activity – such as the value chain of an insurance policy – are exposed to digitization.
“More digital touchpoints mean more cybersecurity risks,” Swami said at the InsurTech Connect event. Open source is also hard to modify, because an organization doesn’t control the source code.
Given these problems, why should insurance companies bother?
“The answer is that it’s great for customers,” said Jim Qin, CEO at Zurich Insurance Hong Kong.
To make it work, though, requires a holistic approach, rather than treating it as a product push or thinking APIs are a magic bullet to address an insurer’s legacy tech problems.
If done right, an open insurance model can transform the insurance company into a vital one-stop shop for customers – something that would be unthinkable under traditional business models. Open APIs also allow organizations to update systems and to go to market with updates or new products very quickly.
Open insurance as data sharing
The other way to think of open insurance is in terms of data sharing. The tech, based on APIs, is the vehicle to make this happen.
Insurance, like other types of financial services, is an information business. Insurance companies use intermediaries to get information from policyholders so they can underwrite and price products, or serve a claim.
The more insurance companies are able to share such data, the more they can make their processes more efficient, and deliver a better customer experience.
However, sensitive personal or corporate information cannot be shared with anyone, notes Lapman Lee, a professor at Hong Kong Polytechnic University specializing in ESG and risk management.
Sharing requires a lot of regulatory and self-imposed guardrails. The most important concept is consumer consent. Customers have to know what information they are agreeing to share, and why. The information must be shared for a specific purpose: insurers or partners cannot horde customer data or use it for other reasons.
Getting a grip
This is the hard part of open insurance. People or businesses are reluctant to share data unless the purposes are transparent and specific, and the benefit is tangible. Insurance companies are not used to letting go of what they regard as proprietary data, both from a safety perspective as well as a competitive business instinct.
“Customers should always be the decider,” Lee said. “Financial institutions need to get over it. The insurance business is about sharing, the data is not always theirs.”
The sticking point is understanding that the customer owns their data. The customer has the right to access their data, and consent to its use under clearly defined circumstances. For insurers, such consent mechanisms are hard to understand and implement, although they also serve to protect the insurer from risks, legal or otherwise. But even when benefits and guidelines are spelled out, certain types of information, such as personal health details, are always going to be difficult to manage.
Open insurance is therefore a lot more complex than just building APIs. It requires people who understand both the insurance industry and digitalization – two worlds that are usually mutually incomprehensible. Then the models must be explained to consumers, so they understand the risks and benefits of letting companies share their data.