'Open insurance' is the latest hot topic in the world of data and insurance. Many people will be familiar with the concept of 'open banking' introduced by the Payment Services Directive (PSD2). (For those who aren’t, a refresher is here.) With the perceived success of open banking since 2018, regulatory attention is turning to increasing the use of (and access to) data from banking to other areas of finance. In fact, in its Digital Finance Strategy, published in September 2020, the European Commission announced that it aims to have an open finance framework in place by 2024 and will thus propose legislation by mid-2022.
The European Commission’s open finance framework will sit on top of horizontal regulatory initiatives, such as the European Data Strategy, proposed platform regulation and the forthcoming review of PSD2, which, among other things, aim to increase access to and utilisation of data in the EU.
With this being the first concrete consultation on the topic launched at EU level, EIOPA’s recent public consultation and discussion paper has not only brought 'open insurance' to prominence in the insurtech community but also launched the discussion for the financial sector more broadly. Many stakeholders, including the European Commission, will therefore be paying close attention to the outcome of the consultation, especially when it comes to the increasing presence of 'big tech' in the financial sector.
While it’s clear open insurance is a key trend to watch in 2021 and beyond, its exact definition and scope remain murky to most.
So, what exactly is open insurance?
There is no universally-accepted definition of 'open insurance'. However, EIOPA refers to open insurance in a very broad sense: covering accessing and sharing insurance-related personal and non-personal data usually via APIs. 'Personal data' in EIOPA’s paper refers to the same concept as in the GDPR.
EIOPA does, however, note the wide range of interpretations across the industry, from compulsory personal data sharing based on the explicit consent of consumers (much like the approach in PSD2) to broader information sharing between different insurance market players (including in a way that the consumer might not be aware of). The paper sets out that open insurance can broadly be considered from three different (but linked) angles:
- consumer angle – that is, accessing and sharing consumers' insurance services-related data (eg their insurance policy data, such as insured object, coverages and claims history, internet-of-things data, etc.) between insurers, intermediaries or third parties to build applications and services;
- industry angle – increased data exchange through APIs between different participants; and
- supervisory angle, such as supervisors being able to access consumer insurance services-related data and/or product information data, including ultimately on a real-time basis, to improve their oversight capabilities.
Benefits and opportunities
For consumers, open insurance offers the potential for a transparent and personalised experience.
For example, access to insurance-related data could enable the development of tools such as insurance management dashboards. This would empower consumers to actively manage their policies and risks, allowing for seamless switches between insurance providers if prices are better elsewhere.
Consumers could also start seeing bespoke policy recommendations based on specified life events, such as having a baby or reaching a certain age.
For businesses, open insurance offers increased efficiency, whilst fostering the adoption of a consumer-centric innovation mindset. Businesses could benefit from reduced administrative costs, as well as increased flexibility and speed in digital insurance sales. The detailed tracking of evolving consumer needs may drive insurance market players to develop innovative products and services to meet those demands.
Our team has recently written about the potential for an open insurance environment in a post-pandemic world, which you can read about here.
Barriers and risks
Open insurance is often brought up in discussions around open banking, although open insurance presents its own unique challenges given the breadth and depth of data that might be involved in insurance.
The sensitive nature of insurance-related information (think health, sexuality, political views…) brings a flurry of consumer protection risks. It will be crucial for regulators to clarify who can access what data, what the level of openness will be and what the conditions will be for such access.
Regulators will also need to consider how to supervise how such data is used and the potential increased access to data – especially between industry participants – will likely lead to more discussions and greater regulatory expectations in the context of data ethics (the Freshfields data ethics page is a great source of thought leadership in this area).
By way of example, the sharing of data may increase the risk of financial exclusion, whereby more information or combinations of information may be used as a basis to deny consumers access to insurance policies. If data sets are used in algorithmic decision-making, including in make decisions on access to (or costs of) financial products, the input needs to be reviewed carefully to avoid bias to the extent possible.
These concerns have led to fears that open insurance will be more heavily regulated than open banking, which may in turn stifle innovation.
EIOPA’s public consultation seeks stakeholder input in order to balance these regulatory objectives and the need for innovation. We look forward to seeing the outcome of the consultation and whether it will pave the path to a regulatory framework which successfully tackles these challenges.
The European Commission is also in the process of setting up an Expert Group on open finance, so it can gather stakeholders’ views across the financial sector more broadly. Applications to participate in the Expert Group, which will assist in the 'preparation of legislative proposals and policy initiatives in the field of data sharing in the financial sector' and 'look into the relevant policy issues associated with such data-sharing, including data confidentiality, privacy, customer consent and potential impact on access to financial services and products', are open until 15 April.
In addition, as part of its Digital Finance Outreach, the European Commission will hold a series of webinars on open finance, with the first introductory webinar on 23 March and one specifically on open insurance on 25 March.
For more insights into open insurance, please speak to a member of the Freshfields team - we'd love to discuss the insurtech space with you.
Data broadly understood is critical for insurance, as it is the foundation of sound risk identification and pricing. Insurers are typically data rich. New kinds of data and data sources (e.g. social media) and new questions on who should ultimately decide on the use of data (e.g. the policyholder) are however introducing new players and challenges, disrupting this picture.