Glossary
Plain-language definitions of the NAIC and insurance AI governance terms we use across the site.
A
- Accelerated Underwriting
- A life insurance underwriting process that uses data and algorithms to approve applicants without traditional medical exams or fluid tests.
- Full entry →
- Actuarial Justification
- The showing that an insurance rating or underwriting practice is supported by sound actuarial analysis and genuinely predictive of risk.
- Full entry →
- Adverse Action Notice
- A notice the law requires when a consumer is denied credit, insurance, or employment based on a consumer report. FCRA sets its form and timing.
- Full entry →
- Adverse Consumer Outcome
- A negative result for a consumer from an AI-supported insurance decision, such as a denial, higher premium, delayed claim, or reduced benefit.
- Full entry →
- Agentic AI
- AI that pursues goals autonomously over multiple steps, such as retrying, routing, or coordinating with other systems, raising new accountability concerns.
- Full entry →
- AI Disclosure
- The requirement to inform consumers when an AI system has materially contributed to a decision that affects them.
- Full entry →
- AI Lifecycle
- The full span of an AI system from design, development, and deployment through monitoring, retraining, and retirement.
- Full entry →
- AI Systems (AIS) Program
- A written insurance AI governance program that assigns ownership, sets risk appetite, documents testing, and evolves with the company's AI use.
- Full entry →
- Algorithmic Bias
- Systematic errors in a model that skew outputs in ways that are wrong or unfair, often rooted in training data, feature selection, or model design.
- Full entry →
- Algorithmic Discrimination
- Unfairly different treatment of individuals or groups by an automated decision system, often through proxy variables or biased training data.
- Full entry →
- Alternative Data
- Data not traditionally used in underwriting, such as credit history, driving behavior, or digital signals. Often regulated as ECDIS when applied to consumers.
- Full entry →
- Audit Rights
- Contractual rights that let an insurer examine a vendor's AI systems, data practices, and compliance controls. Required for high-risk third-party AI.
- Full entry →
- Automated Decision System
- A system that uses AI or algorithms to make or materially influence decisions about consumers, such as coverage, pricing, or claims outcomes.
- Full entry →
B
- Bias Testing
- The process of testing an AI model for accuracy and outcome differences across groups, including protected classes and proxy variables.
- Full entry →
C
- Claims Adjudication
- Reviewing, validating, and paying or denying insurance claims. AI used here is now a high-priority target for market conduct exams and litigation.
- Full entry →
- Colorado AI Act
- Colorado SB 24-205, a comprehensive algorithmic-discrimination law that was repealed and replaced by SB 26-189 in 2026.
- Full entry →
- Colorado Quantitative Testing Rule
- 3 CCR 702-10, the Colorado rule implementing SB 21-169 by requiring life insurers to test predictive models and external data for unfair discrimination.
- Full entry →
- Colorado SB 21-169
- A 2021 Colorado law requiring insurers to prove that predictive models and external data used in life insurance do not unfairly discriminate.
- Full entry →
- Colorado SB 26-189
- A 2026 Colorado law that replaced SB 24-205 with a narrower disclosure-and-recourse framework for automated decision-making in insurance.
- Full entry →
- Consumer Recourse
- The rights consumers have to appeal, correct, or contest an AI-influenced insurance decision, a central feature of Colorado SB 26-189 and similar state laws.
- Full entry →
D
- Data Governance
- The framework for managing data quality, access, lineage, and compliance across the enterprise, including data used by AI systems.
- Full entry →
- Data Lineage
- The documented path data takes from source through transformation, model training, and final use. Essential for AI explainability and regulatory review.
- Full entry →
- Data Minimization
- The principle of collecting only the personal data needed for a specific purpose and deleting it when no longer necessary.
- Full entry →
- Department of Insurance
- The state agency responsible for licensing insurers, reviewing rates, and enforcing insurance laws. Each U.S. state has its own DOI.
- Full entry →
- Disparate Impact
- A policy or practice that appears neutral but produces disproportionately harmful outcomes for a protected class. A key test in insurance AI fairness review.
- Full entry →
- Disparate Treatment
- Intentional discrimination in which similarly situated consumers are treated differently because of a protected characteristic.
- Full entry →
- Due Diligence
- The investigation an insurer performs before acquiring or deploying a third-party AI system, including assessment of the vendor, model, data, and risks.
- Full entry →
E
- Executive Order 14365
- A December 2025 Trump administration order directing federal agencies to challenge state AI laws that conflict with a minimally burdensome national framework.
- Full entry →
- Exhibit A
- The governance-framework section of the NAIC AI Evaluation Tool, covering board oversight, accountability, and internal controls for AI systems.
- Full entry →
- Exhibit B
- The risk-assessment section of the NAIC AI Evaluation Tool, covering identification, measurement, and mitigation of AI risks including unfair discrimination.
- Full entry →
- Exhibit C
- The AI-acquisition-and-use section of the NAIC AI Evaluation Tool, covering development practices, generative AI, and third-party systems.
- Full entry →
- Exhibit D
- The documentation-and-record-keeping section of the NAIC AI Evaluation Tool, covering evidence insurers must retain about AI systems and decisions.
- Full entry →
- Explainability
- The degree to which a model's decision can be understood and explained in human terms, a core requirement for AI governance and consumer recourse.
- Full entry →
- External Consumer Data and Information Sources
- Data about consumers from outside an insurer's own records, such as credit reports, public records, and behavioral data. Heavily regulated in insurance.
- Full entry →
F
- Fair Credit Reporting Act
- A federal law governing consumer reports and adverse-action notices, including how insurers use credit data, tenant-screening reports, and similar information.
- Full entry →
- Foundation Model
- A general-purpose AI model trained on broad data and adapted to many downstream tasks, including many LLMs and image models used in insurance applications.
- Full entry →
G
- Generative AI
- AI that creates new content such as text, images, or code. In insurance it aids drafting, summarization, and service, but raises accuracy and privacy concerns.
- Full entry →
- Governance Committee
- A cross-functional group that oversees AI risk, approves deployments, and reviews testing. Must meet regularly and have authority to pause AI systems.
- Full entry →
- Gramm-Leach-Bliley Act
- A federal law requiring financial institutions, including insurers, to protect customer data privacy and notify consumers about information-sharing practices.
- Full entry →
H
- Human-in-the-Loop
- A design where a human reviews or approves an AI system's output before it is acted on. Required for high-stakes insurance decisions, especially adverse ones.
- Full entry →
I
- Insurance Practices
- The activities insurers engage in that are subject to state insurance law, including underwriting, pricing, claims, marketing, and fraud investigation.
- Full entry →
- Internal Controls
- Policies and procedures that ensure AI systems operate as intended, including access controls, change management, and testing approvals.
- Full entry →
L
- Large Language Model
- A type of generative AI trained on vast amounts of text to understand and produce human-like language. Powers chatbots, drafting tools, and search systems.
- Full entry →
- Less-Discriminatory Alternative
- A model, variable, or practice that meets the same business purpose with less adverse effect on a protected class. A required analysis in proxy testing.
- Full entry →
M
- Market Conduct Exam
- A state insurance regulatory examination of an insurer's business practices, including sales, claims handling, underwriting, and now AI governance and fairness.
- Full entry →
- McCarran-Ferguson Act
- A 1945 federal law leaving insurance regulation to the states unless a federal statute specifically relates to insurance, limiting federal preemption.
- Full entry →
- Model Drift
- The degradation of a model's performance over time as real-world data or behavior changes away from the data it was trained on.
- Full entry →
- Model Inventory
- A documented list of all models and AI systems in use, including their purpose, owners, risk tier, and validation status.
- Full entry →
- Model Law
- A template statute the NAIC drafts for states to adopt as binding law. Unlike a Model Bulletin, it has the force of law once a state legislature adopts it.
- Full entry →
- Model Risk Management
- The discipline of identifying, measuring, and controlling risks from models, including AI models used in insurance decisions.
- Full entry →
- Model Validation
- The process of testing a model for accuracy, fairness, stability, and fitness for its intended use before and after deployment.
- Full entry →
N
- NAIC
- The National Association of Insurance Commissioners, the U.S. standard-setting and coordination body for state insurance regulators.
- Full entry →
- NAIC AI Evaluation Tool
- A worksheet the NAIC released to help insurers and examiners assess AI governance programs against the expectations in the NAIC Model Bulletin.
- Full entry →
- NAIC Model Bulletin
- The NAIC's non-binding guidance for state insurance regulators on how insurers should govern, document, and test their use of AI systems.
- Full entry →
- NYDFS
- The New York State Department of Financial Services, the regulator behind Insurance Circular Letter No. 7 and a leading state voice on AI underwriting rules.
- Full entry →
- NYDFS Circular Letter No. 7
- July 2024 NY DFS guidance requiring insurers to show AI and external data in underwriting and pricing are not unfairly discriminatory or inaccurate.
- Full entry →
O
- Ongoing Monitoring
- Regular observation of a model or AI system after deployment to catch drift, bias, accuracy degradation, and changing business conditions.
- Full entry →
P
- Predictive Model
- A model that estimates a future outcome or likelihood from historical data, such as the probability of a claim or the risk of a policyholder.
- Full entry →
- Prior Authorization
- A process where a health insurer must approve a treatment, service, or drug before covering it. AI has made this a focus of regulator and clinician scrutiny.
- Full entry →
- Protected Class
- A group sharing a legally protected trait such as race, color, national origin, sex, religion, age, or disability. AI testing screens for proxy effects.
- Full entry →
- Proxy Discrimination
- Discrimination that happens when a neutral variable, such as zip code or credit data, correlates with a protected class and produces unfair outcomes.
- Full entry →
- Proxy Test
- A New York DFS method for detecting whether a prohibited protected-class characteristic influences an insurance decision through a correlated proxy variable.
- Full entry →
R
- Rate Filing
- The process of submitting proposed insurance rates or rating rules to a state regulator for review or approval before they can be used.
- Full entry →
- Rating Variable
- A factor used in pricing or underwriting to predict risk, such as age, location, or driving history. Regulators scrutinize these for proxy discrimination.
- Full entry →
- Redlining
- Discriminatory exclusion or higher pricing based on where a consumer lives, often via geographic variables in underwriting and pricing models.
- Full entry →
- Risk Appetite
- The amount and type of AI risk an insurer is willing to accept, expressed as thresholds for deployment, testing, and oversight.
- Full entry →
- Risk Tiering
- Classifying AI systems by the level of consumer harm they could cause, so governance and testing can match the risk.
- Full entry →
S
- Shadow AI
- AI tools or systems in use inside an organization that have not been logged, approved, or governed. They break AI inventories and create hidden regulatory risk.
- Full entry →
T
- Third-Party AI
- AI systems, models, or components built or operated by an outside vendor. The insurer stays responsible for outcomes even when the algorithm is rented.
- Full entry →
- Training Data
- The data used to teach a machine-learning model to make predictions. Its quality and representativeness directly affect fairness and accuracy.
- Full entry →
U
- Underwriting and Pricing
- Evaluating risk and setting premium rates. AI here is scrutinized for unfair discrimination and proxy effects across life, health, and property-casualty lines.
- Full entry →
- Unfair Discrimination
- An insurance practice that treats similar consumers differently based on protected traits, often through proxies like zip code or credit data.
- Full entry →
- Unfair Trade Practices
- State insurance laws barring deceptive, coercive, or harmful insurer practices, such as misrepresentation, unfair claim settlement, and now some AI decisions.
- Full entry →
- Utilization Management
- The review of health care service use to control cost and quality. AI is widely used here and is now a major focus of state and federal insurance oversight.
- Full entry →
V
- Vendor Oversight
- The insurer's responsibility to govern, monitor, and audit AI systems developed or operated by third-party vendors.
- Full entry →