Responding to a NAIC AI Systems Evaluation Tool Pilot Request: A Guide

Understanding the Evolving Landscape of AI Regulation in Insurance

As the insurance industry increasingly integrates artificial intelligence, regulatory frameworks are becoming essential for governance. This article highlights significant insights and implications of the NAIC’s latest initiatives regarding AI, particularly the new Pilot Project designed for evaluating AI systems. Understanding these developments can help organizations navigate emerging compliance challenges and enhance their risk management practices.

Summary & Key Insights:

• The NAIC’s AI Systems Evaluation Tool Pilot Project is now prompting requests from domiciliary regulators for participation.
• The NAIC’s Big Data and AI Working Group has enriched the context for the AI Tool Pilot Project through discussions at its February meeting.
• Insurers taking part should regard the request as an early-stage exam inquiry, conduct a thorough inventory of their AI assets, ensure confidentiality and trade secret protections, and remain alert for updates from the upcoming NAIC Spring Meeting.

NAIC’s Expanding Role in AI Governance

The National Association of Insurance Commissioners (NAIC) serves as a pivotal authority in shaping how state insurance regulators develop AI regulatory principles concerning consumer protection, underwriting practices, claims handling, market conduct, and overall risk management. The NAIC’s responsibilities involve creating model guidance, coordinating multi-state initiatives, and providing practical resources for state regulators.

The NAIC’s AI Systems Evaluation Tool Pilot Project signals a transition from merely discussing policy to implementing supervisory oversight. If your domiciliary regulator invites you to partake in the NAIC Pilot, see it as an opportunity to contribute to the evolving AI regulatory landscape while also treating it as a de facto early exam inquiry that could impact risk assessment and examination focus.

Overview of the Tool Pilot

The NAIC Innovation, Cybersecurity, and Technology (H) Committee aims to consider and coordinate the development of regulatory guidance and examination standards regarding innovation, cybersecurity, data privacy, and the utilization of big data and artificial intelligence (AI), including machine learning (ML) within the insurance sector. To support this endeavor, the NAIC’s Big Data and AI Working Group (BDAIWG) has created draft Artificial Intelligence Systems Evaluation Optional Supplemental Exhibits for State Regulators, which include several important components aimed at helping regulators assess AI impact in insurance.

These components are currently being utilized in the NAIC Pilot, with participating states including CA, CO, CT, FL, IA, LA, MD, PA, RI, VT, VA, and WI. The anticipated duration for the NAIC Pilot is from March 2026 to September 2026, with some insurers already receiving participation requests.

Regulatory Feedback and Insights

Minutes from the BDAIWG’s February 13, 2026 meeting provide essential insights for insurers:

• Regulators may adapt the tool and shift discussions based on the feedback received.
• Confidentiality will depend on exam authority, as states will utilize their examination powers.
• The tool is expected to evolve in response to pilot feedback and may be considered for broader implementation at the Fall National Meeting.
• Participation could be compulsory for certain companies based on the discretion of the participating states.
• Participating states may collaborate to minimize overlapping outreach initiatives.
• States are evaluating how the NAIC Pilot aligns with financial examinations as opposed to other inquiry processes.

Key Considerations for Response

Should your organization receive a participation request, consider the following factors:

• Treat the Request as an Early-Stage Exam Inquiry. Internally align on: (i) the information requested; (ii) the responsible parties for responses (e.g. Legal/Compliance, IT/Security, Underwriting/Claims); and (iii) potential outcomes of the responses (e.g. follow-ups or deeper investigations into high-risk uses). The NAIC Pilot is positioned as a risk identification tool, which may influence regulatory assessments of an insurer’s inherent risk profile.
• Conduct an AI Inventory. Most regulators will start with Exhibit A to understand your AI usage. Build or update your inventory to identify: (i) AI-enabled use cases across numerous areas; (ii) system ownership (in-house, vendor-provided, or hybrid); (iii) key data inputs and outputs; (iv) automation levels; (v) potential high-risk framing; (vi) governance controls; and (vii) third-party risk management.
• Assume the Tool is Evolving. The NAIC Pilot exhibits and inquiries are still under development and may vary across states. Seek clarification regarding: (i) the regulator’s definition of “AI System;” (ii) whether information is needed at the program or system level; and (iii) if model architecture details should be disclosed. NAIC Pilot states are encouraging valuable feedback from participants to assist in refining the tool.
• Ensure Confidentiality and Trade Secret Protection. Do not assume your responses will be confidential. Prior to submission, identify the confidentiality authorities, use necessary confidentiality forms, clearly mark your documents, and control how they are transmitted.

Stay Updated and Adapt

The NAIC Pilot tool will continue to evolve through various meeting cycles, with updates expected during the NAIC Spring Meeting in San Diego. Insurers should closely follow the BDAIWG meeting minutes. For more information about the NAIC Pilot and ways to enhance your AI governance program, connect with our AI Team or Insurance Practice Group members.

Footnotes

^{1. See NAIC Innovation, Cybersecurity, and Technology Committee.}

^{2. See Artificial Intelligence Systems Evaluation Tool.}

This article offers a general overview of the subject. For personalized advice, consult with a specialized expert regarding your particular situation.