How AI is being used in insurance pricing, and why it matters
Insurance pricing has become one of the most intensive applications of AI and machine learning across the financial sector. Insurers are using AI in two primary ways. First, data-intensive underwriting: AI models analyse vast datasets, including credit history, postcode, occupation, driving behaviour, property characteristics, and in some cases social media data or purchasing patterns, to price risk with greater granularity than traditional actuarial tables. Second, behaviour-based insurance: real-time monitoring of individual behaviour (telematics for drivers, wearables for health insurance, smart home sensors for property insurance) feeding continuous pricing adjustments.
Both approaches raise significant questions for consumers. Can an insurer use data about where you shop to price your home insurance? Can an algorithm make you effectively uninsurable? Do you have the right to know how your premium was calculated? The answers vary by jurisdiction, but the regulatory direction is consistent: insurers using AI in pricing must be able to demonstrate fairness, and cannot hide behind algorithmic complexity to avoid explaining decisions to regulators and customers.
EU, GDPR, EU AI Act, and insurance-specific regulation
In the EU, AI pricing systems in insurance are subject to overlapping regulation. Under GDPR Article 22, automated profiling that significantly affects an individual's insurance terms, including premium pricing and coverage decisions, is subject to the automated decision-making restrictions. Individuals have the right not to be subject to solely automated pricing decisions of this kind without the ability to request human review and obtain an explanation.
Under the EU AI Act, AI systems used for risk assessment and pricing of life and health insurance are classified as high-risk systems under Annex III. This means providers and deployers of such systems face the full suite of high-risk AI obligations: risk management systems, data governance requirements, technical documentation, human oversight, and post-market monitoring. These requirements apply from December 2027 under the Omnibus agreement reached on 7 May 2026. The EU Insurance Distribution Directive (IDD) Article 17 requires insurers to act fairly and in customers' best interests, which regulators have confirmed applies to AI-driven pricing.
The European Insurance and Occupational Pensions Authority (EIOPA) issued a Supervisory Statement on Differential Pricing in 2023, setting specific governance expectations for AI-driven pricing: insurers must assess whether pricing models produce unfair outcomes for identifiable consumer groups; must document and be able to justify the data used in pricing models; and must maintain human oversight of AI pricing decisions at a governance level.
United Kingdom, FCA (Financial Conduct Authority) expectations and the ethnicity pricing concern
In the UK, the FCA has been explicit about its concerns with AI-driven insurance pricing. FCA Chief Executive Nikhil Rathi has publicly warned that AI hyper-personalisation in insurance could result in certain customers becoming effectively uninsurable or facing discrimination through algorithmic bias. The FCA found in its investigation of general insurance pricing practices that some firms were using datasets, including third-party purchased data, that could implicitly relate to race or ethnicity, producing a so-called "ethnicity penalty" where people from minority ethnic backgrounds pay more for equivalent coverage.
Under the Consumer Duty (in force since July 2023), FCA-authorised insurers must deliver good outcomes for retail customers and be able to demonstrate that their pricing is fair. An insurer that cannot explain why a specific customer is paying a specific premium, including the role of AI in that calculation, is in a poor position to demonstrate Consumer Duty compliance. The ICO has confirmed that AI pricing systems that process personal data must comply with GDPR fairness principles, meaning pricing must not produce outcomes that are unjustifiably harmful or that discriminate on protected characteristics.
United States, NAIC model bulletin and state-level requirements
In the US, insurance regulation is primarily state-level. The National Association of Insurance Commissioners (NAIC) issued a Model Bulletin on the Use of Artificial Intelligence Systems by Insurers in December 2023, which has been adopted by approximately 25 states. The bulletin establishes governance expectations including: board-approved AI strategy; AI inventory; bias testing of models before and after deployment (with a finding in 2025 that nearly one-third of health insurers were not regularly testing for bias); and explainability mechanisms when AI affects pricing or claims decisions.
Colorado's insurance regulator separately requires insurers to govern and test AI and predictive models for unfair discrimination in pricing and underwriting, a requirement that sits in insurance law and is independent of the broader Colorado AI Act (whose original SB 24-205 was repealed and replaced by SB 189 in May 2026). Several other states have or are considering similar requirements. Where an AI pricing decision results in discriminatory outcomes based on protected characteristics, state insurance commissioners have authority to require insurers to correct their models and to impose penalties.
A significant 2025 legal development: homeowners in Alabama filed a class action against State Farm alleging that AI algorithms in claims processing produced discriminatory outcomes disproportionately affecting Black policyholders (Kelly v. State Farm Fire & Casualty Co.). The insurance industry is watching this and similar cases closely as indicators of where consumer litigation risk concentrates around AI pricing and claims systems.
What you can do if you think AI insurance pricing is unfair
Your practical options depend on jurisdiction. In the EU: you can request that a solely automated pricing decision affecting you significantly be reviewed by a human, and request an explanation of the data and logic used. You can complain to your national data protection authority if you believe your GDPR rights have been violated, and to your national insurance regulator if you believe pricing is unfair or discriminatory.
In the UK: you can complain to the FCA (via the Financial Ombudsman Service for retail complaints) if you believe your insurer's AI pricing has produced an unfair outcome or cannot be explained. You can ask your insurer specifically what data was used to calculate your premium and whether any third-party data sources were involved.
In the US: you can file a complaint with your state insurance commissioner if you believe AI pricing has produced discriminatory outcomes. You can also request the specific reasons for adverse underwriting decisions from your insurer, and request access to your insurance score and the data used to calculate it where state law permits.
In Australia: you can request information about automated decisions affecting your insurance under the Privacy Act's access and correction rights, and lodge a complaint with the OAIC (Office of the Australian Information Commissioner) or AFCA if you believe your rights have been violated.
Related reading
- AI in Insurance: Your Rights When Algorithms Set Your Premium or Deny Your Claim
- AI Rejected Your Loan or Credit Application. What Are Your Rights?
- AI and Your Credit Score: How Algorithmic Lending Works and What Your Rights Are
- AI and Your Consumer Rights in Australia: Pricing, Recommendations, and What the ACCC Can Do
Further reading: OECD AI Principles