AI in Singapore insurance, governance under MAS and PDPA

Singapore's insurance sector is rapidly adopting AI for underwriting, claims processing, fraud detection, customer service, and pricing. The regulatory framework combines the Monetary Authority of Singapore's supervisory expectations with the PDPA's data protection obligations and IMDA's voluntary governance frameworks.

MAS regulatory expectations

MAS published its Consultation Paper on AI Risk Management Guidelines for Financial Institutions on 13 November 2025, with consultation closing 31 January 2026. Once finalised (expected mid-2026), these will be supervisory expectations, meaning MAS will evaluate compliance during inspections and supervisory reviews. The guidelines build on the existing FEAT Principles (Fairness, Ethics, Accountability, Transparency) and apply to all MAS-regulated financial institutions, including general and life insurers, reinsurers, and insurance intermediaries.

Key expectations for insurers: governance structures with board-level accountability for AI risk; risk assessment and management for material AI systems; data management covering quality, bias, and representativeness; model management including validation, testing, and ongoing monitoring; third-party AI vendor governance with structured due diligence and contractual protections; customer outcomes monitoring for AI-driven pricing and claims decisions.

The MAS AIDA Grant under the Financial Sector Technology and Innovation (FSTI) Scheme (valid until March 2026) co-funds financial institutions' adoption of AI, subject to governance, capability-building, and workforce impact criteria.

PDPA obligations for insurance AI

The PDPC's March 2024 Advisory Guidelines on AI Recommendation and Decision Systems clarify how PDPA obligations apply to AI-driven insurance decisions. Insurers must ensure: consent or applicable exception for personal data use in AI underwriting and pricing; purpose limitation, data collected for one purpose cannot be repurposed for AI without appropriate basis; notification and transparency about AI use in decisions affecting policyholders; accuracy and correction of personal data used in AI systems; data protection impact assessments for high-risk AI deployments.

Penalties under PDPA reach S$1 million or 10% of annual turnover in Singapore for organisations with annual turnover exceeding S$10 million.

Insurance-specific AI governance concerns

Pricing fairness. AI pricing models that use proxies for protected characteristics can produce discriminatory outcomes even without explicit use of protected data. Singapore's fair dealing framework and MAS FEAT fairness principles require insurers to assess and address AI pricing bias.

Claims automation. Automated claims decisions must preserve policyholders' rights to explanation and appeal. Fully automated denial without human review creates regulatory and reputational risk.

Underwriting AI. AI underwriting models must be explainable to the degree required by MAS supervisory expectations. Black-box underwriting that cannot explain individual decisions creates supervisory risk.

Primary sources: MAS · PDPC · AI Verify Foundation

Related reading