We are the voice of insurance and long-term savings | Contact us

GDPR: Catalyst or deterrent for innovation in Insurance?

Despite perceptions as traditional and risk-averse, the Insurance sector is no stranger to digital transformation. Although digitisation in insurance has seen a slow start, within the last 2 years InsurTech has experienced exponential growth triggered by a clear imperative to innovate in an otherwise stale and traditional Insurance sector.

A recent study on “Harnessing Innovation in European Insurance” conducted by PAC’s research team and BAE Systems reports that “only one third of European insurers believe themselves to be highly innovative, however 70% believe that a failure to innovate will restrict growth or see them fall behind the competition”.

The same study reports that, despite the clear drivers for innovation, regulation as well as ageing technology and infrastructure are seen as the biggest barriers to harnessing innovation. Insurers believe they have the skills and bandwidth to drive innovation, but IT and external factors are stumbling blocks.

Emerging data protection regulations, particularly the General Data Protection Regulation (GDPR) coming into force in May 2018 and the new UK Data Protection Bill, are seen as having a potentially large and detrimental impact for the Insurance industry which may restrict data collection and processing activities, and/or create an additional compliance burden.

While more than half of the European carriers see predictive analytics and big data analytics as high priority areas with immense potential, regulatory requirements introduced by GDPR towards the protection of personal data could deter investments in analytics and therefore innovation.

In addition to the high cost of GDPR non-compliance (up to €20 million or 4% of global turnover, whichever is highest), new obligations with a perceived high impact to insurers include:

  • New consent model whereby explicit consent is mandated for special data categories and purposeful limitation and data minimisation of personal data is required. This has clear implications on an underwriter’s ability to effectively exploit existing data sources.
  • Restriction and objection to automated decision making and profiling which may result in limitations to the existing underwriting process.
  • Fair processing notices requiring insurers to be fully transparent with regards to the use of personal data collected. This is likely to result in disrupted customer journeys and a potential overwhelming flow of information at each stage of the data collection process.

What are the potential benefits of GDPR?

The regulation aims to provide a level playing field in terms of data protection, within and outside the EU, both to protect EU citizens but also to explicitly support economic growth in the digital era. It is therefore reasonable to assume that an organisation operating with confidence and complying with reasonable, clear obligations can continue to develop new and innovative services.

As the earlier study reports, 60% of insurers see improving customer engagement as the primary focus of their innovation strategy. In an age of stagnating premium growth, carriers are looking for new ways to drive customer loyalty and acquisition. GDPR, and the level of transparency it introduces, can therefore be the right vehicle to establish consumer trust and enable growth.

An effective GDPR programme will consider all aspects of the regulation; qualifying both regulatory obligations and corresponding commercial implications, including the business opportunities created by GDPR.

Rethinking value exchange to enable better customer engagement, and harnessing the power of data by promoting effective privacy compliant data management practices, will enable growth and innovation within the Insurance sector, allowing insurers to capitalise on the value of data.

If well understood and effectively implemented, GDPR is more than a tick-box compliance exercise; it can be a platform to create material business benefits in the Insurance sector.

Find out more about GDPR at the ABI’s digital conference: Insurance in the digital world: cyber, data and technology – from hype to reality on 19th October. Book now your place now. 


Last updated 12/10/2017