"How do we really get greater assurance that the AI system you're about to purchase is fit for the purpose?"
Anthony Habayeb, CEO and co-founder, Monitaur
November 2025 | What's new this month
Manage AI risks from third-party vendors
The "trust but verify" problem with AI vendors is that organizations typically rely on vendor responses to questionnaires without independent validation.
Third-party AI requires verification of multiple risk dimensions beyond just functionality - organizations need to assess the accuracy, robustness, security, fairness, and truthfulness of vendor AI systems for their particular intended use cases.
This 60-second video can change the way you think about AI vendor risk management.
Good regulation starts with good information but, in artificial intelligence (AI), it's rare. Data on how AI systems are built, trained and deployed remains fragmented — scattered across private companies, buried in proprietary processes or simply never collected at all. This means governments trying to regulate AI often have to work with incomplete snapshots that use voluntary disclosures and inconsistent reporting standards, which provide limited visibility into what's actually happening inside these systems. The result is that regulators are asked to manage risks like algorithmic bias and data misuse without the evidence they need to understand them, let alone to address them effectively or consistently across borders.
In the insurance industry, disruption rarely arrives with noise. It comes in spreadsheets, new software modules, and quiet updates to underwriting platforms. But over the past year, something more profound has begun: artificial intelligence is slipping into nearly every corner of insurance operations, reshaping what many white-collar workers actually do. From the cubicles of claims departments to the digital desks of underwriters, AI is beginning to automate tasks once considered immune to technology. The people who feel it most aren’t the factory workers or drivers of the past industrial revolutions — they’re analysts, administrators, and specialists in tailored suits.
Industry Regulation & Legislation
California Charts the Frontier With First Law Setting Reporting And Compliance Requirements For Powerful “Frontier AI Models” On September 29, 2025, California Governor Gavin Newsom signed Senate Bill 53, the Transparency in Frontier Artificial Intelligence Act, into law. The bill will go into effect on January 1, 2026. The act builds upon the recommendations found in the “California Report on Frontier AI Policy,” which was released to the public on June 17, 2025. This report detailed key principles to guide the legislation drafting process, including grounding AI policy in empirical research and providing greater transparency into AI systems. Given that California is home to 32 of the top 50 AI companies worldwide, the state dominates the AI industry. It is no surprise that California is the first state to create rules promoting safety, transparency, and incident reporting for frontier models. This new act is expected to set the stage for similar AI legislation across the U.S.
NAIC membership divided on developing AI model law, disclosure standard The National Association of Insurance Commissioners is struggling to reach a consensus on regulating insurers' use of AI. Speaking during S&P Global Market Intelligence's Insurance Investments Symposium on Oct. 9, Wisconsin Insurance Commissioner Nathan Houdek said that the Big Data and Artificial Intelligence Working Group of the National Association of Insurance Commissioners (NAIC) is looking at whether to move forward with "some type of model law or regulation." Houdek noted that the goal of new regulation from the NAIC is to have each of the states adopt it across the country to have as much uniformity as possible.
Impact & Society
Insurance and AI: A Double-Edged Sword Artificial intelligence (AI) is revolutionizing the insurance business. Insurers recognize and are already taking advantage of the manifold ways in which AI can significantly improve their routine processes, decision-making and risk management. At the same time, some insurers recognize the potential for negative impacts as well. In this Real Solutions piece, we will place the intersection of AI and insurance in its historical context, present what insurers are doing with AI today, and offer some notes of caution.
Employers are increasingly using artificial intelligence tools to speed up hiring processes, such as resume screening, but human oversight remains essential to prevent unintentional discrimination. Employment practices liability insurance policies should cover AI-related claims, but companies should expect questions from insurers, several sources say. Evolving state and local regulations on employers’ use of AI, including rules in California that took effect Oct. 1, increase the need for companies to manage the risks, according to experts. AI can help HR departments review large numbers of applicants faster, but discrimination laws such as Title VII of the Civil Rights Act, the Americans with Disabilities Act and the Age Discrimination in Employment Act, “are still going to apply,” said Joni Mason, New York-based senior vice president of national executive and professional risk solutions claims at USI Insurance Services.
Forrester does not endorse any company, product, brand, or service included in its research publications and does not advise any person to select the products or services of any company or brand based on the ratings included in such publications. Information is based on the best available resources. Opinions reflect judgment at the time and are subject to change. For more information, read about Forrester’s objectivity here.
