On July 24, 2025, the California Privacy Protection Agency (CPPA) unanimously adopted a comprehensive rulemaking package under the California Consumer Privacy Act (CCPA) that primarily addresses automated decisionmaking...more
7/31/2025
/ Algorithms ,
Automated Decision Systems (ADS) ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Employee Rights ,
Job Applicants ,
New Regulations ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology
On July 7th, the NAIC’s Big Data and AI Working Group (Working Group) exposed a draft of an AI Systems Evaluation Tool (Evaluation Tool). The stated purpose is to provide regulators with a tool that enables them to identify...more
7/30/2025
/ Algorithms ,
Artificial Intelligence ,
Compliance ,
Consumer Protection Laws ,
Data Collection ,
Financial Services Industry ,
Insurance Industry ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Technology
The Texas Responsible Artificial Intelligence Governance Act (TRAIGA), which was signed into law by Governor Greg Abbott on June 22, 2025, and is effective January 1, 2026, establishes a framework for regulating the...more
On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter providing guidance on how DFS-regulated entities (covered entities) should be evaluating and responding to artificial...more
10/30/2024
/ Artificial Intelligence ,
Covered Entities ,
Cyber Threats ,
Cybersecurity ,
Deep Fake ,
Industry Letters ,
New York ,
NYDFS ,
Popular ,
Regulatory Agenda ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management
On September 24th and 25th, the National Institute of Standards and Technology (NIST) convened a symposium to generate new insights about the next steps needed to unleash AI innovations that will enable trust in this...more
On February 26, 2024, the Connecticut Insurance Department (the CID) adopted Bulletin No. MC-25 on the “Use of Artificial Intelligence Systems in Insurance” (Connecticut Bulletin). This Connecticut Bulletin is similar to the...more
3/15/2024
/ Artificial Intelligence ,
Compliance ,
Corporate Governance ,
Insurance Industry ,
Model Rules ,
NAIC ,
NIST ,
Popular ,
Regulatory Oversight ,
Risk Management ,
State Insurance Administrations
On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more
11/15/2023
/ Chief Information Security Officer (CISO) ,
Compliance ,
Covered Entities ,
Cybersecurity ,
Final Rules ,
Financial Services Industry ,
Incident Response Plans ,
Multi-Factor Authentication ,
NYDFS ,
Policies and Procedures ,
Risk Assessment ,
Risk Management ,
State Data Breach Notification Statutes
The Colorado Division of Insurance (CDI) adopted a new regulation on September 21, 2023 (Final Regulation) establishing requirements governing the use of external consumer data and information sources (ECDIS), as well as...more
10/2/2023
/ Algorithms ,
Anti-Discrimination Policies ,
Artificial Intelligence ,
Big Data ,
Casualty Insurance ,
Department of Insurance ,
Final Rules ,
Insurance Industry ,
Life Insurance ,
Predictive Analytics ,
Property Insurance ,
Proposed Legislation ,
Proposed Regulation ,
Risk Management
On July 17, 2023, the Innovation, Cybersecurity and Technology (H) Committee of the National Association of Insurance Commissioners (NAIC) released for comment a highly anticipated model bulletin (Model Bulletin) on...more
7/27/2023
/ Artificial Intelligence ,
Casualty Insurance ,
Comment Period ,
Corporate Governance ,
Insurance Industry ,
Model Forms ,
NAIC ,
Property Insurance ,
Regulatory Oversight ,
Request For Information ,
Risk Management ,
Third-Party Service Provider ,
Unfair or Deceptive Trade Practices
On May 26, 2023, the Colorado Division of Insurance (CDI) exposed, for public review and comment, a significantly revised draft of its proposed regulation (the Revised Draft Reg.) addressing the governance and risk management...more