South African insurers face new AI risks as adoption accelerates
South African financial regulators have published the first joint guidance on artificial intelligence in the sector, signaling that the industry must move fast to manage emerging risks. The Financial Sector Conduct Authority and Prudential Authority released their report in November 2025 as AI adoption spreads unevenly across banks and insurers.
Banks lead the way at 52% AI adoption. Insurers lag at 8%, but plan heavy expansion into underwriting and claims management. The gap matters: as AI systems make more decisions that affect customers, insurers face mounting liability for errors, bias, and fraud.
The real-world risks are already here
Claims handlers now encounter scenarios that would have seemed fictional five years ago. A policyholder collides with a driverless taxi. An AI system gathers details and screens for fraud before the handler even opens the file. A medical aid approves cover based on an AI diagnosis. A financial advisor reports that someone used a deepfake video of his face to pitch bogus investments.
These aren't edge cases. The Stanford AI Index reported that AI-related incidents worldwide jumped 56.4% in 2024. Courts have already imposed liability: Meta and YouTube faced a USD 3 million damages claim in California over algorithmic decisions. Tesla was held liable for a fatal autopilot accident. Air Canada was forced to honor a discount its chatbot mistakenly promised.
In South Africa, the Financial Sector Conduct Authority has warned about deepfake videos of prominent figures endorsing fraudulent schemes. At least one financial service provider has already been liquidated after such fraud.
Regulators are setting the rules
The joint FSCA and Prudential Authority report mandates that financial institutions adopt governance frameworks with board-level oversight. Institutions must use methods that explain how AI reaches decisions-and disclose when AI influences outcomes that affect customers, such as insurance pricing or credit assessments.
Data breaches compound the risk. The Information Regulator reported a 40% increase in security incidents in 2025 compared with the previous year. Any AI system handling customer data must comply with the Protection of Personal Information Act.
Industry bodies are moving in parallel. The Association for Savings and Investment South Africa and the South African Insurance Association jointly established a Computer Security Incident Response Team to track emerging threats and share intelligence. Professional bodies including auditors and accountants have issued guidance on responsible AI use.
Fraud tactics are evolving faster than defenses
Criminals now use AI to create synthetic identities-combining stolen real IDs with fake names and AI-generated images to bypass onboarding verification. This forces insurers to strengthen verification systems and monitor for these hybrid attacks.
The regulatory environment remains incomplete. South Africa published a draft National AI Policy Framework in 2024, but finalization is not expected until 2026 or 2027. The European Union has adopted a comprehensive AI Act. Denmark is considering copyright protection for individual likenesses against deepfakes.
Insurance coverage still lags behind risk
Most policies cover AI risks through "silent cover"-AI risks fall under general wording but aren't explicitly named. As claims rise and disputes develop, the industry will shift toward "affirmative cover" that names AI risks directly.
For insurers adopting AI, three steps matter now: secure comprehensive AI coverage, build governance frameworks that meet regulatory expectations, and monitor regulatory changes. AI for Insurance and AI for Finance resources can help teams understand the technical and operational implications.
The gap between AI adoption and insurance readiness is narrowing. Insurers that act now will avoid the cost of retrofitting governance and coverage later.
Your membership also unlocks:
