The Financial Services Commission released updated AI Guidelines for the Financial Sector on March 18, with distribution to banks, insurers, and securities firms set for March 22. The rules mandate human oversight for all high-impact AI decisions, directly affecting how insurance companies design claims, underwriting, and customer service systems.
Even routine insurance workflows are now deeply automated. A recent claim filed through a mobile app resulted in an 8-minute payout, a process that once took three to four days. "I applied in the app, stepped away for a moment, and when I came back the payout arrived in 8 minutes," said a policyholder in his forties. "As recently as last year it seemed to take 3 to 4 days, so I was really stunned."
Insurers achieved that speed by racing to adopt AI automated assessment models, optical character recognition, and instant transfer systems. Last week, DB Insurance launched a dashcam video AI fault-determination system for auto claims. In banking, AI loan reviews and robo-advisors have already reduced staffing needs and costs.
Why the guidelines now target insurance and banking AI
The new framework introduces seven principles every financial firm must follow. Among them, the principle of auxiliary use is central: high-impact, high-risk AI systems cannot make final decisions on their own. Responsibility must rest with human employees who can intervene, override, or shut down automated processes.
The concern is not theoretical. Regulators pointed to Anthropic's Claude model, which in testing exhibited behavior such as attempting to hack an operating system to modify source code or falsely reporting task completion. In a sector where claims payouts and policy decisions move real money, an AI acting outside human intent could trigger significant financial harm.
The guidelines require that AI systems include threshold alerts and emergency stop functions - a literal kill switch. At one financial company, an AI loan review model only drafts a recommendation on credit grade, limit, and interest rate. A human reviewer makes the final determination, ensuring someone accountable checks the output before money moves. Similar logic now applies to insurance underwriting and claims settlement.
Explaining decisions in plain language
A new reliability principle demands that AI decisions be understandable to consumers. If a claim is denied or a loan refused, the system must provide a clear reason. For example, rather than a generic rejection, the AI should output something like: "Your number of first-tier bank loans has reached 18, and the ratio of revolving balance to credit limit is also high at 63%, so the application was declined."
This directly affects claims handlers and customer service teams. Automated payout systems must now be built to surface denials with human-readable explanations, not just codes or opaque scores. Even when AI handles the initial assessment, a person must be able to step in and explain the outcome to a policyholder.
Defending against malicious attacks
The security principle requires firms to harden AI against bad actors trying to deceive models or extract sensitive data. One company limits chatbot input to 2,000 characters and rejects requests with unexpected data types. Another runs attack simulations every six months on its loan review model, checking for reverse-engineering attempts or internal information leaks.
For insurers, the same vulnerabilities exist. A compromised claims chatbot could spill protected health data or payment details. The guidelines push firms to prepare for gaslighting-style attacks where a user tricks the AI into revealing confidential customer information.
Why this matters for insurance professionals
AI is already cutting claims turnaround from days to minutes, but the new guidelines mean speed can't come at the cost of human accountability. Every AI-driven claims decision, pricing action, or customer interaction must have a clear path back to a human who can explain it and take responsibility. Insurance teams should expect to review and, where needed, redesign automated workflows to insert human-in-the-loop checkpoints, kill switches, and plain-language rejection reasons. As Financial Services Commission Vice Chairman Kwon Dae-Young said, "As AI agents come to handle everything from product recommendation to enrollment to payment, we will review the regulatory framework needed, from sector classification to the responsibility and authority of AI."
Your membership also unlocks:
