About Mitchell Wein

Mitch Wein is a Vice President of Research and Consulting at Novarica. Prior to Novarica he served in a series of senior technology management positions at major insurance and banking firms including AXA from 2004-2014 where he was the Interim CIO of AXA Ireland in Dublin, the Chief Architect and Head Of CTO for AXA UK in London and the CTO of AXA Equitable in the US. Prior to AXA, Mitch served as CTO for the Domestic Brokerage Group and Domestic Personal Lines at AIG. Mitch holds a BS in Finance and a MBA in Information Systems both from Fordham University. He can be reached directly at mwein@novarica.com.

Complexity Increases Along With Underlying Security Threats

The European’s new data security regulations called the General Data Protection Regulation (GDPR) goes into effect in May. This law is similar to some of the regulations emerging in various US States, like the New York State Cybersecurity regulations, but in some cases goes further. It attempts to give Europeans control over their personal data.…

Continue reading

Data Breach Portal Launch in Massachusetts

Per the 2007 Massachusetts Data Breach Notification Law, the Massachusetts Attorney General needs to be notified by mail by any company storing MA residents’ personal data if this data is compromised or breached in any way. Massachusetts has now extended this by adding a data breach reporting portal. The MA law is much less extensive…

Continue reading

Now Bring Us That Horizon: Quantum Computing and Fundamental Technology Change

Today’s information technology systems remain limited by the barriers imposed by classic binary computing. The rise of quantum computing will bring about a change in technology that will impact the fundamentals underlying data usage and protection, risk modeling, and the very nature of how insurance core systems operate. Recent breakthroughs in the technology bring quantum…

Continue reading

The EU’s Data Protection Law to Complicate Cybersecurity Compliance

The EU adopted the General Data Protection Regulation (GDPR) in 2016, which is scheduled to go into effect on May 25, 2018. It is very similar to US-based state cyber regulations in some ways, but diverges significantly in others. Any company doing business with citizens of the EU (a “data subject”) must comply with the…

Continue reading

Cybersecurity Law Will be Far From Universal

Last week we discussed a major milestone in the insurance industry: the NAIC Insurance Data Security Model Law was finally adopted. This worked its way through the various NAIC Committees for almost two years and underwent a number of drafts. I raised a question last week – whether the NAIC cybersecurity model law will serve…

Continue reading

Will Newly Passed NAIC Model Law Make Insurer Compliance Easier?

Well, we have hit a major milestone. The NAIC Insurance Data Security Model Law has finally been adopted. This worked its way through the various NAIC committees for almost two years and underwent many drafts. It was hard to get agreement. However, the question is whether it will serve the purpose that the insurance carriers…

Continue reading

Claims Experience the “Moment of Truth” for Policyholders

The majority of P/C insurer expenses are claims-related, and efficiency and effectiveness in the claims operation is a key priority. For many carriers, claims solutions were installed twenty years ago or more, making them difficult to maintain and rendering the claims handling process labor-intensive, expensive, and difficult to improve via effective use of analytics. Moreover,…

Continue reading

Notes from Novarica’s Specialty Insurer CIO Meeting

Source: some image elements courtesy of Keens Steakhouse. Earlier this week, Jeff Goldberg, Eric Weisburg, Harry Huberty, and I hosted our Specialty/Large Commercial Risk Special Interest Group in New York City. The prior evening, we had a group dinner at Keens Steakhouse, where they have hundreds of clay pipes on the ceiling. Each one is…

Continue reading

Reflections on Novarica’s Wisconsin Regional Roundtable

Last week, Keith Raymond, Chuck Ruzicka, Harry Huberty and I conducted a Regional Roundtable at Northwestern Mutual in Milwaukee. Karl Gouverneur, the head of Head of digital innovation, workplace and corporate solutions, sponsored the event in his new facilities. The facilities themselves were quite impressive and we had a chance to go out on the…

Continue reading

New York to Include Credit Reporting Agencies in Cybersecurity Regulations

Due to the Equifax cybersecurity breach, credit reporting agencies will be subject to New York State’s financial services cybersecurity regulations on a phased-in approach starting April 2018. Novarica has written extensively about these regulations over the last year, and all insurance carriers doing business in NY have to do their first attestation in February 2018.…

Continue reading

Challenges and Opportunities for Insurer CDOs

It’s no secret that data has become increasingly important as carriers continue to digitize their businesses. Data has permeated nearly all aspects of insurer products, including design, marketing, and end-to-end processing, and as such, most carriers have designated a chief data officer to be responsible for data, its security, and current and future uses. With…

Continue reading

Delaware Follows Suit, Updates State Cybersecurity Law

Last week Delaware passed a law that puts additional requirements in place on firms to protect personal information and provide notifications and credit monitoring services. A recent article from Insurance Journal notes that Delaware is one of 14 states that has placed data security obligations onto the private sector. Of course, the bill doesn’t go…

Continue reading

Regulation Introduced for IoT Security Improvements

The Senate has introduced legislation to protect the government from security vulnerabilities arising from IoT enabled devices that the government acquires. The legislation states that devices must be patchable and not have hard-coded, factory-set passwords. It also specifies a vulnerability disclosure policy. This is a good start. However, there is much more to be done.…

Continue reading

Protecting Consumers with Cybersecurity Regulations

The Governor of Connecticut announced a holistic, statewide cybersecurity initiative focused on state government, local government, business, higher education, and law enforcement. Within the initiative, a focus will be placed on executive awareness, literacy, preparation, response, recovery, communication and verification. The effort will be led by the new Chief Cybersecurity Risk Officer. While a good…

Continue reading

Preparing for Success: Key Considerations in Light of NYS Cybersecurity Regulations

Cybersecurity is top of mind for insurers following the implementation of New York State’s new cybersecurity regulations this past March. While these currently only affect carriers operating in NY, other states seem likely to adopt versions of the NYS regulations rather than wait on the NAIC’s Model Law. These regulations are notable for their unprecedented…

Continue reading

New Cyberattack is Not an Isolated Incident: Insurers Should Take a Long, Hard Look at Their Own Security Measures

A recent article from Digital Insurance discusses the explosion of a new ransomware attack called Peyta and NotPeyta, which spread throughout the world in the last few days. It is similar to the WannaCry ransomware attack which uses the EternalBlue hack for Microsoft machines originally stolen and leaked from the NSA by the Shadow Brokers…

Continue reading

Humanizing the Digital Channels of Innovation

Zack Gipson, Chief Innovation Officer at USAA, recently spoke about a number of themes, including digital assistants, making digital channels “humanlike,” disintermediation of customer relationships, robo-advisors, trying to recreate empathy and emotions in AI interactions, chatbots, having AI make the reps smarter, and the impact of emerging autonomous vehicles on P/C insurance. This laundry list…

Continue reading

Embracing Innovation and InsureTech in Specialty Lines

While carriers see great potential for technology innovation at their companies, few are currently implementing or investing in it for their Specialty lines of business. This is largely a result of: legacy systems and workplace culture and practices; budgetary constraints and trepidation over investing in pricey technology before the product is proven effective; and the…

Continue reading

The Importance of MDM in a Big Data World

The insurance industry is evolving into a fully digitized provider of risk services that are focused on the customer, not the product. This evolution is highly dependent upon data that is collected, stored, managed, and ultimately used, as well as upon the CIO, who is responsible for this data processing. Today’s world has increased the…

Continue reading

Connecting Innovative Technological Capabilities to the Claims Process

I recently attended the Insurance Nexus Connected Claims USA Summit in Chicago. The conference covered a number of key themes detailing the impact of emerging technology and digital capabilities on the claims process, both for insurers and their customers. AI and Machine Learning In a Claims Innovation Survey conducted by Insurance Nexus, AI was mentioned…

Continue reading

Address Your Security Plan So You’re Not Held Hostage by Ransomware

As you have probably heard, the “WannaCry” ransomware attack affected over 300,000 computers worldwide. The attack, potentially linked to a hacking organization from North Korea, threatened to delete key data if money was not paid to a bank account using bitcoin. The spread of the malware was stopped when a security researcher in the U.K.…

Continue reading

Do Increasing Security Threats Have Your Head in the Cloud?

A recent article reports that 87% of organizations were victims of cyberattacks in the last 12 months. One in three organizations were hacked more than five times. This rise in data security risks is attributed to the adoption of cloud computing. I tend to disagree. What’s driving this rise in security risks is increased digitization…

Continue reading

Points of Special Interest in the Specialty and Large Commercial Sector

Last week at the 10th Annual Novarica Insurance Technology Research Council Meeting, I had the opportunity to sit down with CIOs of specialty and large commercial carriers and moderate a discussion about the various challenges and opportunities facing the industry. Topics of interest across the insurers present converged towards the following themes: Digital Insurers agreed…

Continue reading

Robots and Drones, and Sensors, Oh My!

Cornell University is developing a system that allows robots and other autonomous aircraft and drones to share information with each other to interpret collectively what they “see.” This technology has a lot of applicability for evolving IoT capabilities in insurance. If autonomous cars or trucks can communicate with each other and with other robotic devices,…

Continue reading

Here We Go Again: Cybersecurity Regulations

The latest news from the NAIC Cybersecurity panel is a continuation of a theme that Novarica has been writing about and discussing for the past year. As you probably know, the NAIC created a draft set of cybersecurity regulations as a response to different evolving state regulations. The idea is that the states would all…

Continue reading

What the U.S. Broadband Privacy Rules Repeal Means for Insurance

This week the U.S. Congress repealed FCC privacy rules around broadband. The rules passed last year required broadband providers to get the consumer’s consent before using information about what websites they accessed for advertising or marketing purposes. Now, this web browsing data can be collected and sold to anyone without prior consumer consent. Web browsing…

Continue reading

Need for Flexibility Drives Specialty Lines Industry to Technology Investments

In the hypercompetitive specialty lines industry, technology continues to impact insurers’ ability to profitably attract, retain, and serve clients and agent/brokers. As specialty lines business is not written through standard markets, the market requires a significant amount of operational flexibility to accommodate a wide variety of risks and to meet the needs of the insurer…

Continue reading

What’s On Insurance CIOs’ IT Security Agendas for 2017?

As insurance IT leaders react to continued digitalization, they must continue to maintain and improve their ability to protect confidential data and customer information. Technological advances, while possessing the potential to streamline processes, can also open the door to risks. Modern digital systems and procedures need to be fully secure to retain the trust of…

Continue reading

European Insurers Look to Expand Blockchain Collaboration

Reuters is reporting an expansion of the B3i initiative for blockchain standardization for insurance. Novarica has written and blogged extensively about blockchain and its medium- to long-term potential to transform insurance. One of the use cases we have identified is the back and forth activities when establishing reinsurance treaties. This article identifies the same use…

Continue reading

Argo Risk Tech Solutions a Step Towards IoT-Powered Commercial and Personal Lines Insurance

The recently-launched Argo Risk Tech Solutions looks at common causes and locations of accidents, like slip-and-fall, in the workplace. The idea is to use IoT devices like sensors to communicate to the employees to modify behavior and identify areas of risk like a wet floor, hot soup bowl or items blocking the halls. The IIR…

Continue reading

As More Insurers Look to Big Data, Expect Regulators to Pay Attention

We have written previously about the ever increasing importance of data in Insurance. A related area of interest to insurers is the growth of predictive analytics. Modern predictive analytics solutions are capable of providing deep insight into a wide range of business areas such as underwriting risk, product profitability, and financial projections. However, maturity and…

Continue reading

New York State Gives Insurers Some Breathing Room by Pushing Back Start Date for New Cybersecurity Regulations

Just before the end of the last calendar year, the New York State Department of Financial Services announced changes to its new cybersecurity regulations, pushing back the date they will take effect to March 2017 from January 2017. In December, we held a working group on the imminent New York State cybersecurity regulations, then due…

Continue reading

The New Year Brings New Cybersecurity Regulations

Cybersecurity is back in the news this week, with Yahoo’s announcement that more than 1 billion user accounts, many of them containing sensitive information, were compromised in a 2013 cyber attack. Recently, Novarica held a Working Group on the new cybersecurity regulations that will go in force on January 1, 2017 in New York State.…

Continue reading

Effects of Extreme Weather on Insurers Could be Tempered by Emerging Technologies

The new study highlighted in this article indicates that there will be more extreme weather as time goes on, with generally wetter weather. However, the article points out that there will be regional variations that will cause drought and flash flooding. This is important for P&C insurers, especially as it relates to homeowners and flood…

Continue reading

What a New European Blockchain Consortium Could Mean for Insurers

This week, B3i was announced for a consortium of reinsurers in Europe. These carriers will pilot anonymized transaction info and qualitative data to pilot inter-group retrocessions between a network of peers to evolve standards and processes. This is not the first set of carriers to be interested in using blockchain’s distributed ledger for reinsurance. We…

Continue reading

Consumers are Increasingly Interested in Experience, not just Price

A recent piece from Wharton highlights the growing importance of carrier providing a “delightful experience” to the insured and/or the beneficiaries as well as acting as a trusted advisor throughout the customers’ lifetime, providing continuing value. Novarica has written about how millennials are not just interested in the price and risk transfer characteristics but in…

Continue reading

New DOL Report Signals Possible Increase in Federal Regulation of State Workers’ Comp

The Federal Government started regulating insurance companies after the Great Recession of 2008. Additional regulatory reporting is required of insurers that are deemed to be a Systemically Important Financial Institution (SIFI). MetLife is spinning off some of its pieces so it will no longer be classified SIFI and AIG has had discussions about breaking into…

Continue reading

Special Interest Group for Speciality/Large Commercial Insurers

Ten members of the Novarica Research Council special interest group for Specialty/Large Commercial met in mid-September, at a meeting hosted by Hiscox in New York City. I moderated the discussion, here’s what we touched on: Customer Portal: Improvements in customer portals result in uncertainty for some agents in carrier companies. The organization must help to…

Continue reading

Case Study Highlight: Transitioning to Agile at Unum

As we approach the announcement of the Novarica Impact Awards in the fall, we will be highlighting one Impact Award nominee each week on our blog. The Novarica Impact Awards are voted on by over 300 members of the Novarica Insurance Technology Research Council, making them the only purely peer-reviewed awards program in insurance technology.…

Continue reading

Brexit: How will Multi-National Insurers Sort it Out?

Yesterday, the UK voted to leave the EU. Nigel Farage, the UK Independence party head, declared it “Independence Day”. What does this mean for multi-national insurers? The impact is far reaching. Consider regulations regarding data, financial product definitions, privacy, and the overall regulatory framework including capital requirements. Access to Europe’s single market, some 500 million…

Continue reading

Restrictions Lead to Consolidation in Insurance: Who Would Have Guessed?

Insurance Journal reported recently that over a dozen state attorneys general have joined the federal government’s review of two mergers that would reduce the number of national health insurers from five to three. Remember about five years ago when the federal government mandated an 80% medical loss ratio for health insurers, thus capping their max…

Continue reading

Emerging Cyber Threats

I recently attended the IASA Mid-Atlantic conference in Atlantic City. This conference had a lot of business people from insurance, particularly from areas like regulatory reporting, accounting, audit and legal. Many topics that you would expect like GAAP and tax reporting, Economic Outlook for 2015, reporting under the Affordable Car Act were covered. However, what…

Continue reading

CIO Series: 7 Steps to Deploy and Define a Multi-Divisional IT Strategy

It is very difficult to predict the future, yet IT is being asked to do just that by developing strategic long-term IT plans for their enterprise. Everyday IT is being asked to enable their firms by developing improved partnerships with their customers and agents, transforming internal processes into fully digital mechanisms, replacing core IT systems,…

Continue reading

Cyber Risk: Insurers’ Challenge Outside-In and Inside-Out

The NAIC Executive (EX) Committee recently established the Cybersecurity (EX) Task Force to act as a focus point for cybersecurity insurance regulatory activities. The task force held its first meeting on March 29, 2015 in Phoenix, Arizona. Just before this meeting, the Task Force released its draft Principles for Effective Cybersecurity Insurance Regulatory Guidance (“Draft…

Continue reading

How Technology will Shape the Individual Annuity Marketplace in 2015 and Beyond

With the release of Novarica’s new Business & Technology Trends: Individual Annuity report, I wanted to highlight a few trends which our research uncovered in this blog. First, 2015 is a pivotal year for annuities. It is the year when Millennials will equal Baby Boomers in the workplace. Once Baby Boomers start retiring over the…

Continue reading

Creating an Enterprise Blueprint and Roadmap for Insurance Carriers

On our most recent webinar: “IT Strategy and Architecture” we talked about how the demands on insurance IT have never been higher. Insurer IT groups are tasked with delivering an ever-expanding set of capabilities, including digital transformation, faster speed-to-market, better distributor and customer service, and better analytical capabilities. Unfortunately, too many insurers are dealing with…

Continue reading

Major Trends in Global Insurance and Reinsurance and IT Implications

I recently attended the Insurance Insiders Conference in New York. The presentation and discussion panels focused on three major areas of disruption in the global insurance and reinsurance industry: capital and regulation, competition, and technology. Capital and Regulation Large parts of the world are awash with capital looking for a place to be reinvested. This…

Continue reading

Trends in Claims

According to Novarica’s 2015 US Insurer IT Budgets and Projects report, approximately 20-30% of insurers are replacing claims systems. On Wednesday, May 28th at 2 pm (ET) I will be hosting a webinar, which will examine trends and issues in claims management systems, as well as review highlights from our Market Navigator report on leading…

Continue reading

Enterprise Architecture and Digitalization

At our 8th annual Novarica Insurance Technology Research Council Meeting, discussion began with a definition of “digital” at the Enterprise Architecture and Digitization breakout session. Novarica stresses that digitalization encompasses the entire customer interaction lifecycle, from front-end to back-end. A common theme was that of silos: a given process might be automated, but still require…

Continue reading

Research Update: Distribution and Compensation Management

Insurance distribution is changing rapidly – not just because of new market entrants, but also because of rapid evolutions and changing needs in the hyper-competitive agent/broker marketplace. Many insurers find that their distribution and compensation management (DCM) systems are not up to the job of keeping pace with these changes. Recently Novarica released two new…

Continue reading

5 Technology Initiatives for Specialty Lines Insurers in 2015

Yesterday Novarica published its latest report in its Business & Technology Trends Series focusing on Specialty Lines insurers. This report is based on the expertise of Novarica’s staff, conversations with members of the Novarica Insurance Technology Research Council and a review of secondary published sources. Below I just wanted to quickly highlight 5 key technology…

Continue reading

Four Obstacles Annuity Providers are Facing in 2015

Recently Novarica hosted a Special Interest Group Meeting in Boston for Annuity providers. The meeting was well attended with four key themes emerging: Product Time to Market Straight-Through-Processing and Related Issues around NIGO Electronic Signatures Security The executives in attendance were looking at how technology can solve problems and enable capabilities. What struck me was…

Continue reading

WSJ: The Driverless Car is Officially a Risk

There was a fascinating article in the WSJ the other day about the impact of driverless cars on Insurance. “WSJ’s Theo Francis joined the MoneyBeat show this morning to talk about how insurance companies and car-parts makers are already talking about the threat from driverless cars. It’s years off, to be sure, but some of…

Continue reading

Enterprise Data Initiatives Now Taking Center Stage as Insurers Look to Improve their Digital and Analytical Capabilities

With insurance carriers of all sizes and lines of business focusing on improving their digital and analytical capabilities to meet customer expectations, the importance of enterprise data has never been greater. Over the last 3-5 years data has once again become a key focus of the insurance industry. Data is now seen as a key…

Continue reading

What do Enterprise Architecture and Underwriting Guidelines have in Common? A lot more than you think!

A lot of people view enterprise architecture as a bunch of sign-offs and permissions but it’s really a lot more than that. In reality, enterprise architecture should be viewed as a set of underwriting guidelines for IT. Here’s why…. Enterprise architecture is about taking a holistic view of risk, avoiding long-term unforeseen consequences, and making…

Continue reading