Andres Lehtmets Advisory Weekly Newsletter – #36, 2026

The InsurTech4Good newsletter just passed 4,600 subscribers.

When I started writing it, I had no audience and no plan, just a belief that the intersection of insurance/finance, regulation, and innovation deserved better coverage.

Today, the weekly edition is read by professionals at EIOPA, the European Commission, the World Bank, OECD, IAIS, AXA, Zurich, Swiss Re, Generali, PwC, Deloitte, EY, and many more industry colleagues who are also navigating change and uncertainty in our sector.

I'm now selectively opening sponsorship partnerships for the first time. A handful of spots for companies that genuinely serve this audience. It will be selective and clearly labelled.

Interested? Reach out at andres@insurtech4good.com

Now to the news.

Operational resilience in insurance

Operational resilience is moving from “nice to have” to supervisory baseline.

The final IAIS Application Paper on operational resilience objectives & toolkit is now published.

What it does (in plain terms):

1. Defines the “why”: links operational resilience to governance and operational risk management.

2. Defines the “how”: key elements of a sound approach + a wide set of supervisory practices seen across regimes.

3. Defines the supervisory focus: coordination with authorities, transparent communication, and a culture of continuous improvement & learning.

If you’re in insurance risk, compliance, IT, or supervision, this is worth a read.

Read more here. 

UK AI in finance roundtables 

What regulated firms told the UK PRA and Bank about AI across three roundtables, including an insurance-specific takeaway.

Across three roundtables, firms were broadly positive on the regulatory direction of travel but highlighted practical blockers to scaling AI responsibly.

1. Support for the PRA framework on AI. Participants said the PRA’s approach gives space to innovate within clear regulatory expectations.

2. Second-line caution is slowing delivery. Risk functions remain careful on AI use, which can delay deployment pipelines.

3. Cross-border fragmentation is a headache. Firms operating internationally are navigating different approaches to AI across jurisdictions.

4. Third-party procurement is a bottleneck. Contracting with AI providers is slowed when vendors aren’t familiar with regulated firms’ compliance requirements.

5. Data protection and data sovereignty constraints. Legal requirements and emerging data location and sovereignty regimes are challenging AI deployment and scaling.

6. Data quality remains a real barrier, especially in insurance. Some insurers have limited customer-level data due to infrequent engagement, often annual renewal or at claim, unlike banks’ transaction visibility. That makes hyper-personalised AI-driven insurance harder to deliver in some areas in the near term.

Read more here. 

The next generation of insurance supervision

Insurance supervision is evolving fast and “supervision 2.0” is no longer optional.

As technology and market forces keep reshaping the sector, supervisors will need to invest proactively in both people and tools to keep pace and to supervise effectively.

In practice, many authorities face capacity constraints: limited resources, difficulties hiring specialised profiles, or short-term gaps in expertise.

That’s why some supervisors increasingly rely on external experts to complement internal teams.

This is where I can help.

I support insurance supervisors (and development banks) with digital finance and insurance regulation and policy, supervisory strategy and digitalisation roadmaps, and practical, actionable SupTech use cases and implementation planning.

If you’re an insurance supervisor and want to discuss it, send me a message.

Read more here. 

AI in financial and insurance - UK focus

AI in financial and insurance services is now mainstream but it is still poorly understood.

This UK-focused report suggests practical supervisory steps.

These include dedicated stress testing and clearer expectations on consumer protection and fit and proper requirements.

It also raises the idea of designating major cloud providers as critical third parties, in a DORA-like direction.

Read more here. 

Insurance protection gap and innovation

Insurance penetration is still low in many markets, but the levers to change are surprisingly clear.

A recent report highlights 7 areas that matter most:

1. Public policy tools (tax incentives, mandatory covers, targeted support).

2. Distribution mechanisms and channels.

3. Innovation and new insurance products.

4. Financial inclusion in insurance.

5. Prudential regulation.

6. Financial education.

7. Cost efficiency.

For me, number 3 is the most interesting right now, because innovation only scales when regulation provides a workable path and the right guardrails.

In practice, real action sits at the intersection of innovation and regulation.

Read more here. 

Is InsurTech now basically “AI-Tech”?

In Q4 2025, 77.9% of InsurTech funding went to AI-centered companies.

A few more signals:

Q4 funding: $1.68B.

2025 total: $5.08B (+19.5% YoY, first rise since 2021).

P&C: $3.49B (+34.9% YoY).

(Re)insurers made 162 venture investments in 2025 (record high).

Read more here. 

Insurance distribution just moved into ChatGPT

Insurify launched an “industry-first” ChatGPT insurance comparison app that lets you compare personalized car insurance quote estimates without leaving the chat.

You can also use 70,000+ real customer reviews to help choose between insurers.

Similar news are now appearing across the globe regularly, most recently by MoneySuperMarket. 

So the first prompt is becoming the new first click for insurance shopping?

Read more here (including comments).

BaFin guidelines on ICT and AI in finance

Germany’s financial services regulator, BaFin, has published guidance on the ICT risks associated with the use of AI systems.

The document provides non binding advice and is intended to help financial entities, particularly CRR institutions and Solvency II insurance undertakings, implement the relevant requirements under the Digital Operational Resilience Act (DORA) when using artificial intelligence.

Highly topical.

Read more here.