Insurance vertical · NAIC Model Bulletin · CO Reg 10-1-1 · OCSF v1.8.0

AI shared responsibility for insurance

The NAIC Model Bulletin and Colorado Regulation 10-1-1 require written AIS Programs, third-party oversight, and fairness controls, but prescribe no control catalog, no thresholds, and no evidence model. This schema fills that gap: 40 controls across five SRF layers, each with a named accountable persona, a measurable threshold, and an OCSF evidence pointer built for the schema examiners will recognize.

Deadline Colorado auto and health insurer framework availability obligation: July 1, 2026
Experimental schema. This vertical is a proposed extension of the CoSAI Shared Responsibility Framework, developed independently to demonstrate the approach. It is not part of CoSAI SRF v1.0 and has not been endorsed by CoSAI, the NAIC, or any regulator. Verify regulatory section references against the source documents before use.
40
Controls
5
SRF layers
4
Insurance lifecycle stages
6
Regulatory crosswalks

The NAIC gap. The NAIC Model Bulletin on the Use of AI Systems (December 2023) requires every insurer to maintain a written AIS Program covering governance, risk management, internal controls, and third-party AI oversight. It has been adopted or substantially adopted in roughly half the states. What it does not provide is a control catalog: no named accountability per control, no measurable thresholds, no evidence model. NAIC AI issue brief (March 2026) ↗

The Colorado July 1 deadline. Colorado's amended Regulation 10-1-1 (effective October 15, 2025) extends ECDIS governance obligations to private passenger auto and health benefit insurers. From July 1, 2026, all components of the governance structure and risk management framework must be available to the Division of Insurance on request. SRF-L1-DEV-005 operationalizes that availability obligation directly.

The NAIC market conduct pilot. The NAIC AI Systems Evaluation Tool is in a twelve-state multistate pilot running January through September 2026. Examiners will use a standardized review framework during market conduct exams. This schema's layer structure and documentation requirements are designed to map to the evaluation tool's governance, fairness, transparency, and third-party oversight dimensions. Verify dimension names against NAIC pilot materials before crosswalking.

Third-party coverage. Insurance's distinctive control is the Vendor-Model operating model. The NAIC Model Bulletin holds insurers accountable for vendor AI outcomes. L1 TPO controls, L5 due-diligence requirements, and the Vendor-Model operating model throughout the schema operationalize that accountability at the control level.

In this section

Schema design

Accountability plane
SRF layers and insurance personas

Each control names one accountable persona. Five layers map to the insurance AI lifecycle: governance, data, application, platform, and model. One accountable party per control, regardless of operating model.

Control plane
Thresholds scaled by line of business

Controls define the metric, operator, and parameter name. Organizations set values by line of business and consumer impact level, not bank-style materiality tiers. Zero-tolerance and verification controls carry fixed values by design.

Evidence plane
OCSF v1.8.0 event pointers

Each threshold names the OCSF class and attribute that proves the control is operating. L1 governance controls honestly reference document management artifacts rather than forcing OCSF onto records controls.

Regulatory crosswalks

NAIC Model Bulletin Use of AI Systems by Insurers (December 2023): AIS Program, ECDIS governance, third-party oversight. Adopted in roughly half the states.
NAIC AI Systems Evaluation Tool Twelve-state multistate pilot (January to September 2026): standardized examiner review framework for insurer AI governance in market conduct exams.
Colorado Regulation 10-1-1 3 CCR 702-10, amended effective October 15, 2025: extends ECDIS governance to private passenger auto and health benefit plans. Framework availability deadline: July 1, 2026.
NYDFS Circular Letter No. 7 AI and external consumer data in underwriting and pricing (July 2024): governance frameworks, fairness analysis, senior management and board accountability for NY-licensed insurers.
EU AI Act Risk assessment and pricing in life and health insurance is high-risk under Annex III. Full high-risk compliance from August 2026.
OWASP LLM Top 10 Application-layer security controls for LLM and agentic AI: prompt injection, sensitive information disclosure, excessive agency. Mapped where applicable in L3 and L4 controls.

Coverage by layer

L1
Governance and processes
AIS Program board approval, AI system inventory coverage, third-party vendor register with named accountable officer, adverse-decision appeal process, Colorado framework availability readiness, risk appetite review cadence, senior management accountability designation, third-party AIS program alignment review, market conduct exam readiness package. Accountable persona: ai-system-governance.
9 controls
L2
Data and training
ECDIS source documentation and permissible-purpose verification, protected-class proxy variable screening, training data representativeness by line of business, external data source permissible use audit, input drift monitoring via PSI, consumer data minimization in agent context stores, algorithmic model input completeness monitoring, vendor data lineage documentation. Accountable persona: data-provider.
8 controls
L3
Application and agent
Prompt injection defense for consumer-facing AI, agentic task boundary enforcement for claims automation, adverse-action explanation coverage with reason codes, human review gate for adverse underwriting and claims decisions, explainability validation for rate and underwriting models, unfair-discrimination outcome testing cadence, consumer complaint monitoring, vendor application interface security testing. Accountable persona: application-developer.
8 controls
L4
Platform and infrastructure
Model gateway authentication configuration, guardrail configuration baseline documentation, PII encryption at rest and in transit, platform security assessment, vendor-model isolation and egress control, audit log completeness for AI-assisted decisions, runtime anomaly detection for AI workloads, third-party platform access review. Accountable persona: ai-platform-provider.
8 controls
L5
Model
Model card with intended line-of-business statement, model artifact signing and supply-chain provenance, pre-deployment fairness evaluation by line of business, independent model validation, post-deployment performance and drift disclosure SLA from vendors, CVE vulnerability disclosure SLA, vendor model due-diligence evidence package (NAIC third-party oversight). Accountable persona: model-provider.
7 controls