Bulletin 13-2024Adopted

AI governance for Arkansas insurers

The Arkansas Insurance Department issued Bulletin 13-2024 on July 31, 2024, adopting the NAIC Model Bulletin on the Use of AI Systems by Insurers. It reminds every insurer that holds a certificate of authority that decisions affecting consumers must comply with Arkansas law, including the laws on unfair trade practices and unfair discrimination, regardless of the technology that produced them. The Department expects each insurer to develop and maintain a written AIS Program and recognizes the NAIC's 2020 Principles on Artificial Intelligence as an appropriate source of guidance. The bulletin reaches the full insurance life cycle, from product development through claims and fraud detection.

Talk to an expert Explore the hub

Bulletin13-2024

IssuedJuly 31, 2024

EffectiveUpon issuance

BasisNAIC model bulletin

What Arkansas expects from your AIS Program

Arkansas adopted the NAIC model verbatim, so the program expectations match the national framework.

Governance

A written program with clear ownership. Senior management is accountable to the board, and a cross-functional body oversees AI across its whole life cycle.

Risk Management & Internal Controls

Controls at every stage of the model life cycle, from data sourcing through retirement, sized to the potential harm to consumers.

Third-Party AI Systems & Data

The insurer stays responsible for AI it did not build. Vendor relationships need diligence, contract rights, and the ability to produce evidence.

Documentation & Audit-Readiness

Section 4 spells out what an examiner can ask for. Treating that list as a standing requirement is what keeps a program defensible.

Legal authority

The Arkansas Insurance Department grounds the bulletin in laws it already enforces:

Trade Practices ActArk. Code Ann. §§ 23-66-201 et seq. and 23-66-301 et seq.
Unfair Claims Settlement Practices LawArk. Code Ann. § 23-66-206(12)
Property and Casualty Rating LawArk. Code Ann. §§ 23-67-206 to 223, 23-69-501 to 510, and 23-79-109
Corporate Governance Annual Disclosure ActArk. Code Ann. §§ 23-63-2001 et seq.

Who it applies to

The bulletin reaches every entity holding a Arkansas certificate of authority, including:

Property and casualty insurers
Life and annuity insurers
Health insurers and HMOs
All insurers holding an Arkansas certificate of authority

State-specific changes: Arkansas tracks the NAIC model and, like the model text, lets an insurer's AIS Program adopt, incorporate, or rely on a recognized framework such as the NIST AI Risk Management Framework v1.0. The core program expectations match the national framework.

Learn the basics

Resources for Arkansas insurers

Start with these plain-language explainers and field guides.

Guide

What is the NAIC Model Bulletin on AI?

The NAIC Model Bulletin on the Use of AI Systems by Insurers is the template most states use to set AI governance expectations. Here is what it says and why it matters.

Guide

What is an AIS Program?

An AI Systems Program (AIS Program) is the written program the NAIC Model Bulletin expects every insurer to maintain. Here are its four pillars and what each one requires.

Guide

What are the NAIC AI Principles?

The NAIC AI Principles, adopted in 2020, are the foundation beneath every state AI bulletin. The five principles spell FACTS: Fair, Accountable, Compliant, Transparent, and Secure.

Guide

AI in Insurance: Key Regulatory Definitions

The NAIC Model Bulletin defines the terms that carry legal weight, from AI System to Adverse Consumer Outcome to Model Drift. Here is what each one means for insurers.

Article

Insurance Regulators Are Forcing AI Governance. Most Carriers Aren't Ready.

State insurance regulators and bar associations are sounding the alarm on AI in insurance. Legal and regulatory pressure is forcing insurers to operationalize AI governance, not just document it.

Article

The NAIC Bulletin Is the Floor Your Reinsurer Will Hold You To

Twenty-four jurisdictions have adopted the NAIC Model Bulletin on AI. Most carrier compliance teams are working to the regulatory text. Their reinsurers will use the same document as an evidentiary baseline at the next placement, and the cedent that meets the floor and stops there is preparing for the wrong audience.

Arkansas AI governance FAQs

What is Arkansas Bulletin 13-2024?

It is the bulletin the Arkansas Insurance Department issued on July 31, 2024 adopting the NAIC Model Bulletin on the Use of AI Systems by Insurers. It tells insurers that existing Arkansas insurance laws apply to any decision an AI system touches and expects each insurer to maintain a written AIS Program.

Which companies have to comply in Arkansas?

Any insurer holding an Arkansas certificate of authority, across property and casualty, life, and health lines. The bulletin is addressed to all insurers licensed to do business in the state.

Can our AIS Program use the NIST AI Risk Management Framework?

Yes. Bulletin 13-2024 states the AIS Program may adopt, incorporate, or rely on a framework developed by an official third-party standards organization, such as the NIST Artificial Intelligence Risk Management Framework, Version 1.0, in whole or in part.

How will Arkansas enforce it?

Through existing authority. The bulletin grounds its expectations in the Trade Practices Act (Ark. Code Ann. §§ 23-66-201 et seq.), the Unfair Claims Settlement Practices Law (§ 23-66-206(12)), the Property and Casualty Rating Law, and the Corporate Governance Annual Disclosure Act (§§ 23-63-2001 et seq.), and it preserves market conduct examination authority under the NAIC Market Regulation Handbook.

How does an Arkansas insurer get ready?

Stand up a written AIS Program covering governance, risk management and internal controls, and third-party oversight, then keep model inventories, validation records, and a clear data-to-decision trail examination-ready.

Sources

Get audit-ready for Arkansas Bulletin 13-2024

Swept AI supervises your models and produces the AIS Program evidence Arkansas examiners can request.

Book a demo Explore the platform