See how Forma Health supervises their AI
Bulletin 24-IB-002-05/21Adopted

AI governance for District of Columbia insurers

The D.C. Department of Insurance, Securities and Banking issued Bulletin 24-IB-002-05/21 on May 21, 2024, adopting the NAIC Model Bulletin on the Use of AI Systems by Insurers. It reminds every insurer holding a certificate of authority in the District that decisions touching consumers must comply with applicable insurance law, including the unfair trade practices and unfair discrimination statutes, regardless of whether AI supported the decision. The bulletin recognizes the NAIC's 2020 Principles on Artificial Intelligence as an appropriate source of guidance and expects each insurer to maintain a written AIS Program across the full insurance life cycle. It also lets that program rely in whole or in part on a recognized framework such as the NIST AI Risk Management Framework, Version 1.0.

Talk to an expertExplore the hub
Bulletin24-IB-002-05/21
IssuedMay 21, 2024
EffectiveUpon issuance
BasisNAIC model bulletin

What District of Columbia expects from your AIS Program

District of Columbia adopted the NAIC model verbatim, so the program expectations match the national framework.

Governance

A written program with clear ownership. Senior management is accountable to the board, and a cross-functional body oversees AI across its whole life cycle.

Risk Management & Internal Controls

Controls at every stage of the model life cycle, from data sourcing through retirement, sized to the potential harm to consumers.

Third-Party AI Systems & Data

The insurer stays responsible for AI it did not build. Vendor relationships need diligence, contract rights, and the ability to produce evidence.

Documentation & Audit-Readiness

Section 4 spells out what an examiner can ask for. Treating that list as a standing requirement is what keeps a program defensible.

Legal authority

The D.C. Department of Insurance, Securities and Banking grounds the bulletin in laws it already enforces:

  • Unfair Insurance Trade Practices ActD.C. Code §§ 31-2231.01 to 31-2231.25
  • Regulation of Casualty and Other Insurance RatesD.C. Code §§ 31-2701 to 31-2714
  • Insurer Corporate Governance Annual Report ActD.C. Code §§ 31-331 to 31-338

Who it applies to

The bulletin reaches every entity holding a District of Columbia certificate of authority, including:

  • Property and casualty insurers
  • Life and annuity insurers
  • Health insurers and HMOs
  • All insurers licensed to do business in the District of Columbia

State-specific changes: The District tracks the NAIC model and, like the model text, allows the AIS Program to adopt or incorporate a third-party framework such as the NIST AI Risk Management Framework, Version 1.0. The core program expectations match the national framework.

Learn the basics

Resources for District of Columbia insurers

Start with these plain-language explainers and field guides.

Guide

What is the NAIC Model Bulletin on AI?

The NAIC Model Bulletin on the Use of AI Systems by Insurers is the template most states use to set AI governance expectations. Here is what it says and why it matters.

Guide

What is an AIS Program?

An AI Systems Program (AIS Program) is the written program the NAIC Model Bulletin expects every insurer to maintain. Here are its four pillars and what each one requires.

Guide

What are the NAIC AI Principles?

The NAIC AI Principles, adopted in 2020, are the foundation beneath every state AI bulletin. The five principles spell FACTS: Fair, Accountable, Compliant, Transparent, and Secure.

Guide

AI in Insurance: Key Regulatory Definitions

The NAIC Model Bulletin defines the terms that carry legal weight, from AI System to Adverse Consumer Outcome to Model Drift. Here is what each one means for insurers.

Article

Insurance Regulators Are Forcing AI Governance. Most Carriers Aren't Ready.

State insurance regulators and bar associations are sounding the alarm on AI in insurance. Legal and regulatory pressure is forcing insurers to operationalize AI governance, not just document it.

Article

The NAIC Bulletin Is the Floor Your Reinsurer Will Hold You To

Twenty-four jurisdictions have adopted the NAIC Model Bulletin on AI. Most carrier compliance teams are working to the regulatory text. Their reinsurers will use the same document as an evidentiary baseline at the next placement, and the cedent that meets the floor and stops there is preparing for the wrong audience.

District of Columbia AI governance FAQs

What is District of Columbia Bulletin 24-IB-002-05/21?
It is the bulletin the D.C. Department of Insurance, Securities and Banking issued on May 21, 2024 adopting the NAIC Model Bulletin on the Use of AI Systems by Insurers. It tells insurers that existing District insurance laws apply to any decision an AI system touches and expects each insurer to maintain a written AIS Program.
Which companies have to comply in the District of Columbia?
Any insurer licensed to do business in the District and holding a certificate of authority, across property and casualty, life, and health lines. The bulletin is not limited to a single line of business.
Can our AIS Program use the NIST AI Risk Management Framework?
Yes. The bulletin states the AIS Program may adopt, incorporate, or rely upon, in whole or in part, a framework developed by an official third-party standard organization, such as the NIST Artificial Intelligence Risk Management Framework, Version 1.0.
How will the District of Columbia enforce it?
Through existing authority. The bulletin ties AI use to the Unfair Insurance Trade Practices Act (D.C. Code §§ 31-2231.01 to 31-2231.25), the Regulation of Casualty and Other Insurance Rates (D.C. Code §§ 31-2701 to 31-2714), and the Insurer Corporate Governance Annual Report Act (D.C. Code §§ 31-331 to 31-338). The Department can request AIS Program documentation during investigations and market conduct actions under the Law on Examinations.
How does a District of Columbia insurer get ready?
Stand up a written AIS Program covering governance, risk management and internal controls, and third-party oversight, then keep model inventories, validation records, and a clear data-to-decision trail examination-ready.
Sources
  1. D.C. DISB: Bulletin 24-IB-002-05/21 (May 21, 2024)
  2. NAIC Model Bulletin on the Use of AI Systems by Insurers (Dec 4, 2023)
  3. NAIC Big Data and AI (H) Working Group implementation map
  4. D.C. Code §§ 31-2231.01 to 31-2231.25 (Unfair Insurance Trade Practices Act)
  5. D.C. Code §§ 31-2701 to 31-2714 (Regulation of Casualty and Other Insurance Rates)
  6. D.C. Code §§ 31-331 to 31-338 (Insurer Corporate Governance Annual Report Act)

Get audit-ready for the District of Columbia AI bulletin

Swept AI supervises your models and produces the AIS Program evidence District of Columbia examiners can request.

Book a demoExplore the platform