See how Forma Health supervises their AI
Bulletin No. 24-B-19Adopted

AI governance for North Carolina insurers

The North Carolina Department of Insurance issued Bulletin No. 24-B-19 on December 18, 2024, adopting the NAIC Model Bulletin on the Use of AI Systems by Insurers. It reminds every insurer that holds a certificate of authority that decisions affecting consumers must comply with North Carolina insurance law, including the unfair trade practices statute and the Rating Laws, regardless of the technology that produced them. The bulletin recognizes the NAIC's 2020 Principles on Artificial Intelligence as an appropriate source of guidance, expects each insurer to maintain a written AIS Program, and reaches the full insurance life cycle, from product development through claim administration and fraud detection.

Talk to an expertExplore the hub
Bulletin24-B-19
IssuedDecember 18, 2024
EffectiveUpon issuance
BasisNAIC model bulletin

What North Carolina expects from your AIS Program

North Carolina adopted the NAIC model verbatim, so the program expectations match the national framework.

Governance

A written program with clear ownership. Senior management is accountable to the board, and a cross-functional body oversees AI across its whole life cycle.

Risk Management & Internal Controls

Controls at every stage of the model life cycle, from data sourcing through retirement, sized to the potential harm to consumers.

Third-Party AI Systems & Data

The insurer stays responsible for AI it did not build. Vendor relationships need diligence, contract rights, and the ability to produce evidence.

Documentation & Audit-Readiness

Section 4 spells out what an examiner can ask for. Treating that list as a standing requirement is what keeps a program defensible.

Legal authority

The North Carolina Department of Insurance grounds the bulletin in laws it already enforces:

  • Unfair Trade PracticesN.C. Gen. Stat. Chapter 58, Article 63
  • Corporate Governance Annual DisclosureN.C. Gen. Stat. Chapter 58, Article 10, Part 11
  • Insurance Rate Requirements (Rating Laws)N.C. Gen. Stat. §§ 58-40-20, 58-51-95, 58-51-131, 58-65-40, 58-47-110

Who it applies to

The bulletin reaches every entity holding a North Carolina certificate of authority, including:

  • Property and casualty insurers
  • Life and annuity insurers
  • Health insurers and HMOs
  • All insurers licensed to do business in North Carolina

State-specific changes: North Carolina tracks the NAIC model with no material changes and expressly allows the AIS Program to adopt, incorporate, or rely on a third-party framework such as the NIST Artificial Intelligence Risk Management Framework, Version 1.0. The core program expectations match the national framework.

Learn the basics

Resources for North Carolina insurers

Start with these plain-language explainers and field guides.

Guide

What is the NAIC Model Bulletin on AI?

The NAIC Model Bulletin on the Use of AI Systems by Insurers is the template most states use to set AI governance expectations. Here is what it says and why it matters.

Guide

What is an AIS Program?

An AI Systems Program (AIS Program) is the written program the NAIC Model Bulletin expects every insurer to maintain. Here are its four pillars and what each one requires.

Guide

What are the NAIC AI Principles?

The NAIC AI Principles, adopted in 2020, are the foundation beneath every state AI bulletin. The five principles spell FACTS: Fair, Accountable, Compliant, Transparent, and Secure.

Guide

AI in Insurance: Key Regulatory Definitions

The NAIC Model Bulletin defines the terms that carry legal weight, from AI System to Adverse Consumer Outcome to Model Drift. Here is what each one means for insurers.

Article

Insurance Regulators Are Forcing AI Governance. Most Carriers Aren't Ready.

State insurance regulators and bar associations are sounding the alarm on AI in insurance. Legal and regulatory pressure is forcing insurers to operationalize AI governance, not just document it.

Article

The NAIC Bulletin Is the Floor Your Reinsurer Will Hold You To

Twenty-four jurisdictions have adopted the NAIC Model Bulletin on AI. Most carrier compliance teams are working to the regulatory text. Their reinsurers will use the same document as an evidentiary baseline at the next placement, and the cedent that meets the floor and stops there is preparing for the wrong audience.

North Carolina AI governance FAQs

What is North Carolina Bulletin No. 24-B-19?
It is the bulletin the North Carolina Department of Insurance issued on December 18, 2024 adopting the NAIC Model Bulletin on the Use of AI Systems by Insurers. It tells insurers that existing North Carolina insurance laws apply to any decision an AI system touches and expects each insurer to maintain a written AIS Program.
Which companies have to comply in North Carolina?
Any insurer that holds a certificate of authority to do business in North Carolina, across property and casualty, life, and health lines. The bulletin is not limited to a single line of business.
Can our AIS Program use the NIST AI Risk Management Framework?
Yes. Bulletin 24-B-19 states the AIS Program may adopt, incorporate, or rely on a framework developed by an official third-party standards organization, such as the NIST Artificial Intelligence Risk Management Framework, Version 1.0, in whole or in part. The program can sit inside or alongside the insurer's enterprise risk management program.
How will North Carolina enforce it?
Through existing authority. The bulletin grounds AI use in the unfair trade practices statute (Chapter 58, Article 63, including N.C. Gen. Stat. § 58-63-15), the Rating Laws, and the Corporate Governance Annual Disclosure requirements, and the Department can request AIS Program documentation during a market conduct action or investigation.
How does a North Carolina insurer get ready?
Stand up a written AIS Program covering governance, risk management and internal controls, and third-party oversight, then keep model inventories, validation records, and a clear data-to-decision trail examination-ready.
Sources
  1. North Carolina DOI Bulletin No. 24-B-19 (December 18, 2024)
  2. NAIC Model Bulletin on the Use of AI Systems by Insurers (Dec 4, 2023)
  3. NAIC Big Data and AI (H) Working Group implementation map (as of April 1, 2026)
  4. N.C. Gen. Stat. Chapter 58, Article 63 (Unfair Trade Practices, including § 58-63-15)
  5. N.C. Gen. Stat. Chapter 58, Article 10 (Corporate Governance Annual Disclosure, Part 11)
  6. N.C. Gen. Stat. § 58-40-20 (Rating Laws: rate standards)

Get audit-ready for North Carolina Bulletin 24-B-19

Swept AI supervises your models and produces the AIS Program evidence North Carolina examiners can request.

Book a demoExplore the platform