See how Forma Health supervises their AI
Insurance Notice 2024-04Adopted

AI governance for Pennsylvania insurers

The Pennsylvania Insurance Department issued Insurance Notice 2024-04 (54 Pa.B. 1910) on April 6, 2024, adopting the NAIC Model Bulletin on the Use of AI Systems by Insurers. It reminds insurers that any decision or action affecting consumers must comply with Pennsylvania insurance law, including the laws on unfair trade practices and unfair discrimination, regardless of whether an AI system supported the decision. The notice expects each insurer to maintain a written AIS Program sized to the risk of adverse consumer outcomes, and it reaches the full insurance life cycle, from product development through underwriting, claims, and fraud detection. It recognizes the NAIC's 2020 Principles on Artificial Intelligence as an appropriate source of guidance.

Talk to an expertExplore the hub
Notice2024-04
IssuedApril 6, 2024
EffectiveUpon issuance
BasisNAIC model bulletin

What Pennsylvania expects from your AIS Program

Pennsylvania adopted the NAIC model with some changes. The four pillars below are the shared foundation.

Governance

A written program with clear ownership. Senior management is accountable to the board, and a cross-functional body oversees AI across its whole life cycle.

Risk Management & Internal Controls

Controls at every stage of the model life cycle, from data sourcing through retirement, sized to the potential harm to consumers.

Third-Party AI Systems & Data

The insurer stays responsible for AI it did not build. Vendor relationships need diligence, contract rights, and the ability to produce evidence.

Documentation & Audit-Readiness

Section 4 spells out what an examiner can ask for. Treating that list as a standing requirement is what keeps a program defensible.

Legal authority

The Pennsylvania Insurance Department grounds the bulletin in laws it already enforces:

  • Unfair Insurance Practices Act40 P.S. §§ 1171.1 to 1171.15
  • Casualty and Surety Rate Regulatory Act40 P.S. §§ 1181 to 1199
  • Corporate Governance Annual Disclosure40 Pa.C.S. §§ 3901 to 3911

Who it applies to

The bulletin reaches every entity holding a Pennsylvania certificate of authority, including:

  • Property and casualty insurers
  • Life and annuity insurers
  • Health insurers, HMOs, and PPOs
  • All other entities holding a Pennsylvania certificate of authority

State-specific changes: Pennsylvania tracks the NAIC model and expressly allows the AIS Program to adopt, incorporate, or rely on a recognized framework such as the NIST AI Risk Management Framework v1.0. The core program expectations match the national framework.

Learn the basics

Resources for Pennsylvania insurers

Start with these plain-language explainers and field guides.

Guide

What is the NAIC Model Bulletin on AI?

The NAIC Model Bulletin on the Use of AI Systems by Insurers is the template most states use to set AI governance expectations. Here is what it says and why it matters.

Guide

What is an AIS Program?

An AI Systems Program (AIS Program) is the written program the NAIC Model Bulletin expects every insurer to maintain. Here are its four pillars and what each one requires.

Guide

What are the NAIC AI Principles?

The NAIC AI Principles, adopted in 2020, are the foundation beneath every state AI bulletin. The five principles spell FACTS: Fair, Accountable, Compliant, Transparent, and Secure.

Guide

AI in Insurance: Key Regulatory Definitions

The NAIC Model Bulletin defines the terms that carry legal weight, from AI System to Adverse Consumer Outcome to Model Drift. Here is what each one means for insurers.

Article

Insurance Regulators Are Forcing AI Governance. Most Carriers Aren't Ready.

State insurance regulators and bar associations are sounding the alarm on AI in insurance. Legal and regulatory pressure is forcing insurers to operationalize AI governance, not just document it.

Article

The NAIC Bulletin Is the Floor Your Reinsurer Will Hold You To

Twenty-four jurisdictions have adopted the NAIC Model Bulletin on AI. Most carrier compliance teams are working to the regulatory text. Their reinsurers will use the same document as an evidentiary baseline at the next placement, and the cedent that meets the floor and stops there is preparing for the wrong audience.

Pennsylvania AI governance FAQs

What is Pennsylvania Insurance Notice 2024-04?
It is the notice the Pennsylvania Insurance Department issued on April 6, 2024 (54 Pa.B. 1910) adopting the NAIC Model Bulletin on the Use of AI Systems by Insurers. It tells insurers that existing Pennsylvania insurance laws apply to any decision an AI system touches and expects each insurer to maintain a written AIS Program.
Which companies have to comply in Pennsylvania?
Any insurer that holds a certificate of authority or is otherwise authorized to do business in Pennsylvania, across property and casualty, life, and health lines. The notice also reaches HMOs, PPOs, and the other entities authorized to engage in the business of insurance in the Commonwealth.
Can our AIS Program use the NIST AI Risk Management Framework?
Yes. Notice 2024-04 states the AIS Program may adopt, incorporate, or rely on a framework developed by a recognized standards organization, naming the NIST AI Risk Management Framework v1.0, in whole or in part.
How will Pennsylvania enforce it?
Through existing authority. The notice ties AI use to the Unfair Insurance Practices Act (40 P.S. §§ 1171.1 to 1171.15), the Unfair Claims Settlement Practices regulations (31 Pa. Code §§ 146.1 to 146.10), the rate regulatory acts, and the Corporate Governance Annual Disclosure provisions (40 Pa.C.S. §§ 3901 to 3911). The Department can examine AI use during investigations and market conduct actions.
How does a Pennsylvania insurer get ready?
Stand up a written AIS Program covering governance, risk management and internal controls, and third-party oversight, then keep model inventories, validation records, and a clear data-to-decision trail examination-ready.
Sources
  1. Pennsylvania Insurance Department: Insurance Notice 2024-04 (54 Pa.B. 1910, April 6, 2024)
  2. Pennsylvania Insurance Department: guidance announcement (April 2024)
  3. NAIC Model Bulletin on the Use of AI Systems by Insurers (Dec 4, 2023)
  4. 40 P.S. §§ 1171.1 to 1171.15 (Unfair Insurance Practices Act)
  5. 40 P.S. §§ 1181 to 1199 (Casualty and Surety Rate Regulatory Act)
  6. 40 Pa.C.S. §§ 3901 to 3911 (Corporate Governance Annual Disclosure)

Get audit-ready for Pennsylvania Notice 2024-04

Swept AI supervises your models and produces the AIS Program evidence Pennsylvania examiners can request.

Book a demoExplore the platform