Before there was a model bulletin, there were the principles. The NAIC adopted its AI Principles in August 2020, and they remain the foundation beneath every state bulletin that followed. Understanding them makes the rest of the framework click into place, because each later requirement is a principle made concrete.
The five principles are easiest to remember by the mnemonic FACTS.
Fair and Ethical (F)
AI should respect the rule of law across its whole life cycle, and it should avoid proxy discrimination against protected classes. This is the principle behind the bulletin's insistence that AI-driven decisions cannot be unfairly discriminatory, even when the discrimination is unintended. Work on bias and fairness traces directly back here.
Accountable (A)
The people and organizations behind an AI system are responsible for how it behaves, including outcomes they did not intend. There is no hiding behind the algorithm. Accountability is why the AIS Program expects named ownership and board-level oversight.
Compliant (C)
AI systems must follow the insurance laws of every jurisdiction they touch, whether a violation is intentional or not, and compliance is treated as an ongoing process rather than a one-time check. This is the principle that makes state-by-state adoption matter so much.
Transparent (T)
Stakeholders and regulators should be able to inquire about and seek recourse for AI-driven decisions, with explanations they can actually understand. The principle balances disclosure against an insurer's right to protect proprietary models, which is why explainability is a recurring theme in examinations.
Secure, Safe, and Robust (S)
Systems should be traceable and resilient across their life cycle, with continuous, systematic risk management. In practice this is converging with cybersecurity: the access controls, change management, and monitoring an insurer already runs for critical systems are exactly what regulators now expect around models.
Why the principles still matter
The principles are guidance, not law. They do not impose liability on their own. But they are the reference point regulators return to, and they explain the why behind every expectation in the bulletin. When an examiner asks how a control protects fairness or supports accountability, they are testing the principles in operational form.
For insurers, the practical move is to map your AIS Program back to these five ideas, so every control has a clear reason to exist. Swept AI helps turn that mapping into evidence. See how it works, or explore the requirements for your state.
What are FAQs
They are five high-level principles the NAIC adopted in August 2020 to guide the responsible use of AI in insurance: Fair and Ethical, Accountable, Compliant, Transparent, and Secure, Safe, and Robust. They are often remembered by the mnemonic FACTS.
No. The principles are guidance, not law. They carry weight because they are the foundation regulators reference in the NAIC Model Bulletin and in examination expectations.
The 2020 principles came first and set the philosophy. The 2023 model bulletin operationalizes them, turning ideas like fairness and accountability into expectations for a written AIS Program and examinable controls.
Fair and ethical, Accountable, Compliant, Transparent, and Secure, safe, and robust. It is a mnemonic for the five NAIC AI Principles.