Exploring the Intersection Between Exploring the Intersection Between Open Banking & Insurance: Opportunities to Drive Automation (Part 2)
Thanks to the provisions in the Dodd-Frank 1033 legislation, the use of consumer financial data in the US is poised to drive rapid innovation across numerous industries, with especially profound implications on both the financial services and insurance sectors.
The provision itself is designed to better facilitate open banking by allowing consumers to share their financial data with third-party data providers in a standardized format. It also provides FinTechs and authorized third parties with similar access.
To understand the full scope of the impact of Dodd-Frank 1033, we caught up with EPAM’s Global Head of Open Banking and Payments, Alistair Brown, and Manager of Business Consulting for Insurance, Patrick Hughes. In part one of this series, they discussed the consumer impacts of the provision, as well as emerging opportunities for banks and insurers to generate new streams of revenue. In part two, they explore the potential technological innovations that might arise through the proliferation of consumer financial data, particularly in terms of automation and optimization.
Given the Dodd-Frank 1033 provisions provide a framework for the standardization and sharing of consumer financial data, how do you expect the proliferation of this data to impact consumers?
Patrick Hughes: The biggest impacts on the insurance side will develop as carriers are able to ingest greater amounts of this data. This insight is going to translate into improved decision-making and service capability across the entire insurance value chain.
Let’s start with just distribution and underwriting. Carriers are going to be able to form new partnerships with InsureTechs and data-driven platforms, allowing them to connect to new marketplaces. Think about the classic model of purchasing insurance: the consumer either goes to a website or requests a quote through an agent. The proliferation of data resulting from Dodd-Frank 1033 will make it possible for consumers to access insurance marketplaces where they can see a number of similar quotes from a variety of different carriers connected via API portals and third parties.
As far as underwriting is concerned, carriers will also be able to provide more personalized or niche coverage options based on individual needs, providing an improved experience for the customer.
The end result — with all these increased data connections — is going to be a rise in underwriting automation levels provided by the carriers. In turn, this will speed up the policy issuance timeline, resulting in instantaneous, binding policies.
Moving over to the claims side of the house, as carriers enhance their internal systems and partner with new payment vendors or FinTechs, they’ll have the capability to automate processing and settling claims. This ensures that both claimants and the vendors responsible for repairs are paid faster and by their preferred channel, thereby supporting a better overall experience and driving loyalty and retention.
Alistair Brown: I think there's also another factor here that we haven't really spoken about yet, which is that the consumer information that Patrick is describing is going to be of a much higher quality than any time prior. With the implementation of the global messaging standard ISO 20022, the quality of transactional data is set to rise significantly. The net result should be that with all of these other mechanisms in play — the automation and the speed of information exchange — combined with the quality of that data, the consumer will really benefit. Essentially, each individual consumer’s needs will be much more easily addressed because those needs will be much more obvious in the first place. This is where the term hyper-personalization comes into play. With this new richness of data, we will be able to address customer needs much more accurately and much more individually than ever before.
Along with the strategic use of data comes the opportunity for organizations to optimize and even automate core operations. How do you expect this to play out across both the financial services and insurance industries?
AB: I share the conventional wisdom that the banking industry is in dire need of automation in all sorts of areas. Yet, when we look at the insurance industry, it’s clear that automation has got even further to go, and that the insurance companies are starting from an even lower base.
From my perspective, we need to take open banking and modernization as a general push with which automation goes hand-in-hand. There’s no excuse today for lengthy paperwork and blank forms. Given the access to the sheer volume of consumer information banks and insurance carriers are privy to. This stuff needs to be automated. There’s a great opportunity for these two sectors to learn from one another and scoop the cream off the top of the very best practices across the entire set of activities, given how much overlap there is.
PH: I would absolutely agree. Historically, insurance companies have been very slow to change. But the one thing that’s starting to cause a shift is automation. We're seeing a huge push here on all levels, and with Dodd-Frank coming to the US in 2026, there’s going to be a large-scale, data-based endeavor to enhance operations across the entire carrier landscape.
I think we’ll see an escalation toward connected, cloud-based systems and architectures. Similar to retail banks, many insurance companies still rely on legacy books and systems. By modernizing these mainframe-based technologies to modern cloud systems, they’ll be opening the doors to more API-driven, automated workflows.
For insurance carriers, automation will come into all sorts of daily activities along the value chain.
Whether it's underwriting, claim servicing and assessing damage or running hundreds of bank reconciliations a day to post up to your general ledger for financial and statutory reporting, that's all ripe for automation. And that’s all before we start discussing using data and AI to enhance and provide insights to your core team.
I'm glad you touched on the technology standpoint here, as I think that's worth diving into a bit deeper. Given this open banking revolution that is really set to unfold with Dodd-Frank 1033, what do organizations in these sectors need to do to prepare their core systems and where should they focus?
PH: In my opinion, the best starting point is obtaining executive and cultural buy-in, not only to adopt the new open banking regulations coming as a result of Dodd-Frank 1033, but also to truly embrace more customer-centric products and experiences through technology.
The next step is to build out a robust API platform and data strategy, which will obviously require more detailed work on the technical side depending on the current state of your enterprise architecture. Some of the leading insurance carriers are very advanced, others have more work to do to catch up on their cloud maturation journeys. The goal should be to have this connected architecture between your core systems of underwriting, policy administration, claims and so on.
Organizations will also need to develop internal governance models around APIs, how they’re built and the products they’re applied to. Transparency and ethical standards will be vital here. This means taking the proper measures around authentication, authorization, anonymization and encryption.
AB: And if I can pick up on that, one of the main correctives in the third Payment Services Directive (PSD3) in the EU was to look at secure customer authentication and to correct what was effectively a process that initially overprotected the consumer. In effect, PSD2 had slowed down all of these transactions which ought to be happening in real time, but as a result of PSD2, they weren't.
And this is where the US can really take full advantage of the European experiment here. Effectively, what we need is to protect the customer while this process of open data exchange plays out, but to also be mindful of the operation itself. Open Banking is a fantastic set of concepts, but it does open the door to cybersecurity risks that organizations can’t afford to ignore. If fraud were an economy, it would be the fifth largest economy in the world, and it's only going to grow.
In the American market, with over 4,500 banks being mandated by Dodd-Frank 1033 to get involved with this process and start applying it, the opportunity for large-scale fraud is obviously something that needs to be carefully considered. One of our great strengths here at EPAM is cybersecurity. We work very closely with a lot of our banking clients to make sure that they are effectively protecting their consumers while this process of acceleration, automation and information exchange is going on. However, there are going to be a lot of new banks — and related organizations like insurance carriers — playing much more vigorously in this sandbox than ever before. Cybersecurity is something everyone is going to need to get right, and to get right on the first try.
