WHAT THIS BILL REGULATES · 1 REQUIREMENT TYPE
How Is This Bill Enforced
Verbatim statutory text on the left; plain-language analysis and a per-section checklist on the right. Numbered markers cross-link to the matching checklist row.
(a)(1)–(3) Definitions. For purposes of this section: (1) "Underwriting modelUnderwriting model"Underwriting model" means any algorithm, formula, or structured methodology used by an insurance carrier to assess risk, determine premiums, or evaluate eligibility for coverage.Ins. Law § 338(a)(1)" means any algorithm, formula, or structured methodology used by an insurance carrierInsurance carrierEvery insurance carrier authorized to do business in this state.Ins. Law § 338(b) to assess risk, determine premiums, or evaluate eligibility for coverage. (2) "Granular claim dataGranular claim data"Granular claim data" means detailed, record-level information regarding claims, including but not limited to claim type, amount, date, geographic location, and resolution status.Ins. Law § 338(a)(2)" means detailed, record-level information regarding claims, including but not limited to claim type, amount, date, geographic location, and resolution status. (3) "Mutually agreed department staffMutually agreed department staff"Mutually agreed department staff" means employees or agents of the department designated by the superintendent and agreed upon with the insurance carrier for purposes of review.Ins. Law § 338(a)(3)" means employees or agents of the department designated by the superintendent and agreed upon with the insurance carrierInsurance carrierEvery insurance carrier authorized to do business in this state.Ins. Law § 338(b) for purposes of review.
Subsection (a) establishes three defined terms that frame the scope of the regulatory access mandate. Underwriting model is defined broadly to include any algorithm, formula, or structured methodology used to assess risk, determine premiums, or evaluate coverage eligibility — a definition wide enough to capture traditional actuarial formulas as well as machine-learning and AI-based underwriting tools. Granular claim data covers detailed record-level claims information. Mutually agreed department staff limits the personnel who may access carrier information to those designated by the Superintendent and agreed upon with the carrier, providing a procedural safeguard.
(b) 1 Access to underwriting modelsUnderwriting model"Underwriting model" means any algorithm, formula, or structured methodology used by an insurance carrier to assess risk, determine premiums, or evaluate eligibility for coverage.Ins. Law § 338(a)(1). Every insurance carrierInsurance carrierEvery insurance carrier authorized to do business in this state.Ins. Law § 338(b) authorized to do business in this state shall provide access to its underwriting modelsUnderwriting model"Underwriting model" means any algorithm, formula, or structured methodology used by an insurance carrier to assess risk, determine premiums, or evaluate eligibility for coverage.Ins. Law § 338(a)(1) to mutually agreed department staffMutually agreed department staff"Mutually agreed department staff" means employees or agents of the department designated by the superintendent and agreed upon with the insurance carrier for purposes of review.Ins. Law § 338(a)(3), upon request of the superintendent.
Subsection (b) imposes the bill's primary regulatory access obligation: every authorized insurance carrier must provide access to its underwriting models to mutually agreed DFS staff upon the Superintendent's request. This is the core mechanism by which DFS can examine algorithmic or formulaic underwriting practices for fairness, accuracy, and compliance with insurance law. The access is request-driven — carriers need not proactively submit models, but must produce them when asked.
(c) 2 Access to granular claim dataGranular claim data"Granular claim data" means detailed, record-level information regarding claims, including but not limited to claim type, amount, date, geographic location, and resolution status.Ins. Law § 338(a)(2). In the event that underwriting modelsUnderwriting model"Underwriting model" means any algorithm, formula, or structured methodology used by an insurance carrier to assess risk, determine premiums, or evaluate eligibility for coverage.Ins. Law § 338(a)(1) are not available, an insurance carrierInsurance carrierEvery insurance carrier authorized to do business in this state.Ins. Law § 338(b) shall provide access to granular claim dataGranular claim data"Granular claim data" means detailed, record-level information regarding claims, including but not limited to claim type, amount, date, geographic location, and resolution status.Ins. Law § 338(a)(2) to mutually agreed department staffMutually agreed department staff"Mutually agreed department staff" means employees or agents of the department designated by the superintendent and agreed upon with the insurance carrier for purposes of review.Ins. Law § 338(a)(3), sufficient to allow the department to evaluate underwriting practices and risk assessment methodologies.
Subsection (c) creates a fallback obligation: when underwriting models are not available — whether because they are proprietary third-party systems, not reducible to a reviewable form, or otherwise inaccessible — the carrier must instead provide granular claim data sufficient for DFS to evaluate underwriting practices and risk assessment methodologies. This ensures DFS retains regulatory visibility even when model access is impracticable.
(d) Confidentiality. Information provided under this section shall be subject to confidentiality protections consistent with applicable state and federal law. Department staff shall maintain such information solely for regulatory purposes.
Subsection (d) provides that all information disclosed under this section is subject to confidentiality protections consistent with applicable state and federal law, and restricts DFS staff to using the information solely for regulatory purposes. This provision does not create an affirmative compliance obligation on the carrier — it constrains DFS's use of the disclosed information.
(e) Compliance. Failure to comply with this section shall constitute a violation and may subject the insurance carrierInsurance carrierEvery insurance carrier authorized to do business in this state.Ins. Law § 338(b) to penalties under section one hundred nine of this chapter, including fines, suspension, or revocation of license.
Subsection (e) establishes the enforcement mechanism: failure to comply with the section's access requirements constitutes a violation that may subject the carrier to penalties under Insurance Law § 109, which authorizes fines, license suspension, or license revocation. This is the sole enforcement mechanism — no private right of action is created.
This act shall take effect on the ninetieth day after it shall have become a law.
The act takes effect on the ninetieth day after it becomes law. Because the bill has not been enacted, no specific effective date can be computed.