Compliance & Regulatory

Regulatory Compliance Framework

Reinsured.AI operates under a comprehensive compliance framework designed to meet the rigorous requirements of the global insurance and reinsurance industry. Our platform is built to support your regulatory obligations while enhancing operational efficiency.

Insurance-Specific Regulations

Solvency II (European Union)

• Comprehensive reporting capabilities for Pillar I (quantitative requirements)
• Risk management workflows supporting Pillar II (governance)
• Automated regulatory reporting for Pillar III (disclosure requirements)
• ORSA (Own Risk and Solvency Assessment) data integration
• SCR (Solvency Capital Requirement) calculation support

Lloyd's Market Requirements

• Lloyd's Blueprint Two digital transformation compliance
• Syndicate reporting and data standardization
• Contract certainty requirements
• Claims bordereaux standards (ACORD messaging)

NAIC Requirements (United States)

• Statutory accounting principles (SAP) support
• State insurance department filing compliance
• Risk-Based Capital (RBC) reporting assistance
• Annual statement data preparation

APRA Prudential Standards (Australia)

• CPS 234 Information Security compliance
• Reinsurance arrangements documentation (GPS 230)
• Risk management framework (CPS 220) support

Data Protection & Privacy

GDPR Compliance (EU)

• Data Processing Agreements (DPAs) available for all customers
• Right to access, rectification, and erasure mechanisms
• Data portability in machine-readable formats
• Privacy by design and by default architecture
• EU data residency options available
• Breach notification procedures within 72 hours

CCPA/CPRA (California)

• Consumer rights request processing
• Opt-out mechanisms for data sales (we don't sell data)
• Transparent data collection and use disclosures

Security & Audit Certifications

AI & Model Governance

Our AI models operate under strict governance frameworks:

• Model validation and documentation following regulatory guidance
• Explainability features for AI-driven decisions
• Bias detection and mitigation protocols
• Human oversight requirements for critical decisions
• Model performance monitoring and retraining procedures
• Compliance with emerging AI regulations (EU AI Act readiness)

Audit Trail & Record Keeping

Comprehensive audit trails for all platform activities including user actions, data modifications, AI decisions, and system events. Records maintained for 7 years in accordance with insurance industry standards. Tamper-proof logging with cryptographic verification.

Business Continuity & Disaster Recovery

• 99.9% uptime SLA with financial credits for violations
• Multi-region data replication and failover
• Recovery Time Objective (RTO): 4 hours
• Recovery Point Objective (RPO): 15 minutes
• Annual disaster recovery testing and documentation

Third-Party Risk Management

All subprocessors and vendors undergo thorough due diligence including security assessments, contractual safeguards, and ongoing monitoring. Current subprocessor list available in our Trust Center.

Incident Response

24/7 security operations center (SOC) with defined incident response procedures:

• Immediate detection and containment protocols
• Customer notification within 24 hours of confirmed incidents
• Root cause analysis and remediation
• Regulatory reporting as required
• Post-incident review and improvement processes

Compliance Documentation

Available upon request for qualified customers:

• SOC 2 Type II reports
• Penetration test summaries
• Data Processing Agreements (DPAs)
• Business Associate Agreements (BAAs) if applicable
• Security questionnaire responses
• Subprocessor lists

Contact Our Compliance Team

For compliance inquiries, certification requests, or regulatory questions, contact hello@support.reinsured.ai