Insurance Pricing Under the Microscope: Annex III, Fairness and the Audit Trail
When risk pricing becomes a high-risk system, an insurer must be able to reconstruct and defend every individual decision.
The obligations that matter most to insurers under the European Union AI Act were once due to apply in full on 2 August 2026. That date has moved. Under the Digital Omnibus deferral, the stand-alone high-risk obligations now apply from 2 December 2027, and the parts that matter most to insurers move from principle to obligation. Annex III of the Act lists the use cases judged high-risk, and among them sits risk assessment and pricing in life and health insurance. A premium is no longer only an actuarial output. It is a regulated decision that touches a person's access to cover, and the law now expects it to be governed as such. The proof requirements survive the deferral unchanged, so the sensible response is to build now.
This lands into an environment already dense with rules. DORA has been in force across the financial sector since January 2025, NIS2 has widened the perimeter of what counts as critical, and ISO/IEC 42001 has given firms a management-system standard for artificial intelligence to certify against. The question a supervisor will ask in 2026 is narrow. When an automated model sets a person's price, what exactly happened, and can the firm show its working.
What Annex III actually asks of a pricing model
High-risk classification is not a ban and it is not a warning. It is a set of duties. A system used for risk assessment and pricing in life and health insurance must have documented data governance, a risk-management process across its lifecycle, human oversight that is real rather than nominal, and record-keeping that lets the decision be reconstructed after the fact. The obligations are cumulative, and each one produces evidence a regulator can demand.
The record-keeping duty is the one that quietly reshapes system design. It is not enough to store the premium and the answer. The firm needs the inputs that fed the model, the version that ran, the features that moved the score, and a trail showing the human oversight was exercised rather than logged as a box ticked. A pricing decision made in March must still be explicable in full when a complaint arrives in November.
Fairness is a property you have to be able to demonstrate
Insurance has always priced difference. The discipline turns on whether a difference is a legitimate risk factor or a proxy for a protected characteristic the law does not permit an insurer to price on. Annex III sharpens this because a high-risk system carries an explicit duty to guard against discriminatory outcomes, and a supervisor may ask a firm to prove the safeguard worked, not merely that it intended one.
Demonstrating fairness is an evidential exercise. It means showing which features contributed to a given score, testing outcomes across cohorts, and holding the results in a form that cannot be quietly revised later. A model that cannot say why it priced a specific individual is not defensible, however strong its aggregate performance looks on a dashboard. The unit of accountability is the single decision, not the portfolio average.
Why an opaque score fails the test
Many scoring pipelines were built for accuracy and throughput, not for cross-examination. They produce a number, and the reasoning behind it is either discarded or scattered across systems never designed to be read together. Under the new regime that is a structural weakness. If a firm cannot reconstruct the decision, it cannot defend it, or answer the customer who asks a fair question about their own premium.
There is a second, quieter risk in how such systems are hosted. When scoring runs on shared infrastructure operated by a third party, the firm depends on that party's logging, retention and access controls to satisfy its own regulatory duties. Cross-border legal reach compounds this. Under the United States CLOUD Act, data held by a provider subject to US jurisdiction can be compelled regardless of where the servers physically sit. For a European insurer answering to a European supervisor, that is a governance dependency worth examining rather than assuming away.
“A price an insurer cannot reconstruct, explain and cryptographically prove is a price it cannot defend, whatever the model that produced it.”
The signed decision record
The mechanism that answers Annex III is a decision record that is complete and tamper-evident at the moment the score is produced. At Mickai we treat this as a first-class artefact. When our Sovereign Intelligence Operating System scores a risk, it seals the inputs, the model version, the contributing features and the human-oversight step into a single record, and signs it with a post-quantum signature entered into an append-only chain.
Append-only matters because it removes a category of doubt. A later entry cannot silently rewrite an earlier one without breaking the chain, so a decision from six months ago carries proof that it has not been edited to look better in hindsight. The signature is verifiable offline by anyone the firm grants the keys, whether an internal auditor, an external assessor or a supervisor. No live connection to us, and no trust in us, is required to check that the record is authentic and unaltered.
On-premise scoring and the sovereignty of the record
Where the scoring runs is not a detail. Our Sovereign Intelligence Operating System is designed to run offline on the operator's own hardware, behind a zero-egress inbound perimeter, so the sensitive data never has to leave the insurer's control to be priced. The decision record is generated and held where the accountability sits, which collapses the chain of third-party dependencies a cloud-hosted model introduces.
Identity is bound to the hardware itself through hardware attestation, so the firm can prove which machine produced a given record and that the environment was the sanctioned one. For firms already carrying DORA obligations on operational resilience and third-party risk, keeping the pricing engine and its evidence inside the operator's estate simplifies the control problem rather than adding another supplier to assess.
Consensus, oversight and the limits of a single model
Human oversight under Annex III cannot mean a person nodding at a number they cannot interrogate. Meaningful oversight needs the score to arrive with its reasoning attached, and it benefits from a check on the model's own confidence. Our architecture supports cross-model consensus, where more than one sovereign model assesses a case and material disagreement is surfaced to a person rather than averaged into silence.
This is not a claim that a model can adjudicate its own fairness. It cannot, and the human remains accountable. When the reasoning is legible and disagreement is visible, the oversight step has something real to act on, and the record shows what was seen and what was decided. That is the difference between oversight as a control and oversight as a formality. The design principles behind this sealing and consensus work sit within an estate of 104 filed UK patent applications, approximately 2,340 claims, owned by Mickai LTD, never granted or patented and pending examination.
Where this leaves the insurer in 2026
The full application of the AI Act does not ask insurers to abandon automated pricing. It asks them to make each price accountable. The firms that will find August straightforward are the ones that can already answer three questions about any individual decision: what went in, why the score came out as it did, and how the record proves neither has been altered since.
Frameworks such as ISO/IEC 42001 and the discipline of the OWASP work on AI risks give useful structure, but structure needs evidence underneath it. Our position is that the evidence should be produced at the point of decision, signed, and held where the operator can control it, so that defending a price to a regulator or explaining it to a customer draws on the same durable record rather than a reconstruction assembled under pressure. The microscope Annex III trains on insurance pricing is not going away. The insurers who welcome it will be those who built the audit trail before they were asked to show it.




