A managing director at a regional commercial broking firm recently described her typical week: eighty emails, thirty renewal reminders, four mid-term adjustments, and a claims update that needed translating from insurer jargon before it could go to the client. AI vendors keep emailing her promising that agents can fix all of this. She wants to know which promises are real and which would land her in trouble with the FCA.
What does an AI agent actually do in insurance?
An AI agent is a software system that carries out multi-step tasks without a human triggering each step, using a large language model to decide what to do next. In insurance, that means reading a document, extracting key data, drafting a message, or routing a query to the right handler. The agent pauses for human approval at defined checkpoints, and that checkpoint design is where the safety of the whole system lives.
UK insurers have moved considerably further along this road than brokers have. Aviva has deployed more than 80 AI models in claims, covering fraud detection, triage, and reserving. Microsoft reports that insurance platform Nsure.com handles around 60% of customer questions on payments, renewals, and discounts through an AI copilot, with claim cycle times coming down from weeks to hours in some cases. Capgemini found that UK insurers were deploying agents to process applications and counter fraud by 2024, creating new supervisory roles rather than cutting headcount.
On the broking side the picture is earlier but visible. Mark Costello’s Meshed describes itself as the UK’s first AI-native commercial insurance broker, using AI to automate data collection and quote comparison while keeping human advisers responsible for the final placement decision. That separation, AI for the admin layer and humans for the advice layer, is the model worth examining.
Why does this matter for a small UK brokerage right now?
Admin is the hidden cost that squeezes margins in small brokerages. Renewal packs, proposal form extraction, claims status messages, and CRM updates can absorb a significant share of a broker’s week without adding anything to the advice relationship. AI agents that take on the repetitive parts of that workflow free up the time a client actually values: the relationship, the market knowledge, the recommendation.
The UK AI in insurance claims processing market was estimated at $1.5 billion in 2023, with automated processing the largest segment. That figure reflects large insurers, not brokers, but it signals where infrastructure investment is heading. Tools that were Aviva-scale only a few years ago are now available as SaaS products for intermediaries.
The competitive pressure matters too. A broker who turns around a renewal pack faster and keeps a client better informed during a claim is harder to replace, even if the underlying product access is the same. The FCA’s Consumer Duty, in force since July 2023, adds a further dimension: firms must demonstrate that their services deliver good outcomes, and an over-stretched broker who misses a renewal date or communicates poorly during a claim is a compliance problem as much as a service one.
Where can AI agents help a brokerage safely?
Four areas stand out as low-risk for a UK broker today: triaging inbound queries, preparing documents for submission, keeping clients updated on claims status, and handling back-office tasks such as call notes and CRM hygiene. In each case the AI processes information and handles logistics; the broker retains responsibility for anything that touches advice, suitability, or a coverage decision.
An AI agent sitting at the front of your inbox can classify incoming queries by type, collect basic facts, route to the right handler, and do this outside business hours. UK vendor Click4Assistance runs exactly this model through its Arti agent, built for regulated sectors and designed to hand off to a human as soon as a query needs professional judgement. The broker’s regulatory exposure here is modest: the agent gathers and routes, a person decides.
Document preparation is one of the lowest-risk use cases. McKinsey describes intake agents that ingest submissions and extract data from surveys, loss histories, and inspection reports into structured summaries for underwriters and brokers. For a small brokerage, the same pattern applies to proposal forms: the agent reads the document, pulls out key fields, flags missing information, and prepares a draft pack. The broker checks the output and decides what goes to market.
For claims status and admin, similar tools work well. Agents can translate insurer updates into plain English, generate status emails, and send document reminders. Agents drafting call notes into a CRM, summarising email threads into action lists, and preparing first-draft renewal reminders are low-risk because they do not make decisions. A person still reviews and approves before anything reaches the client.
When does the regulatory risk tip against you?
Three scenarios carry regulatory risk that outweighs the productivity gain for a UK broker. Letting an AI agent make product recommendations without human review creates an almost impossible suitability audit trail under FCA ICOBS rules. Feeding client proposal forms or claims details into a public large language model creates data protection problems under ICO guidance. Allowing agents to initiate financial actions without explicit human checkpoints is the third.
On advice, ICOBS requires that recommendations are suitable for the customer’s individual demands and needs and that the client understands what they are receiving. The Consumer Duty adds the requirement to demonstrate good outcomes and comprehensible communications. If an AI agent picks a product without a human checking the reasoning, producing that evidence becomes extremely difficult. In 2023, the FCA fined GAP insurance providers and intermediaries more than £2.4 million for product oversight failures, without any AI involved. The accountability bar is already high before you introduce automation.
On data, the ICO’s guidance on generative AI is explicit: firms remain responsible for lawful basis, purpose limitation, and data minimisation when using third-party AI tools. Sending full proposal forms or claims narratives to a consumer chatbot almost certainly breaches this, particularly where the tool is hosted outside the UK or EU without appropriate contractual safeguards. The ICO investigated Snap’s My AI chatbot in 2024 over inadequate risk assessment before launch. A broker deploying a customer-facing AI assistant faces the same scrutiny.
On financial controls, any AI agent with authority to alter bank details, initiate refunds, or bind cover without a human approving each step creates both fraud exposure and regulatory breach. The FCA and NCSC have both flagged technology-enabled fraud as a cross-cutting priority. Strong human checkpoints for any action touching money or cover are not discretionary.
What governance do you need before you go live?
Deploying even a low-risk AI agent requires three things from a UK brokerage: a written record of where AI sits in your client-facing workflow, a named person accountable for each system, and a data protection impact assessment for any tool that touches client information. The NCSC adds a fourth: treat AI agents like any other critical SaaS system, with least-privilege access and monitoring for unusual behaviour.
Existing FCA rules on governance, operational resilience, and model risk already apply to AI-enabled processes, without new AI-specific legislation being required. The Bank of England and FCA confirmed this in their joint 2022 review of machine learning in UK financial services. For an owner-operated brokerage, that means the compliance holder needs to know which AI systems are in use, what they are authorised to do, and who checks their outputs before they reach a client.
On data, the ICO requires a DPIA where AI processing is high-risk, which covers tools that profile clients or could produce decisions with significant effects on individuals. UK GDPR Article 22 restricts solely automated decisions that significantly affect individuals, which can capture automated insurance decisions where no human meaningfully reviews the outcome. Keeping a human in the loop for any decision that could affect a client’s cover is both a legal requirement and the clearest defence you have.
The practical asset register does not need to be elaborate. For each AI tool: what does it do, what client data does it touch, who checks the output, what happens if it gets something wrong. Start with one agent in one workflow, run it with human oversight, then expand from there. That approach is more defensible with the FCA and the ICO than a broad rollout with governance written after the fact.
