For many insurers, the technology running their core operations is old enough to vote – and that’s becoming an existential problem. Jullie Hands (pictured), partner of business consulting and insurance transformation at EY, says too many firms are still running mission-critical systems built more than two decades ago, exposing them to compounding operational, security, and competitiveness risks.
“Operating on legacy systems poses substantial risks for insurers. These outdated platforms hinder agility, limit data integration, and expose firms to cybersecurity vulnerabilities,” Hands told Insurance Business.
The issue is no longer limited to technical debt. For insurers trying to stay competitive in a market defined by real-time data, embedded distribution, and personalized underwriting, legacy systems have become a structural constraint. The lack of integration prevents seamless data flows across underwriting, claims, and distribution – slowing decision-making, complicating compliance, and limiting the use of advanced analytics.
Pressure is also mounting from regulators and consumers alike. As open-data frameworks and consumer protection standards evolve, insurers must demonstrate transparency in pricing and faster claims responsiveness – goals that are nearly impossible to achieve with outdated infrastructure. For many, the question is no longer whether to modernize but how quickly they can do it without disrupting core operations, Hands said.
At the same time, aging architecture increases cyber exposure. Patching older systems often requires workarounds that can open new vulnerabilities, while integration with cloud-based applications multiplies the potential attack surface. “The risk isn’t just operational, it’s strategic,” Hands noted.
Insurers that delay modernization are finding it increasingly difficult to launch new products or adapt to regulatory change. In an industry now competing on speed, those still reliant on 25-year-old systems risk falling behind more nimble, tech-enabled competitors.
Even where modernization is underway, another tension is emerging. The rise of digital-first distribution models in commercial lines offers speed, reach, and efficiency – but it also risks eroding the traditional broker–client relationship that underpins much of the industry’s trust.
Hands cautioned that automation must not come at the expense of professional advice. The risk in purely digital models is that clients, especially small and mid-sized businesses, may purchase coverage that doesn’t match their risk exposure. Those mismatches only surface at claim time, undermining satisfaction and confidence in both broker and carrier.
Another risk lies in over-automation itself. Efficiency can easily turn into rigidity when algorithms replace human judgment in complex or high-stakes scenarios. A few early adopters, Hands noted, have even had to reverse parts of their automation rollouts after customer feedback revealed gaps in personalization and policy suitability. Maintaining a balance between automation and advisory input is critical, she said, particularly in commercial lines where no two risk profiles are alike.
“The goal isn’t to remove people from the process, just making sure they can focus where they add most value,” she said.
Digital-first doesn’t mean human-last. As distribution models evolve, success will hinge on preserving the personalized expertise that clients have always associated with commercial insurance.
Meanwhile, the rise of captive insurance models is reshaping how large companies manage risk – but Hands argued it’s a mistake to interpret that growth as a failure of traditional insurance.
“Captives are less about traditional insurance failing certain sectors, and more about optimizing capital and risk management strategies as organizational needs and risk predictability evolve,” she said.
Captives make sense when organizations face predictable, lower-severity risks that occur in high volume. Once a risk becomes statistically predictable, transferring it to the traditional market often becomes less cost-effective. Industries such as energy, logistics, and construction have increasingly turned to captives to stabilize costs and retain control over data and claims.
That doesn’t mean insurers are being pushed out. Hands said traditional carriers can still play a valuable role by offering complementary services such as claims administration, regulatory support, and compliance guidance – areas where scale and institutional knowledge remain critical.
As companies explore alternative risk structures, the opportunity for insurers lies not in resisting the shift but in supporting it – adapting their role in an evolving ecosystem where speed, trust, and technical precision matter more than ever.
