Complex US environment may strangle open insurance at birth

When the Consumer Financial Protection Bureau (CFPB) ruled to implement Section 1033 of the Dodd-Frank Act in late 2024, proponents of open finance in the US were hopeful the disparate institutional approaches to allowing customers to benefit from their own data would soon align. The subsequent gutting of the CFPB has, however, prompted insurers to reconsider their initial optimism. 

Until then, the US had relied on market forces to deliver open banking, finance and insurance. This contrasted with Europe and the UK, which had used regulatory mandates to expand open finance beyond retail bank accounts. 

The CFPB ruling mandated that consumers can have access to their financial data and securely share it with third parties, such as fintech companies. If implemented, 1033 could serve as the regulatory basis for open banking in the US and see the US follow a similar path to the EU and the UK, focusing on consumer consent, data standardisation and increasing financial competition. 

However, even before the change in the US federal administration, many financial institutions objected to the rule as too complex and challenging, and its future is now in doubt as the new US administration has made massive cuts to the CFPB.

European example

Despite this current political manoeuvring, many in the industry viewed the implementation of 1033 as a signal the US would follow the example of open finance movements elsewhere. 

As part of these movements, open insurance is gaining traction throughout the global insurance industry. Like open banking, it involves the industry transitioning to a connected data ecosystem powered by open application programming interfaces (APIs). However, most open insurance initiatives have not been driven by regulation. 

Following the logic of global expansion, in a written commentary published this spring, Alistair Brown, VP, Open Banking and Payments at EPAM Systems, says that the “richer data” coming from the Dodd-Frank 1033 regulation “will maximise the activity and profitability of US insurance companies, allowing them to deliver services better tailored to customers’ coverage and budgetary needs.”

Open banking “enables insurers to leverage diverse data sources for personalised products, enhanced risk assessment and streamlined claims processing”, said Brown, adding: “It will also optimise core functions, from underwriting and policy servicing to billing/collections and claims processes, fostering innovation while reducing manual processes and improving data accuracy.”

Despite this, even if its future was secure, the 1033 rule would not apply to insurance companies because they do not offer “Reg E” accounts related to the Electronic Fund Transfer Act (EFTA), such as chequing, savings, credit cards, or mobile wallets.

According to Lisa Wardlaw, chief operating officer at insurance technology firm IRYS Insurtech, while 1033 wasn’t written with insurance in mind, it could force the industry “to confront its deeply fractured data posture”.

“Most carriers still treat data as a proprietary asset, not as an active contract with the insured,” she said. “That worldview collapses under 1033. It’s not about compliance, it’s about control. And for the first time, control might shift.”

A primary driver of open insurance is customer demand for personalised insurance products and related services. According to a report from consulting group Deloitte, Unlocking the strategic power of partnerships in insurance, the demand for customer-centric experiences delivered via open insurance, sometimes called embedded insurance (distributing insurance policies at the point of sale) — is projected to exceed US$722 billion in premiums globally by 2030.

Embedded insurance

Embedded insurance would allow insurers to bundle products and offer integrated solutions through partnerships with industries such as automotive, retail and real estate, according to Deloitte. 

Matheus Riolfi, co-founder and CEO at embedded insurance provider Tint, agrees with IRYS Insurtech’s Wardlaw that the insurance industry is watching 1033 cautiously. 

“While it doesn’t directly regulate insurance, the rule signals a broader shift toward consumer data ownership that could eventually reach insurers. Some view it as a model for future open insurance frameworks, though others remain wary due to regulatory ambiguity,” he said. 

Building on lessons from open banking, open insurance offerings are growing in regions that have more mature open finance ecosystems. The US is at the beginning of that growth and grappling with some of the common issues institutions have with open finance, such as developing and dealing with APIs. 

According to Riolfi, while some “forward-looking carriers and insurtechs” are building modern API stacks, the industry overall struggles with fragmented systems, legacy infrastructure and a lack of standardised data formats. “This creates friction that undermines the full promise of open insurance,” he said. 

Wardlaw believes the US insurance industry is “not even close” to being ready for open finance. 

“The data itself isn’t the problem — it’s the misalignment between where that data lives, how it is or isn’t structured, and how decisions are made. You can’t plug open access into a closed system and expect anything but latency and leakage,” she said. 

“This is not a data connectivity challenge. It’s an execution substrate problem — the foundational layer where real-time decisions, provenance, and trust enforcement must actually happen.”

Potential in the US

Both Wardlaw and Riolfi acknowledge the potential for open insurance in the US. Access to real-time, permissioned data would enable more innovative underwriting, automated claims, and more personalised products, Riolfi said. 

“Open insurance is designed to benefit consumers by increasing transparency, portability and personalisation,” he added. “It also creates new growth paths for insurers and platforms that can embed insurance into everyday experiences.”

However, Wardlaw warned: “If we keep playing it safe it benefits aggregators and platform intermediaries who monetise the access without redistributing the power. Open insurance in the US isn’t a data-sharing initiative, it’s a systemic reckoning. 

“The real story isn’t whether insurers can expose APIs — it’s whether their infrastructure can support the weight of true data agency, consent enforcement and cross-entity coherence.”