No-code and low-code platforms in the insurance industry

No-code platforms are becoming increasingly popular among insurers striving to migrate away from legacy systems and unshackle themselves from the burden of manually coding everything.

The need is clear: as consumers face greater cost-of-living pressures and the global economy stares down the barrel of a prospective recession, insurance is going to be one of the sectors adversely affected. As insurance falls down the priority list for consumers, insurers will need to find a competitive edge wherever they can – perhaps becoming leaner,  improving fraud detection, or raising the accuracy of risk modelling and the precision of policy pricing.

According to McKinsey, premium growth within the insurance sector contracted to just 1.2% in 2020 compared with a growth rate of more than 4% in each of the prior 10 years, while profits fell by around 15% from 2019.

James Lawrence, Director of Insurance for McKinsey, says: “Insurance companies need digital solutions that play well with their legacy systems, allowing them to dismantle outdated platforms incrementally instead of enduring the cost and risk involved with a mass overhaul of the entire infrastructure. By using a low-code application platform, companies can tailor and develop their own applications to best accommodate their needs.”

How do no-code platforms benefit insurers?

Insurers are increasingly turning to no-code platforms, attracted by the ease with which they can build quote journeys, automation rules, documents, rates and email templates among other things. Tim Hardcastle, CEO and Co-Founder of Instanda, explains: “No-code platforms are tailored to the insurance industry, with all of the key workflows and processes already built in to help automate the entire insurance value chain.

“Take, for example, automated renewals. When the renewal staging date passes, the system can be configured to automatically collect third-party, fire underwriting rules, then automatically generate and send the necessary documents, making it so that underwriters don’t need to spend valuable time on low-risk policies.”

Filip Verloy is a technical evangelist for API security platform Noname Security. He elaborates: “No-code offers numerous benefits over the alternative, resource-intensive way of building custom applications. One benefit is the functionality can be closely matched to the actual process being digitised.

“The analogue process is usually the starting point for the creation of the low-code app, whereas it isn’t possible to fully customise regular, off-the-shelf software to the same extent. If we think about the insurance industry – with its myriad of rules, regulations and need for integration with external systems – a low-code-accelerated process is ideal.”

Fostering diversity of talent throughout a business

One of the welcome side effects of low-code builders is that they allow more people from within an organisation to get involved with the development of new products or workflows, thus increasing the diversity of talent within a business. Previously, a highly technical skillset was required – alongside an aptitude for code – but now, codeless builders allow relatively unsavvy employees to get hands-on, too.

“Many enterprises are struggling to hire developers,” explains Noname Security’s Filip Verloy. “Therefore, the opportunity for citizen developers to step in using no-code apps can dramatically accelerate the digital transformation of a business. Citizen developers don't need to actually write lines of code but can use a User Interface (UI) to drag-and-drop elements, connecting them together and to external data sources.”

Rather than making highly-qualified coders obsolete, it “opens up a great deal of capacity” for them to focus on “more value-adding projects such as streamlined FNOL, AIenabled fraud detection and data insights”, adds Instanda’s Tim Hardcastle.

What benefits can be passed on to insureds?

Ultimately, an insurance company switching to a no-code platform must bear fruit. There must be a stronger business case than just simplifying complicated legacy systems, and the end-customer must be able to see the result.

Hardcastle says: “No-code platforms put tech in the hands of insurance people on the front line of pricing decisions, distribution decisions and data-enrichment decisions. This tech enablement helps insurers transform front-end consumer experiences at speed and low cost.

“For example, one of our MGA clients in Canada has launched more than 25 products in the last year using our platform. Their team was able to build 25 sets of products, rates, forms, and front-end experiences with minimal guidance from our implementation experts. The no-code nature of the platform enabled them to quickly iterate based on customer needs and operate with a lean team of business users. They leveraged the pre-existing generic workflows and processes of an insurance platform then added, through no-code configuration, all the key elements to create a highly varied, differentiated insurance portfolio in months. As a result, their business growth is dramatic. In their first year, they will write over $20mn, and they expect to reach over $100mn within three years from a standing start.

“No-code platforms are also more flexible when it comes to customer and policy data, meaning they can break down silos of information and offer more personalised products. Many other fintech industries have already stolen a march on the insurance sector by becoming more retail-like in this way.”

Are no-code systems inherently more secure?

Insurers who embrace no-code technology will quickly discover that it’s cleaner and simpler from a UI perspective – but this doesn’t necessarily mean that no-code is safer, Filip Verloy says. “Overall, low-code and no-code apps aren’t inherently more secure than traditional apps. Just because they hide the back-end complexity for developers, doesn’t mean that complexity is not there anymore. Furthermore, these apps still run on infrastructure, and infrastructure remains insecure by default.”

Instead, insurers should be wise to the security implications that exist and continue to be vigilant, particularly with the threat landscape the way it is. Verloy continues: "It should be assumed that citizen developers are not cybersecurity experts. Considering how easy it is to consume and potentially manipulate APIs – the data sources tying these low-code apps together – we need to ensure that platforms can be built as securely as possible.

“Currently, the focus is on ease-of-use and the assumption that the underlying systems exposed via APIs are working as expected and secure. That assumption is not correct, especially in the insurance industry, where multiple third-party systems need to be interconnected for data to be exchanged.

“Therefore, despite simplifying the developer experience, it is vital that security remains paramount. If anything, more security controls need to be in place to train and monitor the influx of citizen developers.”