This is a sample AIReady report for demonstration purposes. Start your own assessment →
Insurance / BFSI · 11 July 2026
Nexus Insurance Group
Overall maturity
2.2 / 5
Developing
Gaps identified
9
3 critical · 5 high
Data readiness
48 / 100
heaviest-weighted domain
Priority actions
5
next 90 days
Where you stand
Nexus Insurance Group is in the Emerging phase of AI readiness. The organisation has initiated several AI pilots — primarily in claims triage and underwriting scoring — but lacks the infrastructure, governance structures, and talent depth to scale responsibly. The highest-priority gaps are in MLOps maturity and AI ethics oversight, not in foundational data or strategy, which are comparatively stronger.
Maturity by domain
Sector benchmark
You rank ahead of 63% of Insurance / BFSI organisations assessed.
Anonymous, based on 27 assessments in your sector.
What to fix first
Appoint a Head of AI / Chief AI Officer with board-level accountability for AI strategy and ethics by end of Q3.
Implement a model registry and MLOps pipeline (Vertex AI or MLflow) before scaling any pilot beyond 1,000 daily decisions.
Commission a bias audit on the underwriting scoring model against gender, age, and geography within 30 days.
Establish an AI Ethics Committee with at least one independent external member and quarterly reporting cadence.
Define and document model performance thresholds (accuracy, fairness KPIs) for each AI use case currently in pilot.
Findings by domain
Strategy & Leadership
Nexus scores above the peer median on strategy and leadership. A board-approved AI strategy, a dedicated budget, and a credible technology leader are meaningful foundations. The gap is the next level down: no named AI accountability owner below CTO, and risk and compliance teams not yet integrated into AI governance. As regulators (IRDAI, EU AI Act) shift from principle to enforcement, this gap will become increasingly visible.
Strengths
Gaps (2)
No named accountability owner below CTO level for AI governance. Risk and compliance functions are not yet involved in AI decision-making.
HighFix: Appoint a Head of AI or delegate AI governance to an existing senior role (CRO/CDO). Define the AI governance charter and table it at the next Board Risk Committee.
AI strategy does not include a use-case risk classification framework. High-risk applications (underwriting, claims denial) are not distinguished from low-risk ones.
MediumFix: Develop a 2×2 risk classification for all current and planned AI use cases (impact severity × deployment scale). Apply proportionate governance based on tier.
Data Readiness
Data foundations are solid — centralised data lake, RBAC, automated quality checks, and a DPO in place. The gap is more subtle: consent frameworks predate DPDP Act enforcement, and AI-specific data reuse has not been explicitly evaluated. This is a targeted legal-compliance exercise rather than a data infrastructure rebuild, and it should be completed before the next model retrain.
Strengths
Gaps (1)
Training data for the underwriting model is sourced from a 7-year historical window that pre-dates DPDP. Consent for AI-specific reuse of that data has not been re-evaluated.
HighFix: Conduct a data lineage audit for all AI training datasets. Identify data collected under pre-DPDP consent frameworks and assess re-consent requirements before the next model retrain.
Model Development & Validation
Model development is the clearest area of immaturity. Informal documentation, no independent validation, and no standardised model card process mean that the organisation cannot demonstrate due diligence on its highest-impact decisions (underwriting, claims triage). Both NIST AI RMF and IRDAI guidelines are explicit on independent validation — it is not optional for high-impact use cases.
Strengths
Gaps (2)
Model documentation is informal and inconsistent. Assumptions, known limitations, and failure modes are not systematically recorded for any production model.
HighFix: Adopt a standard AI Model Card template (covering intended use, training data, evaluation metrics, known limitations, and failure modes). Retrofit all production models within 60 days.
No independent model validation. The team that builds models also validates them.
CriticalFix: Establish a separate validation function or engage an external validator for the two highest-impact models (underwriting score, claims triage). Define independence criteria in the AI governance charter.
MLOps & Infrastructure
Infrastructure is functional but not production-grade from an AI governance perspective. Docker-based deployment is a start, but no model monitoring means drift goes undetected until downstream damage is visible (claim losses, customer complaints, regulatory inquiry). A model registry and monitoring layer are both low-effort, high-impact additions that can be operationalised in weeks.
Strengths
Gaps (2)
No model monitoring in production. Drift, accuracy degradation, and fairness metric shifts are not tracked in real time.
CriticalFix: Deploy a model monitoring layer (Vertex AI Model Monitoring or Evidently AI). Define PSI, accuracy, and fairness thresholds for each production model. Set up automated alerting for threshold breaches.
No formal model registry. There is no single source of truth for which model version is in production, its training date, or who approved deployment.
HighFix: Implement a model registry (Vertex AI Model Registry, MLflow, or equivalent). Record model version, training data snapshot date, validation status, and deployment approver for every production model.
Ethics & Responsibility
Ethics and responsibility is the weakest dimension, scoring 1/5. No bias testing has been performed on any customer-facing model, and there is no Ethics Committee or equivalent oversight body. For an insurer making underwriting decisions that affect access to insurance products, this is both a reputational risk and — under IRDAI guidelines and EU AI Act provisions — increasingly a regulatory exposure. This needs to be addressed before the underwriting model is expanded to new geographies or customer segments.
Gaps (2)
No bias testing on the underwriting scoring model. Disparate impact on gender, age, and geography has not been measured.
CriticalFix: Commission a bias audit immediately. Measure disparate impact using statistical parity and equalised odds across gender, age, and geography. Publish results to the Board Risk Committee.
No AI Ethics Committee or equivalent oversight body. AI deployment decisions are made by the data science team without independent ethical review.
HighFix: Establish an AI Ethics Committee with at least one external member. Define its mandate, meeting cadence, and escalation authority before the next AI use-case deployment.
90-day remediation roadmap
The 90-day roadmap prioritises closing the Critical gaps before any AI use case is scaled, while building the infrastructure that makes subsequent governance systematic. **Immediate (0–30 days):** Bias audit on the underwriting model, model registry deployment, and production monitoring setup. These three can run in parallel and close the two Critical MLOps gaps and the top Ethics gap. **Phase 2 (30–60 days):** AI Ethics Committee formation, model documentation standardisation (Model Cards), and data consent audit for training datasets. These build the governance and documentation layer on the operational foundation built in Phase 1. **Phase 3 (60–90 days):** Independent validation programme for the underwriting and claims triage models, AI governance charter documentation, and accountability ownership formalisation below CTO level. At 90 days, Nexus should be able to demonstrate to IRDAI or any comparable regulator that its AI deployments are documented, validated, monitored, and governed — the four pillars regulators look for in an examination.