EU AI Act Article 14 requires that high-risk AI systems be designed for effective human oversight: a designated person with genuine authority to understand, monitor, override, and halt the system. For insurers, this is a workflow design requirement, not a policy statement. Seventy-three percent of European compliance officers have not yet mapped their AI workflows against Article 14.
The Question the Auditors Asked
The question arrives in writing, from the insurer's external auditors, three weeks before the annual board review. It is addressed to the Chief Risk Officer and the Head of Claims Operations jointly. The question reads: "For AI-assisted decisions made during the 2024 claim year, please provide a complete list of decision types, the human approval steps applied to each, the escalation criteria in use, and evidence that the oversight mechanisms functioned as documented."
The CRO has the documentation. The Head of Claims Operations has the system logs. What neither of them can produce quickly is a clear mapping between the two: a document that connects each category of automated decision to a specific, auditable human checkpoint and demonstrates that the checkpoint was not cosmetic.
This is the human-in-the-loop problem as it presents itself in practice. Not a philosophical debate about AI autonomy. A concrete governance gap, visible under audit conditions, with a board presentation in three weeks and a regulator's review of the EU AI Act implementation scheduled for the following quarter. The insurers who have answered this question well did not answer it in a hurry. They designed for it.
Key Figures
| Figure | What it means |
|---|---|
| August 2026[1] | Deadline by which insurers using AI systems classified as high-risk under the EU AI Act must achieve full compliance, including documented human oversight mechanisms under Article 14. |
| 73%[3] | Of European insurance compliance officers surveyed in 2024 said their organisation had not yet mapped its AI workflows against EU AI Act Article 14 human oversight requirements. |
| €35m or 7%[1] | Maximum administrative fine for non-compliance with EU AI Act obligations for high-risk AI systems: €35 million or 7% of global annual turnover, whichever is higher. |
| Article 22[2] | GDPR provision requiring that individuals not be subject to decisions based solely on automated processing that produce legal or similarly significant effects — directly applicable to insurance coverage and pricing decisions. |
| 68%[4] | Of EIOPA-surveyed insurers reported using AI in underwriting or claims decisions in 2024, but fewer than 30% had documented explainability and human oversight processes meeting EIOPA's expected standard for high-risk use cases. |
Why Human-in-the-Loop AI Matters Specifically for Insurers
Human-in-the-loop AI in insurance is not a design preference. For a growing range of decisions, it is a legal requirement. The EU AI Act, which entered into force in August 2024 and applies progressively through to 2026, classifies certain AI applications in insurance as high-risk. High-risk AI systems require documented human oversight under Article 14: a person with the authority and competence to intervene, override, or suspend the system must be designated, trained, and auditable.[1]
That requirement sits alongside GDPR Article 22, which has applied since 2018 and prohibits fully automated decisions that produce legal or similarly significant effects for individuals — including coverage decisions, premium calculations, and claims denials — unless specific conditions are met.[2] Most insurers have not fully reconciled their AI deployments with Article 22. The EU AI Act now adds a parallel obligation with sharper enforcement provisions.
What the EU AI Act Requires from Insurers
High-risk classification
Annex III of the EU AI Act lists the AI application categories classified as high-risk. Two are directly relevant to insurers. First: AI systems used for risk assessment and pricing in relation to natural persons in life and health insurance. Second: AI systems used to evaluate the creditworthiness of natural persons, which regulators are likely to interpret as including affordability assessments tied to premium calculation.[1]
Insurers should not wait for final delegated acts before beginning compliance work: the direction of travel is clear, and the core obligations under Article 14 are already in force for systems that unambiguously fall within the high-risk categories.
Article 14: what human oversight actually requires
Article 14 requires that high-risk AI systems be designed and developed to allow effective oversight by natural persons during use. That oversight must include the ability to: understand the system's capabilities and limitations, monitor operation for signs of anomalous output, disregard or override the system's output, and halt the system where necessary.[1]
An AI system that presents its output as a recommendation but structures the interface so that the override requires three additional clicks and a free-text justification field does not meet the spirit of Article 14. Regulators will look at the actual workflow design, not just the governance documentation.
EU AI Act Article 14 · Regulation (EU) 2024/1689 [1]GDPR Article 22 and the coverage decision problem
GDPR Article 22 prohibits automated decisions that produce legal or similarly significant effects unless one of three conditions applies: the decision is necessary for a contract with the data subject, it is authorised by EU or member state law, or the data subject has given explicit consent.[2] For insurance, the contract-necessity exemption is most commonly relied upon, but it requires that meaningful information about the logic involved is provided and that the data subject has the right to request human review of the decision.
A claims denial made solely by an automated system, without a human having reviewed and approved it, is very likely to fall outside the Article 22 exemptions in most EU jurisdictions. Insurers that have deployed AI-assisted claims processing without a human sign-off step on denial decisions are carrying regulatory exposure that predates the EU AI Act by several years.
Which Decisions Require Human Approval: A Practical Framework
The table below maps common insurance AI decision types against the approval requirement under current regulation. This framework reflects the authors' interpretation of current regulatory obligations and should be verified with qualified legal counsel for your specific jurisdiction and use case.
| Decision type | AI role | Human approval required? | Regulatory basis |
|---|---|---|---|
| Low-value STP claim settlement | Full decision | No — with audit trail and override mechanism | EU AI Act Art. 14; GDPR Art. 22(2)(a) |
| Pricing / premium calculation | Recommendation | Yes — underwriter sign-off required | EU AI Act Annex III (high-risk); EIOPA guidelines |
| Claims coverage denial | Assessment | Yes — binding refusal must be human-authorised | GDPR Art. 22; EU AI Act Art. 14 |
| Fraud referral | Flag and escalate | Yes — referral to investigation team | EU AI Act Art. 14; national fraud frameworks |
| Risk selection at underwriting | Scoring | Yes — acceptance/declination is high-risk | EU AI Act Annex III; EIOPA 2024 guidelines |
| Routine document triage | Classification only | No — if no binding decision is made | EU AI Act; minimal risk category |
| Reserve estimation | Range and confidence score | Yes — handler sets the reserve | Solvency II; internal audit requirements |
This table reflects the authors' interpretation of current regulatory obligations as of 2026. Regulatory interpretation is still evolving in several categories. Insurers should verify their specific position with qualified legal counsel in their jurisdiction.
The Norwegian Context: KI-loven and GDPR Implementation
Norway is implementing the EU AI Act through KI-loven, the national AI regulation bill. As of mid-2025, the legislative process is ongoing and the precise transposition timeline is not yet confirmed. Insurers operating in Norway should treat the EU AI Act obligations as the working standard while monitoring Finanstilsynet's guidance on AI governance for the financial sector.[5]
Norwegian insurers are already subject to GDPR through the EEA Agreement, meaning Article 22 obligations apply in full. Finanstilsynet has signalled expectations of documented explainability for AI-assisted underwriting and claims decisions. Specific regulatory interpretations for Norwegian-market insurers should be verified with qualified Norwegian legal counsel.
Where the Genuine Grey Areas Are
Not every AI decision in insurance falls cleanly into a high-risk or minimal-risk category. Three areas generate the most genuine regulatory uncertainty as of 2025.
Fraud scoring models
These do not make a final decision: they generate a risk score that routes a claim for investigation. Whether this constitutes a decision with a significant effect under GDPR Article 22 depends on how the score is used in practice. If a score above a threshold automatically triggers a referral that results in payment delay, regulators are likely to treat the scoring model as producing a significant effect, regardless of whether a human technically authorises the referral.[2]
Renewal pricing adjustments
AI-assisted pricing that applies an uplift or discount at renewal without underwriter review sits in contested territory. The contract-necessity exemption under Article 22 may apply, but the individual's right to request human review must be communicated clearly in the renewal documentation.[2]
Automated policy endorsements
Mid-term adjustments processed automatically in response to a policyholder's change-of-circumstances notification are generally low-risk, but if the endorsement results in a material change to coverage, a human review step is likely to be required under Article 14 for systems classified as high-risk.[1]
Insurers should document their position on each of these grey areas, with the legal reasoning, and review that documentation annually as the regulatory interpretation evolves.
What Insurers Should Build Now
Compliance with Article 14 is not achieved by writing a policy. It is achieved by designing workflows, configuring systems, and training people in a specific sequence.
Map decisions against the high-risk criteria
Map every AI-assisted decision in your claims and underwriting operations against the high-risk classification criteria in Annex III — decision type by decision type, not system by system. One AI system may support multiple decision types with different risk classifications.
Designate named human overseers with real authority
For each high-risk decision type, designate a named human overseer with documented authority to override, suspend, and intervene. That authority must be real: the workflow must make exercise of that authority straightforward, not cumbersome.
Configure step-level audit logging
Configure your systems to log every automated decision, the inputs that drove it, the confidence score where applicable, and any human review or override. Logs must be retained for at least the period required by applicable record-keeping obligations — typically three to five years for insurance decisions in EU jurisdictions.
Set and monitor override rate thresholds
Set override rate thresholds for each decision category. If the human overseer is overriding more than 8–10% of automated decisions in a given category, the AI system's outputs are diverging from human judgement at a rate that requires investigation and likely recalibration.
Test explainability from the overseer's perspective
Test the explainability of your AI outputs from the perspective of the human overseer. If the overseer cannot understand why the system produced a given output in terms sufficient to make an informed override decision, the system does not meet the Article 14 standard.[4]
Frequently Asked Questions
Which of our AI systems are likely to be classified as high-risk under the EU AI Act?+
Any AI system used in risk assessment, pricing, or underwriting decisions affecting natural persons in life or health insurance is listed in Annex III and is almost certainly high-risk. AI systems used in claims decisions that produce significant effects — including coverage denials or material settlement decisions — are likely to require high-risk treatment under GDPR Article 22 regardless of their AI Act classification. AI systems used solely for document triage, without making or informing binding decisions, are likely to fall outside the high-risk category. Specific classification decisions should be verified with qualified legal counsel.[1]
Does human-in-the-loop mean a human must review every single claim?+
No. Human-in-the-loop under Article 14 requires that a human has the genuine capability and authority to intervene, override, or suspend the AI system during its operation. For low-value straight-through processing claims that do not produce a significant legal effect, automated processing without per-claim human review is permissible provided the oversight mechanism is in place and functional. For decisions classified as high-risk, including coverage denials and underwriting decisions affecting natural persons, human review of the specific decision is required.[1][2]
We deployed our claims AI before the EU AI Act entered into force. Are we already non-compliant?+
The EU AI Act applies progressively. Obligations for high-risk systems apply from August 2026 for most insurers. However, GDPR Article 22 has applied since May 2018, meaning any automated coverage or claims denial decision made without the required safeguards has carried regulatory exposure for several years. Insurers should prioritise a GDPR Article 22 compliance review of existing AI workflows before completing their EU AI Act gap analysis. The two assessments overlap substantially and the earlier obligation has the more immediate enforcement risk.[1][2]
What does an auditable human oversight record need to contain?+
At minimum: the identity of the designated human overseer for the decision type, the date and outcome of any human review, the rationale for any override or acceptance of the AI output, the inputs that drove the AI's output (in terms the overseer can understand), and a timestamp. Aggregate oversight records should also include the override rate per decision category and the outcome of any periodic review of that rate. Logs should be retained for the applicable record-keeping period in your jurisdiction, typically three to five years for insurance decisions in EU member states.[1][4]
How does human-in-the-loop interact with our straight-through processing programme?+
STP and human-in-the-loop are compatible when the STP eligibility criteria are designed with the Article 14 and Article 22 requirements in mind. Claims that do not produce significant legal effects for the policyholder can be processed automatically without per-claim human review, provided the oversight mechanism is functional and the audit trail is complete. Claims that produce a significant effect — including any denial, material exclusion, or coverage restriction — require human sign-off on the specific decision before it is communicated to the policyholder.[1][2][3]
What are the consequences of non-compliance with Article 14?+
The EU AI Act provides for administrative fines of up to €35 million or 7% of global annual turnover for non-compliance with obligations for high-risk AI systems, whichever is higher. National supervisory authorities, including Finanstilsynet in Norway, also have independent powers to require corrective action, suspend AI system use, and publish enforcement decisions. Beyond fines, non-compliant AI decisions affecting policyholders may be challengeable through consumer protection mechanisms, creating claims exposure in addition to regulatory penalties.[1][5]
This blog provides general information only and does not constitute legal or regulatory advice. Insurers should consult qualified counsel for guidance specific to their jurisdiction and operations.
References
All sources from primary legislation, regulatory publications, and verified 2024 industry surveys. Links verified 2026. Click any citation to jump to its source.
EU AI Act Article 14 requires that high-risk AI systems be designed for effective human oversight: a designated person with genuine authority to understand, monitor, override, and halt the system. For insurers, this is a workflow design requirement, not a policy statement. Seventy-three percent of European compliance officers have not yet mapped their AI workflows against Article 14.
The Question the Auditors Asked
The question arrives in writing, from the insurer's external auditors, three weeks before the annual board review. It is addressed to the Chief Risk Officer and the Head of Claims Operations jointly. The question reads: "For AI-assisted decisions made during the 2024 claim year, please provide a complete list of decision types, the human approval steps applied to each, the escalation criteria in use, and evidence that the oversight mechanisms functioned as documented."
The CRO has the documentation. The Head of Claims Operations has the system logs. What neither of them can produce quickly is a clear mapping between the two: a document that connects each category of automated decision to a specific, auditable human checkpoint and demonstrates that the checkpoint was not cosmetic.
This is the human-in-the-loop problem as it presents itself in practice. Not a philosophical debate about AI autonomy. A concrete governance gap, visible under audit conditions, with a board presentation in three weeks and a regulator's review of the EU AI Act implementation scheduled for the following quarter. The insurers who have answered this question well did not answer it in a hurry. They designed for it.
Key Figures
| Figure | What it means |
|---|---|
| August 2026[1] | Deadline by which insurers using AI systems classified as high-risk under the EU AI Act must achieve full compliance, including documented human oversight mechanisms under Article 14. |
| 73%[3] | Of European insurance compliance officers surveyed in 2024 said their organisation had not yet mapped its AI workflows against EU AI Act Article 14 human oversight requirements. |
| €35m or 7%[1] | Maximum administrative fine for non-compliance with EU AI Act obligations for high-risk AI systems: €35 million or 7% of global annual turnover, whichever is higher. |
| Article 22[2] | GDPR provision requiring that individuals not be subject to decisions based solely on automated processing that produce legal or similarly significant effects — directly applicable to insurance coverage and pricing decisions. |
| 68%[4] | Of EIOPA-surveyed insurers reported using AI in underwriting or claims decisions in 2024, but fewer than 30% had documented explainability and human oversight processes meeting EIOPA's expected standard for high-risk use cases. |
Why Human-in-the-Loop AI Matters Specifically for Insurers
Human-in-the-loop AI in insurance is not a design preference. For a growing range of decisions, it is a legal requirement. The EU AI Act, which entered into force in August 2024 and applies progressively through to 2026, classifies certain AI applications in insurance as high-risk. High-risk AI systems require documented human oversight under Article 14: a person with the authority and competence to intervene, override, or suspend the system must be designated, trained, and auditable.[1]
That requirement sits alongside GDPR Article 22, which has applied since 2018 and prohibits fully automated decisions that produce legal or similarly significant effects for individuals — including coverage decisions, premium calculations, and claims denials — unless specific conditions are met.[2] Most insurers have not fully reconciled their AI deployments with Article 22. The EU AI Act now adds a parallel obligation with sharper enforcement provisions.
What the EU AI Act Requires from Insurers
High-risk classification
Annex III of the EU AI Act lists the AI application categories classified as high-risk. Two are directly relevant to insurers. First: AI systems used for risk assessment and pricing in relation to natural persons in life and health insurance. Second: AI systems used to evaluate the creditworthiness of natural persons, which regulators are likely to interpret as including affordability assessments tied to premium calculation.[1]
Insurers should not wait for final delegated acts before beginning compliance work: the direction of travel is clear, and the core obligations under Article 14 are already in force for systems that unambiguously fall within the high-risk categories.
Article 14: what human oversight actually requires
Article 14 requires that high-risk AI systems be designed and developed to allow effective oversight by natural persons during use. That oversight must include the ability to: understand the system's capabilities and limitations, monitor operation for signs of anomalous output, disregard or override the system's output, and halt the system where necessary.[1]
An AI system that presents its output as a recommendation but structures the interface so that the override requires three additional clicks and a free-text justification field does not meet the spirit of Article 14. Regulators will look at the actual workflow design, not just the governance documentation.
EU AI Act Article 14 · Regulation (EU) 2024/1689 [1]GDPR Article 22 and the coverage decision problem
GDPR Article 22 prohibits automated decisions that produce legal or similarly significant effects unless one of three conditions applies: the decision is necessary for a contract with the data subject, it is authorised by EU or member state law, or the data subject has given explicit consent.[2] For insurance, the contract-necessity exemption is most commonly relied upon, but it requires that meaningful information about the logic involved is provided and that the data subject has the right to request human review of the decision.
A claims denial made solely by an automated system, without a human having reviewed and approved it, is very likely to fall outside the Article 22 exemptions in most EU jurisdictions. Insurers that have deployed AI-assisted claims processing without a human sign-off step on denial decisions are carrying regulatory exposure that predates the EU AI Act by several years.
Which Decisions Require Human Approval: A Practical Framework
The table below maps common insurance AI decision types against the approval requirement under current regulation. This framework reflects the authors' interpretation of current regulatory obligations and should be verified with qualified legal counsel for your specific jurisdiction and use case.
| Decision type | AI role | Human approval required? | Regulatory basis |
|---|---|---|---|
| Low-value STP claim settlement | Full decision | No — with audit trail and override mechanism | EU AI Act Art. 14; GDPR Art. 22(2)(a) |
| Pricing / premium calculation | Recommendation | Yes — underwriter sign-off required | EU AI Act Annex III (high-risk); EIOPA guidelines |
| Claims coverage denial | Assessment | Yes — binding refusal must be human-authorised | GDPR Art. 22; EU AI Act Art. 14 |
| Fraud referral | Flag and escalate | Yes — referral to investigation team | EU AI Act Art. 14; national fraud frameworks |
| Risk selection at underwriting | Scoring | Yes — acceptance/declination is high-risk | EU AI Act Annex III; EIOPA 2024 guidelines |
| Routine document triage | Classification only | No — if no binding decision is made | EU AI Act; minimal risk category |
| Reserve estimation | Range and confidence score | Yes — handler sets the reserve | Solvency II; internal audit requirements |
This table reflects the authors' interpretation of current regulatory obligations as of 2026. Regulatory interpretation is still evolving in several categories. Insurers should verify their specific position with qualified legal counsel in their jurisdiction.
The Norwegian Context: KI-loven and GDPR Implementation
Norway is implementing the EU AI Act through KI-loven, the national AI regulation bill. As of mid-2025, the legislative process is ongoing and the precise transposition timeline is not yet confirmed. Insurers operating in Norway should treat the EU AI Act obligations as the working standard while monitoring Finanstilsynet's guidance on AI governance for the financial sector.[5]
Norwegian insurers are already subject to GDPR through the EEA Agreement, meaning Article 22 obligations apply in full. Finanstilsynet has signalled expectations of documented explainability for AI-assisted underwriting and claims decisions. Specific regulatory interpretations for Norwegian-market insurers should be verified with qualified Norwegian legal counsel.
Where the Genuine Grey Areas Are
Not every AI decision in insurance falls cleanly into a high-risk or minimal-risk category. Three areas generate the most genuine regulatory uncertainty as of 2025.
Fraud scoring models
These do not make a final decision: they generate a risk score that routes a claim for investigation. Whether this constitutes a decision with a significant effect under GDPR Article 22 depends on how the score is used in practice. If a score above a threshold automatically triggers a referral that results in payment delay, regulators are likely to treat the scoring model as producing a significant effect, regardless of whether a human technically authorises the referral.[2]
Renewal pricing adjustments
AI-assisted pricing that applies an uplift or discount at renewal without underwriter review sits in contested territory. The contract-necessity exemption under Article 22 may apply, but the individual's right to request human review must be communicated clearly in the renewal documentation.[2]
Automated policy endorsements
Mid-term adjustments processed automatically in response to a policyholder's change-of-circumstances notification are generally low-risk, but if the endorsement results in a material change to coverage, a human review step is likely to be required under Article 14 for systems classified as high-risk.[1]
Insurers should document their position on each of these grey areas, with the legal reasoning, and review that documentation annually as the regulatory interpretation evolves.
What Insurers Should Build Now
Compliance with Article 14 is not achieved by writing a policy. It is achieved by designing workflows, configuring systems, and training people in a specific sequence.
Map decisions against the high-risk criteria
Map every AI-assisted decision in your claims and underwriting operations against the high-risk classification criteria in Annex III — decision type by decision type, not system by system. One AI system may support multiple decision types with different risk classifications.
Designate named human overseers with real authority
For each high-risk decision type, designate a named human overseer with documented authority to override, suspend, and intervene. That authority must be real: the workflow must make exercise of that authority straightforward, not cumbersome.
Configure step-level audit logging
Configure your systems to log every automated decision, the inputs that drove it, the confidence score where applicable, and any human review or override. Logs must be retained for at least the period required by applicable record-keeping obligations — typically three to five years for insurance decisions in EU jurisdictions.
Set and monitor override rate thresholds
Set override rate thresholds for each decision category. If the human overseer is overriding more than 8–10% of automated decisions in a given category, the AI system's outputs are diverging from human judgement at a rate that requires investigation and likely recalibration.
Test explainability from the overseer's perspective
Test the explainability of your AI outputs from the perspective of the human overseer. If the overseer cannot understand why the system produced a given output in terms sufficient to make an informed override decision, the system does not meet the Article 14 standard.[4]
Frequently Asked Questions
Which of our AI systems are likely to be classified as high-risk under the EU AI Act?+
Any AI system used in risk assessment, pricing, or underwriting decisions affecting natural persons in life or health insurance is listed in Annex III and is almost certainly high-risk. AI systems used in claims decisions that produce significant effects — including coverage denials or material settlement decisions — are likely to require high-risk treatment under GDPR Article 22 regardless of their AI Act classification. AI systems used solely for document triage, without making or informing binding decisions, are likely to fall outside the high-risk category. Specific classification decisions should be verified with qualified legal counsel.[1]
Does human-in-the-loop mean a human must review every single claim?+
No. Human-in-the-loop under Article 14 requires that a human has the genuine capability and authority to intervene, override, or suspend the AI system during its operation. For low-value straight-through processing claims that do not produce a significant legal effect, automated processing without per-claim human review is permissible provided the oversight mechanism is in place and functional. For decisions classified as high-risk, including coverage denials and underwriting decisions affecting natural persons, human review of the specific decision is required.[1][2]
We deployed our claims AI before the EU AI Act entered into force. Are we already non-compliant?+
The EU AI Act applies progressively. Obligations for high-risk systems apply from August 2026 for most insurers. However, GDPR Article 22 has applied since May 2018, meaning any automated coverage or claims denial decision made without the required safeguards has carried regulatory exposure for several years. Insurers should prioritise a GDPR Article 22 compliance review of existing AI workflows before completing their EU AI Act gap analysis. The two assessments overlap substantially and the earlier obligation has the more immediate enforcement risk.[1][2]
What does an auditable human oversight record need to contain?+
At minimum: the identity of the designated human overseer for the decision type, the date and outcome of any human review, the rationale for any override or acceptance of the AI output, the inputs that drove the AI's output (in terms the overseer can understand), and a timestamp. Aggregate oversight records should also include the override rate per decision category and the outcome of any periodic review of that rate. Logs should be retained for the applicable record-keeping period in your jurisdiction, typically three to five years for insurance decisions in EU member states.[1][4]
How does human-in-the-loop interact with our straight-through processing programme?+
STP and human-in-the-loop are compatible when the STP eligibility criteria are designed with the Article 14 and Article 22 requirements in mind. Claims that do not produce significant legal effects for the policyholder can be processed automatically without per-claim human review, provided the oversight mechanism is functional and the audit trail is complete. Claims that produce a significant effect — including any denial, material exclusion, or coverage restriction — require human sign-off on the specific decision before it is communicated to the policyholder.[1][2][3]
What are the consequences of non-compliance with Article 14?+
The EU AI Act provides for administrative fines of up to €35 million or 7% of global annual turnover for non-compliance with obligations for high-risk AI systems, whichever is higher. National supervisory authorities, including Finanstilsynet in Norway, also have independent powers to require corrective action, suspend AI system use, and publish enforcement decisions. Beyond fines, non-compliant AI decisions affecting policyholders may be challengeable through consumer protection mechanisms, creating claims exposure in addition to regulatory penalties.[1][5]
This blog provides general information only and does not constitute legal or regulatory advice. Insurers should consult qualified counsel for guidance specific to their jurisdiction and operations.
References
All sources from primary legislation, regulatory publications, and verified 2024 industry surveys. Links verified 2026. Click any citation to jump to its source.
Human-in-the-loop AI in insurance