Behind all of these partnerships are commercial transactions that need to be given appropriate due diligence, both from an operational perspective and also from a legal compliance and contractual perspective, explained Rohith George, partner in Mayer Brown’s technology transactions practice, with a focus on helping companies navigate complex commercial arrangements involving mission critical technologies.
He said: “The insurtech benefits from not just the financial investment, but from locking up a strategic customer for its platform or for its service, and the insurance company gets the benefit of not just access to some really innovative, talented people, but from an actual service or technology that they can implement and deploy.”
Read next: Data, analytics and technology now “table stakes” in insurance
George, who is based in Mayer Brown’s Palo Alto and San Francisco offices, works mainly with parties that are working on collaboration-type or licensing-type agreements. He explained that he sees lots of different types of agreements between technology and insurance companies, from pure software licenses and software-as-a-service (SaaS) agreements to more bespoke joint-development agreements.
Regardless of the type of agreement being negotiated, there are some common issues that crop up, according to George. He explained: “First, you need to determine who is hosting and operating the product or the service. If it’s a straight software license, where an insurtech develops the software and provides it for an insurance company to operate on its own, the key issues there are around ensuring that your license rights are appropriately scoped, and that the software is updated and maintained over time, etc.
“However, if it’s any other type of collaboration, where one party is hosting or operating a platform or product to the other side – that’s customer facing – then there are a number of issues that pop up. For example, what are the cybersecurity and privacy incident response requirements? One party is storing and processing customer on behalf of the other, so we need to address allegations of responsibility and liability.”
A second issue that both parties have to consider is how disaster recovery and business continuity is addressed, George added. In these types of agreements, there’s a dependent relationship between the two firms. If one party suffers downtime, that’s going to impact both parties.
“What are the rights of each party to the data that’s being collected and the data that’s being generated?” George presented as the third issue. “Each side may have interest in data, especially when you’re talking about collaborations between insurers and Big Tech. They may have interests in data that diverge, so it’s important to be clear upfront about what’s permitted and what’s not.”
Read more: E&S is moving towards automation
Commercial agreements between technology companies and insurers also have to cover how any changes and updates to the tech solution, platform or service are going to be handled. Questions to consider, according to George, are: Who has a say over the technology maintenance? Who has ultimate control? Does that control change hands when an update is required to meet legal and/or regulatory compliance?
“Other questions include: How is the relationship with the customer going to be handled? How are customer complaints going to be routed? And who is the first line of support?” George added. “And finally, how are we going to handle the end of the agreement? How are the parties going to disengage? Who’s going to get to take what with them, and so on? These are all issues that cross all types of collaboration agreements, whether it’s between insurtechs, insurance companies, Big Tech, or otherwise.”