The case for a platform of record in P&C claims audit
Claims audit has always had a structural problem. Every other core function in the claims operation runs on a platform. Intake has a system. Reserves have a system. Litigation management has a system. Vendor management has a system. Audit has a process — which usually means a spreadsheet, a shared drive, and a report that gets filed and referenced once before the next audit cycle begins.
That has always been a problem. The findings from one audit rarely inform the next one in any systematic way. Adjuster performance trends are not visible across programs. Remediation gets tracked informally if it gets tracked at all. The institutional knowledge generated by the audit function does not compound because there is no infrastructure designed to capture and interrogate it over time.
AI is not creating this problem. It is making it impossible to continue ignoring.
Boston Consulting Group published a report in March 2026 making the case that AI-first P&C insurers are already separating from the market. Only 38 percent of P&C insurers in BCG’s 2025 global study reported realizing AI value at scale across core workflows. BCG’s AI Radar data shows AI spending as a share of P&C premium revenue is expected to triple by year-end 2026. The organizational infrastructure designed to govern the quality of AI-driven decisions has not kept pace. That gap is not new — it is the same audit infrastructure gap the industry has carried for years, now operating in an environment where the consequences of undetected drift compound faster and at higher volume than any manual claims operation ever produced.
I do not think AI is going to replace claims judgment. Claims is a human discipline. Coverage interpretation, litigation strategy, settlement authority — those stay with people. But AI is already changing how claims work gets done, how fast it moves, and how much volume runs through a given workflow. An audit function without a platform of record was already underperforming. In an AI-assisted environment, it is not functional.
What AI Does to Claims Quality Risk
Before getting into what audit needs to do differently, it is worth being precise about what kind of AI we are talking about. The risk profile is not the same across all implementations.
Copilot tools present recommendations to adjusters who retain decision authority on every file action. The adjuster is in the loop. Governance risk centers on recommendation quality and whether the adjuster is following appropriate guidance.
Agentic AI systems are different. These tools autonomously execute multi-step workflows — pulling data, updating systems, coordinating vendors, in some cases issuing payments — with minimal human intervention. Early adopters are reporting claim processing times dropping from days to minutes. That is a real operational gain. It is also a qualitatively different governance exposure. Errors happen at machine speed, and may not surface any exception trigger at all.
Multi-agent architectures, where specialist agents handle FNOL intake, fraud analysis, vendor coordination, and settlement sequencing in coordinated pipelines, compound this further. The audit trail has to follow the handoffs between agents, not just the final output. An audit program designed for copilot tools will not catch errors generated by an agentic system that closes a claim autonomously in two minutes with no human review.
All three modes are in use today. The audit infrastructure has to be designed for the most autonomous mode in production, not the most conservative one.
Across all of them, the underlying quality risk is the same one claims operations have always faced, operating at a different scale. Claims quality does not degrade all at once. It drifts. An adjuster develops a pattern of settling a particular injury type above jurisdiction benchmarks. A reserve methodology becomes systematically optimistic on a line of business. A vendor relationship starts producing consistently inflated estimates. None of these show up as a crisis in real time. They accumulate quietly until someone does the math.
AI-assisted workflows accelerate that dynamic in both directions. When the model is calibrated correctly, you get consistency at scale. When it drifts, you get errors at scale. BCG estimates $3 to $6 billion in annual industry value from AI that detects overpayment and missed subrogation. The risk that receives less attention is the flip side: if the comparable cases driving AI settlement recommendations already included prior leakage, the model will replicate those outcomes consistently, at scale, and with the appearance of data-driven precision.*
Systematic audit catches drift at the portfolio level. Exception-triggered human oversight catches individual file problems. An operation can handle every exception correctly and still have a systematic quality problem that no individual flag will surface. These are different functions. Both are necessary.
* BCG, “AI-First Companies Win the Future: Property and Casualty Insurance,” Executive Perspectives, March 2026. Leakage and recovery value estimated at $3B–$6B annually against a US addressable base of approximately $555B in incurred losses. Broader operating cost reduction for the US P&C market estimated at $35–$60B.
Five Places the Audit Layer Does Real Work
Walk through the AI-assisted claims lifecycle and the audit touchpoints map directly to where quality drift concentrates.
Triage and routing decisions are foundational. A claim misclassified at triage carries that error through the entire lifecycle. AI tools are making routing and severity classifications at a volume that makes individual file review impractical. Systematic sampling across program, jurisdiction, and claim type is how you verify the model is classifying correctly over time — and how you catch it when it stops.
AI-assisted reserving is only as defensible as the data behind it. If the estimate engine is anchored to a dataset that does not reflect current verdict trends in a jurisdiction, the reserves will be wrong. No exception flag will tell you that. Structured file review that compares AI-assisted estimates to actual exposure, at the portfolio level, is how you identify reserve drift before it becomes a financial statement problem.
Settlement guidance based on comparable cases is where leakage exposure concentrates. Independent audit of whether settlements are within appropriate ranges for the coverage, jurisdiction, and injury profile is the quality gate. This is not a new function. The volume running through it is new.
Payment and closure documentation quality is the core of every claims audit. AI tools that compress cycle time and automate closure workflows are valuable. But speed creates its own audit exposure. When closures are happening faster and in higher volume, the documentation trail needs to be reviewed to confirm the file supports the outcome.
Postclaim performance data is where the compounding argument lives. AI tools recalibrate based on outcomes. The quality of that recalibration depends entirely on the quality of the outcome data they are learning from. Structured audit history, reviewed and validated by practitioners, is what turns raw outcome data into a reliable quality signal. Without it, the model is learning from noise.
The Regulatory and Reinsurance Dimension
Claims audit is no longer only a quality governance choice. The NAIC Model Bulletin on AI Systems, now adopted by more than half of US states, requires a written program that explicitly includes internal audit functions, continuous monitoring, and documented oversight of AI systems in production. The EU AI Act’s high-risk provisions become enforceable in August 2026 for carriers with European exposure, requiring decision audit trails and human oversight mechanisms for AI involved in claims assessment. Courts are reinforcing this from a third direction — a 2026 federal discovery order in an AI claims denial case established that the absence of structured AI oversight documentation is a litigation liability, not just a governance gap. The question for claims leaders is no longer whether to build audit infrastructure. It is whether it will be ready when examiners or opposing counsel ask to see it.
The same problem exists on the reinsurance side, with less attention paid to it. In delegated authority programs, bordereaux data is the foundation for reserving, treaty performance, and regulatory reporting. AI-driven bordereaux automation is now in production at reinsurers, and early implementations have surfaced discrepancies that years of manual processing missed. That is exactly the argument for the technology. It is also exactly the argument for auditing it. If the model is systematically misclassifying cedent claims data, the error propagates into every downstream calculation at a volume that makes manual detection impractical. Lloyd’s and market regulators are already requiring auditable delegated authority controls. The audit layer is missing on both sides of the cedent-reinsurer relationship.
The Infrastructure Gap
A claims audit function built to keep pace with AI-assisted workflows needs to do things that traditional audit programs were never designed to do.
It needs to scale without proportionally scaling headcount. Sampling and review processes that depend on manual file pulls and spreadsheet tracking will not keep pace with AI-assisted claim volumes. The infrastructure has to support structured review workflows that can handle that volume without a corresponding increase in the number of people required to run them.
It needs to produce structured data that accumulates over time. The NAIC framework now requires quantitative behavioral baselines for AI systems in production, continuous evaluation on a defined schedule, and statistical methods that distinguish genuine drift from normal output variation. That is a technical specification for audit infrastructure. The value is not just individual file findings — it is the pattern data that builds across files and periods, interrogable longitudinally, connected to the people making decisions about model calibration and portfolio strategy.
It needs to close the loop. An audit function that generates findings without a remediation workflow is producing information that has nowhere to go. Findings need to connect to action. Action needs to be tracked. Outcomes need to be measured. That closed loop is what turns audit from a reporting exercise into a quality governance mechanism.
It needs to work across organizational structures. The AI-first claims model does not eliminate the carrier-TPA-reinsurer relationship. It changes how work gets done within that structure. Audit that crosses organizational lines — cedent audits, TPA performance audits, carrier audits of program outcomes — requires a platform that can support multi-party review without creating a separate process for each relationship.
The Data Moat Argument
BCG makes a point about data foundations that applies directly to the audit function. Their argument is that organizations building enterprise data foundations now will have a compounding advantage. The data gets more valuable as it accumulates.
Audit history works the same way. An organization that starts running structured, consistent claims audits today and storing the results in a system built to accumulate and interrogate that data is building something that compounds in value annually. Year one you have a baseline. Year three you can see trends. Year five you have a dataset that no competitor can replicate without years of consistent execution.
That historical audit data is also a direct regulatory asset. Carriers that have longitudinal audit records — programs reviewed, findings documented, remediation tracked — will be able to produce regulator-ready compliance packages when NAIC examiners arrive. Those without that history will be producing documentation on demand, which is both operationally expensive and structurally less credible under examination.
And for organizations deploying AI-assisted claims platforms, structured audit history is what makes model calibration trustworthy. The organizations that have it will have an advantage in that calibration process. The ones that do not will be flying blind on whether their models are improving outcomes or compounding errors.
The Bottom Line
Every major function in the claims operation has a system of record. Intake, reserving, litigation management, vendor management — all of them run on platforms that store data, track activity, and produce information that compounds in value over time. Audit runs on whatever process the organization cobbled together, which usually means it produces a report that gets filed and a set of findings that disappear before the next cycle begins.
That was always a gap. It is a more consequential one now. AI is accelerating the pace and volume of claims decisions. Regulatory frameworks are requiring documented oversight. Courts are asking for audit trails. Reinsurers are operating on AI-processed bordereaux data that no one is systematically reviewing. The audit function is being asked to do more important work than it has ever been asked to do, with less infrastructure than any other function in the operation.
The organizations that close that gap now — with a consistent, structured platform that accumulates findings, tracks remediation, and builds longitudinal data across programs and periods — will be in a fundamentally better position than the ones that try to retrofit it when a regulator, a reinsurer, or a plaintiff’s attorney asks to see the record.
Claims quality is not self-governing. It never has been. The difference now is that the cost of leaving it ungoverned is higher, faster, and more visible than it used to be.
Marc Lanzkowsky is the founder of Lanzko AI Innovations, Inc. and the developer of the Audit Portal, an AI-powered claims audit management platform purpose-built for the P&C insurance and reinsurance market. He writes about claims quality, audit infrastructure, and technology at theclaimsspot.com.
Primary source: Boston Consulting Group, “AI-First Companies Win the Future: Property and Casualty Insurance,” Executive Perspectives, March 2026. Additional research referenced in-text.
