Why Insurance IT Transformations Have Become Riskier in the AI Era

Insurers are still making decade-long platform bets while software architectures, AI capabilities, and market assumptions are changing faster than transformation cycles can complete.

On 05.05.26, at the MSG Claims Summit in Cologne, the journalist Herbert Fromme made an observation that stayed with me. Fromme is Germany's most prominent insurance correspondent, writing for the Sueddeutsche Zeitung and publishing his own platform Versicherungsmonitor. He noted that insurers are mid-way through multi-million technology modernisation programmes with established software vendors, while those same vendors are now facing serious questions from investors about the long-term defensibility of their business models in an AI-native environment. The people approving these programmes are not acting irrationally. But they may be operating inside a set of assumptions that the market is already revising.

Insurers are making decade-long technology commitments during the shortest technology certainty cycle in enterprise software history. That mismatch between commitment duration and the pace of architectural change is the real risk in insurance IT transformation today. It is also the risk that appears least often in transformation business cases.

Why do large IT transformation projects fail?

Start with the baseline, before any insurance-specific complexity and before AI enters the picture. The underlying activity of large enterprise IT transformation fails at a rate that should give any governance committee serious pause.

Bent Flyvbjerg's analysis of more than 16,000 major projects breaks down into three numbers that get progressively worse. 47.9% of projects are delivered on budget. 8.5% are delivered on budget and on time. And just 0.5% deliver on budget, on time, and with the business benefits they promised. That last number is the one that matters for insurance transformation: not whether you came in close on cost, but whether the programme actually delivered what it was approved to deliver.

The average cost overrun figure, often cited as 73%, is almost certainly making the risk look manageable. Flyvbjerg's separate analysis of 5,392 IT projects found that cost overruns do not follow a normal distribution. They follow a power-law distribution with a fat tail. 18% of IT projects have cost overruns above 50%, and for those projects the average overrun is 447%. The mean is not the risk. The tail is the risk. And the tail is where insurance core transformations, with their embedded product logic, live operational continuity requirements, and long dependency chains, are most likely to land.

Most risk analysis of large IT programmes focuses on execution: vendor selection, programme management, change management. Flyvbjerg's finding points somewhere more uncomfortable. He argues the failure is structural and systematic rather than accidental. Projects are approved with optimism bias built into the business case. The governance structures most organisations use to approve large technology programmes were not designed to correct for this. They were designed to evaluate proposals on their own terms.

Correcting for systematic optimism bias requires a deliberate change to the governance framework itself. That is not a message most transformation programmes are designed to surface.

Why is insurance IT transformation risk higher than in other sectors?

The general IT failure rate is the floor. Insurance-specific complexity pushes the outcome materially worse. According to BCG research published in 2026, 74% of large-scale insurance IT transformations fail to deliver their intended outcomes, a significantly higher rate than the general enterprise average. These three characteristics of insurance systems explain why.

Product logic is deeply embedded

Insurance products are not stored in a database and migrated cleanly to a new one. They are encoded in the logic layers of legacy systems built over decades, often without complete documentation, and in some cases without anyone in the current organisation fully understanding all of what the system does. Extracting and reconstructing that logic is not a migration. It is a full reconstruction of business rules that were never designed to be portable.

Regulatory continuity is non-negotiable

A policy administration system cannot be taken offline to migrate it. Every policy in force carries live legal obligations that continue regardless of what the technology team is doing. Migration must happen while the engine is running, which means every insurance platform migration is simultaneously a technology project and a live operational risk.

The dependency chain is long

Core system modernisation in insurance is not a contained IT upgrade. It touches distribution, claims, finance, compliance, and every partner integration simultaneously. The blast radius of a failed insurance platform migration is not one team or one product line. It is the entire operating model.

The instinct to frame insurance core migration as a platform upgrade is the cognitive error that causes most failures. It is a full operating model redesign that has been packaged, for procurement and governance purposes, as a software project. The cost of being wrong rises with the duration of the commitment.

How has AI changed the risk profile of long-term platform commitments?

The executives approving these programmes are not making irrational decisions. Many of these insurance transformation strategies were entirely rational under the assumptions that governed enterprise software for the last two decades: relatively stable architecture cycles, predictable vendor roadmaps, and software platforms with long economic half-lives. The problem is that the architectural half-life of enterprise software has shortened sharply since 2022, and most governance frameworks have not kept pace.

The question is no longer just which platform to choose. It is whether the assumptions behind that choice will still hold by the time the programme completes. Most existing governance frameworks do not have a good answer to that question, because they were built for a world where the forecast horizon extended comfortably beyond the commitment period. That world has changed.

Since 2022, three things have shifted at the same time. The economics of software development have changed materially: AI-assisted engineering has compressed build costs and timelines significantly, altering the competitive position of any vendor whose moat depends on the difficulty of building what they have already built. The capability ceiling has expanded faster than any prior technology cycle, meaning that architectural assumptions that held before 2023 about what systems need to do are already incomplete. And public markets have begun repricing several prominent enterprise software categories, with insurance platforms among them.

The market's verdict on this question is becoming visible in real time. In the first two months of 2026, roughly $2 trillion in enterprise software market capitalisation was wiped out as investors began repricing the long-term defensibility of traditional SaaS economics in an AI-native world. Workday fell 37% year-to-date. ServiceNow fell 29%. Salesforce fell 26%. Enterprise software multiples compressed from 5.6x revenue at end of 2025 to 4.2x by mid-March 2026. Insurance platforms were not spared. Guidewire, the dominant P&C core platform, reached an all-time high of $261.88 in September 2025 and had declined more than 50% by early 2026, with analysts attributing the move to institutional repositioning away from traditional SaaS vendors toward companies with more defensible, AI-integrated architectures. Herbert Fromme, writing on Versicherungsmonitor, identified the same pattern specifically within insurance: several vendors that insurers are currently mid-commitment with are facing serious investor questions about whether their business model assumptions will hold.

This is not a verdict. Markets overshoot, and some of this repricing is almost certainly excessive. Several analysts have argued the sell-off is disconnected from the underlying fundamentals of these businesses, and the acquisition of Sapiens by Advent International at a 64% premium in August 2025 is a genuine counterpoint to any categorical claim about the category. But markets price uncertainty, and what they are currently pricing is uncertainty about whether the architectural assumptions that justified these valuations in 2023 and 2024 will still hold in 2028 and 2029. That is precisely the uncertainty an insurer committing to a seven-year core transformation programme is being asked to ignore.

The three responses that do not solve the problem

The natural responses to this situation each carry a version of the same error: they treat the problem as a choice of direction rather than a question of decision structure.

Staying on legacy and waiting feels like it preserves optionality, but it does not. Legacy infrastructure costs compound year by year. The talent pool that understands the old system shrinks as people retire or move on. And as AI agents begin mediating insurance distribution and procurement, systems that are not API-accessible and machine-readable will become structurally invisible to the next generation of the market. Waiting is not a low-risk option. It is deferred risk accumulation with a compounding cost.

Committing to full core replacement is the conventional insurance transformation play: replace the old system end to end, absorb the disruption upfront, and emerge with modern architecture. The insurance IT transformation failure rates above are the verdict on this approach at scale. More specifically, committing now to a five-to-seven year programme requires specifying what modern architecture means for 2031. That specification is being made against a forecast horizon that has shortened considerably since the approach was first established as the default.

Building internally using AI-assisted development is the third option. AI engineering tools, sometimes referred to colloquially as vibe coding, have made the visible part of building software significantly faster. The part below the surface, production quality, compliance, regulatory auditability, security, and operational continuity at scale, is unchanged. That is where costs and complexity accumulate, and it is precisely where most insurers do not have the engineering depth to deliver reliably. All three responses assume that the right answer is a single large directional bet. The question they share but do not answer is whether a single large directional bet is the appropriate decision structure when the forecast horizon has shortened below the duration of the commitment.

A growing number of insurers are beginning to explore more modular transformation structures that reduce commitment duration and preserve optionality at each stage. The logic is straightforward: if you cannot predict the architectural landscape of 2031, design your transformation so that you do not have to.

Is there an alternative to full legacy core modernisation in insurance?

Incremental modernisation in insurance is the practice of replacing irreversible transformation programmes with a sequence of smaller, evidence-generating architectural migrations. Each migration is scoped, delivered, and evaluated before the next one begins. The architecture shifts. The risk stays bounded. The organisation learns what the new architecture actually delivers in production before committing further capital.

What this looks like in practice is not a proof of concept, but a deliberate architectural decision to build for scale from the first migration.

A large P&C insurer managing 40+ distribution partners builds a new product configuration and rating layer on a modular insurance platform alongside its existing core. The first product goes live in eight weeks. Within twelve months, the layer handles 15 products across six distribution channels, all configured independently without touching the core. The core continues to run policy administration, finance, and claims unchanged. The modular layer generates live commercial data, conversion rates, partner economics, pricing performance, on a monthly cycle. The insurer now has real operating evidence before deciding whether to migrate further. A full-stack replacement would have delivered the same evidence in year four of a seven-year programme.

A mid-market insurer with a decade-old claims system facing a digital FNOL mandate does not replace its claims core. It connects a modular FNOL layer via API, handling first notification, document intake, triage, and customer communication entirely within the new layer. The legacy claims system receives structured handoffs. The modular layer processes 100% of new claims volume within six months. The insurer evaluates operational performance, AI triage accuracy, and customer satisfaction in real conditions before any further migration decision is made. The core is not touched. The risk is bounded to one function.

An MGA setting up a new programme business does not wait for a full platform build. It launches on a modular stack that handles product configuration, distribution APIs, policy administration, and bordereaux reporting from day one. The stack is production-grade, regulatory-compliant, and designed to scale to 50 products and 200 distribution partners without architectural rework. The MGA reaches its first carrier reporting milestone in ten weeks rather than twelve months. Critically, the architecture it launches on is the same architecture it would scale on, there is no rebuild at growth stage.

All three examples share the same structural logic: start with a bounded scope, operate at production quality from the first day, and generate real evidence before the next commitment. The modular approach does not deliver less. It delivers earlier, and earlier evidence is worth more when the technology certainty cycle is short.

This is the model KASKO is built around. Rather than replacing the core system, KASKO sits alongside it via API and handles the functions that need to move at speed: new products, new distribution channels, new partner models, AI agent integration. The core handles what it handles well. KASKO handles what needs to change quickly. The result is a modular insurance architecture that can adapt in shorter, evidence-based cycles without requiring a seven-year upfront commitment.

The fourth path is not a compromise between transformation and stagnation. It is a structurally different approach to managing irreversibility under uncertainty.

How should insurers evaluate technology decisions in the AI era?

These are the four questions that belong in any insurance transformation governance process, and are absent from most.

What is the reversibility profile of this commitment?

Can the organisation exit at 12 months without a catastrophic write-off? Can it pause and recalibrate if the technology certainty cycle shifts? If the answer is no, that irreversibility is a material risk that should appear explicitly in the business case rather than being absorbed into general programme uncertainty.

What is the shortest cycle in which the programme generates operating evidence?

If the first real-world data from the new architecture arrives in year four of a seven-year programme, the organisation has no feedback mechanism for four years. Transformation design that produces evidence in months rather than years is structurally more reliable, not because the technology is better, but because the governance is better.

How does this decision hold up if software economics shift materially in 18 months?

The question is not whether such a shift will happen. It is whether the organisation can absorb it if it does. Modular, API-first architectures can swap components in response to changed conditions. Organisations mid-transformation on a monolithic platform largely cannot.

Are you making a directional bet or maintaining a portfolio of bets?

A portfolio approach distributes risk across multiple smaller bets with different architectural assumptions. A directional bet concentrates risk on a single outcome. In a stable environment, directional bets are efficient. When the forecast horizon is short, they are fragile.

Most transformation business cases are not designed to answer these questions. They are designed to justify a decision already made at the vendor selection stage. The structural change most organisations need is to build these questions into the governance framework before vendor selection, not after.

The governance problem underneath the insurance IT transformation problem

Insurance IT transformation failure is rarely a vendor problem or a programme management problem. It is a governance problem: decision frameworks designed for stable environments being applied to unstable ones, with commitment durations that now exceed the forecast horizon on which they were based.

Insurers who move incrementally, generate evidence at each stage, and preserve architectural optionality are not being timid. They are applying capital discipline to a class of decision that has historically been governed by optimism bias and vendor momentum. Both forces are structural. Neither is corrected by choosing a better vendor or running a tighter programme.

The organisations that navigate this period best will not necessarily be the ones that committed earliest to the largest legacy insurance modernisation programme. They will be the ones that designed their insurance platform migration to remain defensible even if the underlying assumptions change before the programme completes. When technology certainty cycles are shorter than transformation cycles, that design discipline is not caution. It is the only rational approach.

The starting point is not a multi-year commitment. It is a bounded experiment that produces evidence quickly and preserves strategic flexibility. That is the model KASKO is designed to support.

Frequently Asked Questions About IT Transformation Projects in the AI Era

Sources and Further Reading

Bent Flyvbjerg and Dan Gardner: How Big Things Get Done (2023); Oxford Global Projects database (16,000+ projects). Source for the three-figure sequence: 47.9% on budget / 8.5% on budget and on time / 0.5% on budget, on time, and delivering promised benefits.

Bent Flyvbjerg, Alexander Budzier, Jong Seok Lee, Mark Keil, Daniel Lunn, Dirk W. Bester: "The Empirical Reality of IT Project Cost Overruns: Discovering A Power-Law Distribution," Journal of Management Information Systems, Vol. 39, No. 3, 2022. Source for the fat tail finding: 18% of IT projects have cost overruns above 50%, average overrun in that tail is 447%. Cost overruns follow a power-law distribution, not a normal distribution.

BCG: "Agentic AI Can Power Core Insurance IT Modernization," January 2026. Source for 74% insurance transformation failure rate. Note: BCG cites this as an established finding from prior research; original year of first publication unconfirmed. Cited as BCG, 2026.

BCG: AI scaling in insurance: 90% of insurers started AI programmes, 4% have scaled (2024).

Gartner: Over 40% of agentic AI projects will be cancelled by end of 2027. Based on poll of 3,412 webinar attendees, January 2025. Published June 2025. Cited as Gartner, 2025.

Guidewire Software (NYSE: GWRE): stock price history via MacroTrends / Yahoo Finance. All-time closing high $261.88 (September 2025); declined to approximately $118-124 range (early-mid 2026). Yahoo Finance, February 2026: decline attributed to institutional repositioning away from traditional SaaS providers as AI concerns grow.

Research Affiliates / Advisor Perspectives: "The Impact of AI on SaaS: A Risk Framework for Investors," April 2026. Source for: ~$2 trillion enterprise software market capitalisation wiped out in first two months of 2026; Workday -37%, ServiceNow -29%, Salesforce -26%, Oracle -25% year-to-date; EV/Sales multiples compressed from 5.6x to 4.2x by mid-March 2026.

FinancialContent / MarketMinute: "The Great SaaS Reset: B2B Software Equities Plunge 25% as AI Disruption Rewrites the Playbook," March 2026. Source for iShares Expanded Tech-Software ETF (IGV) down 21%+ since January 2026; per-seat SaaS business model repricing.

Herbert Fromme: Versicherungsmonitor (versicherungsmonitor.de). Independent reporting on insurance software vendor market pressure in the AI era. Observation attributed to MSG Claims Summit, Cologne, 2025.

Sapiens International (NASDAQ: SPNS): Advent International acquisition at $43.50 per share (64% premium to undisturbed price), announced August 2025, closed December 2025. Included as analytical counterpoint to categorical market decline framing.