Regulators covered
Which frameworks the insurance pack maps to today.
Adapter coverage
Upstream services Vortalis adapts for this vertical.
No Vortalis-side adapters ship for this vertical today. The calling system holds the upstream credentials (fraud-detection feature store, case management system, customer system, SIU platform) and Vortalis governs the action at the agent boundary. Where the fraud-detection scope overlaps with financial-crime controls (BSA/AML, EU 5MLD), the financial-services fraud-monitoring template covers the adjacent regime.
Action vocabulary
The policy template for this vertical.
Actions allowed
12
Each action gated by policy at the hot path.
Anticipated require_human actions
- customer.suspended
- siu.referred
- case.escalated
Rate-limit posture
5 000 transaction.flagged per 1-hour rolling window; 500 case.opened per 1-hour rolling window; 100 case.escalated per 1-hour rolling window; 100 siu.referred per 1-hour rolling window; 50 customer.suspended per 1-hour rolling window; 50 customer.unsuspended per 1-hour rolling window. Defensible for a single-line-of-business engagement; major-event days raise after agreement with the head of fraud.
Template path: policies/sectors/insurance/fraud-detection-template.yaml
Integration brief
The implementation guide your engineers read first.
Available
docs/governance/integration-briefs/insurance-fraud-detection.md
Honest limits
What this sector pack does not do.
Vortalis does not suspend customers; AI agents do, and only after a head-of-fraud approval.
The policy template gates 12 actions including customer.suspended, siu.referred, and case.escalated. Each customer-affecting action is gated behind require_human; the head of fraud approves in the Vortalis dashboard before the customer system receives the suspension instruction. Vortalis records what the agent proposed, the approval timestamp, and the upstream outcome; it does not suspend the customer on its own.
Insurance fraud detection and AML are adjacent but distinct; the BSA / 5MLD overlap reuses the financial-services pack.
Where the fraud-detection scope crosses into anti-money-laundering controls (BSA in the US, the EU 5MLD, the UK Proceeds of Crime Act), the financial-services fraud-monitoring template at policies/sectors/financial-services/fraud-monitoring-template.yaml and the integration brief at docs/governance/integration-briefs/financial-services-fraud-monitoring.md cover the adjacent regime. The MLRO attribution flows through the FCA SM&CR pack; AML filing channels are operator-side.
NAIC Model Law #668 Section 6 notice-of-event timelines are operator-side.
Section 6 of Model Law #668 requires the licensee to notify the state insurance commissioner of a cybersecurity event as promptly as possible but in no event later than 72 hours after a determination. The Vortalis chain captures the contemporaneous determination timestamp; the operator's runbook for assessment, escalation, and the channel to the commissioner sit outside the platform. State-level adoption varies.
Customer suspension is materially customer-affecting; the require_human gate is not optional.
A customer suspension can cut off claims-handling access, paid-up policies, and complaints channels. The EIOPA AI Governance human-oversight principle and the NAIC AI Model Bulletin (Section 3.2 risk-based controls calibrated to consumer-impact potential) both treat customer suspension as a high-impact action. The require_human gate is mandatory in this template; the integration must implement the resumption flow before the agent goes live.
The general-purpose honest limits sit at /security/limitations; this list is specific to the insurance pack.
Bring Vortalis to your insurance agents.
Read the integration brief if you would rather start with the engineering detail. Talk to us first if you would rather start with a conversation about your threat model.