The claims
handler who
clears 50 a day.

Claims assessed in minutes. Policy clauses found in seconds. DORA-ready, aligned with insurance supervisory requirements.

anymize is the AI workplace for insurers who want to use GPT, Claude and Gemini – without handing customer data to US providers.

The compliance frameworkStart for free

The promise

Who you
could become.

The claims handler clearing 50 reports a day – more thoroughly than they used to manage at 12. The underwriter who prices a risk in the time it takes to drink a coffee, spotting deviations from the portfolio median instantly. The insurer brokers talk about: “They give you a quote in two hours.”

The tools exist. Frontier models read expert opinions, detect anomalies in claims patterns, draft correspondence in your house voice. But your IT security team has blocked the rollout – rightly so. Customer data, health data, contract policies cannot simply flow into a US provider's cloud.

anymize unblocks this. You upload claims files, application documents, medical reports; the anonymization pipeline replaces personal data with semantic placeholders; the frontier model answers with full context; the re-translation delivers the result with your original data. From the AI provider's perspective it never saw a policyholder. From your perspective you got an assessment on your real case.

The hard compliance lines

What insurers need to
watch for.

Insurance AI touches four regulatory layers, each with its own requirements. anymize was built to address these through product design rather than through mandatory supplementary contracts.

GDPR Art. 9

Health and financial data are special category

Insurance companies routinely process sensitive health, financial, and behavioral data. Under GDPR Art. 9 and Art. 6, this requires explicit legal bases, strict purpose limitation, and contractual safeguards with every AI processor. Any AI tool analyzing claims or underwriting data must meet these heightened standards.

anymize provides

  • A Data Processing Agreement (DPA) under GDPR Art. 28 — automatically effective on account creation, covering purpose limitation, sub-processor chains, and deletion timelines.
  • A DORA-ready third-party assessment package — including security documentation, incident response procedures, and audit-ready records for ICT risk management requirements.
  • Anonymized processing architecture — ensuring AI models never see policyholder PII, directly addressing the highest-risk element of AI use in insurance.

DORA (EU 2022/2554)

Digital operational resilience for insurers

The EU Digital Operational Resilience Act (DORA), fully applicable since January 2025, mandates ICT risk management, third-party oversight, and incident reporting for financial entities including insurers across all EU member states. Every AI tool is an ICT asset subject to DORA’s third-party risk management requirements.

Solvency II / Insurance Regulation

Outsourcing and governance requirements

Insurance supervisory frameworks across EU member states impose strict requirements on outsourcing to service providers — requiring risk assessments, contractual safeguards, and audit rights. AI tools processing policyholder or claims data are subject to these outsourcing rules, requiring documented DPAs and security assessments.

EU AI Act (2024/1689)

AI in underwriting and claims is high-risk

The EU AI Act classifies AI systems used in insurance underwriting, credit assessment, and claims processing as high-risk AI. Insurers deploying such tools must maintain conformity documentation, ensure human oversight, and keep audit trails. anymize ensures that AI models process only anonymized data, reducing regulatory exposure significantly.

Five everyday scenarios

Concrete workflows,
concrete tool chains.

01

Claims assessment, motor liability

Upload (anonymized): claim report, expert opinion, police report · Claude Deep · knowledge base “house tariff terms” active · “Summarize the facts, check coverage, state liability.”

Outcome

Structured case analysis, coverage assessment, draft settlement letter – all as editable artefacts

02

Underwriting, commercial property insurance

Project “Risk X” · upload application documents and building photos (anonymized) · Gemini (multimodal) · “Compare with similar risks in our database.”

Outcome

Risk profile with peer comparison, flags for unusual hazards

03

Customer correspondence, complaint management

Live transcription (complaint call) · transcript moved into project · Claude · “Draft a response in our house voice, referencing § X of our GTCs.”

Outcome

Empathetic, legally correct response as an artefact, two clicks to send

04

Fraud detection in the portfolio

Kimi (large context) · export of 300 claims (anonymized) from the core insurance system · “Find clusters of unusual claim patterns.”

Outcome

Hypothesis list for special investigators, with reasoning per anomaly

05

Internal actuarial work

anymize Fountain (internal, no anonymization needed) · upload claims statistics table · “Compare 2025 loss ratio to 2024 per tariff generation.”

Outcome

Analysis artefact, no data leaves your house

Every workflow works today. No “coming in Q4” – the tool set is live.

Model recommendation

Which model for
which insurance task.

Claims assessment, GTC interpretation, correspondence

ClaudeDeep

Precise argumentation, natural German prose, strong legal construction

Multimodal claims analysis (expert opinions + photos)

Gemini

Image understanding, damage sketches, photos from motor assessors

Fraud detection on large datasets

KimiDeep

Very large context windows – 300 claims in a single pass instead of chunking

Web research (current case law, experts)

Perplexity

Web-native research with solid citations

Everyday queries, standard policy interpretation

GPTSmart

Broad general knowledge, solid across many lines

Internal Excel, SQL, actuarial work

anymize Fountain

Inference in Germany, no anonymization needed

Portfolio analysis, multi-step reasoning on portfolio data

anymize Waterfall

Inference in Germany, near-frontier reasoning depth

Details on all international modelsDetails on Waterfall & Fountain

Feature set for insurers

The tools that land
in insurance operations.

Five features that carry the biggest leverage in an insurer's day:

01

Knowledge bases

One database per line (motor, home, liability, commercial) with house tariff terms, GTCs, internal settlement guidelines. Plus the current case law on coverage interpretation. Adjusters work from the same knowledge base – whether they've been on staff for 20 years or three months.

02

Projects

One project per complex claim or underwriting mandate. Context grows with every chat, the knowledge base stays linked. Colleagues can take over during leave or illness – the context is documented, not kept in one person's head.

03

Live transcription

Record complaint calls, on-site expert visits and internal risk rounds from a smartphone (QR code), transcribed self-hosted in Germany. Takes minute-taking off your hands, structures the follow-up.

04

Artefacts

Settlement letters, denial reasoning, customer emails emerge as artefacts – WYSIWYG-editable, exportable as Word/PDF/Markdown. Export with original data for sending, anonymous export for external expert alignment.

05

Compliance controls

Admin controls: mandatory anonymization, four-eyes review for claim decisions above a threshold, audit log for AI Act documentation, review countdown for sensitive decisions.

Integration with insurance software

Where anymize
plugs in.

The anymize API is OpenAI-compatible (drop-in replacement) — any insurance application or automation that can talk to OpenAI today also works against anymize:

01

Automation platforms

Zapier, Make.com, n8n with native anymize nodes: pull claim reports from the core insurance system, analyze them anonymized, write suggestions back.

02

Core insurance systems via connector

For common platforms (SAP for Insurance, in:flux, proprietary in-house builds) via an API layer and low-code tooling.

03

Email and document pipelines

Outlook automations (e.g. "incoming claim report with attachment → anonymize → first assessment → write back to core system").

04

Document management systems

DATEV DMS, d.velop, SER Doxis via the API layer.

Concrete integration guides:n8nMake.comZapierMCP Server for Claude Desktop.

On-premise relevance

When group IT security
does not allow cloud.

For insurance groups with strict cloud policies – typical for international groups regulated across multiple jurisdictions – we offer on-premise deployments: the anonymization pipeline plus our small model anymize Spring inside your own infrastructure. Hybrid variant: local anonymization, anonymized queries to international frontier models – frontier quality, no policy number ever leaves the group data centre.

For most mid-sized insurers and primary insurers working with the European cloud, our standard solution is sufficient – DORA contract, DPA and outsourcing management aligned with insurance supervisory requirements cover this.

Which plan fits

From specialty insurer
to large group.

Specialty insurer (< 50 employees)

Team Business

Shared knowledge bases, admin controls, full feature set

Mid-sized insurer (50–500 employees)

Team Business + Enterprise add-ons

SSO (Microsoft Entra, Okta), extended audit logging, dedicated account manager

Large insurer / group

Enterprise

DORA contract as an individual agreement, SLA, on-premise option, incident reporting pipeline to your financial supervisory authority, dedicated anymize data residency cluster

Reinsurer

Enterprise (on-premise recommended)

Accumulation analyses on portfolio data that must not leave the group data centre

All plan details

How you start in three steps

From kick-off to
productive use.

1

Create account, prepare outsourcing notification

Registration includes a DPA under Art. 28 GDPR. In the Enterprise setup you receive the DORA contract with all mandatory clauses under Art. 30(2) DORA, plus the template for the outsourcing notification under applicable insurance supervisory law. Once you file the notification with your financial supervisory authority, we set up the technical access during the review period. Time on the insurer side: 30 minutes + supervisory review time.

2

Pilot with one line-of-business team

Start with a clearly scoped team (e.g. motor claims, commercial property underwriting). First knowledge base: house GTCs, internal guidelines, current case law. First workflow definition: which prompts run on Claude, which on anymize Fountain, which documents require additional review.

3

Rollout and AI Act documentation

After a successful pilot: roll out to further lines of business. Admin policies set per line (mandatory anonymization, four-eyes review above claim amount X). The audit log provides the documentation base for Art. 26(6) AI Act duties in high-risk use cases. Set up once, compliant continuously.

Audiences inside the insurance world

Six roles,
six points of focus.

01

Claims handler

Claims in minutes to coverage assessment and settlement letter – 50 cases a day instead of 15

02

Underwriter

Risk profiles with peer comparison, anomaly detection, real-time tariff interpretation

03

Actuary

Internal portfolio analyses with anymize Fountain (in Germany, no data export) for tariff generations, loss ratios, reserving models

04

Compliance / internal audit

AI Act audit log, DORA incident dashboard, outsourcing register – all in one tool

05

IT security / ICT risk

DORA compatibility, hosting in Germany, clearly described supply chain – a provider that passes the review

06

Customer service / complaints

Empathetic responses in your house voice, live transcription for call follow-up, knowledge base with current GTC interpretations

What insurers frequently ask.

Frequently asked questions

anymize is built so that your DORA management can address the ICT third-party requirements under Art. 28 et seq. DORA. We provide the DORA-compatible provider contract with all mandatory clauses under Art. 30(2) (service description, SLA, exit clauses, audit rights, subprocessor transparency). Formal DORA compliance ultimately sits with your insurance undertaking – DORA is a corporate obligation, not a provider certification. We supply the building blocks you need so that your DORA implementation holds up for the anymize part.

Legal notice

The information on this page regarding DORA (Regulation 2022/2554), national insurance supervisory law, regulatory guidance on AI governance, the EU AI Act (Regulation 2024/1689), GDPR Art. 9 and related data protection rules represents a classification based on the versions currently in force (status: April 2026, sources: eur-lex.europa.eu and relevant national regulators). It does not replace individual regulatory advice or a specific assessment of your outsourcing and ICT risk situation. For a binding assessment of your specific compliance situation, please consult your compliance function, your legal department and/or external advisors on insurance supervisory law.

Start now.
14 days free trial.

All models. All features. No credit card.

Start for freeHow it works

We stand behind anymize. And we know – when an AI tool touches client, patient or employee data, a demo video isn't enough. That's why we give you 14 days of full access – all models, all features, no credit card. Enough time to be certain, before you trust us.

Your AI workplace awaits.