Concirrus has become the first insurtech globally to earn ISO/IEC 42001 for AI governance, ISO/IEC 27001 for information security, and SOC 2 compliance.
The “triple crown” of certifications sets a new standard for insurers seeking trust, security, and accountability in AI-driven underwriting and submission automation.
Concirrus is a London-based insurtech that builds AI-driven platforms for commercial insurance and reinsurance markets. The company focuses on underwriting and submission automation, helping insurers and brokers use real-time data to make faster and more informed decisions.
Its flagship product, Quest, applies advanced analytics and machine learning to marine, motor, and specialty insurance portfolios, offering risk insights that go beyond traditional actuarial models.
While many technology providers have begun aligning with emerging governance standards, Concirrus is the first to combine all three.
The firm said this provides insurers and brokers with the highest level of assurance in data protection, regulatory compliance, and responsible AI deployment.
CEO Andy Yeoman said the win reinforces the company’s commitment to responsible technology: “Winning in insurance is no longer just about speed and accuracy – it’s about trust.”
These certifications prove that Concirrus is not only building the fastest and most intelligent underwriting platform, but also the most secure and responsibly governed. We’re proud to be setting the standard for the industry.
Andy Yeoman, CEO of Concirrus
The ISO/IEC 42001 certification is the world’s first recognised AI management system standard. It verifies that Concirrus follows global best practices for developing, deploying, and monitoring AI models.
ISO/IEC 27001 validates strong information security controls, ensuring customer data confidentiality and availability. SOC 2 compliance further affirms the company’s safeguards for privacy, integrity, and security.
Ruth Polyblank, Product and Strategy Director at Concirrus, said the certifications directly address market concerns: “Insurers face growing pressure to adopt AI responsibly while meeting rising regulatory and broker expectations”.
This achievement gives our clients the confidence to innovate with unmatched speed-to-quote, while knowing every submission is processed securely and in compliance.
Ruth Polyblank, Product and Strategy Director at Concirrus
Independent audits confirmed Concirrus’ adherence to global benchmarks in governance, risk management, and data protection.
For insurers adopting AI-driven submission automation, the company positions itself as a technology partner offering speed, transparency, and security at scale.
Founded in 2012 by Andrew Yeoman and Craig Hollingworth, Concirrus gained traction as one of the earliest insurtech firms to target complex commercial lines rather than retail insurance.
The company has built partnerships with major insurers and reinsurers while positioning itself as a technology leader in AI adoption across underwriting workflows.
In terms of financing, Concirrus has raised more than $35mn to date. Its most notable round was a $20mn Series B led by AlbionVC and CommerzVentures in early 2020, following an earlier $6mn round backed by IQ Capital and Eos Venture Partners.
The funding has been directed toward global expansion, particularly into the U.S. and Asian markets, as well as advancing the AI capabilities of its Quest platform.
Recent milestones, including ISO/IEC 42001, ISO/IEC 27001, and SOC 2 certifications, highlight the company’s pivot toward responsible AI governance and information security.
