When Postcode Means Race: The Broken Math Behind Insurance Pricing

Picture the test working exactly as designed. A regulator wants to know whether an insurer's pricing algorithm is quietly discriminating against minority drivers, so it does the thing the textbooks and the model bulletins say to do. It takes the premiums the algorithm produces, it lines them up against the legitimate rating factors the insurer is allowed to use, and it asks a statistical question: once you strip out everything the law permits, is there still a residue that tracks race? The formula runs. A number comes back. The number says no. No residue, no proxy, no problem. The insurer files its attestation, the regulator closes the file, and the consumer in the low-income postcode who is paying more than her identical-risk neighbour two streets over goes on paying it, secure in the knowledge that a fairness test was run and she passed it. Everyone passed it. That is the problem. In May 2026, two researchers ran exactly this test across thirty-four real auto insurers and found that the standard regulatory formula flags zero of them. Not one. Then they corrected the maths, and every single one lit up.
The paper is called Fairness Testing for Algorithmic Pricing, posted to the arXiv preprint server on 12 May 2026 by Fei Huang, an associate professor in the School of Risk and Actuarial Studies at the University of New South Wales Business School in Sydney, and Giles Hooker, a professor of statistics and data science at the Wharton School of the University of Pennsylvania. It is a dry document, dense with asymptotic variance estimators and cross-covariance formulae, the kind of thing that ordinarily circulates among a few hundred actuaries and disappears. What it actually describes is a quiet catastrophe of governance: the principal tool regulators rely on to catch the most insidious form of algorithmic discrimination has been built wrong, and has been returning false negatives the whole time it has been deployed. The detector designed to find the discrimination cannot find the discrimination. It has been telling everyone the building is not on fire while the smoke fills the room.
The Discrimination That Hides in Plain Variables
To understand why this matters, you have to understand the specific thing the test was supposed to catch, because it is not the obvious thing. No reputable insurer in the United States or the United Kingdom puts race into a pricing model. It is illegal, it is reputationally radioactive, and it is also, increasingly, unnecessary. The variable the law forbids can be reconstructed from a dozen variables the law permits. This is the mechanism the field calls proxy discrimination, and it is the central villain of the entire story.
Proxy discrimination occurs when an algorithm uses a legally permitted, facially neutral variable as a statistical stand-in for a protected characteristic, producing a discriminatory outcome without ever encoding the protected characteristic directly. Postcode stands in for ethnicity, because residential segregation means a postcode is often an excellent predictor of the race of the people who live there. Occupation stands in for sex, because labour markets remain heavily gendered and a job title carries a probability of the worker's gender almost as reliably as a form that asked outright. Educational attainment, vehicle type, the make of a phone used to fill in an online quote, the timing of a payment, the shopping history attached to a loyalty card: each of these can carry, encoded within it, the very characteristic the insurer is forbidden to price on. The algorithm never sees race. It does not need to. It sees postcode, and postcode has already done the work.
What makes proxy discrimination so corrosive is that everyone's hands stay clean. The insurer can say, truthfully, that race is not in the model. The actuary can demonstrate, truthfully, that postcode is a genuine predictor of claims cost. The regulator can confirm, truthfully, that no protected characteristic appears in the rating factors. And the driver in the minority postcode still pays more than her risk justifies, because the model has found a route to the same destination by a road the law forgot to close. The harm is real and the discrimination is real, but it is laundered through a chain of individually defensible decisions until no one is responsible for it. This is not a hypothetical worry dreamed up by academics. It is the failure mode that the entire apparatus of modern insurance fairness regulation was constructed to detect.
What the Corrected Maths Reveals
The Huang and Hooker paper takes the standard regulatory audit and asks a deceptively simple question about it: is the statistics actually valid? The conventional approach regresses the pricing output on a protected attribute and the legitimate rating factors, then tests whether the resulting coefficient is statistically significant using ordinary least squares standard errors, the same standard errors you would use on noisy survey data. The trouble, the authors show, is that a pricing algorithm is not noisy survey data. It is deterministic. Feed it the same inputs and it returns the same premium every time, with no random scatter. When you regress against a deterministic system, the residuals you get back do not represent sampling variability, the random noise that classical standard errors are designed to handle. They represent approximation error, a fundamentally different beast. The result, in the authors' own words, is that classical standard errors are invalid in both direction and magnitude. The test is not slightly miscalibrated. It is measuring the wrong quantity with the wrong ruler.
The consequence falls hardest precisely on the proxy discrimination test, the one designed to catch the hidden variety. When the standard proxy discrimination formula is applied to the thirty-four insurers, it flags zero of them. The corrected formula, which the authors derive with the proper cross-covariance terms, identifies all thirty-four as statistically significant, of which sixteen exceed the substantive threshold that would mark the disparity as not merely real but materially large. The gap between zero and thirty-four is not a rounding error or an academic quibble about decimal places. It is the difference between a test that exonerates an entire market and a test that condemns it.
The empirical heart of the paper is its dataset: quoted premiums from thirty-four auto insurers operating in Illinois, examined against the demographic composition of the postcodes those quotes were attached to. Applying a conditional demographic parity test, the one that asks whether two areas of equal risk are charged equally, the researchers found that every one of the thirty-four insurers failed. Minority postcodes were quoted premiums between thirty-four and one hundred and fifty-eight US dollars more per year than comparable-risk areas with whiter populations. Comparable risk. That is the phrase that should stop a reader cold. The extra charge was not explained by the drivers being worse risks, because the comparison was constructed to hold risk constant. It was the residue of something else riding along inside the permitted variables, and it was the very residue the standard test had pronounced absent.
The reason the error matters deserves spelling out, because it explains why no amount of good faith on the part of an individual auditor would have saved them. The classical standard error assumes that if you collected another sample, the numbers would jitter around a little, and it sizes that jitter to decide whether an observed disparity is real or could be a fluke. Against a deterministic pricing engine there is no jitter to size, because the engine does not flip a coin: the same applicant always receives the same quote. What the regression's residuals are actually capturing is how well the auditor's chosen control variables happen to approximate the insurer's true rating formula, a quantity with no relationship whatsoever to the confidence interval the formula then prints. An auditor running the standard procedure is not being careless. They are following the method correctly and arriving, inexorably, at a conclusion the method has no right to draw. That is what makes the finding so unsettling: the failure is baked into the recipe, not the cook. The authors extend the same correction to the generalised linear models that insurers most commonly deploy in practice, not merely the simpler ordinary-least-squares case, which is why the result speaks directly to live pricing systems rather than to a statistical toy.
How the Detector Learned to Look the Wrong Way
There is a second, related failure hiding underneath the first, and it concerns the very thing regulators use to stand in for race when they are not allowed to ask for it. In a companion paper posted to arXiv in March 2026, “How Proxy Race Distorts Regression-Based Fairness Audits,” Huang and Hooker, joined by Xi Xin of UNSW, dissected a method that sits at the foundation of fair-lending and fair-insurance enforcement across the United States. Because firms in many contexts cannot collect race directly, regulators and auditors infer it statistically, most prominently through a technique known as Bayesian Improved Surname Geocoding, which estimates the probable race of an individual from their surname and the demographics of the postcode they live in. This proxy is not a fringe tool. It has been institutionalised in regulatory settings, and it underpinned the most prominent fair-lending actions the Consumer Financial Protection Bureau has brought, including its auto-lending discrimination cases against Ally Bank in 2013 and against Honda and Toyota's finance arms in 2015 and 2016.
What Xin, Hooker, and Huang demonstrate is that swapping inferred race for observed race does not merely add a little noise to the analysis. It systematically transforms what the regression coefficient measures. When proxy race is misclassified, even at apparently high accuracy, the disparities attributed to minority groups are compressed toward the majority baseline, because the confusion between groups bleeds the signal from one into the other. The authors put it precisely: proxy-based regression coefficients can be attenuated or amplified relative to analogous analyses based on self-reported race, depending on how the proxy correlates with the pricing residuals. In the common case, the distortion shrinks the measured disparity, which means the proxy that regulators reach for in the absence of real data tends to make discrimination look smaller than it actually is. Taken together, the two papers describe a pincer. One failure lives in the standard error, telling auditors that a real disparity is not statistically significant. The other lives in the proxy for race itself, telling them the disparity is smaller than it really is. A market audited under both errors at once would look serene almost regardless of how it actually behaved, which is exactly the picture the regulatory record has painted for years.
A Second Lab, the Same Verdict
If the Huang and Hooker result stood alone, a sceptic might reasonably wait for replication before sounding alarms. It does not stand alone. Roughly a month later, in research surfacing in late May and June 2026, a team anchored at Bayes Business School, part of City St George's, University of London, arrived at the same destination by a different route, and proposed a tool to do something about it.
The Bayes work centres on Andreas Tsanakas, professor of risk management at Bayes, working with collaborators including Mathias Lindholm of Stockholm University. Their framework, published in the European Journal of Operational Research in 2026, is a measurement instrument: a way of identifying and quantifying how much of an insurance price is attributable to proxy effects, applicable across most lines of insurance and extending into adjacent financial services such as credit scoring. The framework's findings echo the Illinois numbers with uncomfortable precision. Proxy discrimination in insurance pricing, the Bayes team concluded, is both widespread and measurable. In one of their analyses, young drivers from a particular minority ethnic group were systematically quoted higher motor insurance premiums, a disparity driven in part by proxy effects rather than by any difference in their actual risk.
The Bayes framework also surfaces a complication that the cruder public debate tends to miss, and it is worth holding onto because it cuts against easy intuitions. Some variables, the researchers found, can actually reduce proxy discrimination rather than amplify it, because the interactions between pricing factors are tangled enough that removing a variable naively can make the hidden bias worse, not better. Fairness, in other words, cannot be achieved by simply deleting suspicious-looking columns from the data; a regulator who orders an insurer to drop postcode may, depending on what remains, leave the discrimination untouched or even sharpen it. Tsanakas has long argued that the only way to measure proxy discrimination rigorously is, paradoxically, to collect data on protected characteristics from at least a subset of policyholders, so that the proxy effect can be isolated and stripped out. As he has framed it, insurers need to collect information on protected characteristics, which itself raises privacy concerns that demand strict protocols about how the information is gathered and used. It is an awkward truth at the heart of the field: to prove you are not discriminating, you may first have to gather the very data you are forbidden to price on, and the law's instinct to ban the collection of sensitive data collides head-on with the statistics of detecting its misuse.
Two independent research efforts, in two countries, using different methods, on different markets, converging in the same season on the same conclusion. Proxy discrimination in algorithmic insurance pricing is real, it is measurable, it is widespread, and the standard tools deployed to catch it are not catching it. That is no longer a finding. It is a pattern.
The Machines Are Already Everywhere
The reason this lands with such force in mid-2026, rather than as a theoretical footnote, is the sheer extent to which the decisions in question have already been handed to algorithms. A Reuters analysis published in May 2026 confirmed what anyone working inside the industry already knew: artificial intelligence is now deeply embedded across the core functions of insurance, underwriting, pricing, and claims handling, throughout both the United States and the United Kingdom, with little in the way of standardised oversight binding the practice together.
The scale of the shift is not subtle. Across the sector, underwriting decisions that once took days now resolve in minutes; straight-through processing rates, the proportion of applications handled with no human touching them, have climbed from low double digits to the high eighties and nineties at the more automated carriers. AI systems now read claims, estimate damage from photographs, flag suspected fraud, and set the price that lands on a customer's renewal letter. The industry's own commentary describes 2026 and 2027 as the period in which insurers transition from AI-assisted workflows, where a human adjuster uses an AI tool, to agentic workflows, where the AI orchestrates the process and the human reviews the outcome, if a human reviews it at all. The same trajectory runs through the adjacent markets the research touches: in credit and lending, machine-learning models now decide who is offered a loan, at what rate, and on what terms, drawing on the same kind of behavioural and geographic data, and inviting the same kind of proxy effect.
This is the environment into which the Huang and Hooker result drops. The discrimination-detection tools are failing not in a niche of the market but at its operational centre, governing the prices and the acceptances and the rejections experienced by hundreds of millions of people. And the failure is structural rather than incidental. It is not that a few bad actors gamed a sound test. It is that the test itself, the one written into model bulletins and risk-management frameworks and compliance attestations across the industry, has been returning false negatives by design. Every insurer that ran the standard proxy test and passed has a piece of paper saying so. The paper means nothing. It always meant nothing. The fire alarm was wired to stay silent, and the building filled with people who had been assured the alarm was working.
The Patchwork of Rules That Cannot See In
To grasp why the regulatory response has been so thin, it helps to survey the actual rules, because the gap between their ambition and their machinery is where the consumer falls through.
The most muscular attempt sits in Colorado. Senate Bill 21-169, enacted in July 2021 and billed as the first law of its kind in the United States, prohibits insurers from using external consumer data and information sources, along with the algorithms and predictive models built on them, in any way that produces unfair discrimination against consumers on the basis of race, colour, national or ethnic origin, religion, sex, sexual orientation, disability, gender identity, or gender expression. External consumer data, in the Colorado framing, is sweeping: credit-based insurance scores, purchase histories, social-media signals, geographic data, anything not collected directly from the consumer. The law does not merely prohibit. It imposes affirmative governance duties, requiring insurers to document the data their models use, to maintain a risk-management framework to test whether those models discriminate, to monitor the results, and to attest, through a named officer, that the framework has been put in place. On paper, it is the closest thing to a real answer that exists. In practice, its testing regime leans on precisely the kind of statistical audit that the Huang and Hooker paper shows to be broken, and the race it tests against is precisely the kind of inferred, proxy-based race that the companion paper shows to be biased toward understatement. A governance framework is only as good as the test it runs, and if the test flags zero insurers when the truth is thirty-four, the attestation becomes a ritual rather than a safeguard.
At the national level in the United States, the National Association of Insurance Commissioners adopted its Model Bulletin on the Use of Artificial Intelligence Systems by Insurers in December 2023, and by early 2026 more than half the states had adopted it or something close to it. The bulletin asks insurers to maintain a formal written AI programme covering governance, consumer notice, risk management, internal controls, and vendor oversight. It is a framework for asking the right questions. It is not, in itself, a method for getting the right answers, and it does not prescribe a corrected statistical test, because at the time of its drafting the field did not yet know the standard one was wrong. A bulletin that tells insurers to test for bias, without specifying a test that works, simply ratifies whatever test the industry already uses.
Across the Atlantic, the European Union's AI Act classifies AI systems used for risk assessment and pricing in life and health insurance as high-risk under Annex III, paragraph 5©, subjecting them to conformity assessments, documentation duties, and human-oversight requirements, with the relevant obligations beginning to bite from August 2026 under current law, though parts of the timetable have been subject to proposed delay. The high-risk designation is significant, but its scope is narrower than the problem: it reaches life and health, and does not extend to the property and casualty lines, motor and home insurance, where the Illinois evidence of proxy discrimination is sharpest. A driver overcharged on her car insurance because of where she lives sits entirely outside the AI Act's high-risk perimeter.
In the United Kingdom, the Financial Conduct Authority governs the territory through its Consumer Duty, in force since 2023, which requires firms to deliver fair value and to put customers' interests at the centre of their decisions. The FCA's general insurance value measures, published annually, show claims costs running at around 54 per cent of premium for motor insurance and 46 per cent for home insurance in 2024, and the regulator's thematic reviews have repeatedly flagged weaknesses in how firms conduct fair-value assessments. But fair value is an outcome-focused principle, not a discrimination-detection algorithm. It tells a firm what result to aim for. It does not hand the regulator a valid test for whether a pricing model is using postcode as a proxy for ethnicity, and the Consumer Duty's machinery was not built to peer inside a deterministic model and isolate a proxy effect. A firm can deliver fair value, in the aggregate, while still loading a quiet surcharge onto one ethnic group, because the aggregate hides the distribution.
The common thread running through all four regimes, Colorado, the NAIC, the EU, the FCA, is that each is a framework for requiring good behaviour rather than a tool for verifying it. They demand that insurers not discriminate, that they test for discrimination, that they attest to having tested. None of them could detect the discrimination the research has now measured, because all of them depend, directly or indirectly, on a statistical test that the research has shown to be returning the wrong answer. The regulators built a doctrine on a detector, and the detector was broken.
What Consumer Protection Means When No One Can See
So we arrive at the question the whole affair forces open. When someone living in a low-income postcode, or working in a particular occupation, pays meaningfully more for car, home, or life cover than a neighbour with an identical risk profile, because the model treats her circumstances as a proxy for something the law forbids it to use directly, and when the systems built to catch that practice are demonstrably failing, what does consumer protection actually mean? What is left of it?
The honest answer is that consumer protection, in an algorithmic insurance market, has been resting on an assumption that no longer holds: that the disparities, if they existed, would be visible to a competent auditor running a standard test. The entire edifice of attestation and governance and model bulletins is built on the premise that the discrimination is detectable, that the regulator can in principle see in. The Huang and Hooker result removes that premise. The discrimination was not detectable, not because it was hidden by bad actors but because the detector was miscalibrated, and so for the years the broken test has been in use, the protection was notional. Consumers were told they were protected by a process that could not have protected them. The reassurance was the harm's best disguise.
There is a particular cruelty in the structure of this harm, and it is worth naming precisely. Proxy discrimination does not fall randomly. It tracks the contours of existing disadvantage, because the proxies that machine-learning models find most useful, postcode, occupation, the cheap phone, the thin credit file, are the same variables that encode who is already poor, already marginalised, already segregated. The driver in the low-income postcode is charged more not despite her circumstances but because of them, and the surcharge compounds the disadvantage that produced it. She pays more for insurance because she is poor, and she is a little poorer because she pays more for insurance. The Illinois figures, thirty-four to one hundred and fifty-eight dollars a year, may sound modest set against a single premium. Multiplied across motor, home, and life cover, compounded over a working lifetime, and concentrated on the households least able to absorb it, they describe a regressive transfer running quietly through one of the most heavily regulated industries in the developed world, invisible to the very regulators charged with policing it.
What the research also makes clear is that the failure is fixable, which is the one genuinely hopeful note in the account. Huang and Hooker did not merely diagnose the broken test; they derived the corrected one, the proper asymptotic variance estimators and the cross-covariance formula that a deterministic pricing model actually requires. The Bayes team did not merely confirm the disease; they built a framework to measure and, in principle, to remove the proxy effect. The mathematics to detect proxy discrimination correctly now exists. The instruments are on the table. What does not yet exist is the regulatory will to swap the broken detector for the working one, to rewrite the model bulletins and the risk-management frameworks and the attestation requirements around a test that returns thirty-four rather than zero, and to compel an industry that has every commercial incentive to prefer the comfortable answer to adopt the uncomfortable one.
That is the choice the May 2026 research lays bare, and it is not a technical choice. The technology works; the corrected formula works; the measurement framework works. The open question is whether the people who write the rules will insist on a detector that detects, knowing that the moment they do, an entire market that has been passing its fairness tests will start, all at once, to fail them. Consumer protection in an algorithmic insurance market does not, in the end, mean trusting the attestation on the file. It means demanding that the test behind the attestation be one that can actually find what it was built to find, and being willing to act on the answer when it does. Until then, the woman in the low-income postcode will keep paying her surcharge, the file will keep saying she passed, and the alarm wired to stay silent will keep doing exactly what it was, however unwittingly, designed to do.
Notes and References
- Fei Huang and Giles Hooker, “Fairness Testing for Algorithmic Pricing,” arXiv preprint arXiv:2605.11614, submitted 12 May 2026. https://arxiv.org/abs/2605.11614
- Xi Xin, Giles Hooker and Fei Huang, “How Proxy Race Distorts Regression-Based Fairness Audits,” arXiv preprint arXiv:2603.17106, March 2026. https://arxiv.org/abs/2603.17106
- Associate Professor Fei Huang, School of Risk and Actuarial Studies, UNSW Business School, University of New South Wales, Sydney. https://research.unsw.edu.au/people/associate-professor-fei-huang
- Professor Giles Hooker, Department of Statistics and Data Science, The Wharton School, University of Pennsylvania. https://ai-analytics.wharton.upenn.edu/responsible-ai-analytics-for-insurance-workshop/
- “Framework could deliver fairer insurance deals for customers,” Phys.org, 28 May 2026. https://phys.org/news/2026-05-framework-fairer-customers.html
- Andreas Tsanakas, Mathias Lindholm and colleagues, framework on proxy discrimination in insurance pricing, European Journal of Operational Research, 2026, DOI 10.1016/j.ejor.2026.01.021.
- “School creates AI-based method to terminate proxy discrimination in insurance pricing,” Insurance Times, 17 February 2023. https://www.insurancetimes.co.uk/news/school-creates-ai-based-method-to-terminate-proxy-discrimination-in-insurance-pricing/1443666.article
- “Insurers and regulators must stamp out discrimination in insurance pricing to ensure fairness for consumers, says new study,” Bayes Business School, City St George's, University of London. https://www.bayes.citystgeorges.ac.uk/news-and-events/news/2023/january/insurers-and-regulators-must-stamp-out-discrimination-in-insurance-pricing-to-ensure-fairness-for-consumers-says-new-study
- Colorado Senate Bill 21-169, “Protecting Consumers from Unfair Discrimination in Insurance Practices,” Colorado Division of Insurance. https://doi.colorado.gov/for-consumers/sb21-169-protecting-consumers-from-unfair-discrimination-in-insurance-practices
- “Protecting consumers: Implementation of Colorado's antidiscrimination law in insurance,” Milliman. https://www.milliman.com/en/insight/protecting-consumers-colorado-antidiscrimination-law-insurance
- National Association of Insurance Commissioners, “Model Bulletin: Use of Artificial Intelligence Systems by Insurers,” adopted December 2023. https://content.naic.org/insurance-topics/artificial-intelligence
- “Nearly Half of States Have Now Adopted NAIC Model Bulletin on Insurers' Use of AI,” Quarles & Brady LLP. https://www.quarles.com/newsroom/publications/nearly-half-of-states-have-now-adopted-naic-model-bulletin-on-insurers-use-of-ai
- European Union Artificial Intelligence Act, Annex III, “High-Risk AI Systems Referred to in Article 6(2),” paragraph 5© on risk assessment and pricing in life and health insurance. https://artificialintelligenceact.eu/annex/3/
- Financial Conduct Authority, “General insurance value measures data 2024.” https://www.fca.org.uk/data/general-insurance-value-measures-data-2024
- Financial Conduct Authority, “Our Consumer Duty focus areas.” https://www.fca.org.uk/publications/corporate-documents/consumer-duty-focus-areas
- Reuters analysis on the integration of artificial intelligence across insurance underwriting, pricing and claims handling in the United States and United Kingdom, published May 2026.

Tim Green UK-based Systems Theorist & Independent Technology Writer
Tim explores the intersections of artificial intelligence, decentralised cognition, and posthuman ethics. His work, published at smarterarticles.co.uk, challenges dominant narratives of technological progress while proposing interdisciplinary frameworks for collective intelligence and digital stewardship.
His writing has been featured on Ground News and shared by independent researchers across both academic and technological communities.
ORCID: 0009-0002-0156-9795 Email: tim@smarterarticles.co.uk
Listen to the free weekly SmarterArticles Podcast








