Security & Compliance
Built for the most regulated industry in America
Insurance agencies operate under TCPA, NAIC AI guidelines, state-level AI laws, and E&O obligations. Wayden was designed around every one of them — not retrofitted after the fact.
Coverage
Six areas. Fully addressed.
Not labels. Actual implementation — what the regulation requires, and exactly how Wayden handles it.
TCPA Compliance
AI disclosure on every call. Every outbound call records consent. DNC registry checked before dialing. Call time windows enforced by timezone. Full audit trail per contact.
NAIC AI Guidelines
Aligned with the NAIC Model Bulletin adopted by 24+ states. Transparent AI decisions with confidence scores surfaced to producers. Non-discriminatory matching — no protected characteristics in any recommendation model. Auditable recommendations with exportable logs.
Colorado AI Act
Ready for July 2026 requirements. Complete audit trail for every AI decision — timestamp, model version, confidence score, and outcome. Human-in-the-loop gate when confidence drops below 80%. Consumer disclosure built into all client-facing communications.
E&O Protection
AI prepares. Your producer decides. Every time. No AI recommendation goes to a carrier or client without explicit human approval. Every producer sign-off is timestamped and logged — creating the audit trail your E&O underwriter needs to see.
Data Sovereignty
Your data stays yours. Never used to train models. Never shared with other agencies. Each agency's knowledge base — client relationships, carrier preferences, book of business patterns — is completely isolated. Export your data at any time.
SOC 2 Controls
Following SOC 2 Type II controls from day one. AES-256 encryption at rest, TLS 1.3 in transit. Role-based access control — producers see only their own book. Full audit log of every system access. Formal SOC 2 Type II certification is on our 12-month roadmap.
Questions about security?
Talk to us security@wayden.ai