
Blog
You probably shouldn't host your own LLM. And definitely shouldn't train one.
Artificial Intelligence
All Lines of Business


Dictated on annual leave on a train through the Italian countryside, with enough time between stations to write down some thoughts that keep coming back to me.
Lately, two questions come up again and again when talking to insurance leaders. The first: can an insurer run its business entirely on AI, with no core system at all? The second that often follows: can insurers now simply build their own core with AI, and stop relying on vendors like us?
Here are my thoughts on the first question. The second will follow in a separate article.
The pitch goes like this: You keep a database, because everyone agrees the data has to live somewhere. But the business logic, the calculations, the workflows all move into an agentic AI layer. The agents read the data, transform it, and write it back. No core in between. It’s a nice but illusory picture.
My premise is simple: AI agents don’t take work from the core system. They take work from the human. What a person used to do can be enhanced by AI, or replaced by it. But the work the core does doesn’t migrate into an agent. The agent simply steps into the place where a human used to interact with the core.
Why am I so sure? For a few reasons.
A core is a system of record over decades. In life insurance, I see products on the market with maturities of over a hundred years. There are policies that can be passed to the next generation. What an insurer promises a customer today has to be honoured in one year, ten years, a hundred years. That is the long-term promise of insurance. It demands data integrity held to deterministic rules and calculations over an extraordinary span of time.
A core system is more than a database. The insurance industry knowledge lives in its domain-design layer. This includes the entities, business invariants, state transition rules, and calculation logic that define how the business actually works. A database is merely the persistence medium, but it knows nothing of business semantics. It cannot guard valid state transitions, codify non-negotiable insurance rules, or orchestrate cross-domain transactional consistency.
A core is also a system of validation. Accuracy can never be self-proven. You always need something to validate against. In the AI era, a rigorous testing and validation capability becomes more important, not less. A core system, as a defined body of logic, gives you a fixed scope to test against. Take the core away and let agents assemble a “flexible” system on the fly, and you’ve traded a fixed scope for a dynamic one. This is something almost impossible to test and validate.
Pure AI economics don’t work. AI is (still) expensive to run. Every transaction carries a token cost, and you have to load the right context and tools each time. Why would you put a repeatable, deterministic process through a probabilistic engine, paying more to be less certain and slower? Let’s take renewals, fund switches, cash value calculations. Code does that quickly, cheaply, on almost no hardware. An agent doing the same is slow and expensive.
Regulations still require humans. The EU AI Act classifies AI used for risk assessment and pricing in life and health insurance as high-risk. That brings strict obligations, including testing, human oversight, transparency and controls against bias, with fines of up to 3% of global annual turnover for getting it wrong. When the regulator mandates a human in the loop, you need, at the very least, an interface for that human to step in.
Importantly, you shouldn’t reinvent the wheel unnecessarily. Every solid engineering principle still applies in the age of AI. Start with nothing but AI agents and a database, and your team will eventually start extracting reusable logic blocks, standardising common operations, and wrapping them behind stable interfaces. Before you know it, you’ve built a makeshift core system. But one that was never architected properly from the start, with no consistent security model, no built-in compliance guardrails, and technical debt already built in.
Thus, I believe we need to stop talking about a core-less future. Instead, we should start talking about an AI-native, headless core. A core system built so that AI agents can interact with it natively.
Seen this way, the core doesn’t get weaker in the age of AI agents. It gets more important. It is the one system that can constrain what AI is and isn’t allowed to do: enforcing authorities, access rights, and how a process may and must be run. This is enforced on the system level. That is a far stronger guarantee than trying to stuff every rule into an agent’s instructions and guardrails, hoping it holds. Prompt-level guardrails are soft and probabilistic. Core-enforced rules are hard and deterministic.
What does that take? I won’t repeat everything my team and I have written elsewhere on AI-ready cores, but the short version is this. The interfaces matter: MCP for agents to consume capabilities at run-time, and a CLI for authoring at design-time. And those interfaces are only as good as the architecture beneath them: API-first microservices, where every capability of the core is cleanly exposable. In my opinion, this is what “AI-native” actually means. It isn’t an AI feature bolted on. It's how the core foundation is architected.
As the CEO of a core system company, am I worried AI agents will replace the core? Not at all. I’m rather excited. Agentic AI raises the bar for what a core has to do, and the stronger a core’s capabilities, the more it enables agentic operations on top of it.
-Bill Song, Peak3 Co-Founder and CEO

Artificial Intelligence
All Lines of Business

Artificial Intelligence
All Lines of Business

Artificial Intelligence
All Lines of Business