Artificial intelligence has revolutionized document processing. While many providers only entered this field with the advent of large language models, Parashift has been working on automated document processing since 2018 and has built up a large customer base since then, including AXA, Swica, Raiffeisen, Swisscom, Mercedes, DB, and Glencore.
During this time, the Swiss company has built up a broad customer base in the insurance and banking sectors, as well as in the healthcare industry. With the EU AI Act and the current debate on “digital sovereignty,” a new topic is now taking center stage, one that affects all regulated industries. In an interview with thebrokernews, Parashift Founder and CEO Alain Veuve explains what Swiss and European companies need to know right now, how he views the development of AI-powered document processing, and why he believes that regulation is not necessarily an obstacle but can also be a competitive advantage.
Mr. Veuve, you founded Parashift eight years ago, long before Large Language Models (LLMs) brought artificial intelligence (AI) into the mainstream. What motivated you back then to specialize in automated document processing? And what fundamental technological changes have taken place since then?
It actually started out as a pragmatic need: at the time, we needed a solution ourselves for the automatic extraction of data from many different documents. My initial inquiries with established providers were quite sobering – not because they said it couldn’t be done, but because their definition of “solved” and mine were fundamentally at odds. Technological advancements since then have been significant. The rise of large-scale language models has massively accelerated public interest in AI, and that has also spurred a lot of activity here at Parashift. But the greater the hype, the clearer it became: for regulated, high-volume document workflows, we don’t need general-purpose solutions, but rather specialized systems that operate reliably and with verifiable accuracy. That was our conviction from the very beginning.
Parashift serves clients in the insurance and banking industries, among others. What do these industries have in common when it comes to document processing, and where do their requirements differ the most?
What they have in common is volume, variance, and compliance pressure. Both industries process immense volumes of unstructured documents in regulated environments, where every decision must be traceable. The difference lies primarily in the regulatory context. Insurance companies work with particularly variable and sensitive document types such as medical reports, accident reports, and medical expert opinions, which places high demands on AI. In banking, it is primarily credit decisions and KYC processes that are explicitly classified as high-risk under the EU AI Act. And with DORA, an additional binding EU regulation is already in effect that mandates operational resilience against ICT risks, including dependence on third-party providers.
You speak daily with leading insurance companies and banks in Switzerland and Europe. What insight has surprised you the most in recent months?
The gap between what companies believe about their AI positioning and the reality of their architecture is wider than I would have expected. I repeatedly speak with IT and compliance managers at large, regulated companies who sincerely believe: “We host on EU servers, so we’re protected.” They’re not. The U.S. CLOUD Act requires U.S. providers to hand over data upon government request, regardless of the server’s location. Sovereign AI and data are, first and foremost, an infrastructure decision. I’ve also been surprised lately by the vehemence with which European decision-makers have put the issue of sovereignty on their agenda. In the first half of the year, we acquired customers – for example, in the banking sector – for whom sovereignty was the number one criterion. When the latest, leading document intelligence and sovereignty are both required, there are almost no providers in Europe.
For many readers, the EU AI Act is still an abstract topic. Could you briefly explain what it actually regulates and which deadlines are particularly relevant right now for companies in the insurance and banking sectors?
The EU AI Act is the world’s first horizontal AI regulation. Its fundamental principle is risk-based: the greater the potential harm to people, the stricter the requirements. Of particular relevance to insurance companies and banks is the so-called high-risk category as defined in Annex III: AI used in creditworthiness assessments and in risk assessments for life and health insurance. Any entity that uses AI-supported document processing in these areas is fully affected. Even though the implementation of the regulations has been repeatedly delayed, the general direction remains clear. The requirements for conformity assessments, technical documentation, risk management systems, logging obligations, and human oversight mechanisms will become mandatory. Those who fail to comply can expect fines in the millions.
Switzerland is not a member of the EU, but experience has shown that it adopts EU regulations after a certain delay. What does the EU AI Act specifically mean for Swiss insurers and banks that also operate within the EU?
People often confuse two issues here that must be addressed separately. First, extraterritorial effect: the EU AI Act applies to anyone whose AI output is used within the EU, regardless of where the company is headquartered. A Swiss insurer that serves customers in Germany or Austria is already within the scope of the Act for these activities. Second, the issue of Swiss regulation: FINMA is clearly moving toward the principles of the EU AI Act. Anyone building EU-compliant infrastructure today is investing in a strategy that will remain relevant regardless of how the Swiss regulatory calendar unfolds. I recommend treating compliance not as a checklist, but as a competency to be developed.
Under the EU AI Act, what risk category applies to the use of AI-powered document processing in the insurance industry – for example, in automated claims assessments or risk evaluations – and what obligations does this entail for users?
Risk assessments in underwriting – such as for life and health insurance – fall under Annex III of the EU AI Act and are therefore classified as high-risk. In claims processing, the exact classification depends on the specific use case: as soon as AI outputs are incorporated into decisions that directly affect individuals, careful classification is mandatory. The obligations for deployers – that is, the insurers that operate such systems – are substantial in every case: conformity assessment, technical documentation, a complete audit trail, transparent outputs, and verifiable human oversight. This last point is systematically underestimated. Article 14 of the EU AI Act does not require nominal oversight, but rather operational oversight: the “reviewer” needs the tools and expertise to actually override an AI decision, not just rubber-stamp it. And these obligations lie with the deployer, not the model provider. Our Document Intelligence Platform offers precisely these “AI Guardrails,” even when third-party models are used.
Many companies view regulation primarily as a burden. You, on the other hand, argue that the EU AI Act can also be an opportunity. What exactly do you mean by that?
No one in the business world loves regulation. One can debate the purpose and intent of the EU AI Act. From the perspective of an AI entrepreneur, I would of course want as much data as possible to be freely available. From my perspective as a citizen, however, I see things a little differently. There’s not much point in dwelling on it, because at the end of the day, the law is a reality, and as a company, you can use it to operate as competitively as possible in the market. At Parashift, we specialize in building precisely this bridge between the latest, innovative document AI and sovereignty and compliance.
What advice would you give to a medium-sized insurer or broker that does not yet have a clear compliance strategy for the EU AI Act? Where should they start, specifically?
Start with the use case inventory, not the technology assessment. The most common mistake is that people ask, “What AI systems do we have?” before asking, “What decisions do we make using AI, and who does that affect?” Next, conduct an honest assessment against Annex III. Any organization that has document processing workflows feeding into claims decisions or creditworthiness assessments is considered high-risk. Next, evaluate your current AI provider against the deployer’s obligations. Can they provide complete compliance documentation for high-risk systems? If this turns into a lengthy consulting exercise, that in itself is a bad sign.
The term “digital sovereignty” is currently the subject of much discussion, but it often remains vague. What does it specifically mean for the risk industry, and why is it so relevant right now?
Digital sovereignty is not just another marketing term. In operational terms, it means: can I provide a definitive answer during an audit as to where my data flows during processing, who can access it and under what legal basis, and whether this is compatible with my regulatory obligations? If the answer is “I think it’s my U.S. provider’s EU server instance,” that isn’t necessarily a satisfactory response. The U.S. CLOUD Act creates a loophole here that cannot be closed by hosting geography. For the Swiss financial sector, this is nothing new in itself: maintaining control over data for critical functions outsourced to third parties has long been a requirement of FINMA. What is new is the context: AI systems today process data more sensitively and quickly than any previous technology, and the regulatory infrastructure is just catching up. This suddenly turns a familiar expectation into an urgent operational issue.
Where do you see the greatest dependencies of European insurers and banks on non-European AI providers? And what risks do these dependencies pose, for example, in terms of data protection or regulatory requirements?
In my opinion, the greatest dependency lies in the model layer. The dominant language models, on which many enterprise AI deployments are based, come from the U.S. – meaning they are hosted in the U.S. and are therefore subject to U.S. law. This applies regardless of whether the physical server is located in Zurich, Frankfurt, or Dublin. What often receives even less attention is operational dependency. If a regulated workflow relies on a third-party LLM API, you are dependent on that provider’s decisions regarding pricing, availability, and versioning. We’ve seen providers discontinue models or adjust prices in ways that make already-running deployments unprofitable. For regulated companies that need stability and predictability, this poses a serious operational risk.
Parashift positions itself as a leading European alternative in intelligent document processing. What role does the company’s Swiss or European location play in building trust with your customers, particularly in security-critical industries such as insurance and banking?
Location matters, but more for concrete reasons than for symbolic ones. Our infrastructure is 100 percent hosted in Switzerland, Germany, and the EU. We have no U.S. parent company and no support infrastructure in third countries, which clearly sets us apart from other providers. A second important point is regulatory compliance. We operate under the same framework as our clients. When we prepare compliance documentation, we always do so in accordance with FINMA and BaFin requirements.
With the advent of LLMs, document processing has changed significantly. How does Parashift’s approach differ from traditional LLM-based solutions? And in your view, what are the limitations of pure LLM approaches in security-critical applications?
The fundamental difference is that we develop what are known as “Special Purpose Small Vision-Language Models,” not generic, large LLMs. LLMs have a very broad scope, which works very well for general tasks. But when it comes to complex, regulated enterprise document processing, this is where the challenge lies: they sometimes hallucinate and are inaccurate, which is unacceptable in a regulated corporate environment. Then there is the issue of transparency. Article 13 of the EU AI Act requires traceable outputs. A model that reads a value without specifying exactly where in the document and with what level of confidence cannot provide regulatory evidence of this. We not only provide the model’s result but, with our platform, also ensure full traceability of every single step in the process.
How has the adoption of AI-powered document processing among insurers evolved in recent years, from initial pilot projects to widespread production use?
AI-powered document processing has been around for a long time – long before AI became a trend and everyone was talking about it. We launched the world’s first no-code, cloud-first, AI-first platform for processing a versatile document catalog, and this type of setup became the standard. Not that I want to give the impression that I think this was all because of us – I think it was simply the logical evolution of the field, which had long been known as “capturing.” While this journey began with extracting information from documents, today it’s much more about understanding document content holistically and using that to generate automation for downstream processes. We’re also seeing strong growth in use cases where AI/LLM-ready document data is produced. I believe that in the future, every document that enters a company should go directly into a kind of data lake as Markdown. This data is essential for the development of company-specific AI applications.
Which development in AI and document processing will have the greatest impact on the insurance and financial sectors over the next two to three years?
What I see happening in the coming years is a market correction, but not a revolution – rather a return to reality. The first wave was: “We’ll take whatever’s readily available,” and those were mostly the major platforms of the tech giants. What we’re now observing is a second trend: companies in regulated industries are realizing that generic solutions don’t deliver what they promised in their specific context. The questions being asked today in the procurement process – namely auditability, data sovereignty, and deterministic outputs – are precisely the issues for which specialized systems were built. This shift will accelerate significantly over the next two to three years.
If you could give European insurers one piece of advice on how to deal with AI regulation and technological change, what would it be?
Stop treating compliance and performance as conflicting goals – that’s the wrong way to frame the issue. The characteristics that make a system compliant with regulations – namely traceability, reliability, and architectural control – are the same ones that make it stable and trustworthy in production operations. This is no coincidence; it is due to the architecture. Companies that understood this early on are now building a significant lead.
The questions were asked by Binci Heeb.
Alain Veuve is an entrepreneur, thought leader, and expert in technological change with a focus on startups. Since 2016, he and his teams have been working on solutions based on artificial intelligence.
His ventures have included the accounting startup Accounto AG, the PropTech startup Fairwalter AG, and TYPO3 GmbH in Düsseldorf. Currently, as CEO and founder of the AI scale-up Parashift AG, he is overseeing the company’s expansion.
Over the past 20 years, Alain Veuve has been involved in a number of startups, both financially and operationally. As part of these activities, he has supported and provided strategic advice to various international companies in their digital transformation and e-business initiatives.
Today, Alain Veuve is a widely cited thought leader on digital transformation in Europe who regularly speaks at conferences. In recent years, he has given over 300 presentations. His blog, alainveuve.com, is a popular source of insights for decision-makers in the technology sector.
In 2017, Alain Veuve was named one of the Top 20 Voices in Europe by LinkedIn. XING also named Alain one of its “Top Writers” in 2017. He writes regularly for various publications.
See also: EU AI Act: Why Companies Need to Act Now