Harneet Kalra, Senior Director, Technical Program Management, Ethos Life.
Agile has transformed the way technology organizations innovate. But in highly regulated industries such as insurance, healthcare and financial services, its adoption has often been slow. Concerns around compliance, risk and legacy processes leave many leaders asking: can Agile truly work where regulation dominates? The answer is yes—if it is reimagined for these environments. In fact, Agile can be the key to balancing speed, safety and trust at scale.
The Execution Challenge
Traditional product development in regulated sectors often relies on sequential models. Compliance reviews are treated as checkpoints at the end of the cycle, creating friction, delays and costly rework. This mindset slows time-to-market and makes innovation feel impossible. Yet customers in these industries increasingly expect digital-first, personalized and fast solutions. Meeting that demand requires a new approach—one where compliance and velocity are not in conflict, but intertwined.
Embedding Compliance Into Agile
InsurTech startups have proven that Agile can thrive in regulated contexts by embedding compliance directly into the Agile lifecycle. Every sprint includes compliance and risk assessments alongside backlog refinement and sprint planning. Regulatory requirements are integrated into user stories, design reviews and demos, ensuring that compliance is not an afterthought but a constant. This approach enables teams to ship life insurance products in weeks instead of months while maintaining audit-ready documentation.
The Role Of Technical Program Management
Execution at scale requires orchestration. Technical Program Managers (TPMs) play a critical role in bridging engineering, product, legal and partner teams. They create the structures and frameworks that make rapid, compliant delivery possible. By coordinating stakeholders across multiple time zones and regulatory jurisdictions, TPMs enable organizations to make fast, reversible decisions without compromising on quality or governance. In effect, TPMs become the catalysts that allow Agile to function in complex, high-stakes industries.
From “Doing Agile” To “Being Agile”
Too often, companies equate Agile with ceremonies: stand-ups, retrospectives or sprint planning. While useful, these rituals do not guarantee agility. True success comes from shifting the mindset—from “doing Agile” to “being Agile.” In regulated industries, this means empowering teams to adapt frameworks to their unique domain, embedding compliance as a prerequisite, and encouraging continuous improvement. Teams must feel ownership, not just over features, but over the safety and trust of the end customer.
Turning Regulation Into A Catalyst
When implemented this way, Agile delivers more than faster releases. It becomes a strategic advantage. Regulatory scrutiny forces organizations to be precise, resilient and transparent—qualities that align perfectly with Agile’s focus on iteration, learning and customer value. What once appeared to be barriers become catalysts for designing products that are both compliant and customer-centric.
Key Strategies For Agile Transformation In Regulated Industries
DO: Integrate compliance directly into your Definition of Done and sprint workflows. Embed regulatory experts within product teams rather than treating them as external gatekeepers. Establish cross-functional guilds to scale regulatory knowledge across the organization. Start with low-risk pilots that demonstrate quick wins and build momentum. Invest in automated testing for both functional and regulatory requirements. Measure outcomes that balance speed and safety, such as cycle time to compliant release and audit findings per sprint.
DON’T: Skip documentation in the name of speed—make it a natural byproduct of your workflow through automation. Avoid adopting frameworks rigidly; adapt sprint lengths and ceremonies to your regulatory calendar. Never underestimate change management—invest in training, coaching and cultural transformation.
A New Mandate For Leaders
For executives in regulated industries, the message is clear: Agile is not just possible—it is essential. By embedding compliance into iterative workflows, leveraging program management to orchestrate execution and cultivating a culture of empowered teams, leaders can reinvent execution at scale. In doing so, they position their organizations not just to keep up with change, but to set the pace for their industry.
In regulated industries, Agile is not about cutting corners—it is about building trust at speed. Done right, it transforms constraints into competitive advantage and turns regulatory pressure into a driver of innovation.
This framework represents a paradigm shift in how regulated industries approach digital transformation. By demonstrating that compliance and velocity are complementary rather than contradictory, this methodology has enabled organizations to achieve 3-5x faster time-to-market while maintaining zero regulatory violations. The approach challenges decades of conventional wisdom and provides a replicable blueprint that positions compliance as a competitive differentiator rather than a constraint—fundamentally redefining what’s possible in high-stakes, regulated environments.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?