MEMBER TIP: 

AI Insurance Coverage—Are You Covered for the Risk?

Jeanine DonohueBy Jeanine Donohue, Of Counsel, Buchalter LLP

AI technology is evolving at extraordinary speed. Its promised benefits are remarkable — increased efficiency, enhanced analytics, automation, and innovation. But alongside those benefits come meaningful risks. And risk makes insurers nervous.

Before implementing AI in your business operations, it is critical to review your insurance policies to determine whether you have coverage for your proposed AI use or whether the use of AI may impact or even void coverage. It is unlikely that a single policy will cover or be impacted by all of the potential exposures associated with AI.

The expanding risk landscape

AI technologies are increasingly embedded in core business functions, where errors, bias, hallucinations, or misuse can create significant legal and financial exposure. While many AI-related risks currently fall within the scope of existing policies, insurers are moving to limit their exposure in response to costly and highly publicized AI incidents through exclusions or sublimits.

Recent headlines illustrate the risk:

  • Google faces a $110 million defamation suit after its AI Overview feature allegedly misstated that a solar company was under investigation.
  • Air Canada was ordered to honor a discount fabricated by its customer-service chatbot.
  • UK engineering firm Arup reportedly lost $25 million in an AI-generated deepfake scam.

These incidents demonstrate how AI failures can quickly translate into litigation, regulatory scrutiny, reputational damage, and financial loss.

Potential AI-driven risks include:

  • Operational shutdowns resulting from AI system malfunctions, triggering business interruption claims;
  • Professional liability claims arising from erroneous advice, misrepresentations, or unexplainable AI-generated decisions;
  • Product liability exposure where AI-enhanced products cause bodily injury or property damage;
  • Shareholder or fiduciary claims alleging failure to oversee or mitigate AI-related risks.

Existing insurance policies and AI exposure

Many AI-related risks may be addressed under existing policies — but coverage depends entirely on policy language, endorsements, and exclusions.

Cyber Insurance

Cyber policies typically provide first-party and third-party coverage arising from network security events, data breaches, ransomware attacks, regulatory investigations, and certain media liabilities.

Regulatory liability insuring agreements often cover defense costs and penalties associated with privacy violations. Media liability coverage generally applies to third-party claims alleging defamation, invasion of privacy, or copyright infringement.

In their current form, most cyber policies do not yet contain express AI exclusions. For example, coverage may apply if an AI system exposes sensitive data due to a security flaw or unauthorized access.

For many cyber insurers, AI represents an acceleration of familiar risks—deepfakes, social engineering, and AI-powered phishing—rather than an entirely new category of exposure.

However, cyber policies often exclude contractual liability. Companies offering AI-powered products or services frequently agree to indemnify customers.

Some cyber policies include coverage for liability assumed by contract, which can be a critical asset. If that coverage is absent, companies must carefully assess the uninsured exposure they are assuming.

Technology Errors & Omissions (Tech E&O)

Technology E&O policies provide coverage for third-party claims alleging wrongful acts, errors, or omissions in the performance of technology services, or the failure of a technology product to perform as intended.

Unlike many cyber policies, Tech E&O policies often cover breach of contract claims. However, they typically exclude bodily injury and property damage claims.

This exclusion becomes particularly significant for companies deploying AI in high-risk sectors such as healthcare, energy, manufacturing, or autonomous systems. If AI-driven products could result in bodily injury or property damage, companies must evaluate whether their Commercial General Liability policy fills that gap — or whether a gap exists.

For example, if a developer licenses an AI tool that produces inaccurate results or fails to function as represented, Tech E&O coverage may respond to resulting client claims.

Directors & Officers (D&O) Insurance

D&O policies cover claims against directors and officers, and sometimes the company itself, for alleged mismanagement, breach of fiduciary duty, or securities law violations.

AI-related D&O claims are emerging. One example is so-called “AI washing,” where a company publicly claims advanced AI capabilities that it has not actually developed. In response, shareholders may allege material misrepresentation claims against the company.

Some D&O insurers are developing AI-specific exclusions. Certain proposed “absolute” exclusions would bar coverage for “any actual or alleged use, deployment, or development of Artificial Intelligence.” Such exclusions could eliminate coverage for:

  • Discrimination claims tied to AI resume screening tools;
  • Negligence claims involving AI-driven contract platforms;
  • Allegations that boards failed to oversee AI risk governance.

Commercial General Liability (CGL)

CGL policies typically provide coverage for third-party bodily injury and property damage claims. However, they frequently contain professional services exclusions.

Many standard CGL policies exclude claims arising out of the sale, licensing, or furnishing of software. If an AI-driven product is deemed software-based, this exclusion could create a significant coverage gap.

Insurers move to limit exposure

Insurers are actively revising policy language.

According to the Financial Times, AIG, W.R. Berkley, and Great American have sought regulatory approval for exclusions allowing denial of claims tied to AI use or integration. A Berkley-drafted exclusion reportedly intended for use across D&O, E&O, and fiduciary policies would broadly bar AI-related claims.

At the same time, some insurers are introducing AI-specific endorsements:

  • AXA has released a cyber endorsement addressing generative AI risks and “machine learning wrongful acts.”
  • Chubb has agreed to cover certain AI-related incidents while excluding events capable of causing widespread simultaneous harm.
  • While these endorsements may appear to expand coverage, careful review is essential. Some may narrow protection while presenting the appearance of added coverage.

New specialty products are also emerging. Armilla has introduced insurance designed to cover financial losses tied to malfunctioning or underperforming AI models, including hallucinations, model drift, and unexpected deviations in performance.

The practical reality is that businesses may discover that AI risk increasingly sits on their own balance sheets.

How to protect your company

  1. Conduct a comprehensive coverage review. Examine all policies for relevant insuring agreements, definitions, endorsements, and exclusions.
  2. Scrutinize new language. As insurers revise policy forms, assess whether changes expand meaningful protection or simply restrict coverage and increase premiums.
  3. Engage your broker and risk managers. Discuss your specific AI use cases and exposures.
  4. Consider coverage counsel. An experienced insurance coverage attorney can identify gaps and recommend strategies to mitigate uninsured risk.

AI may drive innovation, but it also demands disciplined risk management. Before deploying AI tools, ensure your insurance program evolves just as thoughtfully as your technology strategy.

____________________

The suggestions of the contributor do not constitute professional advice and are intended for general informational and educational purposes only.  Nothing contained herein is intended to be or should be used as a substitute for professional advice, and readers should not act or rely on this information without seeking specific guidance directly from a qualified professional. The opinions and information expressed in this blog/post/webpage are solely those of the contributor and do not necessarily reflect the views of FWSF. FWSF is not responsible for any errors or omissions in this content or any damages resulting from its use.

From Connections Newsletter (Member Tips): April 2026