AI as an insurable risk

A small business can buy a chatbot in an afternoon, but its insurance policy may still read like it is 2019. HSB, part of Munich Re, told Insurance Business that 74% of small businesses already use artificial intelligence tools and 91% expect to adopt them soon, even as coverage language is still catching up. (insurancebusinessmag.com) That is why insurance people are starting to call artificial intelligence “the new cyber.” The comparison comes from the early cyber era, when companies had real exposure but old policies had not yet said clearly what was covered, excluded, or priced. (insurancebusinessmag.com) The key shift is that the danger is often not a hacker breaking in. Communications of the Association for Computing Machinery said insurers are now separating “the system was hacked” from “the model itself produced a false output,” because those are different losses with different pricing problems. (cacm.acm.org) That difference sounds abstract until you look at the claims list. HSB said early artificial intelligence losses are expected to come mostly from non-physical harms like copyright infringement, defamation, reputational damage, and misuse of personal data in marketing, social posts, and customer chat tools. (insurancebusinessmag.com) A normal cyber policy was built for stolen data, ransomware, and network failure. An artificial intelligence error can be the opposite problem: the software is secure, but the answer it gives is wrong enough to cost money, damage a reputation, or trigger a lawsuit. (cacm.acm.org) Insurers are responding in two opposite ways at once. Communications of the Association for Computing Machinery reported that Lloyd’s syndicates began underwriting Armilla Insurance’s artificial intelligence liability coverage in May 2025, while other insurers started rewriting policies to add “absolute AI exclusions” instead. (cacm.acm.org) That split is now showing up in standard policy forms. Insurance Business and Business Insurance both reported that Insurance Services Office exclusions aimed at artificial intelligence losses took effect in January 2026, pushing carriers to say more explicitly when general liability policies will not respond. (insurancebusinessmag.com) (businessinsurance.com) Once exclusions start appearing, lawyers start reading every word. A National Law Review event notice for a May 12, 2026 Wilson Elser webinar says insurers are already preparing for lawsuits over overstated artificial intelligence capabilities, discrimination tied to automated hiring tools, discovery fights over insurer use of artificial intelligence, and disputes over whether existing policies do or do not cover these claims. (natlawreview.com) Regulators are tightening the screws at the same time. The National Association of Insurance Commissioners says its Big Data and Artificial Intelligence Working Group is developing an Artificial Intelligence Systems Evaluation Tool for market conduct, financial analysis, and financial exams, with a focus on governance, oversight, and how insurers use these systems. (content.naic.org) New York already moved from broad principles to specific instructions. New York’s Department of Financial Services said in Circular Letter No. 7, issued July 11, 2024, that insurers using artificial intelligence and external consumer data in underwriting and pricing must manage those tools for unfair discrimination and provide governance and oversight that can stand up to review. (dfs.ny.gov) That is why “explainability” keeps coming up. Carrier Management said insurers adopting artificial intelligence are facing rising pressure on privacy, cybersecurity, and model transparency, while Drata argues insurers are moving from spreadsheet-based compliance to continuous monitoring because exams, audits, and third-party reviews now ask for current evidence instead of annual binders. (carriermanagement.com) (drata.com) The market is ending the old phase where artificial intelligence was just another software feature hidden inside a policy. It is becoming its own underwriting question: what the model does, who checks it, what happens when it is wrong, and whether the policy says yes, no, or “see you in court.” (insurancebusinessmag.com) (natlawreview.com)