Analysis
This analysis examines whether the industry can lean on its silent cyber experience to deal with the AI exposure now building inside casualty books. We show why AI risk resists a clean carve-out the way cyber did, how early liability rulings are landing on the businesses deploying AI rather than the developers behind it, and why a softening casualty market is making carriers reluctant to exclude. It delivers fast insight on where AI exposure is accumulating across general liability, E&O, D&O and PI, how affirmative cover is starting to take shape, and why the carriers that get their wordings right first could set the terms for everyone else.
Subscribe to get comprehensive access to our exclusive analysis in the full platform.
Excluding may be difficult, but ignoring the problem could compound reserving concerns.
Underlying AI exposure is building up in casualty books as the market softens and as AI continues to grow. The instinct is to reach for the silent cyber playbook, but the risk itself might be too different to work a second time.
When it became clear that “silent” cyber exposures could lead to payouts from insurance products that were never designed to cover cyber risks, the industry moved to address the risk.
ISO endorsements, affirmative write-backs and exclusions took several years to work through property, marine, casualty and financial lines, pushed forward by a 2019 Lloyd’s bulletin requiring insurers to clearly affirm whether cyber was available.
Eventually, cyber split out into a standalone market now worth $15bn+ in global premium.
However, cyber risks manifest in specific loss events, such as a ransomware attack or a data breach.
AI produces outputs that become part of a company or individual’s own conduct, such as advice given, communication, and hiring choices. That makes clean execution of the silent cyber playbook significantly more difficult.
“I think it's going to be much more profound than silent cyber […] because you could wall that off,” Bill Pieroni, strategy and growth leader for insurance software and business process services at DXC, told this publication.
Today, silent AI exposure could surface through claims frequency in lines already under reserving pressure, not through a single defining event. Carriers that respond simply with exclusions also risk ceding ground to those willing to write the affirmative cover insureds need.
This makes the exclusionary elements of the silent cyber playbook more difficult to implement regarding AI, and this may slow the development of a standalone market, as we will explore in this article.
However, affirmations of coverage are starting to show up and may become the part of the playbook that is best adapted to AI.
Developer, deployer or user?
The question becomes one of attribution. When AI output causes a loss, is the developer that built the AI model liable, the company that deployed the technology and integrated it into its system, or the user that relied on the AI?
The clearest test case has been the case regarding Air Canada, where the airline’s chatbot told a customer that they could receive a discounted bereavement fare that was not in the company’s terms and conditions.
The airline was found liable, although the ruling came from a Canadian tribunal and does not act as binding precedent.
In the case of Mata v Avianca in the US, a lawyer was sanctioned last year for citing fictitious cases in court pleadings that were produced by AI.
In the case of Walters v OpenAI, the Georgia state court granted summary judgment in favour of OpenAI, which was accused of defamation as a result of ChatGPT output which accused Walters of embezzlement.
When a business uses an AI tool and presents its outputs as wholly the business’s own, for example the work conducted by the sanctioned lawyer, or the airline being held to the chatbot's promise, early rulings have pointed to the deployer.
This could lead to a broader exposure across corporate policies than if AI risk was confined only to the technology’s developers.
When a user simply uses an AI model which has clearly disclosed limitations, as in the case of Walters v OpenAI, courts are less likely to see the liability sit with the developer.
Market participants suggested a similar outcome. Clyde and Co partner, Rosehana Amin, said that deployers “become responsible for the advice or information provided by your AI agent... [the AI] is just a tool.”
Even where the deployer is likely liable, the exposure lands across different policies depending on how the AI was being used.
This includes but is not limited to E&O for professional services, EPL for hiring tools, D&O for corporate governance and GL for customer-facing problems. That makes a single endorsement nearly impossible to write.
Shelved exclusions
However, exclusions against AI risks in some liability lines are starting to be filed – largely in the US as opposed to the UK.
In January, Verisk subsidiary the Insurance Services Office’s (ISO) General Liability team filed a suite of endorsements to exclude AI-related risks, as did some larger US carriers like AIG and Berkley.
The London market has not responded in kind. The Lloyd's Market Association’s (LMA) head of technical underwriting, David Powell, told Insurance Insider that the LMA is “waiting for an instruction from a market to produce something for them”.
However, sources told this publication that they are not often seeing these exclusions being used by (re)insurers in the US, and several reiterated that filing for exclusions means a carrier has the right to use them, not an obligation.
Others explained that the continued softening dynamic in the casualty market makes the prospect of limiting the cover they offer less appealing.
Furthermore, even where filings exist, the problem remains that they may not successfully capture full AI exposure in a clean way.
A senior market underwriter in the UK noted that the US endorsements address AI-enabled chatbots and generative AI, but do not effectively cover AI agents - which are the fastest-growing deployment category in 2026, and the area most likely to produce the kind of attribution questions raised by Air Canada.
Another criticism of exclusions comes from Tristan Fletcher, CEO and co-founder at ChAI, who told Insurance Insider that AI is so deeply embedded, “to carve it out in a lot of cases is going to be an issue.”
Absorbing the risk
With exclusions being shelved, market conversations are tilting to affirmative cover, including AI risk in current policies and reserving appropriately.
According to sources, enhanced clarity on what is covered, rather than carve-outs, is what the market needs.
“There is an appetite, a growing appetite, for articulation of AI-related cover,” Powell said.
Data from Gallagher Re, however, suggests that no single response is emerging yet, with carriers expected to deploy a mix of new wordings, endorsements, exclusions and risk management requirements.
How is the insurance industry likely to respond to emerging AI-related exposures?
Source: Gallagher
A small number of carriers and MGAs are already writing standalone AI cover, including Munich Re’s AiSure cover, Armilla and Testudo. The broader market has yet to follow, but the early movers are setting the terms.
Pieroni has projected the standalone market reaching $1bn in premium by 2029. Although it is a meaningful figure, it is a small slice of the broader casualty market where the bulk of AI exposure will continue to sit.
No NotPetya moment
A key differentiator between “silent AI” and “silent cyber” is that of aggregation. The cyber market had a single event that effectively flushed out the exposures across the market simultaneously in the NotPetya attack.
Sources said silent AI is more likely to accumulate over time, and that the exposures will surface gradually rather than through a single event.
If AI risks are absorbed into other lines of business, it becomes a significant horizontal exposure across multiple casualty lines, with an accumulation risk that would be difficult to measure.
Moreover, whilst AI liability risks impact several lines across the market, the lines most exposed, like general liability, E&O, D&O and PI, are already facing pressure from social inflation.
As this publication has previously reported, casualty books are absorbing this pressure now on the 2022-25 accident years, which are already showing adverse development from social inflation and litigation funding.
Being a long tail class, casualty loss data on AI claims has barely surfaced yet, but the concern is that when it does show up it will do so on accident years already showing adverse development from social inflation and litigation funding.
Carriers are at an inflection point where they can develop affirmative AI cover, exclude where they can, or do nothing.
The exclusion-only posture is risky, though, as relevance to insureds, competitive positioning and credibility as an innovator could suffer as the industry and its customers become more deeply integrated with technology.
The carriers that affirm precisely what their policies cover, reserve for and absorb AI risk as part of their policies, even imperfectly, could be positioning themselves where the demand will be.
The window for getting the wordings right is narrowing as the market softens. The carriers that figure out affirmation first will set the terms.
By Abbie Day
02 June, 2026
Request your free trial today to unlock our complete intelligence platform. .svg){kind=small}
2025 loss picks confirm cracks in commercial lines reserving
Read More
Cedants and investors explore casualty ILS structures as segment expands
Read More