Why Your Business Insurance Won't Cover an AI Mistake

AI Liability Insurance Gap: Why Traditional Policy Coverage Is Leaving Your Business Exposed in 2026

Photo by Gustavo Sánchez on Unsplash

Key Takeaways

• Generative AI lawsuits in the U.S. surged 978% between 2021 and 2025, with over 700 cases filed — and the pace is still accelerating.
• New ISO endorsements (CG 40 47 and CG 40 48), effective January 1, 2026, allow traditional insurers to formally exclude all AI claims from standard commercial general liability policies.
• Cyber, tech E&O, product liability, and CGL policies each leave significant gaps when it comes to AI-driven losses.
• A new wave of specialty insurers — including Munich Re’s HSB and Armilla AI — is racing to fill the void with standalone AI liability products.

What Happened

If your company uses AI tools — whether a customer-facing chatbot, an automated hiring platform, or a generative AI writing assistant — you may have a serious gap in your insurance coverage and not even know it.

The legal landscape around artificial intelligence has exploded. Generative AI-related lawsuits in the United States grew by a staggering 978% between 2021 and 2025, with cumulative filings surpassing 700 cases. In the most recent period tracked (2024–2025), year-over-year filing increases accelerated to 137%, up from 59% the prior year. Courts are seeing claims tied to AI-generated misinformation, copyright and patent infringement, privacy violations, and financial losses caused by AI “hallucinations” (when an AI system confidently produces false or fabricated information as though it were fact).

Alissa Lugo, Senior Director Analyst in the Gartner Legal & Compliance Practice, framed the stakes directly: “As AI incidents surge and insurers increasingly add AI exclusions to traditional policies, companies face growing exposure to legal, financial and regulatory fallout from algorithmic failures.”

Rather than rushing to cover these new risks, many traditional carriers are actively pulling back. In January 2026, Verisk — also known as ISO, the organization that writes the standard policy forms used by most commercial insurers — introduced two new CGL endorsements (formal additions that modify a standard policy) designated CG 40 47 and CG 40 48. These give traditional carriers the formal ability to exclude all generative AI-related claims from commercial general liability (CGL) policies, effective January 1, 2026. Meanwhile, Gartner projects that more than 2,000 legal claims linked to “death by AI” incidents — cases where AI-driven decisions caused serious harm to real people — will be filed worldwide by end of 2026. The coverage you thought you had may simply not be there when you need it most.

Photo by Sasun Bughdaryan on Unsplash

Why It Matters for Your Coverage

Understanding this coverage shift starts with understanding how traditional commercial insurance is structured — and where its limits are.

Think of your business insurance portfolio like a security system for your building. You might have a lock on the front door (general liability), a camera out back (cyber insurance), and a safe inside (professional liability). Each one covers something specific. But if a new threat appears that bypasses all three, none of your existing tools were built to stop it. That’s exactly the risk assessment problem facing businesses that deploy AI today — the threats are new, and the policies are old.

Here’s how each traditional policy coverage pillar falls short for AI-related losses:

• Cyber insurance was designed for data breaches and ransomware attacks. It typically excludes intellectual property infringement and losses caused by AI hallucinations — two of the fastest-growing categories of AI-related claims.
• Tech Errors & Omissions (E&O) — a policy that covers financial harm caused by technology failures — is generally written to protect software vendors, not the enterprises that deploy their tools. If you’re using a third-party AI platform and it causes harm to your customers, your tech E&O policy likely won’t respond.
• Commercial General Liability (CGL) — the foundational business liability policy — was never designed to cover algorithmic failures that cause purely financial or reputational harm. With the new ISO endorsements, carriers now have a standardized tool to formally exclude AI claims altogether.
• Product liability covers physical products. AI outputs are digital and frequently fall outside its scope entirely.

The data underscores the real-world exposure. A survey of 1,250 companies found that 57% identified AI errors, misinformation, and hallucinations as their top AI-related risk concern. Legal and reputational risk followed at 56%, and data protection and privacy violations at 55%. These aren’t abstract fears — they’re showing up in courtrooms. Patent infringement accounted for 11.9% of AI-related legal cases through 2025, copyright infringement for 11.2%, and personal injury claims tied to privacy violations for 10.2% of the cumulative U.S. caseload.

For small business owners doing an insurance comparison today, this creates a genuinely confusing picture. You may be paying for multiple policies that collectively still leave you exposed to the exact risks most likely to affect your AI-enabled operations. A thorough risk assessment means understanding not just what your policies say they cover, but what they specifically carve out.

The financial stakes are steep. Gartner forecasts that by 2030, property and casualty (P&C) insurers will mandate strong AI risk controls as a prerequisite for “affirmative” AI liability coverage (meaning policies that explicitly confirm they cover AI-related losses, rather than leaving it ambiguous). Companies that wait to act could face higher premiums — or find themselves unable to obtain meaningful AI coverage at any price. That reality makes proactive insurance savings strategies far more valuable than reactive scrambling after a claim lands.

Photo by Nguyen Dang Hoang Nhu on Unsplash

The AI Angle

Building on those coverage gaps, it’s worth noting that the same AI technology creating liability exposure is also transforming how insurance is underwritten and claims are processed.

Today’s claims management systems are increasingly powered by machine learning models that assess damage, flag potential fraud, and route claims faster than any human adjuster could. Underwriting — the process of evaluating and pricing risk — is being automated using AI models that analyze vast datasets to predict loss likelihood with greater precision. This creates a fascinating dynamic: the insurance industry is using AI to manage risk while simultaneously scrambling to insure against it.

Insurtech startups are leading the charge on the coverage side. Armilla AI offers standalone AI liability coverage of up to $25 million per organization, using its own AI-driven risk assessment tools to evaluate enterprise AI deployments before issuing a policy. Embroker and newer players like Corgi and Mayflower Specialty are building similar affirmative coverage products tailored to algorithmic risk. In March 2026, Munich Re’s HSB unit launched a standalone AI Liability Insurance product specifically targeting small businesses — a significant market signal that specialty coverage is maturing fast. Standalone policy limits currently range from $2 million to $50 million depending on the provider, but experts warn that even the top end may fall well short of the hundreds of millions in potential exposure enterprises face from systemic AI failures that affect multiple downstream users simultaneously.

What Should You Do? 3 Action Steps

Given the coverage gaps described above, here are three concrete steps to take before your next policy renewal.

1. Audit Your Existing Policy Coverage for AI Exclusions

Don’t wait for a claim to discover you’re not covered. Ask your broker or carrier specifically whether your CGL, cyber, and tech E&O policies contain any AI-related exclusions — including the new ISO CG 40 47 or CG 40 48 endorsements. Conduct a side-by-side insurance comparison of your current policies to identify every gap that could apply to your AI operations. This upfront work is the foundation of smarter claims management down the road, because understanding your exclusions before a loss is far cheaper than discovering them during one.

2. Conduct a Formal AI Risk Assessment Before Your Next Renewal

Map out every AI tool your business uses — including third-party platforms, embedded AI features in licensed software, and any internally built models. For each one, ask: who bears the liability if this tool causes harm to a customer? A structured risk assessment will clarify where your exposure is greatest. Documenting your AI governance practices — testing procedures, human oversight protocols, incident response plans — can improve your insurability and unlock real insurance savings at renewal by demonstrating responsible AI deployment to underwriters who increasingly reward proactive governance.

3. Explore Standalone AI Liability Products Now

The specialty AI insurance market is still new but forming fast. Talk to a licensed insurance professional about products from providers like Munich Re’s HSB (focused on small businesses), Armilla AI (up to $25 million in coverage), Embroker, Corgi, or Mayflower Specialty. Compare policy limits, what specific risks are covered (hallucinations, IP infringement, privacy violations), and what AI risk controls you’d need to put in place to qualify. As Gartner’s Alissa Lugo observed: “Ultimately, the rise of affirmative AI insurance signals a simple reality — companies that fail to prepare for AI-driven liability may soon find themselves exposed.” Acting now — while the market is still forming — gives you the best chance at securing favorable terms and meaningful insurance savings before demand drives premiums significantly higher.

Frequently Asked Questions

Does using a third-party AI tool like ChatGPT or Microsoft Copilot expose my small business to liability that my current insurance won’t cover in 2026?

Yes, potentially. When your business deploys a third-party AI tool, you generally absorb the risk of harm it causes to customers or third parties — even if someone else built the underlying model. Traditional tech E&O (errors and omissions) policies are typically written to protect software vendors, not the enterprises that deploy their tools. And with the new ISO exclusion endorsements (CG 40 47 and CG 40 48) taking effect in 2026, your CGL policy may now formally exclude AI-related claims entirely. Review your existing policy coverage carefully, or have a licensed agent conduct a proper insurance comparison across your current policies versus available AI-specific products. Always consult a licensed insurance professional before assuming you’re covered.

What does “affirmative AI liability coverage” mean, and does my business actually need it in 2026?

Affirmative AI liability coverage refers to a policy that explicitly states it covers losses caused by AI-related incidents — as opposed to traditional policies that were written before AI existed and may leave coverage ambiguous or exclusion-riddled. Think of it as coverage that “affirms” it has your back for AI risks, rather than leaving you to find out the hard way. Whether you need it depends on how central AI is to your operations. If AI influences decisions that affect customers — pricing, recommendations, claims decisions, hiring — the exposure is real. Specialty insurers like Armilla AI, Embroker, and Munich Re’s HSB now offer standalone products for this exact risk. A licensed broker can run an insurance comparison of available options and help you find the right fit for your budget and risk profile.

Will my existing cyber insurance policy cover losses from an AI hallucination or AI-generated misinformation claim filed against my business?

Generally, no. Standard cyber insurance was designed for data breaches, ransomware, and network security failures — not AI-generated misinformation or hallucinations (when an AI confidently produces fabricated information). Cyber policies also typically exclude intellectual property infringement claims, which represented 11.9% (patent infringement) and 11.2% (copyright infringement) of all AI-related U.S. lawsuits filed through 2025. For sound claims management, review your cyber policy’s exclusion language carefully and ask your insurer directly whether AI-generated content liability is covered. If there’s a gap — and there likely is — a standalone AI liability policy or endorsement may be the right complement to your existing coverage stack.

How much does standalone AI liability insurance cost for a small business, and what coverage limits are available in 2026?

Pricing in the standalone AI liability insurance market varies widely based on your industry, the AI tools you use, your annual revenue, and the risk controls you have in place. Current policy limits range from $2 million to $50 million depending on the provider — Munich Re’s HSB targets small businesses specifically, while Armilla AI offers coverage up to $25 million per organization. Keep in mind that experts warn these limits may be insufficient for larger enterprises facing systemic AI failures that affect many users simultaneously, where exposure can run into the hundreds of millions. Completing a risk assessment before you shop for coverage will help you determine how much protection you actually need — and acting before the market hardens may unlock meaningful insurance savings through lower early-market premiums.

What specific AI risk controls do insurers require businesses to have in place to qualify for AI liability policy coverage in 2026?

Underwriters evaluating AI liability applications generally look for evidence that you’re managing AI risks proactively, not just hoping for the best. Common requirements include: a documented inventory of all AI tools and their use cases; human review processes for high-stakes AI-driven decisions; records of AI testing, validation, and performance monitoring; a written AI incident response plan; and clear policies on data use and model governance. Gartner forecasts that by 2030, P&C insurers will formally mandate strong AI risk controls as a prerequisite for affirmative AI liability policy coverage — meaning the governance frameworks companies build today become the price of admission tomorrow. Businesses that invest in these controls now will be better positioned to qualify for coverage and may realize real insurance savings through improved risk profiles at renewal. Always work with a licensed insurance professional to align your controls with what specific underwriters actually require.

Disclaimer: This article is for informational purposes only and does not constitute insurance advice. Always consult a licensed insurance agent for personalized guidance.