AI governance is entering a new phase.
At the Mozilla Ventures Portfolio Convening, leaders from AI governance, assurance, and insurance came together to challenge a familiar pattern: governance that looks robust on paper but fails under real-world pressure. The resulting discussions, captured in Mozilla Ventures’ Portfolio Convening Report 2025, makes one thing clear — AI governance is no longer a theoretical exercise. It is becoming a prerequisite for trust, deployment, and insurance.
Armilla AI was proud to participate in this conversation, with Philip Dawson, Head of AI Policy at Armilla AI, joining the panel to explore how governance intersects with financial risk, enterprise accountability, and AI insurance.
Section 2.1 of the report, AI Governance: From Paper Policies to Real Oversight, focuses on a core problem facing enterprises today: governance is often treated as documentation rather than infrastructure.
The panel rejected the idea that governance lives in slide decks, certifications, or compliance checklists. Instead, they emphasized that real governance must be embedded directly into how AI systems are designed, deployed, monitored, and insured.
As Philip Dawson explained during the session, governance is frequently positioned as a blocker, a function that slows innovation and adds cost. In practice, the opposite is true.
“Governance is a reactive necessity… when actually there’s a much broader array of objectives and other reasons, commercial as well.”
— Philip Dawson, Head of AI Policy, Armilla AI
This reframing is critical. When governance is treated as an operational capability rather than an afterthought, it enables organizations to deploy AI systems that would otherwise be too risky to launch.
One of the most important contributions from Armilla’s perspective was the explicit link between governance maturity and insurability.
From an insurer’s point of view, governance gaps are not abstract concerns, they are risk signals.
The report highlights a recurring issue we encounter when working with enterprises: many organizations cannot clearly answer basic questions about their AI footprint. Where are AI systems deployed? Who owns them? What are they doing in production? How are incidents detected and escalated?
When those answers are missing, financial exposure becomes impossible to quantify.
Dawson described how this lack of visibility directly affects underwriting outcomes. Applications for AI insurance have been declined not because the models were inherently unsafe, but because governance and monitoring processes were too thin to support risk transfer.
In other words, AI insurance is forcing governance to move from theory into practice.
As insurers, risk committees, and procurement teams increasingly demand evidence, not intentions, governance is becoming a hard requirement rather than a best practice.
The discussion also addressed a growing tension in the AI ecosystem: the gap between certification and outcomes.
Frameworks such as NIST AI RMF and ISO 42001 play an important role, but the panel warned against treating them as guarantees of safety or fairness. It is possible to pass a conformity assessment while leaving material uncertainties unresolved at the system level.
Dawson emphasized that most assessments today focus on whether processes exist, not whether systems perform acceptably under real conditions. Performance thresholds, bias tolerance, and system-level behavior are often left undefined.
This creates the risk of what the panel described as “certification washing” — relying on standards as reputational shields rather than tools for accountability.
For Armilla, this gap reinforces why insurance underwriting cannot rely on checklists alone. Insurable AI requires evidence that systems are tested, monitored, and governed over time, not just certified at a single point.
As Dawson noted toward the end of the discussion, the industry must also prepare for what comes next:
“In 2030… the biggest topic will be incident response and systemic risks.”
— Philip Dawson, Head of AI Policy, Armilla AI
Armilla AI participated in the conference as one of Mozilla Ventures’ portfolio companies, sharing a commitment to responsible, trustworthy AI.
Mozilla Ventures exists to support companies building technology that advances human agency, transparency, and accountability, particularly in areas where markets alone fail to protect the public interest. Its mission aligns closely with Armilla’s own goals: ensuring that AI systems can be deployed confidently, responsibly, and with clear mechanisms for accountability when things go wrong.
By connecting governance, evaluation, and insurance, Armilla works to make trust in AI operational, not aspirational.
Read the full Mozilla Ventures Portfolio Convening Report 2025 here:
https://mozilla.vc/wp-content/uploads/2026/01/Mozilla-Ventures-Portfolio-Convening-Report-2025.pdf
Read the CNBC report on Mozilla Ventures building an AI ‘rebel alliance’ - deploying its reserves to support "mission driven" companies, particularly focused on AI.
Disclaimer: The insurance products described on this website are offered through surplus lines insurers. Surplus lines insurance is not subject to all the insurance laws and regulations of your state, and such insurers are generally not licensed by or subject to the supervision of the insurance department of your state. Coverage may not be available in all jurisdictions and is offered only through properly licensed surplus lines brokers.
Nothing on this website constitutes an offer to sell or a solicitation to buy insurance. No coverage will be bound or effective unless and until confirmed in writing by an authorized representative and all underwriting requirements have been satisfied. Any descriptions of coverage are for general informational purposes only and do not amend, modify, or supplement any actual policy or contract of insurance.
Please consult with a licensed surplus lines broker to determine availability and eligibility in your state.