Summary: As generative and agentic AI continues to reshape customer service, decision-making, and operations, traditional cyber and E&O policies are revealing critical gaps. Commentary from CRC Group, Gallagher, and Willis Towers Watson points to rising concern across the insurance ecosystem about three core exposures: AI-generated errors, regulatory compliance and model performance.
AI systems now operate at the front lines of enterprise customer engagement. When a chatbot or virtual assistant offers inaccurate information, the legal exposure can mirror that of a human advisor—yet many policies remain untested, or unresponsive, to this risk.
“It is not a case of ‘if’ but ‘when’ a banking AI chatbot provides inaccurate data, information, or advice to banking customers. Such a scenario will test the limits of traditional E&O policies and may not be covered, depending on the policy’s language regarding technology.”
— CRC Group, April 2025
“[Traditional policy] triggers may not be sufficient for losses that arise from failure of an AI model to perform as intended or expected.”
— WTW, March 2025
The rise of autonomous, agentic AI systems will only amplify these concerns. These models increasingly operate without human oversight, introducing liability for errors that may not trigger traditional coverage. As clients adopt more advanced systems, policyholders and brokers alike must re-evaluate how E&O risk is defined—and whether AI-specific performance failures are affirmatively covered.
Gartner predicts agentic AI will autonomously resolve 80% of common customer service issues without human intervention by 2029.
— Gartner, March 2025
The regulatory environment for AI is evolving rapidly. As AI-specific regulations emerge globally, enterprises are facing new forms of legal exposure. Yet most cyber and E&O policies were designed for a privacy-centric regulatory environment—not one that includes technical, procedural, and documentation requirements tied to how AI systems are developed and deployed.
“Cyber policies should be modified to extend to non-compliance with AI laws and regulations, such as the EU AI Act.”
— WTW, March 2025
Despite the prominence of the EU AI Act, it is the state-level regulations already in force in the U.S.—combined with active FTC investigations—that are creating immediate regulatory exposure for many enterprises. These developments are widening gaps in cyber and E&O policies, especially where fines, investigations, and remediation costs are excluded or ambiguous.
Unlike traditional outages or breaches, AI model degradation often occurs silently—through reduced accuracy, increasing hallucinations, or misclassifications that accumulate over time. These failures can create operational and reputational harm without meeting standard triggers.
“The financial losses due to AI performance degradation without an interruption in service, AI-based decision making or fines associated with regulatory compliance issues [are not necessarily] insurable under a traditional cyber policy.”
— Aldo Borsani, Gallagher, April 2025
Brokers increasingly recognize that these coverage gaps are not hypothetical. Many now view offering affirmative AI coverage to customers—whether as a standalone policy or a DIC endorsement—as a critical part of their role as comprehensive risk advisors. Clients expect brokers to help them understand and mitigate risks introduced by AI systems with as much certainty as possible.
AI introduces new risk vectors that traditional insurance policies weren’t designed to address. At Armilla, we close these gaps through:
As enterprises scale AI, confidence in legacy policies is giving way to a new era of AI-specific risk management. We help brokers and enterprises adapt—proactively and responsibly.
Insights from Armilla’s team of AI experts were recently included in the following publications:
And If you’re new to Covering AI, you can subscribe to receive new issues directly in your inbox.
Contact us to learn how Armilla AI helps enterprises assess, quantify, and insure AI risk in partnership with top brokerages.
