This is the operator's reading guide to what your existing business insurance policies actually exclude when it comes to AI in 2026. It covers the ISO standard endorsement forms, the carrier-specific exclusions that go further, the silent-AI distinction that reinsurers are eliminating, and the renewal conversation every buyer should be having with their broker now.

Key takeaways

  • Most CGL policies sold or renewed in 2026 carry, or will carry, an AI exclusion endorsement following Verisk's January 2026 release of three optional forms.
  • ISO CG 40 47 and CG 40 48 are the dominant standard endorsements: CG 40 47 is broad (Coverage A and B), CG 40 48 is narrower (Coverage B only).
  • W.R. Berkley's PC 51380 is among the broadest carrier-specific exclusions, extending to D&O, E&O, and fiduciary liability including director statements about AI governance.
  • Cyber and E&O are bifurcating: some specialist carriers are writing affirmative AI coverage on defined terms; most generalist carriers are adding exclusions or sublimits.
  • Silent AI coverage, where policies neither grant nor exclude AI losses, is being systematically eliminated through endorsements, renewal underwriting, and reinsurer pressure.
  • The exclusions frequently survive even where the underlying claim does not explicitly name AI as the cause, because "arising out of" is read broadly by courts.
  • The defensible buyer posture is to map every exclusion explicitly at every renewal and to identify the coverage gap before a claim reveals it.

Section 1. The exclusion wave: why it happened and how it was drafted

The wave of AI exclusions entering commercial insurance policies in 2025 and 2026 did not arrive without warning. Actuaries and underwriters had been flagging the same core problem for several years: there was no actuarial data from which to price AI risk. Without credible loss history, without a stable legal framework determining who bears liability when an AI system causes harm, and without a consistent view of whether AI exposure was correlated across policyholders in ways that could trigger aggregate losses, carriers were carrying an unquantified and potentially systemic exposure on policies that had been priced as though AI did not exist.

The legal environment accelerated the timeline. A series of cases in 2023 and 2024 made concrete what underwriters had been treating as theoretical. A chatbot misrepresented airline policy and the airline was held liable for its output. Lawyers submitted hallucinated citations generated by a large language model and were sanctioned. A hiring algorithm screened out applicants by age and the employer paid a federal settlement. Each of these cases demonstrated that AI-related losses were real, that courts were willing to assign liability to the deploying entity, and that the losses were landing in territory previously assumed to be covered by standard policies.

Reinsurers applied the second pressure. Munich Re, Swiss Re, and others had been watching the accumulation of unpriced AI exposure in cedent portfolios and began pushing for clarity. The parallel with silent cyber, where policies were neither granting nor denying coverage for cyber losses and the ambiguity was crystallising into large claims, was direct. The same mechanism was playing out with AI. The regulatory environment added a third layer: the EU AI Act's August 2026 deadline, the EEOC's enforcement activity, and state-level AI legislation in the United States created a compliance liability surface that had not previously existed.

The endorsements that followed were drafted in two modes. The standard forms from ISO Verisk, the dominant forms bureau in the US commercial lines market, gave carriers optional language they could attach to existing policies. Carrier-specific forms, developed independently by individual insurers, went further in scope and applied to lines that ISO had not addressed. Both modes share the same underlying logic: remove the ambiguity, define what the policy does and does not cover with respect to AI, and leave specialist products to fill the gap.

Section 2. ISO standard endorsements decoded

Verisk filed three AI-related endorsements for use with the ISO Commercial General Liability Coverage Part, with an effective date of January 2026. All three are optional: a carrier must affirmatively adopt and attach them for them to take effect on a given policy. Adoption has been faster than ISO adoption of earlier endorsement families, with multiple carriers filing within weeks of the forms becoming available.

All three forms share a common definition of generative artificial intelligence:

ISO definition (CG 40 47, CG 40 48, CG 35 08, all editions 01 26): "Generative artificial intelligence means a machine-based learning system or model that is trained on data with the ability to create content or responses, including but not limited to text, images, audio, video or code."

The definition is notable for what it does and does not capture. It is broad enough to encompass large language models, image generation models, code generation tools, and multimodal systems. It does not explicitly capture traditional machine learning models that classify or predict without generating output, though the phrase "ability to create content or responses" can be read to include recommendation engines that produce output text. Carriers using the ISO definition alongside broader proprietary definitions in other endorsement families may apply different scope to the same policy.

CG 40 47 01 26: Exclusion, Generative Artificial Intelligence (broad form)

CG 40 47 is the most widely discussed of the three forms and the one most likely to produce coverage disputes. It applies to both Coverage A (bodily injury and property damage) and Coverage B (personal and advertising injury) of the ISO CGL Coverage Part, and it is available for both occurrence and claims-made versions of the policy. When attached, it excludes all bodily injury, property damage, and personal and advertising injury arising out of generative artificial intelligence.

The operative phrase is "arising out of." This is standard ISO formulation, and it has been interpreted by courts consistently to require only a causal connection rather than direct causation. A claim need not explicitly name an AI system as the cause of harm: if a court or arbitrator can trace the chain of events back to the generation or deployment of generative AI output, the exclusion applies. Claims that might have been argued into Coverage A before this endorsement, such as a physical injury caused by an AI-controlled system, are now explicitly excluded when CG 40 47 is attached.

Carriers known to have adopted or expressed intent to adopt CG 40 47: multiple regional and national carriers that are ISO members and that filed within the first quarter of 2026. State regulatory approval timelines vary, and a carrier may have filed but not yet received approval in all jurisdictions. Buyers should ask their broker specifically whether CG 40 47 has been attached to their policy rather than assuming it has or has not based on their carrier's general market position.

CG 40 48 01 26: Exclusion, Generative Artificial Intelligence (Coverage B only)

CG 40 48 is the narrower form. It applies only to Coverage B (personal and advertising injury) and leaves Coverage A (bodily injury and property damage) unaffected. The exclusion language for Coverage B reads: "This insurance does not apply to: 'Personal and advertising injury' arising out of 'generative artificial intelligence.'"

The practical effect is that a business using a generative AI tool to produce marketing content, advertising copy, or customer-facing communications loses Coverage B protection for claims arising from that content, including defamation, invasion of privacy, copyright infringement in advertising, and trade libel. Coverage A protection for bodily injury and property damage is preserved, which is meaningful for businesses operating AI-assisted physical systems. CG 40 48 is the form a carrier might attach when it wants to limit its exposure to generative AI content disputes while retaining coverage for physical harm scenarios.

CG 35 08 01 26: Exclusion, Generative Artificial Intelligence (Products/Completed Operations)

CG 35 08 is designed for use with the ISO Products/Completed Operations Liability Coverage Part rather than the main CGL Coverage Part. It excludes bodily injury and property damage arising out of generative artificial intelligence in the products and completed operations context. This form is directly relevant to any manufacturer, technology vendor, or service provider whose products or completed work incorporate generative AI components. A software company that ships a product containing an LLM-based feature, a manufacturer whose product uses AI-driven controls, or a professional services firm whose deliverable was AI-generated may find CG 35 08 attached to their products liability coverage at renewal.

What survives the ISO exclusions

The ISO forms exclude losses "arising out of" generative AI. Coverage for losses that have no causal connection to generative AI activity survives. A slip-and-fall at a premises, a product defect in a non-AI component, a traditional advertising injury claim with no AI involvement, and a personal injury arising from a human employee's conduct all remain within the policy's basic scope. The question that matters at claim time is whether there is a traceable connection between the loss and any generative AI activity, however indirect.

Section 3. Carrier-specific endorsements

Several major carriers have developed their own AI exclusion forms independently of the ISO Verisk process. These forms tend to be broader in scope, apply to policy lines that ISO has not addressed in its standard forms, and in some cases carry governance conditions that affect whether an insured can demonstrate any residual coverage.

W.R. Berkley: Form PC 51380 (Absolute AI Exclusion)

Form PC 51380 is W.R. Berkley's absolute AI exclusion, issued in June 2024 and filed with state regulators in late 2025. It applies to D&O, E&O, and Fiduciary Liability products rather than to CGL, making it relevant to the lines that protect corporate decision-makers and professional service providers. Regulatory approval was pending in some states as of early 2026.

The form excludes any claim arising from "the actual or alleged use, deployment, or development of Artificial Intelligence" by any person or entity. The scope is unusually comprehensive. Specifically excluded are:

  • The generation, creation, or dissemination of any content or communications using artificial intelligence.
  • Any insured's actual or alleged failure to identify or detect content or communications created through a third party's use of artificial intelligence.
  • Any insured's inadequate or deficient policies, practices, procedures, or training relating to artificial intelligence.
  • Any actual or alleged breach of duty in connection with the development or deployment of artificial intelligence.
  • Products or services incorporating artificial intelligence.
  • Chatbot or virtual agent misrepresentations.
  • Any regulatory investigation relating to AI use or oversight.
  • Statements, disclosures, or representations concerning the company's AI capabilities or business plans.

The final category warrants particular attention for publicly traded companies and for any business that communicates about AI in investor or public-facing materials. A D&O claim arising from a director's investor presentation about AI strategy, an earnings call statement about AI adoption, or a regulatory filing describing AI capabilities may be excluded even where the company has deployed no AI system at all. PC 51380 is, in this respect, as much a governance disclosure exclusion as it is an operational AI exclusion.

Berkley has characterised the form as "absolute" because it does not include a buyback provision or a carve-out for AI losses that meet governance conditions. Buyers on Berkley D&O, E&O, or fiduciary liability who have material AI exposure will need to seek coverage elsewhere for the excluded categories.

AIG: Management Liability AI Exclusion

AIG has sought regulatory clearance for AI exclusion language applicable to management liability lines. The company has stated publicly that it has no immediate plans to implement the exclusion across all accounts but wants the language available as claim frequency and severity develop. AIG's approach is to retain optionality: the exclusion is on file, can be attached at renewal where underwriters assess the risk profile warrants it, and is likely to be more consistently applied as the broader market continues to move in this direction.

Great American: Management Liability AI Exclusion

Great American has filed AI exclusion language for management liability lines alongside AIG and W.R. Berkley. The specific form language is not published in the same detail as PC 51380, but Great American's general market position tracks the broader carrier movement: resolve the silent AI ambiguity through endorsement rather than leaving losses to be argued at claim time.

Chubb: Systemic AI Event Exclusion

Chubb has taken a more targeted approach than absolute exclusion carriers. Its AI-related endorsement language excludes claims arising from widespread or systemic AI events, defined as events capable of affecting multiple policyholders simultaneously through a common AI system, model, or vendor. Coverage for isolated, single-policyholder AI incidents is retained. The underlying concern is correlated loss: a single model failure or a widely deployed AI vendor's system malfunction could trigger claims from many policyholders at once, creating an aggregate exposure with no actuarial precedent. Chubb is reserving the right to limit coverage at the aggregate event level while maintaining per-occurrence protection for contained incidents.

Beazley and QBE: London Market Sublimits

On the London market, Beazley and QBE have each introduced AI sublimits on cyber and professional indemnity policies rather than applying outright exclusions. The sublimit approach caps the payout on AI-related losses at approximately 10 percent of total policy limits. A policyholder with a GBP 10 million cyber policy and a Beazley or QBE AI sublimit endorsement attached has effectively purchased GBP 1 million of AI-related cyber coverage rather than the full limit. The sublimit is a partial concession to buyers who want some AI coverage while giving the carrier a defined aggregate exposure position.

QBE has also introduced endorsement language that explicitly references the EU AI Act as a coverage criterion, making it the first major insurer to use the regulatory framework as a definitional anchor in a standard endorsement. Coverage for certain regulatory fines under the Act is included, within the sublimit, on specified conditions.

Hamilton Insurance Group

Hamilton Insurance Group has filed AI exclusion language with US state regulators for management liability lines. Hamilton's market position aligns with the broader management liability carrier movement: address the silent AI exposure before claims develop, retain underwriting discretion on specific accounts, and apply the exclusion as default at renewal for accounts with material AI exposure.

Carrier comparison summary.
Carrier Form/Endorsement Policy Lines Scope
Verisk/ISO CG 40 47 01 26 CGL (Coverage A + B) All losses arising from generative AI
Verisk/ISO CG 40 48 01 26 CGL (Coverage B only) Personal and advertising injury from generative AI
Verisk/ISO CG 35 08 01 26 Products/Completed Operations Bodily injury and property damage from generative AI in products
W.R. Berkley PC 51380 D&O, E&O, Fiduciary Absolute: all AI use, deployment, governance, and disclosure
Chubb Systemic AI exclusion Multiple lines Widespread/systemic AI events; isolated incidents retained
Beazley AI sublimit endorsement Cyber, PI Sublimit approx. 10% of total policy limits
QBE AI sublimit + EU AI Act fines Cyber, PI Sublimit approx. 10%; explicit EU AI Act fine coverage within sublimit
AIG Management liability AI exclusion D&O, E&O Filed; applied selectively at underwriter discretion
Hamilton Insurance Group Management liability AI exclusion D&O, E&O Filed; default at renewal for accounts with AI exposure

Section 4. How to read your policy for AI risk

Most buyers do not read their policy schedules in the detail required to identify whether an AI exclusion has been attached. The declarations page names the coverage parts and the limits. The schedule of forms and endorsements lists every form number attached. The substantive exclusion language is in the body of the endorsement, not the declarations. The following reading sequence works for any commercial policy renewed in 2026.

Step 1: Locate the schedule of forms and endorsements

The schedule of forms and endorsements is typically a one or two-page attachment at the beginning of the policy package. It lists every form by number and edition date. Search this list for any form beginning CG 40, CG 35, or any carrier-specific form number you have been notified of. If you cannot find this schedule, ask your broker to produce it. It is a standard policy document.

Step 2: Pull every form that references the following terms

Retrieve the full text of any endorsement whose title or form number you cannot immediately identify. Read each retrieved endorsement for any of the following terms:

  • Artificial intelligence
  • Machine learning
  • Generative artificial intelligence
  • Automated decision
  • Algorithm or algorithmic
  • Large language model
  • Agent or autonomous agent
  • Chatbot or virtual assistant
  • AI-generated content
  • Neural network

Step 3: Read the definition section

Endorsements that use AI-related language typically define the key terms. The definition determines the scope. The ISO Verisk definition of generative artificial intelligence is narrow in one direction: it requires a system "trained on data with the ability to create content or responses." Traditional predictive analytics that classify inputs without producing content may fall outside this definition. A carrier using a broader proprietary definition may cover traditional ML as well. Read the definition before concluding that a given tool or system is inside or outside the exclusion.

Step 4: Check the insuring agreement and the exclusions section

Some AI-related limitations appear not as standalone exclusions but as modifications to the insuring agreement itself, narrowing the definition of "wrongful act," "professional services," or "covered loss" to exclude AI-assisted activity. Others appear as named exclusions in the exclusions section. Both can have the same effect. Read both sections for any qualifier that limits coverage to human-performed services or excludes AI-assisted outputs.

Step 5: Check the definition of "loss" or "damages"

Some management liability policies that have not yet added an explicit AI exclusion have instead narrowed the definition of covered "loss" to exclude amounts arising from AI regulatory investigations, AI-related fines and penalties, or settlements where AI conduct is the proximate cause. This approach produces the same coverage gap without using the word "exclusion."

Quick-reference checklist: what to look for in every 2026 policy renewal.
  • Form CG 40 47 01 26 on the schedule of forms (broad CGL AI exclusion).
  • Form CG 40 48 01 26 on the schedule of forms (Coverage B only CGL exclusion).
  • Form CG 35 08 01 26 on the schedule of forms (Products/Completed Operations exclusion).
  • Any carrier-specific form number referencing "artificial intelligence" or "AI" in the title.
  • Any definition of "artificial intelligence," "machine learning," or "generative AI" in the definitions section.
  • Any modification to the insuring agreement restricting coverage to "human" or "non-automated" services.
  • Any sublimit for AI-related losses in a cyber or professional indemnity policy.
  • Any language in the "loss" or "damages" definition excluding AI regulatory fines or AI-related settlements.

Section 5. Silent AI versus affirmative AI coverage

The term "silent AI" describes a policy that neither explicitly grants nor explicitly excludes coverage for AI-related losses. Prior to 2024, most standard CGL, E&O, cyber, and D&O policies were silent on AI. An AI-related claim arriving under a silent policy would be argued by the policyholder as falling within the existing covered categories (professional error, data breach, advertising injury) and by the carrier as falling outside those categories or within an existing exclusion. The outcome depended on the specific facts, the jurisdiction, and the drafting of the pre-existing policy language.

Silent cyber offers the closest precedent. When network-related losses began arriving in volume in the early 2010s, many general liability and property policies were silent on cyber. Carriers argued cyber losses out of coverage; policyholders argued them in. Courts produced inconsistent outcomes across jurisdictions. Lloyd's and the London market responded with a mandatory clarification requirement: managing agents had to ensure their wordings affirmatively addressed cyber, either granting or excluding it. The ISO CG 21 06 endorsement and the LMA cyber clauses emerged from this process. The same clarification dynamic is now playing out with AI, on a faster timeline because the precedent of silent cyber is well understood by both sides.

Affirmative AI coverage describes a policy or endorsement that explicitly states, in the insuring agreement or an endorsement thereto, that losses arising from defined AI activities are covered subject to defined conditions and limits. Affirmative coverage is what specialist AI insurance products provide. It is the opposite of silence: the coverage is unambiguous, the conditions are defined, and the underwriter has priced the risk intentionally. Munich Re aiSure, Armilla's Lloyd's coverholder product, HSB's AI Liability Insurance for SMEs, and Counterpart's professional liability with AI endorsements are all examples of affirmative AI coverage rather than inherited coverage from policies that did not address AI at all.

The reinsurance market is the mechanism by which the elimination of silent AI is being enforced. When a cedent brings a reinsurance treaty to Munich Re, Swiss Re, or Hannover Re, the reinsurer's underwriters are now routinely asking how the cedent's primary policies treat AI exposure. Cedents who cannot demonstrate that they have either explicitly granted or explicitly excluded AI coverage in their primary wordings face pressure to resolve the ambiguity before the treaty is renewed. This reinsurer pressure flows down to carrier renewals, which flows to policyholder renewals. The direction is one way.

Section 6. What an exclusion does and does not do

Understanding what an AI exclusion removes from coverage is half the analysis. Understanding what it does not remove is equally important, because some claims that arise from AI deployments may still be covered under the surviving language.

Claims that may survive an AI exclusion

A claim where the AI component is incidental rather than causal may survive. If a professional services firm uses an AI tool to assist with research and a human professional makes an independent judgment error that causes the client's loss, the E&O claim may be characterised as a human professional error rather than an AI output error. The determinative question is whether the AI output was the proximate cause of the harm or a tool that a human used and then departed from. Where the human made the final decision, reviewed and approved the AI output, and the error is traceable to the human's judgment, the claim may survive under the human professional services insuring agreement.

Similarly, a data breach arising from a cyberattack on a company's AI infrastructure, where the AI system itself was not the cause of the breach and was simply a target, may be covered under the cyber policy's network security insuring agreement even where an AI exclusion is attached. The exclusion targets losses "arising out of" AI activity, not losses where AI infrastructure was incidentally involved as a target.

Losses that have no AI component whatsoever survive all AI exclusions. This is obvious but worth stating explicitly, because some policyholders facing a denial under an AI exclusion will argue that the AI component was minimal. The carrier's response will be that "arising out of" requires only a causal connection, not that AI be the primary or dominant cause. Where the causal connection exists, however thin, the exclusion is likely to apply.

Claims that do not survive an AI exclusion

A claim arising from an autonomous AI agent's decision that causes financial loss to a third party will generally not survive a CG 40 47 or W.R. Berkley PC 51380 attachment. The agent's output is the generative AI output the exclusion addresses. There is no human review in the causal chain to break the connection between the AI activity and the loss.

A claim arising from AI-generated marketing content that is found to infringe a third party's copyright or to be defamatory will not survive a CG 40 47 or CG 40 48 attachment. The personal and advertising injury Coverage B was the traditional home for these claims, and both forms exclude it for AI-generated material.

A D&O claim arising from a director's misstatement about the company's AI capabilities, on a policy with Berkley PC 51380 attached, will not survive. The form explicitly includes "statements, disclosures, or representations concerning the company's AI capabilities or business plans" in its exclusion scope.

A regulatory investigation related to AI use or oversight, again on a PC 51380 policy, is explicitly excluded. As national regulators in the EU and US increase AI enforcement activity in 2026, the regulatory investigation coverage that D&O and E&O policies have traditionally provided for regulatory inquiries may not extend to AI-related investigations on policies carrying this form.

Section 7. The renewal conversation

The most effective intervention point for a policyholder is not the claims conversation but the renewal conversation. A claim is already in process; the coverage position is fixed by the policy in force at the time of loss. The renewal is the moment when the terms for the next policy period are being negotiated and when a buyer has leverage to ask questions and seek alternatives.

The following ten questions should be put to every broker managing a CGL, E&O, D&O, cyber, or professional indemnity renewal in 2026.

  1. Has any AI exclusion endorsement been attached to this renewal, and if so, please provide the full text of every AI-related form? This is the foundational question. It is not sufficient for a broker to say no AI exclusion is attached without checking the schedule of forms.
  2. Does the policy's definition of "wrongful act" or "professional services" include AI-assisted work, and has any qualifier been added at this renewal that changes that position? This catches modifications to the insuring agreement that achieve exclusion without using the word.
  3. Has the definition of "loss" or "damages" been changed at this renewal to exclude amounts arising from AI-related regulatory proceedings or AI settlements? This catches the definitional narrowing approach used by some management liability carriers.
  4. Is there a sublimit applying to AI-related losses, and if so, at what level? Sublimits that are materially lower than the policy's overall limits can represent a de facto exclusion for large AI-related claims.
  5. What is the carrier's current position on coverage for losses caused by third-party AI vendors and tools used in the course of our business? Vendor AI tools embedded in business processes may generate losses that the policyholder did not directly cause.
  6. Is the policy's treatment of AI losses silent, exclusionary, or affirmative? Silence, exclusion, and affirmative coverage are three distinct positions. A buyer should know which of the three they are purchasing.
  7. Has the reinsurance structure for this policy changed at this renewal in a way that affects capacity or terms for AI-related losses? Reinsurer pressure can reduce carrier capacity or impose conditions that are not visible in the primary policy wording itself.
  8. Are there other carriers in the current market who would write this risk with more favourable AI terms, and have you approached them? Market comparison is the broker's job, but it needs to be explicitly requested on AI terms specifically.
  9. If an AI exclusion has been attached, is there a buyback endorsement available for any of the excluded categories, and at what premium? Some carriers will negotiate partial buybacks for accounts with documented governance programmes. The availability and price of a buyback is useful market intelligence even where the buyback is not ultimately purchased.
  10. What specialist AI insurance carriers have you approached as a supplement, and what terms are they quoting? The renewal conversation should address not just the generalist policy but the specialist AI coverage layer that may be needed to fill the gap.

Section 8. When to add specialist coverage on top

The decision to add specialist AI insurance on top of existing coverage follows from a straightforward gap analysis. If your existing policies have been reviewed using the reading guide in Section 4 and you have identified one or more of the following, a specialist product is warranted.

  • A CG 40 47 or carrier-specific broad AI exclusion attached to your CGL policy, and you operate AI systems that interact with the physical world or generate customer-facing content.
  • A PC 51380 or equivalent D&O or E&O exclusion, and your directors make public statements about AI or your professional work involves AI-assisted deliverables.
  • A sublimit of less than 25 percent of overall policy limits applying to AI-related losses, and your AI exposure represents more than that proportion of your total risk profile.
  • Silent AI treatment on a cyber or professional indemnity policy, where the ambiguity cannot be resolved by the carrier before renewal and where you have active AI deployments.
  • EU AI Act exposure: if you deploy a high-risk AI system as defined under the Act and the August 2026 deadline is approaching, regulatory fine coverage is not available in most standard policies and requires specialist terms.

For SMEs seeking specialist coverage, HSB AI Liability Insurance (launched March 2026) is currently the most accessible product, covering bodily injury, property damage, and advertising injury arising from AI use, and distributed through carrier partners rather than sold directly. Corgi and Vouch serve smaller technology companies through tech E&O with AI extensions.

For mid-market and enterprise buyers with larger limits requirements, Armilla (Lloyd's coverholder, up to USD 25 million), Testudo (Lloyd's-backed, up to USD 9.25 million), Counterpart (affirmative professional liability), and Munich Re aiSure (parametric AI performance) are the primary options. AIUC combines enterprise AI certification with insurance coverage as an integrated product. The full Carrier Comparison Matrix on agentinsured.eu maps every carrier currently writing meaningful limits with their underwriting criteria and coverage scope.

Section 9. The cases that drove the exclusion wave

Insurance underwriting is claims-driven. The endorsements described in this article did not emerge from abstract risk theory. They emerged from a pattern of cases that made AI-related losses concrete, showed that courts were willing to hold deploying organisations liable, and demonstrated that those losses were arriving in categories that standard policies were expected to cover.

Moffatt v. Air Canada (BC Civil Resolution Tribunal, 14 February 2024)

Jake Moffatt, a passenger who had recently lost a family member, consulted Air Canada's website chatbot about bereavement fares. The chatbot provided inaccurate information about the airline's bereavement refund policy, telling Moffatt that applications must be filed within 90 days of ticket issuance. Moffatt relied on this information to his detriment. When he sought the refund, Air Canada denied it and argued that its chatbot was a separate legal entity whose statements did not bind the airline. The British Columbia Civil Resolution Tribunal rejected this argument, holding that as a component of Air Canada's website, the chatbot's representations were the airline's representations. The tribunal found negligent misrepresentation and awarded Moffatt CAD 650.88 in damages plus pre-judgment interest and tribunal fees. The case established the principle that an organisation cannot disclaim responsibility for its AI tools by characterising them as independent entities.

Mata v. Avianca, Inc. (S.D.N.Y., 678 F. Supp. 3d 443, 2023)

Roberto Mata filed a personal injury lawsuit against Avianca in the United States District Court for the Southern District of New York. His attorneys submitted a brief containing citations to precedents generated by ChatGPT. The cited cases did not exist. Judge P. Kevin Castel identified the fabrications, noting that one of the included legal analyses was "gibberish." The attorneys did not withdraw the brief when given the opportunity to investigate. Judge Castel sanctioned the attorneys USD 5,000 and dismissed the case. The decision was the first widely publicised demonstration that large language model hallucinations could enter formal legal proceedings, exposing professional service firms to sanctions and malpractice claims arising directly from unchecked AI output.

EEOC v. iTutorGroup, Inc. (Consent decree approved S.D.N.Y., 8 September 2023)

The Equal Employment Opportunity Commission's first lawsuit involving AI in the workplace alleged that iTutorGroup's automated hiring software systematically rejected female applicants aged 55 or older and male applicants aged 60 or older, in violation of the Age Discrimination in Employment Act. The EEOC identified the discrimination when an applicant submitted two identical applications differing only in date of birth and received an interview request only on the younger submission. iTutorGroup agreed to pay USD 365,000 in a settlement approved by the federal court and to implement new anti-discrimination policies, training, and monitoring. The case established that algorithmic bias in automated hiring systems constitutes actionable employment discrimination and that the deploying employer, not the AI vendor, is the responsible party.

These three cases collectively illustrate the liability surface that AI exclusions are designed to address. In Moffatt, a chatbot misrepresentation produced a consumer protection claim. In Mata, AI-generated hallucinations produced professional conduct sanctions. In iTutorGroup, an automated decision system produced an employment discrimination claim. Each category maps to a different insurance line: Moffatt to general liability and advertising injury, Mata to professional indemnity and E&O, iTutorGroup to employment practices liability. The exclusion wave followed the recognition that all three categories were exposed.

Section 10. Frequently asked questions

Do all business insurance policies now exclude AI?

Not yet uniformly, but the trend is strongly in that direction. ISO Verisk released three optional AI exclusion endorsements effective January 2026 for commercial general liability, and multiple major carriers have filed their own forms with state regulators. Policies renewed in 2026 without explicit AI exclusions may still carry silent AI exposure, which reinsurers are actively pushing carriers to resolve. Any buyer renewing a CGL, E&O, D&O, or cyber policy in 2026 should read the schedule of forms and endorsements for AI-related language before assuming coverage exists.

What is ISO CG 40 47?

ISO CG 40 47 01 26 is the Exclusion: Generative Artificial Intelligence endorsement issued by Verisk (Insurance Services Office) with an effective date of January 2026. It applies to the ISO Commercial General Liability Coverage Part, for both occurrence and claims-made versions. When attached, it excludes bodily injury, property damage, and personal and advertising injury arising out of generative artificial intelligence under both Coverage A and Coverage B. It defines generative artificial intelligence as a machine-based learning system or model trained on data with the ability to create content or responses, including but not limited to text, images, audio, video, or code.

What does the W.R. Berkley AI exclusion exclude?

W.R. Berkley's Form PC 51380, filed in June 2024, is an absolute AI exclusion for D&O, E&O, and Fiduciary Liability products. It excludes any claim arising from the actual or alleged use, deployment, or development of artificial intelligence by any person or entity. The scope includes AI-generated content, failure to detect AI-created materials, inadequate AI governance policies and training, chatbot misrepresentations, regulatory investigations related to AI use, and statements or disclosures about the company's AI capabilities or business plans. The last category is particularly significant: a D&O claim arising from an investor communication about AI strategy may be excluded even where no AI system was deployed.

Is silent AI coverage being eliminated?

Yes, systematically. Silent AI coverage refers to the position where a policy neither grants nor excludes coverage for AI-related losses, leaving claims to be argued either way at claim time. Reinsurers including Munich Re and Swiss Re have pushed cedents to resolve this ambiguity before treaty renewal, either through affirmative AI endorsements or through exclusions. The ISO Verisk January 2026 endorsements standardise this push at the primary market level. The precedent is silent cyber: a decade ago, the same clarification process was imposed on cyber exposure. AI is following the same path on a faster timeline.

Which carriers are tightening AI exclusions?

AIG, W.R. Berkley, Great American, and Hamilton Insurance Group have filed AI exclusion language with US state regulators for management liability lines. Beazley and QBE have introduced AI sublimits on cyber and professional indemnity policies, capping AI-related payouts at approximately 10 percent of total policy limits. Chubb has added an exclusion for widespread or systemic AI events while retaining coverage for isolated incidents. The ISO Verisk CG 40 47, CG 40 48, and CG 35 08 endorsements, available to all ISO member carriers from January 2026, are expected to see broad adoption across the commercial general liability market in 2026.

Will my cyber policy cover an AI hallucination?

It depends on the wording and whether your carrier has added an AI exclusion or sublimit. Cyber policies written before 2024 are generally silent on AI, meaning an AI hallucination loss might have been argued into coverage as a data or network event. Carriers are now resolving that ambiguity. Some specialist cyber carriers are adding affirmative AI coverage for hallucination-related losses on defined terms. Others are excluding them. Beazley and QBE have introduced sublimits that cap AI-related cyber losses at approximately 10 percent of policy limits. Read your current renewal for explicit AI language before assuming coverage extends to hallucination events.

Will my E&O policy cover an AI agent error?

Likely not in full if your carrier has applied an AI exclusion. Professional indemnity and E&O wordings are being rewritten to carve out autonomous AI activity. Where a human professional uses an AI tool and the professional reviews and approves the output before it reaches a client, coverage may survive under the professional services trigger. Where an AI agent acts autonomously, without human review in the causal chain, and causes a financial loss, most E&O policies with an AI exclusion will decline the claim. Some specialist E&O carriers are adding affirmative AI agent coverage as a separate insuring agreement. The critical distinction is the degree of human oversight between AI output and the final deliverable.

Can I negotiate the AI exclusion off my policy?

In some cases, yes. The leverage depends on the carrier, the account size, and the governance programme in place. Large accounts with documented AI governance frameworks, named AI oversight officers, board-level AI policies, and quantified AI exposure may be able to negotiate a buyback endorsement reinstating coverage for defined AI loss categories. For SMEs, the more practical path is to seek a specialist AI insurance product from a carrier writing affirmative coverage rather than trying to modify a generalist carrier's absolute exclusion. Start the negotiation at least 90 days before renewal expiry and engage a broker who specialises in technology or AI risk.

What carriers affirmatively cover AI in 2026?

As of April 2026, the carriers writing affirmative AI coverage include: HSB (Hartford Steam Boiler, Munich Re subsidiary) for bodily injury, property damage, and advertising injury from AI use; Munich Re aiSure for parametric AI performance; Armilla (Lloyd's coverholder) for AI model liability up to USD 25 million; Testudo (Lloyd's-backed) for AI model liability up to USD 9.25 million; Counterpart for professional liability with affirmative AI endorsements; Corgi for technology companies; Vouch for tech E&O via Hiscox Corix; and AIUC for enterprise certification-plus-insurance. The full Carrier Comparison Matrix with underwriting criteria is maintained on agentinsured.eu.

Should I add specialist AI insurance on top of my existing coverage?

If you are deploying AI agents, using generative AI in a client-facing context, or making decisions affecting third parties using AI-assisted tools, the answer is almost certainly yes. Existing CGL, E&O, and cyber policies were not priced for AI risk, and the exclusion wave means they are being actively narrowed. A specialist AI insurance product fills the gap with affirmative coverage on defined terms, providing a contractual basis for managing AI risk that a general exclusion does not. The cost of a specialist product is typically a fraction of the potential uninsured loss exposure from an AI-related claim in a mid-market business.

Related reading

For a policy-by-policy guide to what each line of business covers and excludes for AI errors, see Does my business insurance cover AI errors? A 2026 policy-by-policy guide on insureyouragent.com. For the full carrier map with limits, underwriting criteria, and affirmative AI products, see the 2026 AI Liability Insurance Market Map on agentinsured.eu. For an interactive tool that lets you compare carriers by coverage category, see the Carrier Comparison Matrix on agentinsured.eu. For an interactive assessment of your current policy's AI coverage gaps, see the Coverage Audit tool on insureyouragent.com. For the regulatory obligations that create the liability surface these exclusions address, see EU AI Act operator obligations: a 2026 compliance guide on this publication.

References

  1. ISO/Verisk, Form CG 40 47 01 26, Exclusion: Generative Artificial Intelligence, effective January 2026. Available through ISO member carrier filings.
  2. ISO/Verisk, Form CG 40 48 01 26, Exclusion: Generative Artificial Intelligence (Coverage B Only), effective January 2026.
  3. ISO/Verisk, Form CG 35 08 01 26, Exclusion: Generative Artificial Intelligence (Products/Completed Operations), effective January 2026.
  4. Verisk, "From Risk to Endorsement: Four Key Emerging Risks Shaping the Latest ISO General Liability Multistate Filing," Verisk Insurance, July 2025.
  5. W.R. Berkley Corporation, Form PC 51380 00 06 24, Artificial Intelligence Exclusion: Absolute, issued June 2024. Filed with state regulators late 2025. Form published via Hunton Andrews Kurth law firm briefing on continued proliferation of AI exclusions, National Law Review, 2025.
  6. National Law Review, "Berkley Introduces 'Absolute' AI Exclusion in Liability Policies," The Continued Proliferation of AI Exclusions, 2025.
  7. Gridex, "Verisk CG 40 47: What the New AI Exclusions Mean for Your Commercial Clients," gridex.dev, 2026.
  8. Swept AI, "AI Insurance Liability: New CGL Exclusions, Silent AI Coverage, and What Every Enterprise Should Know," swept.ai, 2026.
  9. Swept AI, "Reinsurers Are Already Underwriting AI Risk. P&C Cedents Are Not in the Conversation," swept.ai, 2026.
  10. Swiss Re, "AI: Unintended Insurance Impacts and Lessons from 'Silent Cyber,'" Swiss Re SONAR 2024, swissre.com.
  11. Munich Re, "The New Frontier of Underwriting AI Risk," munichre.com, 2025.
  12. Moffatt v. Air Canada, British Columbia Civil Resolution Tribunal, decision 14 February 2024. Award: CAD 650.88 damages plus CAD 36.14 pre-judgment interest and CAD 125 tribunal fees.
  13. Mata v. Avianca, Inc., 678 F. Supp. 3d 443 (S.D.N.Y. 2023). Judge P. Kevin Castel. Attorneys sanctioned USD 5,000.
  14. EEOC v. iTutorGroup, Inc., consent decree approved S.D.N.Y., 8 September 2023. Settlement USD 365,000. EEOC press release, eeoc.gov.
  15. Business Insurance, "Insurers, Brokers Adjust as AI Exclusions Emerge," businessinsurance.com, 2026.
  16. PropertyCasualty360, "General Liability Endorsements: Assault or Battery, Generative AI, Human Trafficking," propertycasualty360.com, October 2025.
  17. Insurance Intelligence Council, "ISO Makes AI Excludable," The Intelligence Council Substack, 2025.
  18. Independent Agent, "Verisk to Roll Out New General Liability Exclusions for Generative AI Exposures," independentagent.com, 2025.