AI and Insurance: Bridging Innovation and Risk

Client Concerns about AI and Insurance

As AI technologies like ChatGPT and other generative AI tools have gained prominence, our clients have started raising questions about their insurance coverage. Among the most frequently asked are:

• Does my insurance cover AI?
• What specific risks does AI introduce?
• How can AI affect traditional insurance policies?
• What kind of claims could AI lead to?
• Are there AI-specific insurance products?
• How should companies address AI in their insurance coverage?

These questions highlight companies' concerns as they navigate the integration of AI into their operations and the implications for their insurance coverage.

Impact on Different Types of Insurance

Property & Casualty Insurance 

For most businesses, property and casualty insurance is foundational coverage that protects against physical damage to assets and legal liability. While AI does not introduce direct exposure in these policies, it can amplify existing risks.

For example, if AI is involved in managing building operations, there could be concerns about malfunctions leading to incidents like fires. Generally, standard property policies should cover such events unless specific exclusions are added.

In terms of general liability, if a company integrates AI into consumer products and those products cause harm, the liability exposure could increase. A standard liability policy should respond, but businesses need to be vigilant about policy language and potential exclusions.

Cyber Insurance

Cyber and technology errors & omissions (E&O) insurance policies are perhaps the most directly impacted by AI. As AI enhances the capabilities of cybercriminals, the threat landscape becomes more perilous. AI can enable more sophisticated phishing attacks and ransomware exploits, necessitating a strong cybersecurity strategy.

On the flip side, AI is also a critical tool for enhancing cybersecurity defenses. Companies must stay ahead by integrating AI tools to detect and mitigate cyber threats effectively. Insurers are increasingly scrutinizing how businesses use AI in their cybersecurity strategies during the renewal process.

A growing area of concern within cyber insurance is non-breach privacy claims. There is potential for these claims to involve personal identifiable information (PII) used or gathered by AI models. Cyber policies vary widely in their treatment of non-breach privacy exposure, and an increase in claims may cause market pullback. It’s worth reviewing the scope of coverage in your existing policy to ensure you don't have coverage gaps.

Consistent with the earlier discussion about property and casualty insurance, however, the bigger challenge is when AI is the product, or controls a fundamental aspect of the product, and an incident causes financial harm (rather than physical damage). This can lead to claims under the technology E&O component of a cyber policy. Cyber insurers are not as confident about their ability to understand and predict these E&O claims, so AI-focused companies are experiencing higher premiums and more limited cyber/E&O coverage options due to the lack of competition.

D&O Insurance

AI's impact on D&O insurance is multifaceted. The rapid growth and hype around AI have led to inflated valuations for some AI companies, raising concerns about potential securities class actions if these companies fail to deliver on their promises.

New laws and regulatory scrutiny around AI—like what has been seen with privacy regulations—could lead to fines and penalties, further increasing D&O risk.

Given these dynamics, companies should reassess their D&O coverage, particularly the limits and scope of coverage for derivative claims. These claims, often filed when directors are accused of failing in their oversight roles and causing significant financial harm to the company, can result in substantial settlements. In most states, including Delaware, companies cannot indemnify directors for settlement in derivative cases—if adequate D&O coverage is not in place, the directors would be responsible for paying the settlement out of pocket.

Underwriters will be looking at governance to understand a company’s risk—they will ask how the board is overseeing AI risk and whether management has been thoughtful about how the company uses AI. They will also focus on what disclosures the company is making around the use and impact of AI, due to concerns that companies are “AI-washing” to boost valuations.

Key Risks and Considerations

As the insurance industry adapts to AI, businesses must proactively address new risks. Some insurers have developed AI-specific products targeting niche markets, but for most companies, the focus should be on ensuring that existing policies adequately address AI-related exposures.

Vigilance is crucial when it comes to policy language. Insurers may introduce exclusions as they assess AI-related risks, and businesses need to negotiate these terms carefully to avoid unintended gaps in coverage.

Recommendations for Businesses

To navigate the intersection of AI and insurance effectively, companies should:

• Assess AI-related exposures: Understand how AI integrates into operations and identify potential risks.
• Review and adjust coverage: Ensure that insurance policies are aligned with the evolving risk landscape, particularly in areas like cyber and D&O insurance.
• Communicate AI governance: When presenting to insurers, clearly articulate the company's AI governance framework, highlighting how legal, compliance, and security functions are managed and reported to the board.
• Monitor policy language: Be vigilant about new exclusions and negotiate terms to maintain comprehensive coverage.

As AI continues to transform industries, its implications for insurance are profound. By understanding the risks, staying informed about policy changes, and engaging proactively with insurers, businesses can ensure they are adequately protected. Effective risk management and thoughtful communication with insurers will be key to navigating the challenges and opportunities presented by AI.