But Not the Way You Think.

By James W. Moore

In February 2026, according to AIUC’s announcement, ElevenLabs became the first company to go live with a dedicated AI liability policy, backed by Lloyd’s market capacity with limits up to $50 million. It required more than 5,000 adversarial simulations before binding. In the same underwriting cycle, ISO endorsements CG 40 47, CG 40 48, and CG 35 08 — the new ISO AI exclusions for commercial general liability — took effect, with carriers including W.R. Berkley, AIG, and Great American explicitly excluding generative AI losses. That is not a contradiction. It is the market admitting the exposure is real, and the form is wrong.

The harder question is how to price it. The answer, if history is a guide, has very little to do with actuarial data.

The Coverage That Never Existed

The instinct among underwriters encountering AI liability has been to reach for a familiar form. Cyber covers malicious actors — external threats, unauthorized access, and deliberate attack. Technology E&O covers deviations from inspectable standards of practice. Product liability assumes deterministic, physically inspectable defects. None of those lines were designed for what AI actually does.

AI failures arise from normal operation — statistical skew in decisions, fabricated outputs, goal misalignment — where the system worked as designed and still caused harm. That profile fits none of the standard forms precisely, which means AI exposures have been sitting in existing portfolios as what the industry now calls “silent AI” — neither affirmatively covered nor excluded, therefore unpriced and unmanaged. ISO’s January 2026 exclusions are forcing that silence to end. Exclusions, however, create gaps, not solutions.

The ElevenLabs policy addresses third-party vendor liability — what happens when an AI system causes harm to enterprise customers. First-party coverage for business interruption, recall costs, and IP defense remains largely nascent. The market is bifurcating, and most of it is still being built.

The losses are already arriving to fill those gaps. Gallagher’s 2026 AI Adoption and Risk Survey found that one in five insurance professionals report their insureds have experienced AI-related losses or claims. Just over half were fully covered; the remainder were partially covered or uninsured. Gallagher’s 2026 cyber market outlook tracks more than 200 active legal cases involving AI and machine learning. In Moffatt v. Air Canada (2024 BCCRT 149), a British Columbia tribunal held the airline liable for negligent misrepresentation after its chatbot provided incorrect bereavement fare information — rejecting Air Canada’s argument that the chatbot was a separate legal entity. A company cannot legally dissociate itself from its algorithmic agents. Courts are already making that clear.

Anyone who watched the industry handle silent cyber between 2015 and 2022 will recognize the sequence: silent exposure, then explicit exclusions, then standalone affirmative products. WTW’s “Insuring the AI Age” (December 2025) explicitly frames AI liability as that playbook replaying.

The Inspection Regime Is the Product

The aviation parallel is instructive — and underappreciated.

Lloyd’s wrote the first aviation insurance policy in 1912, adapting marine insurance language and calling the aircraft a “hull,” a form borrowed wholesale from an existing line. The Travelers followed in 1919 with the first comprehensive U.S. aviation policy, following automobile policy form conventions. Early underwriters priced the risk the only way they could: by guessing.

After World War I, multiple national carriers entered the market expecting profits. Within a year, losses exceeded premium income and nearly all discontinued aviation underwriting. The cause was not that flying was inherently uninsurable. It was that no one had built the infrastructure to observe the risk — no inspection of aircraft, no testing of pilots, no licensing regime of any kind. Insurers were covering assets they had never examined, operated by people whose only credential was their own word.

The solution, when it came in 1921, was not actuarial. The National Aircraft Underwriters Association partnered with Underwriters Laboratories to inspect every plane and test every pilot seeking coverage. Member companies agreed not to write a policy without certification. Premium rates fell once the inspection regime was in place, because the regime changed the risk, not merely the paperwork.

This is the insight that most commentary on AI insurance misses: aviation underwriters did not need to understand aerodynamics. They needed observable controls, inspection standards, and measurable governance. The technology was unknowable. The governance was not. Insurance priced the audit discipline, not the underlying peril.

The private regime eventually collapsed without legislative backing, and the market did not fully stabilize until the federal Air Commerce Act of 1926 created mandatory licensing and airworthiness certification. But the mechanism was established before the law: a certification standard, an independent inspection body, and coverage conditioned on passing.

That structure has a direct modern counterpart. AIUC’s AIUC-1 certification standard requires independent adversarial testing before coverage is bound. The policy is attached to the audit discipline. Parametric structures are emerging that tie coverage to measurable performance thresholds in production monitoring rather than traditional causation analysis — observable, auditable, not subject to the attribution disputes that have historically plagued technology claims.

Three Problems Aviation Didn’t Have

History rhymes, but it does not repeat perfectly. Three things make AI harder to price than anything the industry has priced before — and none of them have clean historical precedents.

The first is the absence of any usable loss history. Proxies from cyber and technology E&O may prove as structurally wrong as the assumptions long-term care insurers made in the 1990s — both allowed unmodeled tail risk to accumulate behind familiar-looking forms. Long-term care appeared straightforward until a decade of silent mispricing culminated in the Penn Treaty insolvency — liabilities exceeded assets by $4 billion at its 2017 liquidation, by which point CNA, MetLife, Prudential, Unum, and John Hancock had all exited the line. Novel-line mispricing does not announce itself. The damage accumulates quietly, then arrives all at once.

The second problem is that AI risk is not stationary. A physical asset degrades on a predictable curve. An AI model can change abruptly when retrained, when prompt templates are modified, or when an API version changes. Prior validation may be instantly obsolete. This points toward coverage structures more akin to continuous credit ratings than traditional one-time actuarial assessments.

The third problem has no precedent in aviation at all — and it is the most consequential. Researchers at the Alan Turing Institute identify foundation model concentration as “the clearest genuinely novel insurability frontier” in AI risk. A carrier may appear diversified across dozens of enterprise policyholders while unknowingly concentrating its exposure in a small number of shared underlying models. A single foundation model failure propagates simultaneously across every enterprise running it. Traditional portfolio diversification offers no protection against that kind of correlated accumulation.

What hardens the AI insurance market the way NotPetya (the 2017 cyberattack that triggered unprecedented property exclusions) hardened cyber? A high-profile judgment, a regulatory enforcement action, a foundation-model-wide failure — no one knows which arrives first. But the trigger will come. The question is whether carriers will have built the inspection regime before it does.

What Carriers Need to Do Now

Insurance carriers occupy an unusual position in this market. They are potential insurers of AI risk and potential policyholders simultaneously. Every carrier deploying AI in underwriting, claims automation, or fraud detection carries the same silent exposure their policyholders carry.

Governments can mandate minimum standards. Insurers continuously price behavior. Every premium adjustment, underwriting requirement, and coverage restriction becomes a real-time signal about acceptable risk. In practice, that shapes organizational behavior faster than regulation. Cybersecurity improved more because insurers required multi-factor authentication than because governments recommended it. The same dynamic is forming around AI governance. NIST’s AI Risk Management Framework 1.0 and ISO/IEC 42001 are voluntary today. Carriers should treat compliance with those frameworks as an underwriting asset now — because by the 2027 renewal cycle, based on the trajectory of cyber insurance, they will be prerequisites for coverage.

If your board is asking what AI governance actually means in practice, the answer is documentation that proves your systems are monitored and auditable. The governance documentation that determines AI insurability also protects a carrier’s D&O program. The EU AI Act classifies insurance underwriting AI as a high-risk use case, introducing significant compliance obligations and potentially substantial penalties for non-compliance. Shareholder litigation and SEC enforcement actions related to AI governance failures accelerated in 2025. Model cards, system cards, audit logs, and monitoring protocols are not compliance artifacts. They are the evidentiary foundation for both coverage and defense. Carriers should require them of themselves before their underwriters require them of others.

Usage-based pricing, bonus-malus schemes adapted from motor insurance, and adversarial audit requirements are emerging as the market’s early answer to the pricing problem. For smaller carriers and agencies, third-party audit requirements will eventually commoditize the way security scanning did for cyber — but the early market will favor larger players with governance infrastructure already in place. A few carriers have adopted ISO AI exclusion language. One company has bound an affirmative policy on Lloyd’s paper. The inspection regime is being built.

As aviation insurance executive Walter Crowdus wrote in 1931, ingenuity in this industry has always meant building the inspection regime, not avoiding it: “Without the ingenuity of insurance professionals who develop groundbreaking policies to cover the risks associated with virtually every new commercial undertaking, many industries would never have prospered.”

Insurance does not make new technologies safe. It makes them governable. The market will not tame AI by guessing its next hallucination. It will tame it by refusing to underwrite anyone who cannot prove they are watching it happen.

Sources

1. Stern, Goldfarb, Minssen, Price II — “AI Insurance: How Liability Insurance Can Drive the Responsible Adoption of Artificial Intelligence in Health Care,” NEJM Catalyst 3, no. 4 (2022). https://repository.law.umich.edu/facarticles/2753
2. Szpruch, Orfanoudaki, Maple, Wicker, Bengio et al. — “Insuring AI: Incentivising Safe and Secure Deployment of AI Workflows,” Alan Turing Institute/SSRN preprint (2025). https://ssrn.com/abstract=5505759
3. Leung et al. — “The Insurability Frontier of AI Risk,” arXiv preprint (May 2026). https://arxiv.org/abs/2605.18784
4. Geneva Association — “Gen AI Risks for Businesses: Exploring the Role for Insurance” (October 2025). https://www.genevaassociation.org/sites/default/files/2025-10/gen_ai_report_0110.pdf
5. Mohey-Deen, Rosen — “The Risks of Pricing New Insurance Products: The Case of Long-Term Care,” Chicago Fed Letter No. 397 (2018). https://www.chicagofed.org/publications/chicago-fed-letter/2018/397
6. Crowdus, Walter C. — “Aviation Insurance,” Journal of Air Law and Commerce 2, no. 2 (1931). https://scholar.smu.edu/jalc/vol2/iss2/3
7. Bogardus, John — “‘Flying Machines’ and Early Airline Insurance,” IRMI Expert Commentary, June 2005. https://www.irmi.com/articles/expert-commentary/flying-machines-and-early-airline-insurance
8. United States Aviation Underwriters — “History of Aviation Insurance at USAIG.” https://www.usau.com/about/history/
9. Allianz Commercial — “100 Years of Aviation Insurance,” Global Risk Dialogue, August 2015. https://commercial.allianz.com/news-and-insights/reports/100-years-of-aviation-insurance.html
10. Gallagher — “2026 AI Adoption and Risk Benchmarking Survey.” https://www.ajg.com/news-and-insights/features/ai-adoption-and-risk-benchmarking-2026/
11. Gallagher — “Not So Silent: Tackling the Complexities of AI Liability.” https://www.ajg.com/news-and-insights/features/ai-liability-not-so-silent/
12. Lior, Anat and Madhok, Sonal — “Insuring the AI Age,” WTW, December 9, 2025. https://www.wtwco.com/en-us/insights/2025/12/insuring-the-ai-age
13. Lior, Anat — “E/Insuring the AI Age: Empirical Insights into Artificial Intelligence Liability Policies,” Connecticut Insurance Law Journal Vol. 31 (2025). https://ssrn.com/abstract=5316376
14. AIUC — Company website and press materials, February 2026. https://aiuc.com

AI Disclaimer: This content was created with assistance from artificial intelligence technology. While content is based on factual information from the source material, readers should verify all details directly with the respective sources before making business decisions.