Over the last two months I sat down with underwriters at six different insurance carriers. Cyber writers, Tech E&O writers, and two of the newer shops writing dedicated AI coverage. They don't coordinate. They compete. And they told me — separately, in almost the same words — that the insurance policy protecting your company was quietly rewritten this year, and most of the executives relying on it have no idea.
Here is the short version, and then the receipts.
For three years, your insurance covered your AI by accident. Not because a policy said it would — because no policy said it wouldn't. That gap had a name in the industry: Silent AI. It just closed. And if your cyber, Tech E&O, D&O, or employment-practices renewal is coming up in the next two or three quarters, the version you get back will not look like the one you have now.
What "Silent AI" actually means
"Silent AI" is insurance shorthand for a policy that neither grants nor excludes AI risk — it simply never mentions it. When your chatbot gives a customer bad advice, or your Copilot summary leaks something it shouldn't, or an AI hiring tool screens out a protected class, the claim lands on a policy written before any of that was on the underwriter's radar. For a while, those claims got paid, because the language was silent and silence favored the policyholder.
Insurers hate silence. Silence is unpriced, unbounded risk sitting on their books. The law firm Fenwick, which represents many of the technology companies most exposed here, published an analysis arguing that this framework "is rapidly reaching its end." The UK firm Browne Jacobson defined the underlying problem plainly: Silent AI is the risk of issuing policies that don't state whether AI is covered or not. The market has seen this movie before — it's a near-exact replay of the "silent cyber" cleanup of the late 2010s, when carriers spent years forcing cyber risk out of general policies and into its own priced product. This time it's happening in about eighteen months instead of five years.
What changed on January 1, 2026
Here's the concrete artifact, because this isn't a prediction — it's a filed form your broker can attach today.
On January 1, 2026, ISO — the body whose standardized language sits underneath most U.S. commercial property-casualty policies — made three generative-AI exclusion endorsements available for commercial general liability renewals:
- CG 40 47 — the broad exclusion. It removes coverage for both bodily injury/property damage and personal/advertising injury for any loss "arising out of" generative AI.
- CG 40 48 — the narrower version, which removes only the personal-and-advertising-injury coverage.
- CG 35 08 — the products/completed-operations version.
The phrase that does the damage is "arising out of." In insurance law it's read broadly — it doesn't require AI to be the direct cause of a loss, only a link in the chain. If generative AI touched the sequence of events anywhere, the exclusion can be argued to apply.
"But we don't really use AI" — yes, you do
This is the part that catches CFOs off guard. ISO's definition of generative AI is a machine system, trained on data, that can produce text, images, audio, video, or code. That describes the AI already baked into the software your whole company touches — the assistant in Microsoft 365, the AI features in Salesforce, the automation in your help desk and marketing stack. You didn't "adopt an AI strategy." You bought ordinary software, the software grew an AI, and your insurance just learned to carve it out. The exposure isn't limited to the ambitious agent your CTO is piloting. It rides inside tools you already pay for.
The four losses underwriters are now pricing
Underwriters don't react to hype. They react to costed losses. Four of them are now sitting on every AI underwriting file I saw — and each one lands on a different line of coverage, which is exactly why no single policy protects you across the board.
Bartz v. Anthropic — the intellectual-property line. In June 2025, Judge William Alsup ruled that training an AI model on lawfully purchased books was "quintessentially transformative" fair use — but that downloading and keeping pirated copies to build a library was not. The case settled for roughly $1.5 billion. Read the nuance your General Counsel will read: the liability came from where the data came from, not from the act of training. Data provenance is now a line item on the AI errors-and-omissions application.
Moffatt v. Air Canada — the errors-and-omissions line. A British Columbia tribunal held the airline responsible for a fare promise its chatbot made and the company tried to disown. The tribunal's line is the one to remember: "It makes no difference whether the information comes from a static page or a chatbot." Your bot is not a vendor's product sitting in your lobby. It's your agent, and its mistakes are yours.
Mobley v. Workday — the employment-practices line. A federal court certified a nationwide collective alleging AI hiring software screened out older applicants. The court refused to treat the software as separate from a human decision-maker, warning that doing so "would potentially gut anti-discrimination laws in the modern era." "The vendor built it" is not a defense — and this exposure hits your EPLI coverage, a policy most people never mentally file under "the AI project."
Hasbro's Q1 2026 breach — the cyber and operational line. No hypothetical needed. Hasbro disclosed a cyber incident and its CFO told investors to expect about $20 million in one-time remediation and $40–60 million in delayed quarterly revenue. A Fortune 500 company, a policy in force — and trade coverage noted it remained unclear how much would ultimately be recovered through insurance. Even when you're covered, recovery isn't automatic. The claim gets adjudicated against terms that are being rewritten right now.
The squeeze is coming from four directions at once
It isn't only the exclusions. The carriers walked me through four simultaneous moves:
- The standard market is writing AI out — the ISO forms above, plus individual carriers filing their own exclusions. (In fairness: at least one large carrier that filed such language has said publicly it has "no plans to implement" it "at this time." The direction is clear even if the arrival isn't uniform.)
- Cyber policies are adding AI sublimits — the Financial Times reported Beazley and QBE introducing AI sublimits near 10% of the policy limit. In one QBE draft, a hijacked-AI ("LLMjacking") loss could be capped around $250,000 on a $5 million policy. The policy still says "covered." It just quietly caps the payout.
- A real affirmative market exists — and it's gated on governance. Munich Re's aiSure with Mosaic, Armilla writing at Lloyd's through Chaucer, Counterpart backed by Aspen/Markel/Westfield, Testudo out of the Lloyd's Lab. Genuine capacity — granted and priced on documented proof that you govern your AI.
- Regulators are hardening the paperwork. The NAIC's model bulletin on insurer AI use is now adopted in 24 states, and the EU AI Act's Article 9 sets a documented, lifecycle risk-management standard for high-risk systems. (That EU timeline is currently in flux after a proposed deferral — but the documentation standard itself is already defined.)
What the underwriters said they actually need
I didn't ask them to speculate. I asked what they need to see on the page before they'll quote or renew. The answers clustered into six controls — and not one of them is software you buy. Each is evidence you produce:
Human kill switch
A named person can stop or reverse any autonomous AI action — with an escalation path and a recent test on file.
Human-in-the-loop inventory
Every AI decision touching a customer, employee, dollar, or regulated datum — mapped to its named override owner.
Data-provenance audit
Where the data feeding your AI came from and how it is labeled — the most expensive blank on the E&O application after Bartz.
Named accountable executive
A signature, not a committee. Rent the function via vCAIO if you cannot justify a full-time hire.
Deepfake-resistant authentication
Out-of-band verification for AI-touched workflows. Email and video are no longer proof of identity.
Enforcement evidence on your existing stack
On Microsoft, that means Entra workload identity, Purview enforcement at answer time, and Defender/M365 audit logging what each agent read and returned.
Those six line up with what Aon and WTW have both told the market underwriters now expect, and with the AIUC-1 standard the newer AI insurers use — all of which map back to NIST's AI Risk Management Framework and ISO/IEC 42001. Three different corners of the market converging on the same requirement: audit-grade governance evidence.
The role no org chart has drawn yet
Every few weeks a "new roles for AI" chart goes viral — Chief AI Officer, AI Risk & Governance Specialist, Agent Engineer. Useful maps. But every one compresses the entire governance function into a single icon at the end: Govern. That box is where your renewal now lives, and inside it is a seat nobody has named — the person responsible for proving, to an underwriter, on paper, that your AI is governed well enough to insure. Call it the AI Insurability Officer. Almost no company can justify hiring one, which is why we deliver the function through a Virtual Chief AI Officer instead.
What I tell clients to do
Start here, in this order, and none of it is a technology purchase:
- Inventory every AI in your environment — including the embedded AI you didn't think counted. Most teams find the list is two to three times longer than they expected.
- Map every human checkpoint and name the human for each AI decision that touches a person, a dollar, or regulated data.
- Audit your data provenance before the underwriter asks, not during the renewal.
- Name the accountable executive — rent the function if you can't hire it.
- Configure your audit trail to survive a deposition — "the AI ran" is not a record; "the AI read this, returned that, under this authority" is.
- Assemble it as one signed package mapped to NIST AI RMF, ISO/IEC 42001, and AIUC-1.
Where this leaves you
Silent AI is over. Your policies are being rewritten across four fronts at once, the losses driving it are real and public, and they cross four coverage lines no single policy was built to span. The enterprises that walk into their next renewal with documented governance will get cleaner terms and real capacity. The ones that show up empty-handed will get exclusions, sublimits, higher premiums, or a quiet no. Your renewal date is the real deadline — and your General Counsel already knows what month that is.
This is the work we built a practice to do. If you want the full breakdown — every carrier action, court ruling, and control mapped to the standards, with the source ledger so your GC can check every receipt — read the AI Insurance Readiness practice page and the accompanying evidence-package white paper.
