Estimated reading time: 5 minutes
You grab your phone, open the app, and start a support chat to ask about a company warranty. The bot quickly replies and promises free replacements for three years. Sales teams might be happy as customers dive in based on the promise of great coverage. But the finance finds this promise in thousands of chat records as warranty claims multiply. There was no hacking, but the AI misinterpreted the warranty policy. Now the company faces refunds, regulators, and upset customers. This AI risk scenario is from the new Lockton Re and Armilla AI report, Ready or Not: The Impact of Artificial Intelligence on Insurance Risks.
Insurers Struggle
The report describes modern AI as unpredictable and needing lots of data. Oliver Brew, Lockton Re’s cyber leader, connects this design to new types of failures. “The probabilistic nature of AI … mean it is prone to errors,” Brew said. He expects “huge implications wherever implemented.” He also warns that no sector is safe from these effects. The report notes that today’s insurance language was made for a different time. Brew says “the current lexicon and frameworks” do not fit AI-driven loss patterns. This mismatch makes carriers stretch old definitions and leaves insureds guessing how their coverage will respond.
Coverage Turns Silent, Fragmented, or Misaligned
The report shows how AI risks affect different types of commercial insurance. It points out that some coverage seems to exist but fails when claims are made. The report calls this coverage “silent, fragmented, or misaligned.” Cyber policies often require a security event, but many AI losses come from bad outputs instead. Baiju Devani from Armilla AI highlights the gap between what insurers want to cover and what they actually cover. “There is a growing gap between what insurers intend to cover and what they actually cover,” he said. He also says, “The underwriting toolkit needs to develop at pace.” He calls for better ways to model and price these risks. Karthik Ramakrishnan, CEO of Armilla AI, focuses on making contracts clearer. He says, “Silence in policy language creates uncertainty when claims arise.” He links this uncertainty to less trust in coverage value and argues that clearer wording helps safer adoption.
A Claim Scenario
The report gives a claim scenario that cyber teams will recognize. An AI chatbot gives out wrong warranty promises. The business suffers losses even though there was no hacking or malware. This situation leads to financial risk and attention from regulators. It also challenges traditional insurance triggers. A cyber policy might require a privacy breach, a tech E&O policy might require a specific professional service, and a liability policy might exclude harm caused by software. These gaps can leave the insured to cover the costs. The scenario also shows the risk of scale, as the model can repeat the mistake thousands of times. Customers may see the promise as official, and the business might not notice the error right away.
Watch our Podcast – AI Risk: The Insurance Industry Faces a Faster, Bigger Ransomware Repeat
Systemic Risk Grows
The report warns that similar behavior can happen across many insurance portfolios. Many companies use the same foundation models and cloud services. When these are updated, the changes can affect many insureds at once. Using the same prompts can also lead to repeated mistakes. The report sees these connections as drivers of risk accumulation. Traditionally, aggregation tracks things like location and disasters. For AI risks, it can track vendors, model versions, and data links. This is important for cyber reinsurance. Devani also points out that underwriters are under time pressure. He expects big events tied to concentrated AI systems and wonders if underwriting can keep up with these changes. He also notes new ways risks can build up in supply chains.
Distinct Risk And New Tooling
The report says AI should be its own risk class. It calls for insurance policies that deal with these risks directly. It also suggests making coverage more adaptable for the future. Clearer triggers can help avoid disputes and make claims faster. The report suggests practical steps for insurers, like adding AI-specific endorsements and definitions, defining what counts as an AI output error or model failure, and making sure exclusions are clear. Insurers can test policy wording with real scenarios. Underwriters also need better control questions. The report highlights the need for good governance, validation, and monitoring. It suggests keeping audit trails and having clear ways to escalate issues. It also points out the need to oversee vendors who provide shared models. These steps help with pricing and handling claims.
Get The Cyber Insurance News Upload Delivered
Subscribe to our newsletter!
What Cyber Insurance Buyers Should Do Now?
AI risk now affects customer service, underwriting, HR, and finance automation. Buyers should be ready for more AI-related questions during cyber insurance renewals, as well as in tech E&O and professional liability policies. They should also plan to coordinate across multiple policies. Risk teams can act now by making a list of AI systems and vendors, recording where AI affects decisions and promises, testing outputs against unusual cases and policy wording, setting up human review for important outputs, and reviewing contracts with AI suppliers. Brew puts the urgency simply: “There are no sectors of the economy that are insulated,” he said. The report urges insurers to update their language now and to model new types of claims before they happen.
Related Cyber Liability Insurance Posts
- Cyber Insurance Coverage Reality Check: Key Lessons From EMEA Cyber Fine Trends
- Cybersecurity Starts With Understanding: Graylog’s Kimber Spradlin on Data Clarity, AI Limits, Cyber Hygiene and Mom
- Cybersecurity Exposed: Ransomware, AI Deepfakes & the Threat We Can’t Ignore – New Podcast
- Cyber Security Insurance For Small Business. What to Know.
- Cyber Insurance Claims 2025: Ransomware Costs and Downtime Surge in NetDiligence Report
