The commercial insurance industry is seeing the early stages of policy and contract wording updates and revisions relating to the rapidly expanding use of artificial intelligence.
The Insurance Services Office last year issued general liability exclusions for AI, while the first notices of affirmative coverage have started to emerge as insurers, brokers and others move toward clarifying the lines around insuring AI exposures.
The ISO exclusions took effect in January 2026 and include CG 40 47; CG 40 48; and CG 35 08 for commercial general liability policies.
“There are a few carriers that are starting to adopt those exclusions,” said John Farley, New York-based managing director of Arthur J. Gallagher & Co.’s cyber practice.
“We’re just at the very beginning and we have to watch this very closely,” he said, because if AI exposures become excluded, “we’re going to have to figure out where this exposure should be covered.”
The advent of AI has created perils that policy forms may not have explicit language for, which is why brokers want clarification, said Rob Malone, New York-based U.S. head of cyber for Axa XL.
“Clarity is essential, as relying on legacy wording or exclusions can lead to silent AI exposures,” said Shawn Ram, chief revenue officer at cyber insurer Coalition.
Change, though, is coming at a measured pace.
The market has been restrained in taking any drastic actions with either affirmative or exclusionary language, though both exist, said Greg Eskins, Miami-based global cyber product leader, Marsh Risk.
Underwriters are aware that the widening adoption of AI is a growing risk that could increase exposure, said Kara Higginbotham, New York-based head of professional liability and cyber at Zurich North America.
In most cases, amending policy language to address AI exposures is unnecessary, but some insurers have issued endorsements to make their intent clearer, Ms. Higginbotham said.
“Policy clarification amendments, and in some cases broadening endorsements to address regulatory exposures including fines and penalties stemming from AI regulations, are increasingly available in the market,” Ms. Higginbotham said. “Many carriers are currently evaluating the potential benefits and risks of making broad policy language changes.”
Underwriters are focusing more on AI exposures, said Jeff Kulikowski, New York-based executive vice president, cyber and professional liability leader at Westfield Specialty.
“We’ve had to really adapt how we underwrite to the AI exposure, trying to better understand exactly how our insureds utilize AI,” he said.
This includes asking a broader range of questions about AI use.
“It used to be, ‘Do you use AI and how do you use it?’ Now it’s, ‘What models are you currently utilizing? How did the business decisions get made to utilize these models? What checks and balances are in place to make sure the AI models produce accurate and verifiable results?’” Mr. Kulikowski said.
Some insurers have moved to establish affirmative coverage.
In October, Axa XL introduced new coverage, available by endorsement to its cyber insurance globally, extending coverage to address specific generative AI risks for businesses developing their own generative AI models.
The endorsement covers data “poisoning” — manipulating or contaminating the training data used to develop machine learning models; usage rights infringement — negligently failing to obtain appropriate permissions to use specific items or data, such as copyrighted materials; and regulatory violations — liability arising from the European Union’s AI Act.
Policyholders want “clear and affirmative terms,” so they know how their policy will respond, Coalition’s Mr. Ram said.
In 2024, Coalition introduced an affirmative AI endorsement to clarify cyber coverage for AI-related security events and expand triggers, including fraudulent instructions sent through deepfakes or other AI tools, he said.
In 2025, the cyber insurer incorporated that endorsement into its base active cyber policy. Later in 2025, Coalition also launched a deepfake response endorsement to address reputation and incident response needs when AI-generated impersonations are used against a business.
“We did have a number of cyber insurance carriers come out and affirmatively state that they would be covering those AI-driven attacks for deepfake technology schemes,” Mr. Farley of Gallagher said.
Clinton Mora is a reporter for Trending Insurance News. He has previously worked for the Forbes. As a contributor to Trending Insurance News, Clinton covers emerging a wide range of property and casualty insurance related stories.