Check out this article published in the February 13, 2026, print edition of the Phoenix Business Journal. The article appears as part of the Journal's "Legal Pulse" column.
AI is clearly here to stay—and its use is expected to increase with respect to both traditional AI applications and new business functions. Business owners and leaders are exploring AI not just as a tool, but as a participant in operations that is capable of initiating actions, interacting with other systems, or directly affecting operations. And insurers are increasingly using AI in underwriting, claims handling, risk assessment, and customer-facing decision making. These trends have significant implications for businesses, who will face questions about the type and extent of coverage they need when obtaining or renewing policies—and about whether the policies they obtain provide that coverage.
Key considerations for businesses and policyholders include:
- Disclosure Requirements: Insurers will require detailed disclosures about AI use and risks, including tasks performed, autonomy levels, the extent of human oversight, and reliance on third-party AI vendors. Incomplete disclosures could expose businesses to allegations of misrepresentation or non-disclosure, potentially leading to rescission of policies intended to provide liability or D&O (Directors & Officers Liability Insurance) coverage, even after the business has suffered a loss and tendered a claim to the insurance carrier.
- Internal Classification of AI: How a business classifies AI—whether as a support tool or as an independent operational decision maker—can affect coverage under E&O (Errors & Omissions Insurance), D&O, and CGL policies. Courts will increasingly have to address issues arising from AI activity, such as whether losses from AI activity constitute “professional services,” “management decisions,” or “operational errors,” with implications for policy triggers, applicability of exclusions, and coverage limits.
- Policy Selection and Structuring: The nature and extent of AI use and the degree of executive oversight of AI activities will influence businesses’ coverage decisions. For example, businesses will have to carefully assess E&O and D&O coverage limits. Questions will also arise about whether cyber policies cover AI-related incidents, especially non-breach failures of internal AI. And standard CGL (Commercial General Liability Insurance) forms often exclude technology-driven harms. As a result, businesses will have to carefully assess whether coverage gaps exist that may require endorsements or modifications.
- AI-Specific Exclusions and Sublimits: As business use of AI expands and changes, insurers are increasingly implementing exclusions or sublimits for AI-related incidents and losses. These changes address both traditional AI risks, such as phishing, deepfakes, denial-of-service attacks, or data breaches or theft of PPI (personal Protected Information), as well as emerging risks such as unsupervised autonomous decision-making by AI or social-engineering attacks initiated by AI. Businesses will need to carefully review their proposed policies to identify such exclusions and, if necessary, negotiate changes or endorsements with their insurer, including manual endorsements, which could increase coverage costs. Additionally, ambiguities in existing policy language will trigger disputes as to, for example, whether AI decision-making errors constitute “errors” or “occurrences” or are excluded business risks; whether an AI-related loss is the result of a “failure” or an “attack”; or whether and to what extent existing exclusions such as social engineering, crime, or cyber incidents apply.
- Vendor Risk Allocation: Businesses will also have to address AI-related risk allocation with their AI vendors. That will require negotiations of indemnity provisions regarding potential third-party liability claims. For example, for what types of risks or incidents will the vendor indemnify the policyholder, and will there be any limits to the scope of indemnification? Businesses will have to address the scope of insurance required of the vendor—is there a need for specific AI-related provisions, and are the vendor’s policy limits sufficient? And concerning both privacy requirements and potential copyright claims, businesses will have to address whether and, if permitted, to what extent a vendor can use the business’s data available to the AI to train or update the AI (and what type of data-breach coverage the business needs to require the AI vendor to procure).
- Insurer Use of AI: Another AI-related risk that businesses will face is their insurers’ increasing use of AI in underwriting and claims processing, including in risk assessment, predictive modeling, fraud detection, automatic claims intake, and damage assessment (such as image or video analysis). Businesses need to be aware of insurers' use of AI and assess underwriting and coverage decisions with that use in mind. For insurers, this increasing use of AI may lead to exposure if, for example, the output created by AI is inaccurate, biased or discriminatory, or misapplied; or if claims decisions are, statistically, one-sided or show distinct trends that cannot be explained by environmental factors. Ultimately, this increased AI use by insurers will likely lead to additional disputes, litigation, or bad-faith claims.
- Coverage Limitations: AI coverage is still developing, and as a result, businesses may find that (much like what happened with cyber insurance) some AI-related risks are, for now, uninsurable or that available coverage is very limited. These limitations will require businesses to assess whether and to what extent they are willing to accept higher self-insured retentions, use captives or alternative methods of risk transfer (such as indemnification provisions in vendor contracts), or tolerate uncovered exposures.
In summary, in 2026, businesses will face complex coverage questions stemming from the developing capabilities, applications, and uses of AI by both businesses and insurers. Addressing those questions will require careful assessment of traditional and newly implemented policy definitions, language, and exclusions; proactive risk management through both insurance and vendor contracts; and coordination and collaboration with insurers, all so as to ensure that the business’s coverage aligns with the expanding role of AI in their operating environment.
If you have questions about AI and insurance coverage issues, please contact Karin at karin.aldama@gknet.com or (602) 530-8195.
about the author
Karin S. Aldama handles complex commercial and business litigation and insurance coverage matters for mid-size to Fortune 500 companies in hospitality, finance, utilities, aerospace, and semiconductors. She helps corporate clients and governmental entities find insurance programs that meet their needs and obtain the coverage to which their policies entitle them.