The Insurability Frontier of AI Risk: Mapping Threats to Affirmative Coverage, Silent Exposures, and Exclusions¶
Source: arXiv:2605.18784 \ Authors: Alex Leung, Rex Zhang, Ervin Ling, Kentaroh Toyoda, SiewMei Loh (AIFT) \ Date: May 2026 \ License: CC BY 4.0
TL;DR¶
The paper constructs a 55-threat × 26-product coverage matrix mapping the AI insurance market as of May 2026. It identifies a four-tier insurability frontier: (1) affirmatively insured perils, (2) silent-AI exposures under legacy lines, (3) actively excluded perils, and (4) structural boundary cases — including foundation model concentration, which the authors argue is the genuinely novel insurability problem (systemic loss correlation across many cedents). Affirmative AI insurance is fragmenting by peril rather than converging on a single policy form.
The Problem¶
AI-mediated losses can be framed in multiple ways simultaneously — as a cyber incident, a technology error, a professional negligence claim, an IP or media liability, an employment or discrimination matter, or an AI-specific event. Existing commercial policies weren't drafted with this overlap in mind. The result: silent-AI exposure (analogous to the "silent cyber" problem that emerged after NotPetya), where AI losses fall under non-AI policies that never contemplated AI as a cause or instrumentality.
Methodology¶
The authors built a replicable codebook coding 55 AI threats against 26 insurance products, endorsements, and exclusion regimes:
- Sources: Tier-A (carrier-published materials from Armilla, AIUC, Coalition, Munich Re, Apollo ibott, Axa XL, etc.), Tier-B (regulatory filings including Verisk CG 40 47/48 AI exclusions), and Tier-C (trade press, triangulated)
- Threat catalog: 7 clusters — LLM/GenAI application threats, agentic AI threats, agent infrastructure, classical ML, AI operations/supply chain, human misuse, systemic aggregation, and agentic-skill risk
- Coding: Each cell = affirmative, silent/gray, excluded, or no public position
Four-Tier Insurability Frontier¶
Tier 1 — Affirmatively insured: AI-specific products are emerging but specialising by peril rather than converging:
| Carrier | Primary Peril Focus |
|---|---|
| Munich Re (aiSure) | Model performance and drift (since 2018) |
| Armilla / Lloyd's | AI hallucination and broader AI liability |
| Tokio Marine Kiln / CFC | IP and technology E&O concerns |
| Apollo ibott | Autonomous system liability |
| Coalition | Deepfake and AI-enabled cyber response |
Tier 2 — Silent-AI exposure: Legacy lines (CGL, D&O, E&O, EPLI, crime, media liability) retain exposure where AI is an instrumentality rather than the legal cause of loss. The framing problem — which policy responds to an AI loss — creates contested coverage.
Tier 3 — Actively excluded: Verisk's CG 40 47/48 generative AI exclusion endorsements and similar efforts are narrowing legacy forms, removing coverage rather than clarifying it.
Tier 4 — Structural boundary (three subtypes):
| Subtype | Problem | Verdict |
|---|---|---|
| 4a — Lethal trifecta (architectural exploitability) | Prompt injection via private data + untrusted content + external communication | Controls-before-coverage problem — architecture, not insurance, is the primary tool |
| 4b — AI-washing (intentional acts) | Doctrinal exclusion of intentional acts | Familiar problem, new clothes — standard moral hazard/intentional-act doctrine applies |
| 4c — Foundation model concentration (systemic correlation) | Upstream provider failure correlates losses across many insureds | Genuinely novel insurability frontier — no conventional insurance tool handles this |
Key Finding: Foundation Model Concentration¶
The paper's central analytical contribution is isolating Tier 4c as the binding insurability constraint. A single upstream model provider failure can produce correlated losses across many cedents simultaneously — violating the loss-independence criterion that makes insurance pools work. The relevant question isn't which systemic risk template exists, but which insurability constraint each candidate structure (aggregation sublimits, captive/RRG vehicles, AI cat bonds, reinsurance pools, TRIA-style backstops) relaxes.
Predictions for 2026-2028¶
The authors offer testable predictions:
- Bifurcation thesis: Affirmative capacity grows alongside exclusion spread, shrinking the silent-AI zone
- Peril-specialisation thesis: Carriers harden around distinct threat-market positions rather than converging to multi-peril forms
- Tier 4c thesis: Foundation model concentration will first manifest via explicit aggregation sublimits or provider-event exclusions, then potentially via AI cat bonds or brokered pools
Why It Matters¶
For risk managers, brokers, and regulators, this is the first systematic threat-level map of which AI perils are actually insurable in the current market. It makes visible that the AI insurance market is not simply expanding or contracting — it is sorting AI risk by peril, with genuinely uninsurable frontier cases that call for architectural controls (4a), legal clarity (4b), or entirely new market structures (4c).