AI Insurance Exclusions & Compliance Hub

The AI insurance landscape changed dramatically in 2026. Major carriers now exclude AI-related claims from standard policies. This hub tracks state regulations, carrier endorsements, and industry-specific compliance requirements to help you understand your exposure.

The rise of AI agents and shadow AI makes these exclusions hit harder than expected. Most enterprises have over 1,200 unsanctioned AI applications running — each one a potential uninsured liability. Understanding your full AI footprint is the first step toward protecting it.

Summary

AI insurance exclusions are policy endorsements that remove coverage for losses connected to artificial intelligence. As of 2026, three carriers have filed AI endorsements: Verisk CG 40 47 (a generative-AI exclusion for commercial general liability), W.R. Berkley PC 51380 (an absolute AI exclusion for D&O, E&O, and fiduciary lines), and Hamilton Select (a generative-AI exclusion for professional liability). This page tracks those endorsements alongside state AI regulations and industry-specific compliance requirements, and links to the canonical answer pages for each.

Last updated June 12, 2026 · Compiled from carrier endorsement filings, state regulatory records, and public industry reporting. Each carrier and state page lists its own sources and verification date.

AI Agents and Shadow AI: Why Exclusions Hit Harder Than Expected

Exclusion language was written for traditional software. AI agents and unsanctioned AI tools create exposure that most companies haven't mapped — and most policies won't cover.

Shadow AI

1,200+

Average number of unsanctioned AI applications per enterprise. Each one operates outside your governance framework — and outside your insurance coverage.

Map the workflow →

Agentic Risk

57%

Of companies now have AI agents in production — autonomous systems that make decisions, execute transactions, and create liability without human review.

Read the analysis →

Renewal Gap

Q3 2026

By Q3 2026, most commercial policies will include AI-specific language. Companies without documented AI governance will face higher premiums, sublimits, or outright exclusions.

Discuss controls →

How to Read This Map

This hub organizes the AI exclusion landscape into four layers. Use them in order to move from "what exists" to "what it means for a specific client."

  1. Regulations by state — what each state requires of AI deployments. These shape how underwriters assess exposure in your jurisdiction.
  2. Compliance by industry — the AI risks and governance gaps specific to your sector, which determine where exclusions bite hardest.
  3. Endorsement tracker — the actual carrier forms (Verisk CG 40 47, Berkley PC 51380, Hamilton), which policy types they touch, and where they have been filed.
  4. Common questions — short, citable answers that define each endorsement and how the language is applied, including to shadow AI.

Each carrier and state card carries its own trust status and verification date. Cards reflect filed and adopted forms as recorded on their source pages — they are a research tool, not coverage advice.

AI Regulations by State

States are rapidly enacting AI-specific legislation. Each state page covers enacted laws, pending bills, compliance requirements, and carrier filing activity.

California

CA
1 law tracked
enacted Verified 2026-03-20

Colorado

CO
1 law tracked
enacted Verified 2026-05-31

Connecticut

CT
1 law tracked
enacted Verified 2026-03-20

Illinois

IL
2 laws tracked
enacted Verified 2026-03-20

Maryland

MD
1 law tracked
enacted Verified 2026-03-24

Minnesota

MN
1 law tracked
enacted Verified 2026-03-24

New York

NY
1 law tracked
enacted Verified 2026-03-20

Tennessee

TN
1 law tracked
enacted Verified 2026-03-24

Texas

TX
2 laws tracked
enacted Verified 2026-03-24

Utah

UT
1 law tracked
enacted Verified 2026-03-24

Virginia

VA
3 laws tracked
vetoed Verified 2026-03-24

View all state regulations →

AI Compliance by Industry

Different industries face different AI risks and compliance requirements. Explore how AI regulations and insurance changes affect your sector.

Education & EdTech

Schools, universities, EdTech platforms, and learning management providers that deploy AI for admissions screening, student assessment, academic proctoring, and personalized learning. These firms face regulatory scrutiny because AI in education affects access to educational opportunities — education is explicitly listed as a consequential decision domain in multiple state AI laws alongside employment, healthcare, and housing.

4 AI use cases tracked E&O, Cyber, D&O, CGL

Financial Services & Fintech

Banks, credit unions, investment firms, fintech companies, and financial advisors that deploy AI for credit decisioning, underwriting, portfolio management, fraud detection, and customer engagement. These firms face overlapping state AI obligations and federal financial regulations (ECOA, FCRA, Dodd-Frank), creating a layered compliance environment where state AI laws add requirements on top of — not in place of — existing federal frameworks.

4 AI use cases tracked D&O, E&O, Cyber, Fiduciary

Healthcare Providers & Health Tech

Hospitals, physician practices, telemedicine platforms, and health technology companies that deploy AI for clinical decision support, patient triage, diagnostic assistance, and patient communication. These firms operate under heightened regulatory scrutiny because AI errors can directly affect patient safety and health outcomes, and because healthcare is explicitly listed as a high-risk decision domain in multiple state AI laws.

4 AI use cases tracked Medical Malpractice, E&O, Cyber, D&O

HR & Recruiting Firms

Staffing agencies, recruiting firms, and HR technology providers that use AI for candidate sourcing, resume screening, interview analysis, and employment decision support. These firms face heightened regulatory scrutiny because AI in hiring directly affects individuals' economic opportunities.

4 AI use cases tracked EPL, E&O, Cyber, D&O

Insurance Brokers

Insurance brokers and agents increasingly use AI for underwriting support, client risk assessment, claims triage, and policy recommendation — work that sits squarely inside their professional duty of care. The exposure runs two ways. First, the brokerage's own AI use creates errors-and-omissions (E&O) risk: an AI-suggested coverage gap, a misclassified risk, or a chatbot that misstates policy terms can become a negligence claim. Second, brokers must understand the AI exclusion endorsements now appearing in the policies they place — Verisk's CG 40 47 and Berkley's PC 51380 both apply broadly to AI-related claims, including unsanctioned "shadow AI" use that the insured may not even know about. The NAIC Model Bulletin on the Use of Artificial Intelligence Systems by Insurers (adopted December 2023 and issued by many states since) sets the expectation of a documented AI governance program, while state unfair-trade-practices and rating laws constrain how AI may influence pricing, eligibility, and claims decisions.

4 AI use cases tracked E&O, CGL, Cyber, D&O

Law Firms

Law firms use AI for legal research, document review, contract analysis, drafting, and client intake — uses that intersect directly with the rules of professional conduct. ABA Formal Opinion 512 (July 2024) confirms that the duty of competence (Model Rule 1.1, Comment 8) requires lawyers to understand the benefits and risks of the generative AI tools they use, while the duty of confidentiality (Model Rule 1.6) constrains submitting client information to AI systems that may retain it or train on it. The risk is not theoretical: in Mata v. Avianca, a federal court sanctioned lawyers who filed AI-hallucinated case citations, and a growing list of courts now require disclosure or certification of AI use in filings. Beyond the ethics rules, AI errors in research or drafting create direct malpractice exposure — and most lawyers' professional liability policies do not yet contemplate AI-specific risk.

4 AI use cases tracked E&O, Cyber, D&O

Marketing Agencies

Marketing and creative agencies use AI across content creation, image and video generation, client-facing chatbots, and audience targeting — often embedding AI output directly into client deliverables. That creates layered exposure. The FTC has made clear under Section 5 of the FTC Act that deceptive AI claims and undisclosed AI-generated endorsements are enforceable "unfair or deceptive practices," and its 2024 "Operation AI Comply" sweep signals active scrutiny of AI-washing. Generative output carries IP risk: under Thaler v. Perlmutter, a purely AI-generated work is not copyrightable, so a deliverable the agency believes it "owns" may carry no protectable rights for the client, and image models can reproduce protected material from training data. Client-facing chatbots add contractual risk — in Moffatt v. Air Canada, a tribunal held the company liable for its chatbot's misstatements. Most agency E&O and CGL policies were never priced for these exposures, and AI exclusion endorsements are now narrowing what they cover.

4 AI use cases tracked E&O, CGL, Cyber

Real Estate & Property Management

Real estate brokerages, property management firms, proptech platforms, and real estate investment companies that deploy AI for property valuation, tenant screening, listing optimization, and client engagement. These firms face regulatory scrutiny because AI in housing directly intersects with fair housing obligations, and algorithmic bias in property valuations or tenant screening can produce discriminatory outcomes at scale.

4 AI use cases tracked E&O, CGL, Cyber, D&O

View all industry guides →

AI Policy Endorsement Tracker

Track which carriers have filed AI exclusion endorsements, where they've been adopted, and what policy types are affected.

W.R. Berkley

PC 51380 — EXCLUSION

Absolute AI exclusion for D&O, E&O, and Fiduciary Liability — eliminates coverage for any claim "based upon, arising out of, or attributable to" AI use.

D&O, E&O, Fiduciary 5 states filed

Great American Insurance Company

AI Liability Exclusion (Umbrella/Excess) — EXCLUSION

Excludes liability arising from generative artificial intelligence systems from commercial umbrella and excess liability policies.

Commercial Umbrella, Excess Liability 0 states filed

Hamilton Select

Hamilton Generative AI Exclusion — EXCLUSION

Excludes coverage for any claim "based upon, arising out of, or in any way involving" the actual or alleged use of generative artificial intelligence by the insured. The definition of "generative artificial intelligence" names specific tools, including ChatGPT, Bard, Midjourney, and DALL-E.

E&O 0 states filed

Verisk

CG 35 08 — EXCLUSION

Excludes bodily injury and property damage arising out of generative AI under products/completed operations coverage.

Products/Completed Operations 5 states filed

Verisk

CG 40 47 01 26 — EXCLUSION

Excludes bodily injury, property damage, and personal/advertising injury arising out of generative AI under Coverage A and Coverage B. Part of the January 2026 ISO edition; companion forms address narrower scopes: CG 40 48 (Coverage B / personal and advertising injury only) and CG 35 08 (products and completed operations).

CGL 5 states filed

Verisk

CG 40 48 — EXCLUSION

Excludes personal and advertising injury arising out of generative AI content, output, or interaction. Applies to Coverage B only — does not exclude bodily injury or property damage.

CGL 5 states filed

View full endorsement tracker →

Common Questions

From exposure to operated controls

Mapping exclusions is the first step. Gridex operates the AI work itself — with audit trails, human review points, and the controls that make coverage and renewal defensible.

Governed AI DeploymentRun AI inside real work with audit trails, human review points, and the operating controls underwriters and regulators expect.

Discuss a governed AI workflow

Use this research to map where AI touches your work. Gridex can help define the workflow, review points, data boundaries, and operating controls.

Map the workflow