Liability for AI agent actions typically flows to the deploying organization under existing agency law principles, but may extend to developers and vendors depending on the jurisdiction and whether the harm resulted from the AI's autonomous decision-making.
Applicable Regulations
First comprehensive US state law governing high-risk AI systems. Signed May 17, 2024; compliance deadline extended to June 30, 2026 by SB 25B-004. Imposes obligations on both developers and deployers of AI systems that make or substantially influence consequential decisions affecting consumers.
Key Requirements
Impact Assessment Complete documented impact assessments annually and within 90 days of substantial modifications, covering discrimination risks, data inputs/outputs, and mitigation measures
Consumer Notice Notify consumers when a high-risk AI system makes or substantially influences a consequential decision about them
Correction & Appeal Rights Allow consumers to correct inaccurate personal data and appeal adverse decisions through human review where technically feasible
Developer Disclosure Developers must publish statements describing high-risk systems and discrimination risk management, and supply deployers documentation for impact assessments
Effective: 2026-06-30 Penalties: Enforcement by Colorado Attorney General. Violations treated as deceptive trade practices under the Colorado Consumer Protection Act.
Carrier Endorsement Details
Excludes bodily injury, property damage, and personal/advertising injury arising out of generative AI content, output, or interaction.
Key Provisions
Excludes BI and PD arising from AI-generated content or output
Excludes personal/advertising injury from AI use
Applies regardless of whether AI is owned, licensed, or embedded
Type: exclusion Policies: CGL
Related Questions
- Do AI agents create additional insurance risk? Yes. Autonomous AI agents that take actions without human approval create compounded liability exposure because they can trigger both regulatory violations and insurance exclusions independently, with attribution of responsibility still legally unsettled.
- Does shadow AI trigger insurance exclusions? Yes. AI exclusion endorsements like Verisk CG 40 47 and Berkley PC 51380 apply to all AI use — including unsanctioned shadow AI tools — meaning unauthorized employee AI use can void coverage.
Disclaimer: This content is provided for informational purposes only and does not constitute legal advice. AI regulations and insurance policy terms change frequently. Consult with a qualified attorney or insurance professional for advice specific to your situation. Gridex makes no warranties regarding the accuracy or completeness of this information.