By the Editors · Published 14 June 2026 · Last updated 14 June 2026 · 30 minute read

AI liability for SMEs: the complete operator handbook.

This handbook covers everything a small or medium-sized business needs to know about AI agent liability: whether you are exposed, what your current insurance does and does not cover, which exclusions catch most operators by surprise, what to do before you deploy, how to respond when something goes wrong, and what questions to put to your broker. It consolidates the guidance from every article on this site into one navigable reference. Use the In This Guide section below to jump directly to the topic you need, or read straight through for a complete picture of where SME operators stand in 2026.

Section 1: Am I liable? The SME operator's exposure map.

The starting question for any SME operator is whether the AI they are using creates legal exposure for their business. The answer depends on three variables: what the agent does, who interacts with it, and what happens when it produces a wrong or harmful output.

Under EU law, an operator is defined in Article 3(4) of Regulation (EU) 2024/1689 as any natural or legal person that deploys an AI system under their own authority, for purposes other than personal non-professional use. This definition covers almost every commercial use of an AI agent. Whether you built the agent yourself, configured a third-party tool, or added a customer-facing chatbot using a no-code platform, you are an operator under the EU AI Act and you carry the obligations that flow from that designation.^[5]

The most significant precedent for SME liability is Moffatt v. Air Canada (BC Civil Resolution Tribunal, February 2024). Jake Moffatt relied on information provided by Air Canada's chatbot about a bereavement fare policy. The policy the chatbot described did not exist. Air Canada argued the chatbot was a separate legal entity for whose statements it bore no responsibility. The tribunal rejected that argument and held Air Canada liable for its agent's misrepresentations.^[1] The principle is straightforward: if you put an AI agent in front of customers, you own what it says to them.

For SMEs, the practical exposure map runs across four categories. First, customer-facing agents that make representations about pricing, availability, eligibility, or terms. Second, client-work agents that produce outputs delivered to clients as advice, analysis, or professional work product. Third, internal agents that influence decisions about employees, candidates, or vendors. Fourth, data-handling agents that access, process, or communicate personal data.

Each category carries different liability theories. Customer-facing agents trigger contract law and consumer protection rules. Client-work agents trigger professional liability and the Mata v. Avianca principle that the professional deploying the AI owns the accuracy of its output.^[7] Internal agents that influence employment decisions trigger discrimination law, as the EEOC's $365,000 settlement with iTutorGroup in August 2023 demonstrated.^[8] Data-handling agents trigger GDPR liability when outputs involve personal data or when a breach occurs.

Full analysis of who is liable in each scenario is at: Who is liable when an AI agent makes a mistake: the 2026 decision tree for operators.

For the specific vendor-versus-operator liability question: Who pays when an AI agent makes a mistake: vendor or operator?

Section 2: What your current insurance covers and where the gaps are.

Most SMEs discover their insurance gap when they have a claim to make, not before. The gap has three components: coverage that was silently removed on renewal, coverage that never applied to AI activity, and coverage that applies in principle but contains sublimits or exclusions that apply in practice.

Commercial general liability

Standard CGL policies in the UK and Europe cover bodily injury, property damage, and personal and advertising injury from the business's operations. They do not typically cover economic loss caused by incorrect information, advice, or professional services. When your AI agent gives a customer wrong information that costs them money, CGL is unlikely to respond. The ISO endorsements CG 40 47 (Exclusion: Access or Disclosure of Confidential or Personal Information and Data-Related Liability) and CG 40 48 (Exclusion: Recording and Distribution of Material or Information in Violation of Law) have further narrowed CGL coverage as applied to AI-related incidents on policies renewed from 2023 onward.^[2]

Professional indemnity

Professional indemnity or professional liability insurance covers claims arising from the professional services you provide to clients. This is the policy type most likely to be relevant to AI agent liability in a professional services SME. However, PI policies frequently contain exclusions that matter for AI use: exclusions for computer systems or software failures; exclusions for outputs of automated systems without adequate human review; and exclusions for regulatory penalties (which are often not covered under standard PI). Whether your PI policy covers an AI agent claim depends on the specific wording, and most SME operators have not reviewed that wording against their AI deployments.

The question is examined in full at: Does professional indemnity insurance cover AI tools in client work?

Cyber insurance

Cyber policies cover data breaches, ransomware, network interruption, and increasingly, some AI-related incidents involving personal data. They are not designed to cover the professional liability exposure of an AI agent giving wrong advice. They may respond to the data breach component of an AI incident if the agent accessed or disclosed personal data, but the GDPR fine exposure and the civil liability to individuals affected are typically separate from what cyber policies cover.

The full policy review

A complete map of seven policy types and how they currently apply to AI agent claims is at: Does my business insurance cover AI errors? The 2026 policy-by-policy guide.

For a direct comparison of what AI insurance actually pays out for: What does AI insurance actually pay out for?

Section 3: Policy exclusions: the five that catch most operators.

Exclusions are the provisions that remove coverage for specific categories of claim. In AI liability, five exclusions are responsible for the majority of coverage denials SMEs encounter.

1. The absolute AI exclusion

Some carriers have introduced broad exclusions that remove coverage for any claim arising from or related to the use of artificial intelligence, machine learning, or automated decision-making systems. These absolute exclusions are found in updated CGL endorsements and in some PI policy renewals. They are not universally applied, but their prevalence is increasing and the wording varies significantly between carriers. An operator whose policy contains an absolute AI exclusion has no coverage for AI-related claims under that policy, regardless of the facts.

2. The technology professional services exclusion

Standard PI policies for non-technology businesses often exclude claims arising from the provision of technology services or computer software. When an SME's AI agent functions as a technology product rather than a professional service, this exclusion may apply. The distinction between technology services and professional services is contested and has been litigated. Operators in professional services who deploy AI tools should confirm whether their PI policy covers technology errors or only professional judgment errors.

3. The prior acts exclusion

Most liability policies cover claims arising from acts occurring after the policy inception date. If you deployed an AI agent before you obtained AI-specific coverage, any claim arising from that pre-policy deployment may be excluded as a prior act. This is particularly relevant for SMEs who obtained AI liability coverage after an incident or after a regulatory enquiry began. The prior acts position needs to be confirmed in writing before you rely on a newly placed policy.

4. The intentional acts exclusion

Regulators and courts are increasingly characterising AI compliance failures as knowing or reckless non-compliance rather than simple errors. The intentional acts exclusion, present in almost every liability policy, removes coverage for deliberate wrongdoing. Where a regulator characterises an operator's failure to implement required AI Act safeguards as intentional non-compliance, the policy's intentional acts exclusion may be triggered. This is not a theoretical risk: regulatory enforcement for EU AI Act violations carries administrative fines up to EUR 35 million or 7% of global annual turnover under Article 99 of Regulation (EU) 2024/1689.^[5]

5. The data breach sublimit

Policies that include some GDPR or data breach coverage often cap that coverage at a sublimit well below the policy's overall limit. An AI agent that exposes personal data, even briefly, can trigger GDPR breach notification requirements and create significant exposure to supervisory authority fines and individual civil claims. A sublimit of EUR 50,000 on a policy with a EUR 2 million main limit will not cover a serious data incident involving an AI agent. Check the sublimit and confirm whether it covers GDPR fines, civil claims, notification costs, and regulatory defence costs separately.

The complete exclusions map is at: AI policy exclusions: the complete guide for SME operators.

For the specific CGL endorsement analysis: The AI absolute exclusion in CGL policies: decoded for operators.

Section 4: The pre-deployment checklist: nine steps before you go live.

The pre-deployment period is the highest-value window for managing AI liability. The decisions made before an agent goes live determine the coverage available when something goes wrong, the regulatory obligations that apply, and the evidence available to defend a claim. Most operators skip this work. The ones who do it create a defensible record that protects them from the first inquiry.

Step 1: Define the agent's scope in writing.

Write down exactly what the agent is designed to do, what it is not permitted to do, and what happens when a user request falls outside the defined scope. This scope document is the foundation of every subsequent defence. Without it, you cannot demonstrate that a harmful output was outside the agent's intended function, that you applied appropriate constraints, or that the harm resulted from user behaviour rather than your design.

Step 2: Classify the system under the EU AI Act.

Determine whether your agent falls into a prohibited category under Article 5 of Regulation (EU) 2024/1689 (social scoring, certain biometric identification, subliminal manipulation), a high-risk category under Annex III (employment, education, credit, healthcare, law enforcement, migration, justice), a general-purpose AI system under Article 3(63), or a limited-risk system subject only to Article 50 transparency requirements. Your classification determines which obligations apply and when.^[5]

Step 3: Review your API contract.

Read the terms of service for every AI model you use. Note the indemnification scope (typically covers IP infringement claims only), the limitation of liability clause (typically capped at 12 months of fees paid), the warranty disclaimer (excludes accuracy and fitness for purpose), and the acceptable use policy (restricts categories of deployment). Violations of the acceptable use policy may void the indemnification provisions and could constitute grounds for termination of your access to the model.

Step 4: Conduct a Data Protection Impact Assessment if personal data is involved.

If your agent processes personal data, a DPIA under GDPR Article 35 is required where the processing is likely to result in a high risk to individuals. Automated decision-making that produces legal or similarly significant effects on individuals is a category that requires a DPIA. Failure to conduct a required DPIA is itself an infringement of the GDPR and is regularly cited by supervisory authorities in enforcement decisions.

Step 5: Implement logging and document retention.

Configure the agent to retain timestamped logs of all interactions, inputs, and outputs for a period appropriate to your sector and the applicable limitation period for claims. In the EU, limitation periods for contract claims and tort claims vary by jurisdiction: assume a minimum of three years and sector-specific longer periods for financial services and healthcare. Logs that are not retained cannot be produced in evidence and cannot be reviewed for patterns indicating systemic failures before a claim is made.

Step 6: Design the human oversight structure.

Article 26(1) of Regulation (EU) 2024/1689 requires deployers of high-risk AI systems to implement appropriate human oversight measures. For all AI agents, even those not classified as high-risk, defining who reviews agent outputs, under what circumstances, and how exceptions are escalated is a negligence defence as well as a compliance requirement. Document the oversight structure before go-live, not after an incident.

Step 7: Brief your insurance broker and notify your carrier.

Notify your existing PI and CGL carriers of the new AI deployment and obtain written confirmation of coverage or an endorsement modifying the policy to address AI activity. Carriers that are not notified of a material change in risk may use the failure to notify as grounds for reducing or denying coverage at claim time. If your existing policy has AI exclusions, discuss whether a standalone AI liability product is required before go-live, not after.

Step 8: Prepare the user-facing transparency notice.

Article 50 of Regulation (EU) 2024/1689 requires that users of AI systems designed to interact with humans be informed they are interacting with AI, unless it is obvious from context. Prepare and publish this disclosure before go-live. The disclosure should also describe what the agent can and cannot do, that it may make errors, and how users can access human support. User-facing accuracy caveats can affect the negligence analysis, as demonstrated by the Walters v. OpenAI summary judgment (Georgia, May 2025), where OpenAI's user warnings about inaccuracy were a factor in the court's reasoning.^[9]

Step 9: Test for known failure modes before go-live.

Test the agent specifically for the failure modes relevant to your use case: hallucinations (fabricated factual claims), prompt injection (attempts to manipulate the agent into acting outside its scope), and jailbreaks (attempts to extract prohibited outputs). Document the tests performed and their results. Agents deployed without testing for known failure modes are harder to defend under a negligence standard because the failure modes were foreseeable and the testing step was publicly documented and available.

The full pre-deployment checklist with worked examples is at: AI agent pre-deployment insurance checklist for SME operators.

The five foundational questions every operator should be able to answer before deploying are at: Five questions to answer before deploying an AI agent.

Section 5: EU AI Act obligations for SMEs in plain English.

The EU AI Act (Regulation (EU) 2024/1689, published in the Official Journal on 12 July 2024) is the most significant regulatory development for AI operators in Europe. Its obligations apply in stages and the staging matters for SMEs.

The prohibitions in Article 5 applied from 2 February 2025. These cover AI systems that use subliminal manipulation to alter behaviour; systems that exploit vulnerabilities of specific groups; social scoring by public authorities; real-time remote biometric identification in public spaces (with narrow exceptions); biometric categorisation revealing sensitive characteristics; and AI systems that infer emotions in workplace and educational settings. Any SME operating in any of these categories faces immediate enforcement exposure.

Article 50 transparency requirements apply from 2 August 2026. These require operators of AI systems that interact with humans to disclose that the user is interacting with an AI (unless obvious from context) and to clearly mark AI-generated content. These requirements are not affected by the Digital Omnibus deferral proposal and apply to virtually every customer-facing AI chatbot an SME deploys.

High-risk system obligations under Article 26 were scheduled for 2 August 2026. The Digital Omnibus proposal agreed at trilogue on 7 May 2026 proposes deferral to 2 December 2027. This deferral is not yet legally adopted. SMEs deploying AI systems in the high-risk categories listed in Annex III (recruitment and selection, credit assessment, education and training, healthcare, law enforcement, border control, justice, democratic processes) should assume the 2 August 2026 date applies until the deferral is formally adopted.

General purpose AI model obligations under Article 53 applied from 2 August 2025 for providers of general purpose AI models. Most SMEs are users of GPAIs rather than providers; the obligations on providers indirectly affect SMEs through the documentation and transparency requirements that providers must meet and pass down to operators.

Administrative fines under Article 99 of Regulation (EU) 2024/1689 can reach EUR 35 million or 7% of global annual turnover for violations of the Article 5 prohibitions; EUR 15 million or 3% for violations of other requirements; EUR 7.5 million or 1.5% for incorrect information to authorities. These are the theoretical maxima and apply primarily to larger operators, but the framework applies to SMEs and supervisory authorities have discretion to impose lower fines.

Full plain-English analysis of SME obligations under the EU AI Act is at: EU AI Act for SMEs: your actual obligations in 2026.

For the Digital Omnibus deferral analysis: Digital Omnibus delay: what SME operators need to know.

Section 6: GDPR and data breach exposure when AI agents handle personal data.

If your AI agent processes personal data at any point, the GDPR applies in full. This covers agents that read customer data to personalise responses, agents that store conversation logs containing identifying information, agents that make inferences about individuals based on their inputs, and agents that connect to databases containing personal data.

The GDPR exposure for AI agent deployments runs in three directions. First, the obligation to have a lawful basis for processing: Article 6 of Regulation (EU) 2016/679 requires a lawful basis for every processing operation. For AI agents that process personal data, legitimate interests or contractual necessity are the most commonly relied-upon bases, but each requires a documented assessment. Second, the automated decision-making restriction under Article 22: where an AI agent makes decisions that produce legal or similarly significant effects on individuals without meaningful human involvement, Article 22 requires specific conditions including the right to contest the decision and to obtain human review. Third, breach notification under Article 33: a personal data breach that is likely to result in risk to individuals requires notification to the supervisory authority within 72 hours of the operator becoming aware. Many AI agent incidents involving personal data qualify as breaches.

The financial liability exposure under the GDPR is separate from and additive to liability under civil law. Supervisory authority fines can reach EUR 20 million or 4% of global annual turnover for violations of core principles. Civil claims by individuals for distress and damage caused by GDPR breaches are available in all EU member states.

The full GDPR exposure map for AI agents is at: AI agent GDPR and data breach liability: the SME guide.

Section 7: Using ChatGPT, Claude, or Gemini in client work: your operator liability.

A significant proportion of SME AI liability exposure comes not from dedicated AI agents but from the everyday use of general-purpose AI tools in client-facing work. When a consultant uses ChatGPT to draft an analysis, when an accountant uses Claude to prepare a report, when a lawyer uses Gemini to research a question, and the output goes to a client, the professional is the operator for liability purposes.

Mata v. Avianca (US District Court, SDNY, June 2023) is the foundational case. Attorneys submitted an AI-generated brief containing fabricated case citations to a federal court. Judge Kevin Castel sanctioned the attorneys for failing to verify the AI output before filing. The principle extends directly to any professional who deploys AI to produce client-facing work: you own the accuracy of what you deliver, regardless of which tool produced the first draft.^[7]

The Air Canada chatbot case establishes the parallel principle for commercial outputs: when your agent communicates with a customer, even if that customer is sophisticated and should have verified the information independently, you remain responsible for representations your agent makes that they reasonably rely on.^[1]

For financial errors specifically, where an AI agent gives wrong financial information that causes an SME client or customer a quantifiable financial loss, the analysis of coverage and liability is at: AI agent financial error liability and coverage: the SME guide.

For a full guide to the operator liability exposure when using third-party AI tools in client work: Using ChatGPT, Claude, or Gemini in your business: the operator liability guide.

For the specific question of whether AI advice to a customer is covered: If my AI agent gives wrong advice, does insurance cover it?

Section 8: AI agent incident response: the first 72 hours.

The way you handle the first 72 hours after an AI agent incident determines most of what follows. Evidence preserved in that window is the foundation of every insurance claim, regulatory response, and civil defence. Evidence not preserved in that window may be unrecoverable. Most operators have no incident response plan and discover this fact under the worst possible conditions.

Hours 0 to 6: Contain and preserve.

The first step is containment. If the agent is actively producing harmful outputs or if the failure mode is not fully understood, pause or constrain the agent's operation. If you cannot pause without disrupting critical services, constrain the scope: disable the specific capability causing harm while maintaining other functions. Document the containment decision and the time it was made.

Simultaneously, initiate evidence preservation. Lock the log files from the relevant period. Do not overwrite, alter, compress, or delete any logs or configuration records from this point forward. Screenshot or export any conversation outputs involving the incident. Record the current system prompt and agent configuration. Create a contemporaneous written record of: when you first became aware, how you became aware, what the initial indications of harm were, and what containment steps you took and when.

Hours 6 to 24: Notify your carrier.

Most AI liability policies, and many PI and cyber policies, require prompt notification of a potential claim as a condition of coverage. This is not the time to determine whether a claim will actually be made: it is the time to notify the carrier that a potential claim event has occurred. The notification should be in writing, should describe what happened to the extent known, and should confirm that you are preserving evidence and have not made any admission of liability. Carriers who learn of an incident from a third party, or who learn of it after the operator made admissions or payments, frequently use the notification failure as grounds for partial or total coverage denial.

Do not make any admission of liability to the affected party, offer any payment or remedy, or publish any public statement about the incident before you have spoken to legal counsel and your carrier.

Hours 24 to 72: Regulatory assessment and affected party communication.

Assess whether the incident triggers mandatory reporting obligations. Under Article 33 of Regulation (EU) 2016/679 (GDPR), a personal data breach that is likely to result in a risk to individuals requires notification to the supervisory authority within 72 hours of the operator becoming aware. Under the EU AI Act, deployers of high-risk systems have logging and incident reporting obligations. Financial services SMEs face additional sector-specific notification timelines under applicable regulatory regimes.

External communication with affected parties should be prepared under legal review. The content and timing of communications affect insurance coverage, regulatory treatment, and litigation exposure. A communication that inadvertently contains an admission of liability can be used against you in civil proceedings and may trigger the intentional acts exclusion in your policy.

The step-by-step incident response plan with assigned roles is at: AI agent incident response: a guide for SME operators.

For the specific first 72 hours playbook: AI agent mistake: what to do in the first 72 hours.

Section 9: How to choose and buy an AI insurance product.

The AI insurance market for SMEs moved from theoretical to operational between late 2025 and early 2026. Three dedicated products are now available. Several general products have been modified to address AI exposures. The differences between products are material and the comparison matters.

Dedicated AI liability products available to SMEs

HSB AI Liability Insurance, a product of HSB (Hartford Steam Boiler), a Munich Re subsidiary, launched for small businesses in March 2026. The product covers first-party losses from AI system failures and third-party claims arising from AI-generated outputs. HSB has an established SME distribution network and relatively accessible application processes compared to specialist Lloyd's markets.^[3]

Armilla AI, operating as a Lloyd's coverholder with underwriting by Chaucer Syndicate, offers coverage limits to USD 25 million following a USD 25 million Series A and limit increase in January 2026. Armilla focuses on AI performance guarantees and professional liability for AI-generated outputs. The product is more suited to technology SMEs and professional services firms than to general commercial operators.^[3]

Counterpart offers an AI-specific professional liability product targeted at technology companies and professional services firms using AI in client work. The product covers professional errors, AI-generated output liability, and regulatory defence costs.^[3]

Munich Re's aiSure covers AI system performance guarantees at an enterprise level and is less directly applicable to SMEs in its current form, though Munich Re subsidiaries including HSB are building accessible SME products on the same underwriting infrastructure.^[3]

Key comparison dimensions

When comparing products, the dimensions that matter for SMEs are: whether the product covers third-party claims (not just first-party system failures); whether regulatory defence costs are included; what the deductible structure is relative to your expected claim size; what the underwriting questionnaire requires in terms of documented governance (operators without governance documentation may not qualify); whether the policy excludes prior acts and from what date; and whether the policy covers the specific AI tools and use cases in your business.

The full product comparison and carrier directory is at: How to choose an AI insurance product: the SME comparison guide.

For cost expectations by business type: What AI insurance costs for small businesses in 2026.

For the HSB product specifically: HSB AI liability insurance for small businesses: 2026 review.

For a comparison of who insures AI agents in Europe: Who insures AI agents in Europe in 2026?

Section 10: Questions to ask your broker before renewing.

The broker conversation about AI is one most SMEs have not yet had. Many brokers have not yet been asked. The absence of the conversation does not mean the coverage question has been answered: it means the operator is carrying risk they have not measured and the broker has placed coverage against a risk profile that does not reflect the current deployment.

The following questions should be put to your broker at next renewal or immediately if you have deployed an AI agent since your last renewal.

Does our current PI policy cover claims arising from AI-generated outputs delivered to clients? Ask for a written confirmation or policy wording review, not a verbal assurance. If the broker cannot confirm in writing, the coverage is uncertain.

Has our CGL policy been endorsed with ISO exclusion CG 40 47 or CG 40 48, or any equivalent exclusion? If yes, what category of AI-related claims does the policy still cover, and is that adequate for our deployment?

What is the notification period for potential claims under our current policies, and does the notification requirement apply from the date of the incident, the date we became aware, or the date a formal claim was made? Notification period confusion is a common source of coverage denial.

If we deploy a new AI agent, are we required to notify you and obtain a policy modification before go-live? What are the consequences if we deploy without notification?

Is there a standalone AI liability product you recommend for our category of AI use, and what does it cover that our current policies do not?

What underwriting information would a specialist AI insurer require from us, and what documentation would we need to have in place to qualify?

The full broker briefing guide is at: What to tell your insurance broker about your AI agents.

For the specific underwriting questions any AI insurer will ask: What questions will an underwriter ask about my AI agent?

For how to review your AI vendor contract for liability gaps before briefing your broker: How to review your AI vendor contract for liability gaps.

Section 11: The 90-day compliance and coverage playbook.

For SMEs who are starting from an unstructured position, where AI tools are in use, no governance documentation exists, and insurance coverage has not been reviewed, the 90-day structure below provides a practical sequence from current exposure to defensible position.

Days 1 to 30: Audit and baseline. Catalogue every AI tool in use. For each tool, document: what it does, who interacts with it, what data it accesses, whether outputs reach customers or clients without human review, and what logs are currently retained. Review all existing insurance policies for AI-related exclusions. Obtain written confirmation from your broker on the coverage position for each AI use case. Commission a Data Protection Impact Assessment if any AI tool processes personal data.

Days 31 to 60: Govern and document. Write scope documents for each material AI deployment. Implement logging on any agent that does not currently produce retained logs. Design and document the human oversight structure. Train relevant staff on the oversight responsibilities. Complete any DPIA started in month one. Review API contracts and note indemnification scope, liability caps, and acceptable use restrictions for each model provider.

Days 61 to 90: Cover and test. Approach the market for AI-specific liability coverage or confirm AI endorsement on existing policies. Conduct pre-deployment testing of any agent not previously tested for known failure modes. Prepare user-facing transparency disclosures. Document the incident response plan. Run a tabletop exercise simulating an AI incident to test the plan. Complete pre-renewal broker briefing with all documentation in hand.

The detailed week-by-week playbook is at: The 90-day AI agent insurance and compliance playbook for SMEs.

For documentation standards specifically: Documenting AI decisions for insurance purposes: the SME guide.

The Air Canada case: what it means for your business.

Moffatt v. Air Canada is cited in this handbook repeatedly because it is the clearest available statement of what SME operators face when a customer relies on an AI agent's output and that output is wrong. The facts are straightforward: a chatbot described a policy that did not exist, a customer relied on it, the airline tried to disclaim its agent, and a tribunal held the airline responsible.

For SMEs the lessons are more practical than the case's public profile suggests. First, the agent does not need to be sophisticated to create liability: a simple chatbot answering a factual question about your own policies is enough. Second, the standard applied is whether the operator exercised reasonable care in ensuring the chatbot provided accurate information, which is a care standard that has nothing to do with the agent's technical capability and everything to do with the operator's governance of it. Third, the remedy in the Air Canada case was small: compensation for the fare difference. In most SME AI incidents the exposure is larger, particularly where the advice or output had financial consequences for the affected party.

The full case analysis and the four practical lessons are at: The Air Canada chatbot case: what SME operators should learn.

For a parallel analysis of the Mata v. Avianca hallucination case: Mata v. Avianca: what AI hallucination in legal proceedings teaches every operator.

Cross-site: the operator risk index.

For a quantified, category-by-category assessment of AI operator risk across the EU and UK insurance markets, including current carrier appetite by deployment type and risk band, see the Agent Liability Risk Index at agentliability.co/risk-index/. The Risk Index is updated monthly and provides the benchmarks underwriters are using when evaluating SME AI liability applications in 2026.

Frequently asked questions

Related reading: the full article cluster

• Who is liable when an AI agent makes a mistake: the 2026 decision tree. The complete four-party liability map and six legal theories now active in courts.
• Who pays when an AI agent makes a mistake: vendor or operator? How the split between model provider and deployer actually works in practice.
• Does my business insurance cover AI errors? The 2026 policy-by-policy guide. Seven policy types, exclusion endorsements, and named carriers.
• Does your business insurance cover AI mistakes? The plain-English primer on coverage gaps.
• Does professional indemnity insurance cover AI tools in client work? Policy wording analysis for professional services SMEs.
• AI policy exclusions: the complete guide for SME operators.
• The AI absolute exclusion in CGL endorsements: decoded.
• AI agent pre-deployment insurance checklist for SME operators.
• Five questions to answer before deploying an AI agent.
• EU AI Act for SMEs: your actual obligations in 2026.
• Digital Omnibus delay: what SME operators need to know.
• AI agent GDPR and data breach liability: the SME guide.
• Using ChatGPT, Claude, or Gemini in your business: the operator liability guide.
• If my AI agent gives wrong advice, does insurance cover it?
• AI agent financial error liability and coverage: the SME guide.
• AI agent incident response: a guide for SME operators.
• AI agent mistake: what to do in the first 72 hours.
• How to choose an AI insurance product: the SME comparison guide.
• What AI insurance costs for small businesses in 2026.
• What does AI insurance actually pay out for?
• Who insures AI agents in Europe in 2026?
• HSB AI liability insurance for small businesses: 2026 review.
• What to tell your insurance broker about your AI agents.
• What questions will an underwriter ask about my AI agent?
• How to review your AI vendor contract for liability gaps.
• The 90-day AI agent insurance and compliance playbook for SMEs.
• Documenting AI decisions for insurance purposes: the SME guide.
• The Air Canada chatbot case: what SME operators should learn.
• Mata v. Avianca: what AI hallucination in legal proceedings teaches every operator.

Footnotes

1. Moffatt v. Air Canada, 2024 BCCRT 149 (BC Civil Resolution Tribunal, February 14, 2024). Tribunal member Christopher Rivers. The tribunal held Air Canada responsible for representations made by its AI chatbot and rejected the argument that the chatbot was a separate legal entity. Full decision available at crt.bc.ca.
2. ISO endorsements CG 40 47 (Exclusion: Access or Disclosure of Confidential or Personal Information and Data-Related Liability) and CG 40 48 (Exclusion: Recording and Distribution of Material or Information in Violation of Law). Applied to commercial general liability policies from 2023 onward. Carriers applying these endorsements include Chubb, AIG, Zurich, and others. Review your specific renewal documents for endorsement schedules.
3. HSB AI Liability Insurance: Munich Re subsidiary HSB announced the product for small businesses in March 2026. Armilla AI: USD 25 million Series A closed January 2026; Lloyd's coverholder arrangement with Chaucer Syndicate; limits increased to USD 25 million. Counterpart: AI professional liability product available to technology and professional services firms. Munich Re aiSure: AI system performance guarantee product, enterprise focus. All products require governance documentation as a condition of underwriting. Confirm current product terms and availability with each carrier directly before purchase.
4. Directive 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products. OJ L, 2024/2853. Entered into force 9 December 2024. Implementation deadline: 9 December 2026. Key provisions: Article 7 (product defect including AI outputs), Article 8 (joint and several liability of multiple economic operators), Article 9 (court-ordered disclosure of AI system documentation), Article 10 (rebuttable presumption of causation where establishing the link between defect and damage is excessively difficult due to technical complexity).
5. Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence (Artificial Intelligence Act). OJ L, 2024/1689. Published 12 July 2024. Article 3(4) defines deployer. Article 5 prohibitions applied 2 February 2025. Article 50 transparency requirements apply 2 August 2026. Article 26 high-risk deployer obligations scheduled for 2 August 2026; Digital Omnibus deferral to 2 December 2027 proposed at trilogue 7 May 2026, not yet adopted. Article 99 sets the administrative fine regime.
6. For the prompt notification requirement and its treatment in AI incident claims, see policy wording analysis in: Lloyd's Market Association AI Working Group, Guidance on AI Exclusions, 2024; and industry practice notes published by the British Insurance Brokers Association, 2025. Confirm current practice notes with your broker.
7. Mata v. Avianca Inc., Case No. 22-cv-01461 (PKC) (SDNY). Order re: sanctions, June 22, 2023 (Judge Kevin P. Castel). Attorneys Robert Mata, Steven Schwartz, and supervising partner sanctioned for submitting AI-generated fabricated case citations without verification.
8. EEOC v. iTutorGroup Inc. and affiliates. Consent Decree approved September 8, 2023, US District Court for the Eastern District of New York. Settlement of USD 365,000 for automated rejection of female applicants aged 55 or older and male applicants aged 60 or older. EEOC press release August 9, 2023. Available at eeoc.gov.
9. Walters v. OpenAI LLC, Superior Court of Gwinnett County, Georgia. Summary judgment in favour of OpenAI granted May 19, 2025 (Judge Tracie Carson). The court held, in part, that ChatGPT output could not reasonably be understood as stating actual facts given OpenAI's user warnings about inaccuracy. The reasoning is specific to OpenAI's disclosure practices and does not extend to operators who present AI output without comparable caveats.
10. Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), Article 33. Personal data breach notification to supervisory authority within 72 hours where the breach is likely to result in a risk to the rights and freedoms of natural persons. Article 34 requires notification to affected individuals where the breach is likely to result in a high risk to their rights and freedoms.
11. Mobley v. Workday Inc., Case No. 3:23-cv-00770, US District Court for the Northern District of California. Motion to dismiss ruling July 12, 2024 (Judge Rita Lin); ADEA collective action conditional certification granted May 16, 2025. The court held Workday could be liable as an agent of the employers using its AI screening platform.
12. Digital Omnibus on AI: European Parliament and Council trilogue agreement of 7 May 2026 proposing amendment to Regulation (EU) 2024/1689 to defer high-risk AI system obligations from 2 August 2026 to 2 December 2027. Not yet formally adopted as of 14 June 2026. The original 2 August 2026 date remains in force until formal adoption. See European Parliament legislative observatory for current adoption status.