By Future Proof Intelligence · Published 19 June 2026 · Last updated 19 June 2026 · 12 minute read

Do I need to tell my insurer about my AI agents?

Q: Do I have a legal obligation to tell my insurer about my AI agents?

Yes, in most jurisdictions. Insurance contracts are governed by the principle of utmost good faith (uberrimae fidei in common law markets, and equivalent duties in civil law jurisdictions). You are required to disclose all material facts: any fact that would influence a prudent insurer when deciding whether to accept the risk and at what premium. Deploying an AI agent that takes customer-facing actions, gives professional advice, or makes financial or safety-relevant decisions is almost certainly a material fact. If you do not disclose it and a claim arises from that deployment, your insurer can avoid the policy, meaning they may treat it as if it never existed and decline the claim entirely.

Q: What specific information do I need to give my insurer about my AI agents?

At a minimum, disclose: the type of AI tool or agent in use (chatbot, coding assistant, decision-making agent, autonomous workflow tool); the business activities it performs, including whether it produces client-facing outputs; whether it makes or influences decisions with financial, safety, or legal consequences; whether it operates autonomously without human review of each output; the underlying model provider (OpenAI, Anthropic, Google, etc.); and the approximate volume of interactions per month. Your broker will use this to decide whether your current policy adequately covers the activity or whether you need additional endorsements.

Q: Will disclosing my AI agents cause my insurer to add exclusions to my policy?

It might, particularly if you are at renewal on a policy written before 2024. Many insurers are now actively adding AI exclusion endorsements to standard professional indemnity and cyber policies. This is actually an argument for disclosure, not against it: an explicit exclusion is a known gap you can fill with a dedicated AI endorsement or a specialist policy. An undisclosed risk that voids your entire policy at claim time is far more damaging.

Most SME operators deploying AI agents in 2026 have not updated their insurer. That silence is not a neutral position. It is a disclosure failure that can void their policy at the moment a claim arrives. This article explains the obligation, what to disclose, how to disclose it, and what happens at renewal if you do nothing.

Key takeaways

Insurance contracts require disclosure of every material fact: any fact that would affect a prudent insurer's decision to accept the risk or set the premium. Deploying a customer-facing AI agent that gives advice, makes decisions, or takes autonomous actions is a material fact in almost every jurisdiction that operates common law or civil law insurance principles.^[1]
If you fail to disclose your AI deployment and a claim arises from it, your insurer may avoid the policy entirely, reduce the payout, or add a retrospective exclusion for AI-related losses. None of these outcomes can be negotiated after the claim is filed. The time to disclose is at inception or at the next renewal, not after an incident.^[2]
Standard professional indemnity, cyber, and commercial general liability policies written before 2024 were not designed to cover AI agent failures. Disclosure prompts your insurer to address the gap explicitly. An explicit exclusion is a known risk you can manage. A voidable policy is a hidden one you cannot.^[3]
The minimum disclosure covers: what the agent does, who it interacts with, what decisions it makes or influences, and whether human review occurs before outputs reach third parties. The Coverage Audit tool at insureyouragent.com/tools/coverage-audit/ generates this summary automatically.
If your insurer adds an AI exclusion following your disclosure, that exclusion identifies the exact gap that specialist AI endorsements from Counterpart, AIUC-1 licensees, or Munich Re aiSure are designed to fill.

The duty of disclosure in insurance

Every insurance contract in every major commercial jurisdiction requires the insured to disclose all material facts before the policy is written and at each renewal. The principle is called utmost good faith (uberrimae fidei) in common law jurisdictions including England, Ireland, Australia, Singapore, and most of the Gulf. Civil law jurisdictions including Germany, France, the Netherlands, and Italy carry equivalent duties encoded in their insurance legislation.

A material fact is any fact that would influence a prudent insurer when deciding whether to accept the risk and on what terms. The test is not subjective: it is not whether you personally think the fact matters. It is whether a hypothetical prudent insurer would consider it relevant. Courts have consistently applied a broad definition of materiality in insurance disputes.^[1]

For AI agents, the materiality question resolves quickly. If your business deploys an AI agent that produces customer-facing outputs, gives advice, makes pricing decisions, handles complaints, processes personal data, drafts legal or financial communications, or takes any autonomous action with real-world consequences, that deployment is material to your insurance. A prudent insurer writing professional indemnity or cyber cover would want to know. Most insurers are already asking about it on renewal questionnaires, even if they were not eighteen months ago.

What non-disclosure actually means for your claim

The practical consequences of non-disclosure depend on the jurisdiction and the nature of the non-disclosure. In England and Wales, the Insurance Act 2015 replaced the harsh pre-2015 regime with a proportionate remedies framework.^[2] Under the 2015 Act:

For deliberate or reckless non-disclosure, the insurer may avoid the policy and keep the premium. There is no obligation to pay any claim, and the insured is treated as if they had no cover from the start.

For qualifying breach that is neither deliberate nor reckless, the remedy is proportionate to what the insurer would have done if they had known. If they would have written the cover at a higher premium, the claim is reduced proportionately. If they would have written the cover with an exclusion for the undisclosed activity, they may decline the specific claim while honouring the rest of the policy. If they would not have written the cover at all, they may avoid the policy.

In most continental European jurisdictions the structure is similar but encoded differently. German insurance law (Versicherungsvertragsgesetz, VVG) Section 19 imposes a duty to report all circumstances material to the risk calculation. French insurance law (Code des assurances, Article L.113-2) requires the insured to declare exactly all known circumstances that would influence the insurer's assessment. In each case, the practical consequence of non-disclosure is similar: the insurer has the right to avoid the contract or reduce the indemnity.^[4]

The specific risk for AI operators is that the claim arising from the non-disclosed activity is precisely the claim you most need to be covered. An operator who deploys a customer service chatbot without disclosing it to their professional indemnity insurer, and who then faces a claim when the chatbot gives wrong advice, is in the worst possible position. The claim is directly connected to the undisclosed risk. The insurer's proportionate remedy is likely to be avoidance or significant reduction of the claim payment.

The three policies most likely to have a problem

Professional indemnity and errors and omissions

Professional indemnity (PI) insurance covers claims arising from professional advice and services that cause a financial loss to a third party. If your AI agent provides advice in your professional capacity, whether financial, legal, accounting, consultancy, technology, or any other regulated or semi-regulated field, the PI policy is the first line of defence when that advice causes a loss.

The problem is that most PI wordings are written around the concept of a professional person exercising professional judgment. When an AI agent produces the advice, the professional judgment element is partially or fully displaced. Some insurers argue that an AI-generated professional opinion is not a "professional service" under the traditional PI wording. Whether that argument succeeds in court is untested, but the uncertainty itself is a problem at the moment of claim.

Disclosure resolves the uncertainty by forcing the insurer to take a position before the claim. If they accept the risk with a premium increase, you have cover. If they add an exclusion for AI-generated professional advice, you know to find a specific endorsement. If they add no changes, get confirmation in writing that AI-generated professional services are within scope.

Cyber insurance

Cyber policies cover losses arising from network security failures, data breaches, and increasingly, ransomware and business email compromise. The connection to AI agents is indirect but real. If your AI agent is involved in a data breach, whether because it was used to extract data, because it processed personal data without adequate controls, or because it was manipulated by a prompt injection attack to expose information it should not have, the cyber policy is the natural first responder.

Major US cyber insurers including AIG, WR Berkley, and Great American have begun adding AI exclusions to standard cyber forms, or limiting coverage for losses arising from autonomous AI systems acting outside defined parameters.^[3] European cyber insurers are following. Disclosure gives you the opportunity to understand whether your AI deployment sits inside or outside your current cyber coverage before you have an incident.

Commercial general liability

Commercial general liability (CGL) covers bodily injury and property damage claims from third parties. The connection to most AI agent deployments is limited, but it becomes relevant when an AI agent is involved in physical world decisions, such as scheduling maintenance work, routing logistics, managing building systems, or any application where the agent's output affects something with physical consequences. In those cases, CGL disclosure is warranted alongside PI.

What to actually disclose

The disclosure you make to your insurer should cover six elements. This is the minimum; your broker may ask follow-up questions based on your specific industry.

1. What the agent does. Describe the agent's function in plain language. A customer service chatbot that answers queries about your products and services. An AI writing assistant that drafts professional communications for human review before sending. A scheduling agent that automatically books appointments based on customer requests. An accounting assistant that categorises transactions and prepares draft accounts for partner review. The function determines the risk category.

2. Who the agent interacts with. Does it interact with customers or clients directly? With third parties who have no contractual relationship with you? Only with internal staff? Third-party interaction creates the highest disclosure obligation because those parties may rely on the agent's outputs without knowing its limitations.

3. What the agent decides or influences. This is the highest-risk element. If the agent makes or influences decisions with financial, safety, or legal consequences, that must be disclosed specifically. A chatbot that tells customers their order status is different from a chatbot that tells customers whether they are eligible for a refund. A scheduling tool that books internal meetings is different from a scheduling tool that commits to clients that a professional will attend at a specific time.

4. Whether human review occurs before outputs reach third parties. Human-in-the-loop deployments are lower risk than fully autonomous ones. If a human reviews every AI output before it is sent to a customer or used in a client deliverable, say so. If the agent operates entirely without review, that must be disclosed.

5. The model provider. Naming the underlying model provider (OpenAI GPT-4o, Anthropic Claude, Google Gemini, a proprietary or open-source model) gives the insurer information about the quality of the underlying system and the contractual framework governing your relationship with the provider. Insurers are starting to differentiate between leading commercial API providers with published safety frameworks and smaller or unverified models.

6. Volume. Approximate volume matters for a risk assessment. An AI agent handling 20 internal queries per week is different from one handling 20,000 customer interactions per day. Scale determines potential loss exposure.

When to make the disclosure

The duty to disclose runs continuously. If you deploy a new AI agent mid-policy, you should notify your insurer as a mid-term change, even if renewal is months away. Some policies include a mid-term notification clause that explicitly requires prompt disclosure of material changes. Even if your policy does not have one, a prudent insurer treats the discovery of an undisclosed mid-term change as a new disclosure failure unless you notify proactively.

The practical steps are: draft a brief disclosure note covering the six elements above, send it to your broker with a request that they notify the insurer and confirm in writing whether the existing policies cover the described activity. If the insurer confirms cover, file the confirmation. If they add an exclusion, find a replacement endorsement. See the Get Covered guide for the current market for AI-specific endorsements available to SME operators.

What happens after disclosure

Three outcomes are possible. The most straightforward: your insurer reviews the disclosure and confirms that existing cover applies, either with no change or with a small premium adjustment. This is more common than operators expect, particularly for AI tools used as internal productivity aids rather than autonomous customer-facing agents.

The second outcome: your insurer adds an AI exclusion to your policy, either for AI-generated professional advice specifically or for losses arising from autonomous AI systems more broadly. This is increasingly common on PI renewals. The exclusion is not the end of the analysis; it identifies the gap. A specialist AI endorsement from a provider such as Counterpart (Miscellaneous Professional Liability with AI coverage, launched November 2025), HSB (Munich Re subsidiary, AI Liability Insurance for SMEs, launched March 2026), or an AIUC-1 backed policy covers precisely this gap.^[5]

The third outcome: your insurer declines to write the cover at all for activities involving AI agents. This is rare for standard business activities but can happen in sensitive sectors. If it occurs, a specialist broker with access to the Lloyd's and London market, or to the growing European AI insurance market, is the appropriate next step. The network at agentinsured.eu tracks the European AI insurance market and lists current specialist providers.

The disclosure as a governance asset

The exercise of preparing a disclosure note is not purely a compliance obligation. It is also an inventory exercise. Most SME operators who go through the process of documenting their AI deployments for insurance purposes discover that they have more AI in use than they realised, that some deployments they thought were low-risk have significant third-party interaction, and that their human review processes are less systematic than they believed.

That inventory is the starting point for the broader AI agent pre-deployment checklist, which asks the governance questions that an underwriter will ask if you request an AI-specific policy. Operators who have run the disclosure exercise and built the associated documentation are in a materially stronger position when approaching insurers for dedicated AI cover than operators who are doing it for the first time under underwriting pressure.

The same documentation supports regulatory compliance. Under the EU AI Act (Regulation 2024/1689), deployers of AI systems in business contexts have documentation obligations that largely overlap with what an insurer needs to see. An operator preparing a disclosure note for their insurer is, in effect, building part of the compliance file that Article 26 of the EU AI Act requires for high-risk AI deployers.^[6] For a detailed explanation of those obligations in plain language, see the EU AI Act SME obligations guide.

Frequently asked questions

Do I have a legal obligation to tell my insurer about my AI agents?

Yes, in most jurisdictions. Insurance contracts require disclosure of all material facts: any fact that would influence a prudent insurer when deciding whether to accept the risk and at what premium. Deploying an AI agent that takes customer-facing actions, gives professional advice, or makes financial or safety-relevant decisions is almost certainly a material fact. Failing to disclose it and then making a claim arising from that deployment gives your insurer grounds to avoid the policy or reduce the claim payout.

What happens if I do not disclose my AI agents and an AI agent causes a claim?

If you fail to disclose a material fact and a claim arises, your insurer may avoid the policy entirely for deliberate or reckless non-disclosure, reduce the claim payout proportionately for innocent non-disclosure, or add a retrospective exclusion for AI-related losses. Under England's Insurance Act 2015, the remedy is proportionate to what the insurer would have done if they had known. Continental European jurisdictions carry similar provisions. None of these outcomes can be negotiated after the claim is filed. Disclosure at renewal is the only reliable protection.

What specific information do I need to give my insurer about my AI agents?

At a minimum: what the agent does in plain language; who it interacts with (customers, internal staff, third parties); what decisions or recommendations it makes or influences; whether human review occurs before outputs reach third parties; the underlying model provider; and approximate interaction volume per month. Your broker will use this to assess whether current policies cover the activity or whether additional endorsements are needed.

Will disclosing my AI agents cause my insurer to add exclusions to my policy?

It might, particularly at renewal on a policy written before 2024. Many insurers are now adding AI exclusion endorsements to professional indemnity and cyber policies. This is an argument for disclosure rather than against it. An explicit exclusion is a known gap you can fill with a specialist AI endorsement. An undisclosed risk that voids your entire policy at claim time is a hidden one you cannot manage.

What is the difference between disclosing AI to my insurer and getting AI-specific insurance?

Disclosure is an obligation that applies to your existing policies: telling your current insurer about your AI deployments so they can price the risk and update the wording. AI-specific insurance is a separate product, such as the affirmative AI endorsements from Counterpart, the AIUC-1-backed policies available through the AI Underwriting Company, or the SME AI Liability Insurance from HSB (Munich Re). Many SMEs need both: disclosure to maintain the validity of existing policies and a dedicated AI product to fill the gaps those policies leave.

What should I say to my insurance broker about my AI agents?

Prepare a one-page summary covering: the AI tools in use and their business purpose; the category of risk they create (advice risk, data risk, decision risk, reputational risk); the volume and nature of customer or third-party exposure; any third-party model provider terms of service that limit your ability to recover from them; and any steps you have taken to govern the AI, such as human review processes, scope limits, or third-party assessments. Ask the broker to confirm in writing whether your current policies cover losses arising from the described activities.

Footnotes

The duty of utmost good faith (uberrimae fidei) in insurance originates in Carter v Boehm (1766) 3 Burr 1905 and has been developed through substantial case law. For current English law, see Insurance Act 2015 (UK), Sections 3-8 (the duty of fair presentation). For EU equivalents: German Versicherungsvertragsgesetz (VVG), Sections 19-22; French Code des assurances Article L.113-2; Dutch Civil Code (BW), Book 7, Articles 928-930.
Insurance Act 2015 (UK). The Act replaced the Marine Insurance Act 1906 regime from 12 August 2016. Section 8 sets out the proportionate remedies for qualifying breaches of the duty of fair presentation. For a non-qualifying breach (neither deliberate nor reckless), the insurer's remedy is limited to what it would have done if the fair presentation had been made: declining to write the risk, adding terms, or charging a higher premium.
For evidence of AI exclusion activity in the US market: AIG has filed endorsements in multiple states under ISO form language limiting coverage for losses arising from autonomous AI decisions. WR Berkley CEO William Berkley stated publicly in October 2023 that the company viewed AI as a largely uninsurable risk under existing cyber forms. Great American Insurance has added AI operational risk exclusions to standard E&O renewals. Similar trends are being tracked by the Insurance Information Institute's AI and Insurance working group.
German Versicherungsvertragsgesetz (VVG), Section 19 (Anzeigepflicht): the policyholder must report all circumstances known to them at the time of the application that are material to the insurer's acceptance of the risk. Section 21 provides remedies for breach including avoidance, withdrawal, and premium adjustment. French Code des assurances Article L.113-8: the insurer may void the contract for wilful misrepresentation or omission. Article L.113-9: for non-wilful misrepresentation, the insurer may cancel the contract or reduce the indemnity proportionately to the premium charged versus what would have been charged.
Counterpart Affirmative AI Coverage launched November 2025. Scope: Miscellaneous Professional Liability and Allied Health with Tech E&O insuring agreement. Backing: Aspen, Markel, Westfield Specialty. HSB AI Liability Insurance for Small Business launched March 2026 (HSB is a Munich Re subsidiary). For current European market listings, see agentinsured.eu AI liability insurance market map 2026.
Regulation (EU) 2024/1689 (EU AI Act). Article 26 sets out deployer obligations for high-risk AI systems including: taking appropriate technical and organisational measures to ensure use in accordance with instructions; assigning human oversight to natural persons with competence and authority; monitoring operation; suspending use where risk is identified; and keeping logs where the system provides for automated log-keeping. The documentation requirements under Article 26(1)(a) overlap substantially with the information an insurer requires for an AI-specific underwriting submission.