Gen AI Risks for Businesses: Exploring the role for insurance

In moments of profound technological transformation, we often face a paradox: the tools that promise to elevate us can also challenge us in unexpected ways. Generative AI demands both strategic anticipation and human-centred stewardship.

This report is our contribution to a fast-evolving conversation about how to understand, manage, and insure against the new classes of risk that Gen AI creates or amplifies. From cybersecurity threats to intellectual property challenges, from workforce disruption to liability uncertainty, a risk landscape that goes beyond traditional categorisation is emerging.

To ground our insights in real-world experience, we conducted a global survey of 600 business representatives involved in corporate insurance decision-making, across the largest six insurance markets. One clear finding stands out: more than 90% of respondents see a need for insurance coverage for Gen AI risks, with two thirds willing to pay more in premiums for it. This signals both urgency and opportunity.

The insurance industry has a critical role to play in offering protection and in shaping responsible Gen AI adoption. By approaching these challenges collaboratively – with technology providers, regulators, and businesses alike – and with caution, we can help ensure that the benefits of Gen AI are realised safely and sustainably.

Jad Ariss 
Managing Director

Businesses are rapidly integrating Generative AI (Gen AI) into both customer-facing products and services and their internal operations. This introduces new risks such as defective outputs, biased recommendations, intellectual property infringements, and cybersecurity concerns. These risks become particularly prominent when Gen AI models hallucinate or replicate protected content.

This report explores Gen-AI-related risks and assesses businesses’ awareness and demand for related insurance. Building on established frameworks, we classify Gen AI risks into seven domains: operational, cybersecurity & privacy, ethical, regulatory, reputational, workforce, and ESG. These emphasise how Gen AI amplifies or creates exposures beyond traditional risk categories.

To evaluate risk awareness and insurance demand from businesses that use Gen AI, the Geneva Association commissioned a survey of 600 corporate insurance decision-makers/influencers across the six largest insurance markets (China, France, Germany, Japan, the UK, and the US). The survey results reveal widespread Gen AI adoption, though perceived usefulness varies by region – it is highest in China and the US – reflecting differing levels of digital maturity and organisational culture.

Businesses face significant Gen AI implementation hurdles, particularly talent shortages, poor data quality, and internal resistance. The primary challenges vary across markets, influenced by differing levels of willingness to adopt Gen AI.

Cybersecurity risks emerge as the top concern of businesses, cited by over half of surveyed firms, followed by third-party liabilities to clients and suppliers and then operational disruption. Reputational damage ranks lower despite its potential for long-term impact.

More than 90% of respondents express a need for insurance coverage tailored to AI/Gen AI threats; over two thirds would pay at least 10% more in premiums for explicit insurance policy extensions that cover Gen/AI related risks. Demand is particularly strong among medium and large enterprises, in the technology and finance sectors, and in regions with higher Gen AI adoption. Additionally, high Gen AI risk exposure and high severity of past Gen AI failures drive insurance demand, suggesting potential adverse selection.

On the supply side, applying Berliner’s insurability framework reveals insurability challenges, at least in the short term. Gen AI risks may lead to large potential losses. As it is difficult for insurers to verify Gen AI risks and how businesses manage them, Gen-AI-related insurance may experience serious information asymmetry. Insurers may therefore be reluctant to offer high coverage limits, as in the early days of cyber insurance.

Insurers are responding to Gen AI risks by adapting cyber and liability policies to include Gen-AI-related causes of loss; parametric triggers and due-diligence protocols are being tested to streamline underwriting and claims processes; and selected standalone AI insurance solutions that integrate various types of coverage into a single policy indicate the emergence of a nascent market, though it remains too early to say whether existing insurance products or new standalone solutions will come to dominate the Gen AI risk market.

To keep pace with Gen AI innovation, insurers should proactively define Gen AI’s risk boundaries and begin piloting modular coverage extensions, before loss events force reactive responses. Insurers may consider partnering with technology providers and regulators to co-develop risk assessment frameworks for Gen AI, embed continuous monitoring in policy terms, and explore simulation-based modelling. Such collaboration would harmonise ethical standards, clarify coverage terms, and strengthen the insurance industry’s role in safeguarding and supporting the development and adoption of Gen AI.

Generative AI (Gen AI), is a subset of artificial intelligence that can create original content such as text, images, voices, videos, and their combinations in response to user requests.1 Gen AI is a revolutionary digital technology that has the potential to fundamentally reshape production processes in economies, much like earlier breakthroughs such as the steam engine, electricity, and the internet.

Gen AI builds on many of the statistical advances underpinning traditional AI (see Box 1). In Gen AI models – especially large language models (LLMs) – the core task is to predict the next token (e.g. a word or phrase) in a sequence, given the context of all previous tokens. This sequential token-by-token prediction enables the Gen AI model to generate coherent, contextually relevant text or other content that appears fluid and human-like. Traditional AI typically involves traditional machine learning techniques such as classification or regression, where the model is trained to map potential predictors directly to a fixed target variable (e.g. forecasting tomorrow’s temperature).

Source: Geneva Association

In November 2022, OpenAI launched ChatGPT, a conversational AI tool that rapidly gained traction for its natural language capabilities. Within just two months, it attracted 100 million users, achieving this milestone faster than TikTok (nine months) and Instagram (two and a half years); by February 2025, ChatGPT’s weekly active users reached 400 million.4 This unprecedented growth ignited a surge in venture capital investments and intensified competition to develop Gen AI solutions for enhancing productivity across industries.

In early 2025, DeepSeek emerged as a major player in the Gen AI landscape, introducing advanced capabilities to process and integrate multiple types of data – such as images, sounds, and text – simultaneously, and the costs and computing power are much lower than for earlier Gen AI models. Within three months, DeepSeek attracted over 50 million users, mirroring earlier ChatGPT breakthroughs. This innovation reignited investor interest and intensified the race to develop Gen AI tools for broader applications.

Beyond take-up by individual consumers, Gen AI models are radically changing the way businesses operate. Firms are increasingly leveraging Gen AI for two purposes: on the product offering side, embedding Gen AI in product and customer service to drive innovation, and on the operational side, Gen AI redesigning task-level processes and operational workflows to improve efficiency and cost-effectiveness.

Figure 1 underscores the acceleration in the use of Gen AI by businesses. A 2025 global survey indicates that 71% of respondents have adopted Gen AI tools in at least one business function, rising from 65% in early 2024 and 33% in 2023.5

FIGURE 1: AI AND GEN AI USE IN BUSINESSES

Copy link to this sectionDownload

* In 2017, the definition for AI use was using it in a core part of the organisationʼs business or at scale. In 2018–19, it was embedding at least one AI capacity in business processes or products. Since 2020, it is that the organisation has adopted AI in at least 1 function.

Source: McKinsey6

While Gen AI introduces immense benefits for businesses, its creativity and output-driven nature introduce distinct risks that demand careful management. While some of these risks are amplified versions of those from traditional AI (e.g. algorithmic fairness, privacy concerns), others are entirely new – particularly those related to content creation, such as algorithmic hallucinations,7 emergent biases, and unauthorised content replication – and lack historical parallels in risk profiles.8

Risks introduced by Gen AI include, for example, the spread of misinformation (using audio deepfakes to command smart home devices that lead to unauthorised access), the generation of harmful content (with violence and discrimination), and copyright infringement (using protected text, images, and music without authorisation or giving results that are substantially similar in content and style to existing works), all of which pose distinct risks for businesses and their insurers.9

On the product side, a business using Gen AI tools developed by tech providers may suffer financial harm, creating potential liability for the providers.10 For example, when a Gen AI model introduces security vulnerabilities or bugs through its generated code, Gen AI developers face product liability risks.11 Such failures in Gen AI systems could resemble failures in critical infrastructure, potentially creating economy-wide systemic risks. AI-generated legal services may expose businesses providing them to professional liability risks due to inaccurate AI-generated content or misrepresentations.

On the operational side, firms that deploy Gen AI to steer their businesses face risks like incorrect/biased decision-making, operational inefficiency, and financial losses.

Gen AI systems may also be more susceptible to cyberattacks, which could result in business disruption and financial losses, i.e. cybersecurity risks stemming from vulnerabilities in Gen AI systems.

Table 1 shows the types of risks related to traditional and Gen AI. Among these categories, operational, cybersecurity & privacy, reputational & market, and workforce challenges are primarily first-party operational risks, while bias & ethical concerns, regulatory & compliance risks, and ESG considerations also involve third-party product risk. While many risks apply to both traditional and Gen AI, aspects with special relevance for Gen AI are emphasised in the final column.

TABLE 1: Al AND GEN Al RISKS FOR BUSINESSES

Source: Geneva Association

The emergence of Gen AI has fundamentally expanded the capabilities and risks of AI systems, introducing complex challenges that demand comprehensive governance and mitigation strategies. It both amplifies existing AI risks and introduces novel risks.

Many AI algorithms are opaque, making it difficult for businesses to interpret or explain their operations and outcomes. This black-box issue complicates error tracing and accountability, especially in regulated industries like finance and healthcare. It also presents legal challenges, as firms must demonstrate how AI decisions are made and opacity hinders liability defence. Gen AI intensifies this challenge: unlike traditional AI, which enables traceable decision pathways that can be reversed, Gen AI outputs cannot be mapped to specific parameters and the creative generation process, which involves training data of a higher order of magnitude, is inherently difficult to explain. Consequently, interpretability becomes doubly constrained by training data biases and model architecture, further complicating error attribution.

Cybersecurity risks are also heightened. By lowering the technical barrier to entry for cyber criminals, Gen AI has enabled the proliferation of AI-driven malware, phishing, and distributed denial-of-service (DDoS) attacks. Because of Gen AI’s unique creativity, threat actors increasingly exploit Gen AI tools such as FraudGPT and ElevenLabs to automate the creation of malicious content, including malware, deepfake videos, phishing websites, and synthetic voices. This automation has resulted in more scalable, believable, and effective cyberattacks. Cybercrime-as-a-service (CaaS) groups are now leveraging these tools to specialise in particular phases of the attack chain.12 Additionally, Gen AI poses threats through ‘model manipulation’, where adversarial attacks degrade content quality and security, enabling malicious applications such as deepfakes or fraudulent communications.13 This kind of model manipulation may also directly output fallacious and deceptive results, even with normal and correct training datasets. For example, GPT-4 demonstrates proficiency in manipulating textual data, modifying the sentiment of interview transcripts, and appropriately imputing inaudible portions of the interviews. Adobe Firefly has also been used to effectively manipulate visual data, integrating a large body of water into a Mars River photograph.14

Balancing AI efficiency with human oversight is essential for maintaining trust, preventing biased, misleading, or harmful outputs, and ensuring accountability and compliance. Current practice reinforces human accountability for final outputs (e.g. plant managers signing off on AI-proposed schedules and product qualification certificates), treating Gen AI as an assistive tool that does not change main responsibilities. However, Gen AI may also progressively assume operational responsibilities, for example in automatic driving or closed-loop production systems. Risks could intensify if moves towards agentic AI – AI systems designed to act autonomously and make decisions to achieve specific goals – progress (see Box 2).15

Source: Contributed by Christoph Krieg, Peak3 (a member of ZhongAn Insurance Group)

Gen AI introduces additional legal and regulatory concerns, particularly regarding copyright and IP violations. Gen AI models may inadvertently incorporate copyrighted material, exposing businesses to legal disputes and reputational harm. Additional compliance risks brought about by Gen AI may also be overlooked due to businesses continuing to apply previous regulatory rules and practices for traditional AI. Determining accountability for AI failures is critical and needs to be clearly managed in contract wording. That is, if a business is using a service provider for Gen AI, both parties should allocate liabilities in their contractual agreements. Gen AI models usually add liability waivers, meaning the liability sits with the business directly providing the service to the customer rather than with the AI service provider.

Bias and ethical concerns arise when AI systems inadvertently reinforce societal biases. While bias and privacy issues are often viewed as technical or legal challenges, ethical concerns extend beyond compliance to broader societal norms. For example, biased hiring algorithms may favour certain demographics, exposing companies to lawsuits and reputational damage. While traditional AI analyses existing data to learn patterns and forecast outcomes, Gen AI systemically creates original content that, if biased, consequently perpetuates and amplifies societal stereotypes or inaccuracies (‘training data bias’). It can also generate ethically problematic content (‘ethical content risks’), undermining trust and credibility.16 Moreover, AI-driven automation may prioritise efficiency or profit over ethical considerations. Such misalignments between business goals and ethical AI use can lead to reputational damage and erode customer confidence.

While developing and using Gen AI can amplify existing risks and throw up new ones for businesses, the overall net impact of Gen AI on risk remains uncertain. On the product side, IT developers have long faced product liability risks. Gen AI could increase these risks by introducing novel errors or reduce them by improving product quality, for example, by enhancing coding accuracy.17 On the operational side, Gen AI may empower threat actors through tools like deepfakes, but it will also likely strengthen cyber defences, offering advanced capabilities in anomaly detection and synthetic data generation. Compared to traditional AI, Gen AI improves the detection of complex, evolving cyber threats by better handling diverse data patterns and attack types.18 This report focuses on the specific risks Gen AI introduces or amplifies, rather than estimating its overall net effect on total business risk.

To manage Gen-AI-related risks effectively, businesses must implement robust governance frameworks, foster transparency, ensure ethical use of the technology, and ensure alignment with rapidly evolving regulations to address potential liabilities. Effective risk management includes not only reducing and mitigating the risks of Gen AI use but also transferring the risks to parties best placed to absorb any associated losses. In this context, Gen-AI-related risks may serve as the object of insurance coverage. Business insurance customers are expected to seek innovative insurance products to manage these risks effectively. By offering such solutions, insurers can help manage Gen AI risks for both businesses and society at large.

This report investigates the research question: how insurance can address the risks introduced by Gen AI, primarily for business insurance customers. Specifically, it examines business insurance customers’ attitudes towards the deployment of Gen AI, their awareness of the associated risks and benefits, and their current and future risk management strategies. The report evaluates the new risk dynamics introduced by Gen AI and analyses both the demand for and potential supply of Gen-AI-related insurance solutions. It also assesses the insurance sector’s capacity to develop and deliver appropriate protection products in response to these emerging risks.

The report makes two original contributions. First, it presents what is to our knowledge the first study focusing on how existing business insurance customers perceive Gen AI risks and corresponding insurance solutions.19 Second, it offers the first comprehensive assessment of the insurability of Gen-AI-specific risks. Guided by established insurability criteria, the report systematically evaluates which Gen AI exposures can realistically be covered under current market frameworks and where innovative products will be needed.

The remainder of the report is structured as follows: section 2 examines business customer demand for Gen-AI-related insurance; section 3 discusses the insurability of Gen AI risk; and section 4 concludes with future prospects and recommendations for insurers.

Given the diverse and complex nature of Gen-AI-induced risks, it is crucial to understand how businesses perceive and respond to them. The Geneva Association therefore conducted an online survey of business insurance customers, which investigated four areas: 1) application of Gen AI, 2) awareness and perception of Gen-AIrelated risks, 3) demand for potential Gen-AI-related insurance solutions, and 4) the basic profiles of respondents. Details of the survey process and sample are summarised in Box 3.

Box 3: Sample and process of the business insurance customer survey

Copy link to this section

The survey polled 100 business insurance customers in each of the world’s six largest insurance markets (China, France, Germany, Japan, the UK, and the US) in February 2025. The samples were designed to be representative of insurance customer profiles in their respective markets, covering businesses from diverse industries and of varying size.

FIGURE 2: PROFILE OF SAMPLED ORGANISATIONS

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey
 

The survey consisted of 22 questions. To qualify, respondents needed to: 1) have a basic understanding of what Gen AI is, 2) use Gen AI tools for business operations within their organisation, 3) have purchased or renewed insurance for their organisation within the past three years, and 4) have control over insurance decisions in their organisation (e.g. decision-maker or influencer).

Source: Geneva Association

The survey results show that businesses are rapidly adopting Gen AI, with uses ranging from internal reporting and summarisation to customer-facing tasks, but the pace and depth of adoption vary widely across markets. The US and China stand out, with both high perceived usefulness and strong willingness to insure AI-related risks, whereas Japan, Germany, and France show slower uptake, reflecting lower trust, regulatory or cultural hurdles, and organisational resistance. The main challenges to implementation are shortages of skilled professionals, poor data quality, and technical integration barriers, all of which increase operational vulnerability. Reported failures – such as inaccurate or misleading outputs, inconsistent responses, and difficulties with system compatibility – underscore the urgency of establishing robust validation mechanisms and governance frameworks. Together, these findings reveal that while Gen AI is already reshaping business processes, it comes with significant risks.

Demand for insurance solutions is strikingly strong. More than 90% of surveyed firms expressed interest in coverage for Gen-AI-related risks, and over two thirds are willing to pay higher premiums for such protection. Cybersecurity risk dominates the list of Gen AI risk exposures, followed by liability toward customers and suppliers, as well as general operational risks. Medium-to-large firms, technology-intensive sectors, and businesses with high exposure or prior severe failures show the strongest appetite for Gen AI insurance coverage. Cross-market comparisons confirm that the greatest immediate opportunities for insurers lie in the US and China, where adoption and insurance demand are highest, while continental Europe lags behind. This stratification suggests that insurers must actively renovate/innovate their products and strategies accordingly, extending cyber policies to include Gen AI risks, developing standalone coverage where justified, and aligning offerings with the risk profiles and readiness of specific markets and sectors.

Generating internal reports or summaries was cited as the top reason for using Gen AI (51.5% overall, 82% in China, see Figure 3). These findings highlight the widespread adoption of Gen AI across various industries and its growing importance in a range of business processes.
 

FIGURE 3: PURPOSES FOR USING GEN Al

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

Figure 4 shows the perceived usefulness of Gen AI in daily business operations. Overall, 47.5% of respondents find Gen AI ‘very useful’, with notably higher ratings in the US (68%) and China (66%). In contrast, Japan reports the lowest perceived benefit, with only 18% of businesses rating Gen AI as ‘very useful’. These regional differences suggest that cultural, regulatory, and operational factors influence the perceived value of Gen AI.20
 

FIGURE 4: USEFULNESS OF GEN Ai IN DAILY WORK

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

Businesses face multiple challenges when implementing Gen AI (Figure 5). The most significant obstacles include a shortage of qualified professionals (36.5%) and issues related to data quality and accessibility (34.2%). Technical issues such as data integration and system scalability also pose significant hurdles. These issues make Gen AI more susceptible to the risks outlined in the previous section. Only 14% of businesses report no significant challenges.

FIGURE 5: CHALLENGES OF IMPLEMENTING GEN AI

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

The primary challenge varies by market. In Germany and France, the most frequently cited issue is resistance from colleagues, employees, or customers (41% and 39%, respectively). In contrast, China and Japan demonstrate greater openness to Gen AI adoption, with only 12% and 23% of respondents, respectively, citing resistance as a challenge. The primary obstacle in China, Japan, and the US is the limited availability of skilled Gen AI professionals. These findings suggest that while businesses in Asia and North America are more willing to adopt Gen AI, they face skill shortages, whereas in continental Europe, reluctance to adopt Gen AI is a more pressing issue. The UK falls in between these two trends.

Businesses report facing various issues and failures when using Gen AI (see Figure 6). The most frequently reported include inaccurate or misleading information (34.7% overall, 58% in Japan), difficulties integrating Gen AI into existing systems (29.8%), and inconsistent AI-generated responses (28.7%). Accuracy remains a critical issue, particularly in Japan, where trust in AI-generated content is lower. These results highlight the need for robust validation mechanisms to ensure AI-generated outputs are reliable and suitable for decision-making. Similar to other digital technologies, compatibility with existing IT systems is also critical for Gen AI applications.21
 

FIGURE 6: GEN AI ISSUES AND FAILURES EXPERIENCED BY BUSINESSES

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

Of the specific Gen-AI-related risks for which businesses seek cover, cybersecurity risks rank top, cited by more than 50% of business customers (Figure 7). Liability risks to customers and suppliers and general operational risks also rank highly. Reputational risks, though relevant, are less of a priority. These results indicate that businesses are primarily focused on financial and legal liabilities rather than broader reputational uncertainties. The findings also highlight the importance of developing robust security measures to mitigate Gen-AI-related risks to allow businesses to leverage Gen AI with confidence.22

FIGURE 7: GEN AI RISKS BUSINESSES WANT TO INSURE

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

Over 90% of respondents suggest they would value insurance for Gen-AI-related risks. More than two thirds of respondents said they would be willing to pay at least 10% more for insurance that would cover Gen AI risks (Figure 8),23 suggests a strong business case for AI-driven insurance solutions.
 

FIGURE 8: WILLINGNESS TO PAY FOR GEN AI INSURANCE

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

Figure 9 outlines the types of insurance products businesses seek to manage their AI-related exposures. Demand is highest for solutions that integrate Gen AI risks into existing cyber insurance policies, which is consistent with the fact that cybersecurity is as perceived as the top concern (see Figure 7). Over 40% of respondents also see potential for standalone, AI-specific coverage.
 

FIGURE 9: PREFERRED INSURANCE PRODUCTS TO COVER GEN AI RISKS

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

To better understand the drivers of demand for Gen AI insurance, we examine the relationship with business characteristics. Demand is measured using two key indicators: whether businesses believe their current insurance covers Gen AI risks and their willingness to pay extra for Gen AI risk coverage.24

Demand for Gen AI insurance among medium (51–250 employees), large (251–1,000 employees), and very large firms (more than 1,000 employees) is comparable, and is higher than for small firms (less than 50 employees), as shown in Figure 10. More than 60% of medium-to-large firms believe that they are already insured for Gen-AI-related risks. Over 70% of medium-to-large firms are willing to pay at least 10% more in premiums for Gen AI risk coverage; less than 40% of the smallest firms are willing to do so, likely due to cost sensitivity and perceived lower risk exposure (Figure 11).
 

FIGURE 10: GEN AI INSURANCE COVERAGE BY BUSINESS SIZE

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

FIGURE 11: WILLINGNESS TO PAY FOR GEN-AI-RELATED INSURANCE BY BUSINESS SIZE

Copy link to this sectionDownload

Source: Geneva Association business insurance customer survey

Figure 12 presents a cross-market comparison of Gen AI adoption and Gen AI insurance demand. The US and China lead the deployment of Gen AI applications among businesses. They also have larger appetite to insure more types of Gen AI risks and higher willingness to pay for Gen AI insurance coverage than the other surveyed countries. Japan, Germany, and France have lower appetite; the UK falls somewhere in between.

The high Gen AI adoption rates and insurance demand in China and the US suggest strong technological momentum, whereas regulatory and operational considerations may be slowing adoption and insurance demand in continental Europe. Strong willingness to pay for AI insurance signals a business opportunity for insurers, particularly in markets where Gen AI is already proving its value, such as the US and China.

FIGURE 12: GEN Al ADOPTION AND INSURANCE DEMAND ACROSS MARKETS

Copy link to this sectionDownload

Notes: The chart compares average survey responses to questions about Gen AI usage, types of risk, and willingness to pay for Gen AI insurance across the six markets. For each question, the market with the largest average value is indexed equal to 100 and the other bars illustrate the relative positions of other markets to the top score.

Source: Geneva Association business insurance customer survey

The technology sector shows significantly higher demand for Gen AI insurance than other industries, probably because Gen AI is embedded in the product (or is the product itself). Demand is also strong in the finance and manufacturing sectors (see Figure 13).

FIGURE 13: GEN AI INSURANCE DEMAND ACROSS INDUSTRIES

Copy link to this sectionDownload

Notes: The chart compares average survey responses to questions about existing Gen AI risk coverage and willingness to pay for Gen AI insurance across industries. For each question, the industry with the largest average value is indexed equal to 100 and the other bars illustrate the relative positions of other industries to the top score.

Source: Geneva Association business insurance customer survey

Businesses that use Gen AI more frequently or have experienced severe Gen AI failures also show higher demand for insurance (see Figure 14).25
 

FIGURE 14: GEN AI INSURANCE DEMAND BY RISK EXPOSURE AND FAILURE SEVERITY

Copy link to this sectionDownload

Notes: The chart compares average survey responses to questions about existing Gen AI risk coverage and willingness to pay for Gen AI insurance across various usage frequency and failure severity categories. For each question, the category with the largest average value is indexed equal to 100 and the other bars illustrate the relative positions of other categories to the top score.

Source: Geneva Association business insurance customer survey
 

In sum, demand for Gen AI insurance is particularly strong among medium-to-large businesses, in the US and China, and within the technology sector. This stratification highlights the need for insurers to calibrate their product and marketing strategies, which in turn calls for careful analysis of the insurability of Gen-AI-related risk, a topic we turn to in the next section.

Insurers must carefully craft the scope of their coverage to ensure risks are adequately calibrated and sit within the envelope of their risk appetite and risk-absorbing capacity.

Assessing the insurability of (Gen) AI risks through Berliner’s framework involves nine criteria that determine whether a risk is insurable (see Table 2; a more comprehensive version of the insurability assessment is presented in Appendix B).26 While the categorisation is based on established concepts in insurance theory and practical experience, it is important to recognise that the evaluation is inherently subjective and open to interpretation.27

Table 2 highlights the uncertainty of and challenges associated with insuring Gen AI risks, though the categorisation (e.g. yellow vs. red) may be debated as the boundaries often depend on context, emerging evidence, and stakeholder perspectives. The framework and evaluation are thus intended as a basis for discussion and reflection rather than a definitive judgment. Insurers are encouraged to critically engage with the criteria and rationale presented, considering their own perspectives and the broader implications for insurance and risk management. Box 4 compares the insurability of Gen AI and traditional AI.

TABLE 2: INSURABILITY OF GEN-AI-RELATED RISKS

Green: Minimal challenges to insurability; Yellow: Some challenges to insurability; Red: Violation of insurability under traditional insurance models 

Source: Geneva Association

AI-related losses should occur randomly with somewhat identifiable frequency and severity, making them reasonably predictable. However, AI can produce unforeseen outcomes given its changing underlying context and inherent complexity. This means AI-related loss events are not uniformly distributed. Moreover, the skills and tools needed for validating AI systems based on their predictive benefit are lacking. Thus, satisfying the randomness criterion is challenging. For Gen AI, the challenge is even greater because output generated by such systems can lead to unforeseen consequences, such as intellectual property violation or the spread of misinformation, which are difficult to quantify or predict. Gen-AI-related losses therefore introduce new layers of uncertainty.

Source: Geneva Association

These risks challenge traditional insurance models due to their rapid scalability and potential for global impact, meaning losses are more correlated, can spread very quickly across insureds, and may impact many insurance lines simultaneously. Insurable risks should also be homogeneous, i.e. apply to similar cases across policyholders. AI applications, which are tailored to specific industries such as autonomous vehicles or medical diagnostics, lack such homogeneity as risk profiles vary significantly depending on the technology and its context. In the case of Gen AI, the risks extend across a vast array of use cases, from creative content generation to fraud facilitation, further complicating the establishment of homogeneous risk pools. The predictability of risk events, critical for pricing and risk assessment, are difficult to determine in AI contexts due to their rapid development and reliance on complex datasets.

The maximum potential loss from an AI failure must be manageable within the insurer’s capacity. But AI systems, particularly in critical sectors like healthcare, finance, or transportation, can lead to catastrophic losses. A malfunction in a Gen-AI-driven healthcare system, such as AI-generated medical diagnosis, treatment planning, or automated patient communication, could result in widespread harm, overwhelming traditional insurance capacities and challenging premium affordability.

Estimating the average loss amount for Gen-AI-related risks is challenging due to the unpredictable nature of these technologies. Unlike traditional risks, limited historical data exists to guide calculations. Losses can vary widely based on use case, industry, and failure type – ranging from medical misdiagnoses to intellectual property violation. The rapid evolution of Gen AI further complicates loss projections.

The frequency of AI-related losses should be sufficiently high to allow accurate risk assessment. The novelty of AI and limited historical data on AI-related incidents, however, hinder precise estimations of both loss frequency and severity. A large and homogeneous risk pool is generally considered essential for diversifying and mitigating individual losses. The diverse applications of AI across various industries complicate the formation of such pools, as the risks are highly variable. In the medium term, sufficient Gen AI loss frequency should be expected. Given the limited availability of historical loss data, simulation-based modelling is a promising direction, one also encouraged by regulators.

Insurability criteria require that the asymmetry in information between insurers and insureds be minimal. AI systems often involve proprietary algorithms and data, creating significant asymmetry. This leads to risks of moral hazard, where insured parties may neglect maintaining AI system safety, and adverse selection, where higher-risk insureds seek more insurance. While high-demand segments present opportunities, insurers must take full account of the adverse selection challenges, as businesses with significantly higher Gen AI risk exposure and prior experience with major AI failures are most likely to seek coverage.

Insurers also face challenges in verifying the safety measures implemented by developers for Gen AI, especially in open-source models that can be modified or misused by third parties. Given the dynamic development of the Gen AI risk landscape, insurers may also struggle to verify how businesses manage those risks. To address information asymmetry and mitigate moral hazard, insurers may require insureds to implement maintenance protocols and transparency mechanisms as part of the policy terms (e.g. mandatory model audits, third-party certifications, reporting obligations, usage restrictions). Such tools help ensure that AI systems are maintained safely and responsibly, enabling more accurate pricing and sustainable risk transfer.

Box 5 provides market insights from Japan on the emerging challenges of insuring Gen AI risks.

Source: Contributed by Tomo Asaka, Tokio Marine

Note that all the major insurability challenges (marked in red in Table 2) are actuarial-oriented. Experts suggest that Gen AI may help to generate faster and more accurate risk profiles and thus enable more tailored pricing, quicker application decisions, and personalised product offerings in insurance, which help to mitigate these challenges. The potential usage of Gen AI in risk modelling and pricing may have profound implications for insurance customers beyond insuring Gen AI risks (see Box 6).

Source: Contributed by René Wissing, Achmea

The significant uncertainty and impact of Gen-AI-related risks results in high premiums and low coverage limits, which could render insurance unaffordable for many businesses. In particular, small and medium-sized enterprises (SMEs) and critical users of AI may find premium levels prohibitive, deterring them from purchasing coverage. Policyholders expect coverage limits that address their risk exposure adequately; however, insurers may impose low limits to manage their risk, potentially leaving businesses underinsured, especially those that rely heavily on AI technologies.

Insurance for AI risks should align with societal values and public policy. Ethical considerations, particularly related to privacy and discrimination, play a significant role in determining the acceptability of AI risk insurance.

Coverage must comply with legal and regulatory frameworks, which are still developing for AI technologies. Legal uncertainties pose additional challenges for insurers in defining the scope and terms of coverage, and Gen AI adds a new layer of complexity.

To ensure consistency with societal values, insurers may intentionally exclude harmful uses of Gen AI – such as deliberate defamation, deepfake manipulation, or synthetic data abuse (i.e. synthetic data without safeguards could lead to identity theft, discrimination, or other privacy violations) – from coverage.28 These exclusions, common in liability insurance, preserve the legitimacy of coverage while still allowing protection against negligent or accidental harms arising from AI use.

Overall, evaluating Gen AI risks against Berliner’s insurability criteria reveals several challenges. The complexity of AI systems and lack of skills and tools for validating them based on their predictive benefit make it difficult to assess and price risks accurately.29 Gen AI, with its unique risks and ethical dilemmas, adds another layer of complexity. The potential for significant losses from AI failures may exceed the capacity of traditional insurance markets, and the scarcity of historical data on Gen-AI-related incidents hinders effective risk assessment and pricing. While insuring Gen AI risks is possible, it requires innovative approaches, such as specialised insurance products, advanced risk assessment models, and collaboration between insurers, developers, and regulators.

The market for Gen-AI-related insurance products is still in the early stages, but solutions are being developed (see Table 3). Some insurers, such as AXA XL and Munich Re, are piloting or expanding cyber and professional liability policies to include risks such as data contamination, copyright infringement, and AI-driven errors. For example, AXA XL offers endorsement to their cyber policies to cover Gen AI risks linked to clients’ own Gen AI initiatives. The endorsement covers firstand third-party Gen AI risks, including data poisoning (i.e. manipulating or contaminating the training data used to develop machine learning models), usage rights infringement (i.e. negligently failing to obtain appropriate permissions to use particular items or data), and/ or regulatory violations (i.e. liability resulting from the EU’s AI Act).30 Some insurers in the US and China, such as PICC, are piloting standalone (Gen) AI insurance to cover, for example, the intellectual property infringement risk of AI-generated contents.

At the same time, many insurers are struggling with the insurability of these risks due to unpredictability, legal uncertainty, and a lack of claims data. They do not currently offer dedicated AI insurance products but are closely monitoring developments. They recognise both the opportunities and challenges associated with Gen AI and are actively exploring appropriate future risk transfer solutions.

TABLE 3: POTENTIAL INSURANCE SOLUTIONS FOR GEN AI RISKS

Past experience with other emerging risks – like environmental liability,31 operational risk,32 cyber risk33 or reputational risk34 – for which specific, tailored insurance solutions have been developed can also act as a guide.

• Cyber insurance might explicitly address Gen-AI-related risks, such as AI-generated fraud (deepfake scams), misinformation liability (automated fake news generation), and hallucination risks (incorrect but plausible AI-generated insights causing business losses). Since Gen AI systems frequently process vast amounts of sensitive data, they are particularly vulnerable to cyber risks, including model manipulation attacks that compromise output integrity.35
• Professional liability insurance, also known as errors and omissions (E&O) insurance, safeguards businesses against claims arising from errors or omissions in their services. For companies using Gen AI to produce customer-facing outputs, this coverage can be crucial for addressing failures like generating biased, misleading, or harmful content that impacts clients or users.
• Directors’ & officers’ (D&O) liability insurance is designed to protect company leadership from personal losses due to legal actions linked to their decisions. In the context of AI, this coverage can address claims related to the adoption and oversight of AI technologies, including controversies over data use, algorithmic bias, or unintended consequences of AI deployment.
• Intellectual property insurance protects against claims of infringement on patents, trademarks, or copyright. Given that Gen AI systems often create content or leverage third-party data, this coverage is critical in transferring potential infringement issues, such as unauthorised use of copyrighted material in generated outputs. Moreover, product liability insurance covers claims related to defects in products sold or supplied by a business. For AI developers, this insurance can address cases where Gen AI products produce inaccurate or harmful outputs, such as medical misdiagnoses or faulty financial recommendations, causing harm or failing to perform as intended.

However, there are material gaps in existing insurance coverage when it comes to addressing AI-related risks, particularly for Gen AI (Table 4).36 Many existing policies, such as cyber or E&O insurance, are starting to exclude Gen AI risks.

TABLE 4: ANALYSIS OF AI INSURANCE COVERAGE GAPS

Source: Adapted from Aon37

Despite the introduction of some innovative, dedicated AI insurance solutions (see Box 7), it remains uncertain at this stage whether standalone AI insurance will become mainstream.38 Such policies could bundle key AI-specific risks – such as algorithmic errors, biased outputs, liability disputes, and regulatory breaches – into a single, tailored product. Given the scope of Gen AI risks, businesses may benefit from comprehensive, customisable coverage. These standalone products could function as holistic risk management tools, addressing both current and emerging exposures, including intellectual property disputes, cybersecurity incidents, and evolving regulatory requirements. Customisable policy structures would allow firms to tailor coverage to high-risk applications, such as AI-driven healthcare, financial services, or automated decision-making systems. A well-designed AI insurance policy can thus help businesses transfer both foreseeable liabilities and hard-to-quantify uncertainties inherent in advanced AI deployments.

Source: Jesus Gonzalez, Aon Commercial Risk Solutions, and the Geneva Association

A shift towards standalone AI insurance would mirror the path of cyber insurance, where new exposures outgrew traditional product structures and catalysed the development of standalone cyber coverage. Such AI insurance is expected to provide comprehensive coverage for businesses creating or integrating AI in their operations, as well as those using AI peripherally.

Deloitte US predicts that AI insurance (both standalone and extensions) could be a USD 4.7 billion market globally by 2032.45 It may take years, however, to determine whether Gen AI risks will be insured as standalone products, as part of cyber insurance, or incorporated into existing property and liability products.

Overall, insuring Gen-AI-related risks poses manifold challenges. To address these, the insurance industry must innovate, even if the preferred structure of solutions for Gen AI risks, especially tailored policies, remains uncertain. Insurers should also collaborate with other stakeholders, including regulators and policymakers, on ways to overcome barriers to insurability.

While insurance can help manage Gen AI risks, effective strategies should start with assessing their unique characteristics – such as biased or misleading outputs, data quality problems, cybersecurity vulnerabilities, and system integration failures – rather than assuming insurance transfer as the default. A balanced approach combines avoidance, mitigation, retention, and transfer, with insurance as only one component of this broader toolkit. Over-reliance on insurance alone risks discouraging critical safeguards, including bias detection and correction, robust validation of model outputs, strong data governance, and secure system design. Proactive measures such as these not only reduce the likelihood and severity of Gen AI failures but also make residual risks more insurable. By integrating risk avoidance and mitigation with transfer, businesses and insurers can ground discussions of insurability in practical strategies that strengthen both resilience and trust in Gen AI adoption.

This report provides new insight on how business insurance customers use Gen AI, perceive related risks, and their demand for Gen AI insurance coverage. The pervasive adoption of Gen AI in business comes with novel and amplified risks, including data security breaches, third-party liability exposures, privacy violations, and intellectual property issues. The survey of business insurance customers across the six largest insurance markets worldwide confirms that nearly all are using Gen AI in some form and consider it somewhat valuable, but many also encounter significant challenges and risks, including cybersecurity concerns or inaccurate or misleading AI-generated outputs.

The survey reveals strong demand for insurance: over 90% of businesses indicate they need coverage for Gen-AI-related losses, and more than two thirds would pay higher premiums to obtain it. Cybersecurity threats and liability to customers or suppliers emerge as the primary concerns for businesses seeking Gen AI coverage.

On the supply side, we find that Gen AI poses serious challenges to traditional insurance models. The complexity of AI systems and the need to validate these based on the predictive benefit, as well as the potential for spreading misinformation, copyright infringement, or AI-generated fraud, make losses hard to predict, diversify, or cap. Nonetheless, while Gen AI risks challenge many classical insurability criteria, these risks could become progressively insured through innovative underwriting, advanced risk assessment models, and close cooperation with technology and regulatory stakeholders.

Insurers are already extending existing products and developing new ones to address these risks. Traditional lines such as cyber liability and professional-liability (E&O) insurance are being expanded to cover AI-specific exposures (for example, deepfake cyberattacks or erroneous AI-driven outputs), and specialised standalone AI policies are emerging that bundle multiple Gen AI coverages into a single contract. Such dedicated AI liability products protect against losses linked to algorithmic errors, discriminative and biased outputs, or accountability and liability negligence.

Breakthrough technologies such as electricity, the internet, and mobile phones all faced uncertain pathways to insurability, with coverage evolving only as risks became clearer. Gen AI stands at a similar juncture: its dominant insurance form is still undefined. Box 8 reflects on these historical lessons, suggesting that Gen AI insurance may follow a trajectory akin to early cyber insurance – starting cautiously, then expanding as insight and confidence grow. We urge insurers to actively engage with insuring Gen AI risks by starting with scenario modelling and piloting products, instead of waiting for perfect data.

Looking forward, as Gen AI technology matures and its applications broaden, the pool of insurable risks is also expected to expand. This will be driven by broader and deeper applications of Gen AI in business processes across various industries, and insurers gradually learning about the probability distributions associated with Gen AI risks and accumulating know-how and expertise to insure them. At the same time, ongoing advances in Gen AI (improving accuracy and safety) may gradually mitigate some hazards, potentially stemming the need, incrementally, for insurance over time.

Source: Contributed by Paul Lloyd, AIA Group

Our analysis also highlights notable geographic differences. China and the US currently lead in Gen AI usage and show greater willingness to pay for AI-related insurance, whereas markets such as Germany, France, and Japan have been slower to adopt Gen AI and exhibit lower demand.

Insurance is only one part of managing Gen AI risks. Effective strategies must begin with assessing exposures such as biased outputs, cybersecurity vulnerabilities, and system integration failures, and then applying a mix of avoidance, mitigation, retention, and transfer techniques. Safeguards like bias detection, output validation, and secure data governance reduce the frequency and severity of failures, making residual risks more insurable. Combining these proactive measures with insurance creates stronger resilience and a more balanced foundation for the insurability of Gen AI risks.

Based on these findings, incumbent insurers are advised to take a proactive stance toward Gen AI. We recommend that insurers actively develop new and refine existing insurance solutions to accommodate Gen AI risks – for example, by enhancing coverage for misinformation liability, intellectual property disputes or AI-driven operational failures – and continuously adapt underwriting as Gen AI usage grows. By doing so, insurers not only protect their commercial clients but also stand to create new revenue streams and reinforce their role in absorbing emerging technological risks. Insurers should collaborate with technology developers, insured firms, and regulators to establish common standards for AI risk management and accountability, ensuring that evolving Gen AI risks are transparently and effectively insured.

Finally, our analysis offers a snapshot of Gen AI adoption and risk perceptions as of early 2025, based on a survey of 600 business customers in six selected markets. Future research may investigate how these dynamics unfold as the technology evolves. The insurability assessment is necessarily conceptual at this stage, since legal and technical standards for Gen AI are still in flux. This report also focuses solely on Gen-AI-induced risks for commercial enterprises; however, Gen AI may also introduce societal risks, such as election-related deepfakes or declining public trust, which warrant separate investigation.

Future research should monitor Gen AI’s development over time, with a particular focus on distinguishing between applications and risks that are fast maturing and those which remain nascent and ill-defined. Such monitoring will be crucial for adapting insurance products, pricing models, and regulatory approaches to the rapidly changing AI landscape.

In the field of Gen AI risks, what we know is much less than what we do not know. What we know is that Gen AI will introduce risks but it is not clear how fast Gen AI technology will develop and how it will shape the boundaries of insurability. Future insurance research should explore the evolving nature of Gen AI, assess the pace of its technological maturity, and address emerging risks to develop responsive insurance solutions.

TABLE 5: AI-INDUCED RISKS

Source: Eling46

FIGURE 15: GEN-AI-INDUCED RISKS

Copy link to this sectionDownload

Source: Adapted from McKinsey47
 

There is also a framework to describe Gen-AI-induced risks that includes contract risk, tort risk, regulatory developments, intellectual property rights, deceptive trade practice risk, discrimination and defamation, and cybersecurity risk.48 Furthermore, Aon has created a matrix (see Table 4), which outlines common coverage starting points for basic available coverage and exposes significant gaps in existing insurance.

TABLE 6: INSURABILITY OF GEN AI RISKS (EXTENDED)

Green: Minimal challenges to insurability; Yellow: Some challenges to insurability; Red: Violation of insurability under traditional insurance models 

Source: Geneva Association