AI Agent Insurance in Europe: The Complete Market Guide 2026

By Future Proof Intelligence 14 June 2026 Reading time: 22 minutes

Key takeaways

As of June 2026, no licensed European-native carrier sells a standardised AI agent liability policy to small and mid-sized operators off the shelf. The live market is early, enterprise-first, and routed through Munich Re aiSure (performance cover), HSB (small-business product, US-first), Armilla (Lloyd's coverholder, AI liability and performance), Counterpart (affirmative AI professional liability), and bespoke Lloyd's syndicate capacity. Swiss Re and SCOR provide reinsurance that underpins primary carriers. The AIUC-1 certification standard, used by ElevenLabs for the first AI agent policy in February 2026, is the evidence layer that unlocks coverage. Most operators' existing policies (cyber, errors and omissions, general liability) now carry explicit AI exclusions.

The legal exposure is widening simultaneously. The EU AI Act (Regulation (EU) 2024/1689) loads deployer duties with penalties up to EUR 35 million or 7% of global turnover under Article 99. The revised Product Liability Directive (Directive (EU) 2024/2853) brings AI inside strict liability from 9 December 2026. The Digital Omnibus provisional agreement of 7 May 2026 may defer high-risk Annex III obligations to 2 December 2027, but it is not yet adopted, so the original 2 August 2026 date remains legally binding.

The reliable path to coverage follows one sequence: document the agent, complete a structured governance assessment aligned to AIUC-1, ISO/IEC 42001, or the NIST AI Risk Management Framework, then approach the market with that evidence. The same documentation satisfies underwriters and regulators. Future Proof Intelligence publishes this as an independent reading of the market and is not an insurer or a broker.

In this guide

The honest state of the market Carrier map: who writes what Munich Re aiSure and HSB Armilla and the Lloyd's route AIUC-1 and the ElevenLabs model Counterpart: affirmative AI cover Swiss Re and SCOR: the reinsurance layer Coverage types and gaps Pricing benchmarks The regulatory exposure landscape Certification-to-coverage pathway Frequently asked questions

Deep-read articles in this cluster

The honest state of the market

The European AI insurance market in mid-2026 is real but narrow. The question most operators carry into it, "where do I buy the policy," does not yet have a clean answer. No licensed insurer domiciled in the European Union sells a standardised, off-the-shelf AI agent liability product that a small or mid-sized operator can purchase directly from a website. What exists is enterprise-first, structured through the London market or managing general agents, and in several cases first distributed in the United States.

That is not the same as saying nothing is available. The correct statement is more specific: cover can be obtained, but it requires a broker, it is negotiated rather than bought off the shelf, and the conditions attached to it are documentation requirements that most operators are not yet meeting. The EIOPA February 2026 survey of European insurance undertakings found that most large European carriers are monitoring the AI line but have not yet launched a dedicated AI agent product, and that pricing uncertainty driven by absence of claims data is the single most cited reason for hesitation. See the EIOPA February 2026 AI survey analysis for the full picture.

The result is a market at the same early stage that cyber liability occupied in the mid-2000s: real demand, early capacity, and a documentation requirement that most buyers have not yet met. The operators who engage with that documentation requirement now will be the ones with both regulatory standing and insurance access when the market matures.

Carrier map: who writes what

Understanding what each name in the market actually is (a carrier, an MGA, a reinsurer, or a standard) resolves most of the confusion about AI insurance coverage. The table below is a structured read of each party. For a live view of market movements, the European AI agent insurance market tracker is updated as conditions change.

Name What it is Status What it covers European operator access
Munich Re aiSure Carrier (global reinsurer and specialty insurer) Live, enterprise First-party AI performance cover. Pays when AI underperforms an agreed specification Via Munich Re specialty teams and delegated brokers
HSB (Hartford Steam Boiler) Carrier, Munich Re group company Live US; EU availability unconfirmed Standalone small-business AI liability. First launched March 2026 in the United States Not yet confirmed as an EU off-the-shelf product. Verify with a broker
Armilla Managing general agent (MGA) and Lloyd's coverholder Live, enterprise and mid-market AI liability and AI performance. Governance evidence required. Substantial reported programme limits for larger placements Reachable in Europe through a specialist broker with Lloyd's market access
Counterpart Managing general agent (MGA) Live, mid-market and enterprise Affirmative AI coverage on management liability, D&O, and professional liability lines. Explicit AI cover rather than exclusions Via specialist brokers; primarily US-originated but applicable to EU operators through London market access
Lloyd's of London syndicates Insurance market (capacity from multiple syndicates) Live, bespoke placements Tailored AI liability programmes above minimum premium. Assessment evidence (AIUC-1 or equivalent) typically required Cross-border access for EU operators via Lloyd's passporting; requires specialist broker placement
Swiss Re Reinsurer Live as reinsurance capacity; not a direct purchase path Reinsurance supporting primary carriers' AI liability lines. AI-specific scenario modelling shared with cedants Indirect: Swiss Re capacity underpins the primary carriers above. Operators cannot buy from Swiss Re directly
SCOR Reinsurer (Paris-based, EU-domiciled) Live as reinsurance capacity EU-domiciled reinsurance capacity for AI-related lines. Developing AI underwriting frameworks for cedants Indirect, as with Swiss Re. Supports primary and MGA capacity from a European balance sheet
AIUC-1 Certification standard (Artificial Intelligence Underwriting Company) Live as a standard since mid-2025 Not cover itself. Adversarial assessment across 6 dimensions that underwriters use to decide whether and on what terms to write Jurisdiction-neutral standard; the capacity behind it is Lloyd's market and US
AXA, Allianz, Zurich and peers Large EU-domiciled carriers Developing; no dedicated AI agent product yet AI exposure currently inside existing PI, cyber, and product liability wordings (often with exclusions) EU-domiciled but not yet selling a dedicated product

For a complete structured analysis of every player and their underwriting criteria, read the AI liability insurance market map. For the specific question of who operates in Europe and how to reach them, see who insures AI agents in Europe.

Munich Re aiSure and HSB: the Munich Re group position

Munich Re is the most developed name in AI insurance, and it approaches the line from two distinct angles. aiSure, written through Munich Re's specialty operations, is performance insurance structured around a measurable trigger: cover responds when an AI system performs below a defined and agreed specification, rather than requiring the buyer to prove a chain of legal fault back to an insured event. The performance trigger makes aiSure cleaner to claim than ordinary liability cover, but it demands precision at placement. The buyer must define and document the performance standard the policy measures against, and that definition has to be specific enough that both parties can agree after the fact whether it was met.

For a European operator deploying an autonomous agent, aiSure functions as a first-party performance layer. It does not by itself answer the third-party liability question: what happens when a harmed customer brings a claim. A complete programme typically combines aiSure performance cover with a separate third-party liability layer. For the detailed mechanics and European applicability, see the Munich Re aiSure parametric AI insurance analysis.

HSB (Hartford Steam Boiler), part of the Munich Re group, launched a standalone small-business AI liability product in March 2026, first available in the United States. The product is US-distributed and its European availability is unconfirmed. The significance for a European operator is not current accessibility, but the signal it sends. A Munich Re group entity has concluded that AI liability can be packaged as an affordable, standardised small-business product. The underwriting logic and pricing structure HSB is building with US claims data will inform how the Munich Re group eventually enters the European small-business market. Operators should monitor this and verify territorial availability with a specialist broker.

Armilla and the Lloyd's route

Armilla is currently the clearest route to purpose-built AI agent cover for mid-market European operators, and understanding its structure is essential before approaching it. Armilla is a managing general agent and a Lloyd's coverholder. It does not carry the risk on its own balance sheet; it underwrites with delegated authority from Lloyd's syndicate capacity. It writes substantial programme limits for larger placements, and the specific figure should be confirmed with a broker before relying on it. Because Lloyd's writes across Europe on a cross-border basis under passporting arrangements, the capacity is reachable by EU-based operators through a specialist broker, even though Armilla is not EU-domiciled.

The condition Armilla attaches to its quotes is governance evidence. It pairs underwriting with an assessment of the agent, typically aligned to the AIUC-1 standard. An operator without documented governance is likely to face either a declination or a quote with heavy AI-specific exclusions and sublimits. The practical implication is clear: Armilla is accessible to operators who have documented their agents; it is not accessible to those who have not. Read the full analysis in Armilla and Lloyd's: AI coverage in the European market.

Beyond Armilla, Lloyd's capacity for bespoke AI programmes is available from individual syndicates for enterprise placements above a meaningful minimum premium. These are not published products; they are arranged individually. The Lloyd's market is how most of the world's early cyber liability cover was written before the market standardised, and AI liability is following a similar trajectory. The Lloyd's of London AI insurance capacity analysis maps the syndicate landscape in detail.

AIUC-1 and the ElevenLabs model

AIUC-1 is a certification standard for AI agents developed by the Artificial Intelligence Underwriting Company. It evaluates an agent through adversarial testing across six dimensions: data and privacy, safety, security, reliability, accountability, and societal impact. It is designed to sit on top of existing controls (SOC 2, ISO 27001) rather than replace them, and it carries a regular update cadence as agent capabilities evolve. AIUC-1 is not an insurer. It is the assessment that underwriters use to decide whether, and on what terms, to write a policy.

In February 2026, ElevenLabs secured the first AI agent insurance policy structured around AIUC-1, for its voice agents. The detail of that specific policy matters less than the template it proves: an agent is independently assessed against a published standard, the assessment produces structured evidence, and that evidence is what makes an insurer willing to write. For European operators the lesson is portable even if the exact policy is not. The assess-then-insure sequence is becoming the market's de facto requirement. For the full read of what AIUC-1 involves and what the ElevenLabs transaction proves for the European context, see AIUC-1 and the ElevenLabs policy: European implications.

The market is settling on a single sequence. Assess the agent against a recognised standard, document what it does and how it is controlled, and take that evidence to the carriers. The operators who have completed that sequence are the ones who can obtain cover at a sensible price. Those who have not will face exclusions, sublimits, or declination.

The broader effect of AIUC-1 on the market is documented in the AI agent certification and insurance eligibility analysis. The premium impact of certification is not marginal: underwriters consistently report that documented governance reduces the rate, and that absence of documentation is the primary reason for AI-specific loading or exclusions at renewal.

Counterpart: affirmative AI coverage on professional liability

Counterpart is a managing general agent writing affirmative AI coverage on management liability, directors and officers (D&O), and professional liability lines. Its significance in the European AI insurance context is its approach to wording: rather than relying on the ambiguous silence of a traditional professional liability policy toward AI, Counterpart writes policies with explicit, affirmative AI coverage. Where most insurers are adding AI exclusions at renewal, Counterpart is building in explicit coverage.

For an enterprise deploying AI agents in a professional services context (financial advice, legal support, healthcare decision support, compliance monitoring), Counterpart's professional liability framing is often the most natural fit, because the harm pattern (wrong output acted on by a professional or relayed to a client) is close to the harm pattern that professional liability was originally designed for. The Counterpart affirmative AI coverage guide walks through what the product covers, how to structure a submission, and how it sits alongside other elements of a programme.

Swiss Re and SCOR: the reinsurance layer that makes the market possible

Swiss Re and SCOR do not sell directly to AI operators. They matter to operators because their willingness to absorb reinsurance risk determines how much primary capacity can be deployed. Without reinsurance confidence, primary carriers and MGAs pull back their limits or exit the line. The current state of the European AI insurance market (narrow, enterprise-first, requiring governance evidence) reflects in part the reinsurance community's caution about AI as an unpriced risk category.

Swiss Re has published scenario modelling on AI liability, and its engagement with the risk is more developed than most primary European carriers. SCOR, based in Paris, is an EU-domiciled reinsurer developing AI-specific underwriting frameworks for its cedants. Both matter as signals: the primary market for AI agent liability in Europe will scale when Swiss Re and SCOR are comfortable offering reinsurance at meaningful limits to European primary carriers. Current trajectory suggests this begins moving in 2026 and 2027. For the reinsurer perspective on the market, read Swiss Re and SCOR: European reinsurer AI liability market 2026.

Coverage types: what is available, what is not, and where the gaps are

The available coverage in 2026 maps onto four categories. The gaps between them are as material as the categories themselves. For the most complete read of the agentic AI coverage gap specifically, see agentic AI autonomous actions: the coverage gap in Europe 2026.

Third-party errors and omissions

This is the core of what purpose-built AI agent cover addresses: an AI agent gives advice or takes an action that causes financial harm to a customer, counterparty, or third party. The agent's recommendation is relied upon, the agent commits the operator to something outside its authority, or the agent makes a decision the customer suffers from. Traditional errors and omissions or professional indemnity is often the best existing coverage path, but through 2025 and 2026 insurers are adding AI exclusions to these lines at renewal. The detailed analysis of what those exclusions say and how to read them is in AI errors and omissions insurance: the 2026 bifurcation and AI exclusions in cyber and E&O policies.

Regulatory defence costs

This covers the legal cost of defending an investigation under the EU AI Act or a related supervisory process. A crucial limit applies here: administrative fines under the AI Act are generally not insurable as a matter of public policy in most EU member states, while the cost of legal representation during the investigation usually is. A policy that pays defence costs does not pay the fine. Operators should not assume a liability programme transfers the fine risk; it more realistically transfers the investigation cost. The financial exposure from an Article 99 penalty (up to EUR 35 million or 7% of global annual turnover for prohibited-practice violations) is a compliance risk, not a transferable insurance risk, in most EU jurisdictions.

First-party performance cover

This is the aiSure structure: the operator's own costs when the AI system underperforms against an agreed specification, independent of any third-party claim. It is the cleanest trigger mechanism in the market and the one that requires the most precise documentation at placement. For an operator running an AI agent that delivers a measurable output (a decision score, a classification, a recommendation with an expected accuracy rate), performance cover is a natural fit. For operators where the agent output is less easily quantified, the performance trigger is harder to define and the product is harder to buy.

Privacy and data liability

Where an agent processes, mishandles, or exposes personal data, the existing cyber market responds. Cyber covers the data event. The gap this creates is specific: a financial loss caused by an AI agent giving wrong advice, where no data breach occurred, does not trigger cyber cover. The cyber-AI gap is one of the most common surprises operators encounter when they check whether their existing programme actually responds to an AI incident. The decision framework for navigating PI versus cyber versus dedicated AI cover is set out in the PI, cyber, and AI coverage decision guide for Europe.

Gaps that remain largely uncovered

The most significant uncovered category is AI-caused physical harm: an agent controlling a physical system (industrial, medical, automotive) that causes injury or property damage. Standalone cover for this is rare and is more likely to be structured under product liability than a dedicated AI policy. The revised Product Liability Directive (Directive (EU) 2024/2853) from 9 December 2026 changes the legal framework here but does not automatically create an insurance product. The agentic gap, covering a fully autonomous multi-step agent that makes a chain of consequential decisions without human sign-off at each step, is also largely unsettled in current wordings and is the frontier the market is working toward. For a structured analysis of first-party versus third-party AI liability structures, see first-party vs third-party AI liability coverage in Europe.

For AI deployments in regulated sectors, the coverage landscape is further complicated by sector-specific regulation. The DORA and AI systems insurance analysis covers financial services, and the AI insurance for healthcare providers under EU AI Act Annex III covers the high-risk healthcare context where both regulatory exposure and coverage complexity are at their highest.

Pricing benchmarks for European operators

Published benchmarks in 2026 show the market has a wide distribution rather than a settled rate. The variability is not arbitrary: it reflects the single most variable factor in AI insurance, which is documentation quality. An operator who can demonstrate what the agent does, how it is tested, what human oversight it operates under, and what its incident history looks like will receive a materially different quote than an operator who cannot. For a full set of published benchmarks and the methodology behind them, see AI liability insurance pricing benchmarks 2026.

Operator profile Limit Indicative annual premium range Primary factor
Small-medium operator, documented low-risk agent, non-regulated sector USD 1M USD 5,000 to USD 15,000 Governance documentation quality
Small-medium operator, undocumented or partial documentation USD 1M USD 15,000 to USD 35,000 or declination Documentation gap, AI exclusion loading
Enterprise, documented, general sector USD 5M USD 30,000 to USD 80,000 Sector, agent scope, claims data available
Enterprise, high-risk sector (financial services, healthcare) USD 5M USD 80,000 to USD 200,000+ Regulatory exposure, Annex III classification, audit history
Bespoke Lloyd's placement, assessed agent USD 10M+ Individually negotiated, minimum premium applies Underwriter judgement, governance evidence, incident history

All figures above are directional benchmarks from available market data as of June 2026 and should be verified with a specialist broker for a specific placement. The most reliable generalisation is that a structured governance assessment aligned to AIUC-1, ISO/IEC 42001, or the NIST AI Risk Management Framework consistently reduces the quoted rate and the number of AI-specific exclusions attached to the policy. For a detailed walkthrough of what a broker will ask for and how to prepare an effective submission, see preparing an AI agent underwriting submission in Europe.

Renewal dynamics are also worth tracking. Operators who bought traditional programmes before the 2025 and 2026 AI exclusion wave are discovering at renewal that the cover they believed they had is now explicitly removed. For a structured read of what changes at renewal and how to negotiate affirmative AI wording, see AI insurance policy renewal 2026: what changes and how to read an AI agent liability exclusion at policy renewal.

The legal case for deliberate AI insurance coverage rests on three real instruments and two illustrative cases. Each is worth citing precisely, because the specifics matter for understanding what is and is not insurable.

EU AI Act (Regulation (EU) 2024/1689)

The AI Act assigns operating duties to deployers. The literacy obligation under Article 4 and the prohibited-practice prohibitions under Article 5 have applied since 2 February 2025. Article 50 transparency, requiring disclosure to users when they interact with an AI system and labelling of AI-generated content, applies from 2 August 2026. For high-risk AI systems (Annex III), the full obligations in Articles 9 to 17 and the deployer duties under Article 26 apply, including human oversight requirements under Article 14, risk management systems (Article 9), technical documentation (Article 11), automatic event logging (Article 12), and post-market monitoring (Article 72 for deployers of high-risk systems).

Penalties under Article 99 reach up to EUR 35 million or 7% of global annual turnover for prohibited-practice violations, EUR 15 million or 3% for violations of other Act provisions, and EUR 7.5 million or 1.5% for providing incorrect information to supervisory authorities. These fines are generally not insurable as a matter of public policy in most EU member states. Regulatory defence costs (the legal cost of the investigation) usually are insurable; the fine itself usually is not.

The timeline is genuinely uncertain and should be stated accurately. The legally binding dates as of June 2026 are 2 August 2026 for standalone high-risk systems (Annex III) and 2 August 2027 for high-risk systems embedded in regulated products (Annex I). On 7 May 2026 the Council and Parliament reached a provisional political agreement under the Digital Omnibus to defer these to 2 December 2027 and 2 August 2028. As of June 2026, this agreement is not yet adopted and not yet published in the Official Journal. It is a proposal, not law. The original August 2026 date remains legally binding until formal adoption. Article 50 transparency obligations and the Product Liability Directive timeline are not affected by the Omnibus proposal.

Revised Product Liability Directive (Directive (EU) 2024/2853)

The revised PLD brings software and AI systems inside strict product liability for products placed on the market after 9 December 2026, with national transposition due on the same date. It eases claimants' burden of proof for opaque AI systems through rebuttable presumptions of defectiveness: where a claimant faces disproportionate difficulty in proving how an AI system behaved, the court may presume defectiveness. This is particularly significant for AI agents operating in complex pipelines where audit trails are incomplete. For the coverage readiness implications, see Product Liability Directive 2024: AI coverage readiness.

The EIOPA position

The EIOPA Opinion on AI governance and risk management (EIOPA-BoS-25-360, 6 August 2025) situates AI within the existing regulatory framework (Solvency II, IDD, DORA, GDPR) and articulates governance expectations for insurers using AI. For operators seeking cover, its practical effect is to explain why underwriters increasingly ask for governance evidence: EIOPA has told the insurance sector that AI governance is a supervisory expectation, and that expectation flows into underwriting criteria. The EIOPA February 2026 AI survey analysis documents how European insurers are responding to this guidance.

Case law signals

Two cases from general law (neither is an AI Act ruling) illustrate how existing liability frameworks are already reaching AI outputs. In Moffatt v. Air Canada (Civil Resolution Tribunal, British Columbia, 2024) a tribunal held the airline liable for its chatbot's incorrect statement about bereavement fares, even though Air Canada argued the chatbot was a separate entity for which it bore no responsibility. The tribunal rejected that argument: the operator answers for what the AI tells users. In Mata v. Avianca (22-cv-1461, S.D.N.Y., 2023) the court sanctioned counsel for filing legal briefs citing fabricated AI-generated cases. The lesson is the same: organisations answer for what their AI outputs produce, under existing frameworks, before any AI Act enforcement begins. For AI compliance documentation that supports both regulatory and insurance evidence chains, see AI compliance documentation and the insurance evidence chain.

The certification-to-coverage pathway

The market has converged on a reliable sequence from an undocumented agent to a placed programme. For the full structured analysis of how certification maps to insurance eligibility and premium, read AI agent certification, insurance eligibility, and premium impact 2026. The pathway below synthesises that analysis into an operating sequence.

Stage What to produce Who uses it What it unlocks
1. Document the agent Agent description (purpose, model, scope, user base), pre-deployment test results, human oversight mechanism, incident log Broker, underwriter, and regulator Baseline insurable risk. Without this, most carriers will decline or load heavily
2. Governance assessment Structured assessment aligned to AIUC-1, ISO/IEC 42001, or NIST AI RMF. Six-dimension or seven-dimension evaluation with scored evidence Armilla, Lloyd's syndicates, Counterpart, Munich Re channels Access to purpose-built AI cover; removes AI-specific exclusions; meaningful rate reduction
3. Check existing coverage Current policies reviewed for AI exclusion wording (Verisk ISO CG 40 47/48 on GL; AI riders or exclusions on E&O and cyber) Broker Identifies gaps before a loss; determines whether affirmative AI wording or new product is the next step
4. Programme design First-party performance cover (aiSure or equivalent) plus third-party liability (PI or E&O with affirmative AI wording) plus regulatory defence costs Broker and underwriters Full coverage stack matched to actual risk profile
5. Maintain and renew Incident log updated; governance assessment refreshed at each renewal; material changes to the agent disclosed promptly Underwriter at renewal Renewal without additional loading; documentation of changes prevents coverage disputes

The evidence this sequence produces serves two purposes simultaneously. The documentation that satisfies an underwriter at stage 2 is materially the same as the documentation the EU AI Act requires for a high-risk system under Articles 9 to 17. An operator who builds the governance evidence once has both their insurance submission and their regulatory compliance record. That dual-use quality is the practical reason a readiness assessment is not overhead; it has a measurable return at the next renewal and at the next supervisory inquiry.

For the practical how-to of preparing the submission an underwriter actually needs, see preparing an AI agent underwriting submission in Europe. For the specific professional indemnity coverage architecture, see professional indemnity for AI agents in Europe. For the European corporate insurance framing at scale, see European enterprises and AI liability coverage.

For a current status read of the live AI agent liability risk landscape across sectors and agent types, the Agent Liability Risk Index at agentliability.co tracks risk by sector and deployment pattern and is updated on a rolling basis.

Frequently asked questions

What is AI agent insurance and why does Europe need it?

AI agent insurance is coverage that responds when an autonomous AI system causes a loss: wrong advice acted on by a user, an action the agent took that harms a third party, a regulatory investigation under the EU AI Act, or an AI system that underperforms against its agreed specification. Europe needs a dedicated answer because the existing insurance stack (cyber, errors and omissions, general liability) was written before autonomous agents existed, and through 2025 and 2026 insurers have been adding explicit AI exclusions at renewal. The EU AI Act (Regulation (EU) 2024/1689) and the revised Product Liability Directive (Directive (EU) 2024/2853) are widening deployer liability simultaneously. The gap between expanding exposure and narrowing traditional cover is the market this guide maps.

Which carriers write AI agent insurance for European operators in 2026?

As of June 2026 the active names for European operators are: Munich Re (aiSure, for AI model performance), HSB (Hartford Steam Boiler, part of the Munich Re group, launched a standalone small-business AI liability product in the US in March 2026), Armilla (a managing general agent and Lloyd's coverholder writing AI liability and performance cover), Counterpart (an MGA writing affirmative AI coverage for professional liability), Lloyd's of London syndicates (bespoke capacity for larger placements, often requiring AIUC or equivalent assessment), and Swiss Re and SCOR (reinsurance capacity that supports primary carriers, not a direct purchase path for operators). No EU-domiciled licensed carrier sells an off-the-shelf AI agent liability policy to small and mid-sized operators as of this date.

What does AI agent insurance cover in Europe?

Cover available in 2026 falls into four categories. First, third-party errors and omissions: an AI-generated recommendation or action that causes financial harm to a customer or counterparty. Second, regulatory defence costs: the legal cost of defending an EU AI Act investigation (administrative fines are generally not insurable under EU public policy while defence costs usually are). Third, first-party performance cover: pays when an AI system underperforms against an agreed specification, the structure behind Munich Re aiSure. Fourth, privacy and data liability: where an agent mishandles personal data, overlapping with cyber. AI-caused physical harm is rarely available as a standalone product and is more likely reached through product liability under Directive (EU) 2024/2853.

How much does AI agent insurance cost in Europe?

Benchmarks for 2026 show a range from roughly USD 5,000 to USD 15,000 annually at USD 1 million in limits for a documented low-risk agent in a non-regulated sector, rising to USD 15,000 to USD 35,000 or outright declination for undocumented deployments, and USD 80,000 to USD 200,000 or more for enterprise deployments in high-risk regulated sectors. The single largest pricing factor an operator can influence is documentation quality: a governance assessment aligned to AIUC-1, ISO/IEC 42001, or the NIST AI Risk Management Framework consistently reduces the rate. All figures are directional; verify with a specialist broker.

What is AIUC-1 and how does it connect to getting insured?

AIUC-1 is a certification standard for AI agents developed by the Artificial Intelligence Underwriting Company. It evaluates an agent through adversarial testing across six dimensions: data and privacy, safety, security, reliability, accountability, and societal impact. It is not an insurer; it is the assessment that underwriters (particularly those writing via Armilla and relevant Lloyd's syndicates) require to price a risk. In February 2026 ElevenLabs secured the first AI agent insurance policy structured around AIUC-1, for its voice agents, proving the assess-then-insure model. Operators who have completed AIUC-1 assessment or equivalent typically access better terms and fewer exclusions.

What does Armilla actually do, and how does a European operator access it?

Armilla is a managing general agent (MGA) and Lloyd's coverholder. It underwrites AI liability and performance cover using delegated authority from Lloyd's syndicate capacity. It writes substantial programme limits for larger placements, with the specific figure to be confirmed with a broker. Armilla requires governance evidence, typically AIUC-1-aligned assessment, as part of underwriting. The capacity is reachable by EU operators through a specialist broker with Lloyd's market access, even though Armilla is not EU-domiciled.

What are the biggest coverage gaps for AI agents in European policies?

The main gaps are: financial harm from an AI agent's wrong output where no data breach occurred (cyber pays for the data event, not the advice loss); AI-caused physical harm without a product liability programme extended to AI systems; first-party losses when an AI system underperforms without a performance trigger; and regulatory defence costs when a standard PI or cyber policy carries an AI exclusion at renewal. Administrative fines under the AI Act (up to EUR 35 million or 7% of global turnover under Article 99) are generally not insurable under EU public policy. The agentic gap (fully autonomous multi-step agent actions) is the least settled area of current wordings.

How does the EU AI Act change what a European AI operator needs to insure?

The EU AI Act (Regulation (EU) 2024/1689) loads operating duties onto deployers. Literacy and prohibited-practice obligations (Articles 4 and 5) apply from 2 February 2025. Article 50 transparency applies from 2 August 2026. For high-risk uses, Articles 9 to 17 and Article 26 deployer obligations apply. The Digital Omnibus provisional agreement of 7 May 2026 may defer high-risk Annex III obligations to 2 December 2027, but is not yet adopted. The original 2 August 2026 date remains legally binding. Separately, the revised Product Liability Directive (Directive (EU) 2024/2853) brings AI inside strict liability from 9 December 2026. Together these require both compliance documentation and deliberate insurance coverage.

What is the certification-to-coverage pathway for a European AI operator?

The pathway runs in four stages: document the agent (purpose, model, testing, oversight, incident history); run a structured governance assessment aligned to AIUC-1, ISO/IEC 42001, or the NIST AI Risk Management Framework; approach the market with that assessment evidence (Armilla and relevant Lloyd's syndicates require this to quote; Munich Re channels and Counterpart will use it in pricing); and place a programme combining third-party liability (PI or E&O with affirmative AI wording), first-party performance cover, and regulatory defence cover. The evidence produced serves both the insurance submission and the EU AI Act compliance record simultaneously.

Does professional indemnity or cyber insurance cover AI agents automatically?

In most cases, no. Errors and omissions or professional indemnity was the best existing path, but through 2025 and 2026 insurers are adding explicit AI exclusions at renewal. Cyber covers data breaches but not a purely financial loss from an agent giving wrong advice without a data event. General liability covers bodily injury and property damage; the Verisk ISO generative AI endorsements (CG 40 47 and CG 40 48, January 2026 edition) now exclude losses arising from generative AI. The practical first step is to read each current policy for an AI exclusion before the next renewal, not to assume cover exists.

References

  1. Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 (Artificial Intelligence Act). In force 1 August 2024. Articles 4, 5 (prohibited practices from 2 February 2025), Article 50 (transparency from 2 August 2026), Articles 9 to 17 (high-risk obligations), Article 14 (human oversight), Article 26 (deployer obligations), Article 72 (post-market monitoring), Article 99 (penalties). Official Journal of the European Union L 2024/1689.
  2. Digital Omnibus on AI: provisional political agreement reached by the Council and European Parliament, 7 May 2026. Proposes deferral of Annex III high-risk obligations from 2 August 2026 to 2 December 2027 and Annex I obligations to 2 August 2028. Not adopted and not published in the Official Journal as of June 2026. The original dates in Regulation (EU) 2024/1689 remain legally binding until formal adoption.
  3. Directive (EU) 2024/2853 of the European Parliament and of the Council on liability for defective products (revised Product Liability Directive). Applies to products placed on the market after 9 December 2026; national transposition due 9 December 2026. Brings software and AI systems inside strict product liability; introduces rebuttable presumptions of defectiveness for opaque AI systems.
  4. EIOPA Opinion on Artificial Intelligence governance and risk management, EIOPA-BoS-25-360, 6 August 2025. Situates AI governance within Solvency II, IDD, DORA, and GDPR. Not new regulation; interpretive guidance for EU insurance undertakings.
  5. Munich Re aiSure: AI performance insurance structured around measurable performance triggers. Distributed through Munich Re specialty teams and delegated brokers. Confirm current programme terms and any partner-specific attributions with Munich Re directly.
  6. HSB (Hartford Steam Boiler), part of the Munich Re group. Standalone small-business AI liability product launched March 2026, United States distributed at launch. EU territorial availability not confirmed as of June 2026.
  7. Armilla, managing general agent and Lloyd's coverholder. AI liability and AI performance cover; substantial reported programme limits for larger placements, with the specific figure to be confirmed with a broker. Governance assessment (AIUC-1 or equivalent) required as part of underwriting.
  8. Counterpart Insurance: MGA writing affirmative AI coverage on management liability, D&O, and professional liability lines. Explicit AI cover rather than exclusion-based wording. Confirm current programme availability for EU operators directly.
  9. AIUC-1: certification standard for AI agents, developed by the Artificial Intelligence Underwriting Company. Adversarial assessment across six dimensions: data and privacy, safety, security, reliability, accountability, and societal impact. ElevenLabs secured the first AI agent policy structured on AIUC-1 (February 2026, voice agents). See aiuc.com and the AIUC-1 specification for current standard version.
  10. Lloyd's of London: insurance market with syndicate capacity for bespoke AI liability programmes. Cross-border passporting access for EU operators via specialist broker placement. Not a single insurer; capacity across multiple syndicates.
  11. Swiss Re: reinsurer providing capacity and scenario modelling for AI liability lines. Not a direct purchase path for operators. See Swiss Re Institute publications on AI risk for current modelling outputs.
  12. SCOR SE: Paris-based EU-domiciled reinsurer developing AI underwriting frameworks for cedants. Not a direct purchase path for operators. Confirm current AI reinsurance programme details directly.
  13. Verisk Insurance Services Office generative AI endorsements CG 40 47 and CG 40 48, January 2026 edition. CG 40 47 excludes Coverage A (bodily injury and property damage) and Coverage B (personal and advertising injury); CG 40 48 limits exclusion to Coverage B only. Applicable to commercial general liability forms.
  14. Moffatt v. Air Canada, Civil Resolution Tribunal, British Columbia, 2024. Airline held liable for its chatbot's incorrect statement about bereavement fare policy. The tribunal rejected Air Canada's argument that the chatbot was a separate entity. Illustrates existing-law deployer liability for AI outputs.
  15. Mata v. Avianca, Case No. 22-cv-1461, United States District Court, Southern District of New York, 2023. Court sanctioned counsel for filing legal briefs citing fabricated AI-generated case citations. Illustrates professional liability exposure from reliance on AI outputs, under existing law rather than AI Act frameworks.
  16. ISO/IEC 42001:2023, Information technology. Artificial intelligence. Management system. International standard for AI management systems. Referenced as a governance framework by underwriters and the EU AI Act guidance documentation.
  17. NIST AI Risk Management Framework (AI RMF 1.0), National Institute of Standards and Technology, January 2023. Voluntary framework for managing AI risks; referenced by underwriters alongside AIUC-1 and ISO/IEC 42001 as an acceptable governance baseline.
  18. For the structured readiness assessment and seven-dimension framework referenced above, see agentcertified.eu. For the live carrier and market tracker, see the European AI agent insurance market tracker on this site. For AI agent liability risk by sector and deployment pattern, see the Agent Liability Risk Index at agentliability.co. Future Proof Intelligence publishes this analysis as an independent reading of the market and is not an insurer, a broker, or a regulatory body.