What is the ISO CG 40 47 AI exclusion and how broad is it?

ISO CG 40 47, introduced in December 2023, is a commercial general liability endorsement that excludes bodily injury, property damage, personal injury and advertising injury caused directly or indirectly by any artificial intelligence. The exclusion is broad: it covers AI that operates autonomously, AI that assists human decision-making, and AI integrated into products or services. Where this endorsement applies, a CGL policy provides no cover for any harm caused by the insured's AI systems, regardless of whether the harm was foreseeable or the system was operating as designed.

By the Agent Insured Editorial Desk · Published 12 June 2026 · 11 minute read

How to read an AI agent liability exclusion at policy renewal

Q: What is the difference between ISO CG 40 47 and ISO CG 40 48?

ISO CG 40 47 is a broad total exclusion: it removes coverage for any loss caused directly or indirectly by artificial intelligence. ISO CG 40 48 is a limited exclusion that preserves coverage for AI that does not independently make decisions and does not autonomously operate without human oversight. The practical distinction for operators is whether your AI agent operates autonomously or requires human approval before taking consequential actions. Fully autonomous agents fail the CG 40 48 limited exclusion and fall back into the excluded category.

Q: What should I ask my broker about AI exclusions at renewal?

Ask five specific questions. First: does this policy include any AI-related exclusion endorsement, and if so, what is its reference number or title? Second: does the exclusion apply to AI that assists human decisions, or only to fully autonomous AI? Third: is there a distinction in the exclusion between AI that makes real-time decisions and AI used in back-office or analytical functions? Fourth: what would this policy pay out if our AI agent gave a customer incorrect information and the customer suffered a financial loss? Fifth: are there AI-affirmative coverage products this broker can place as a companion policy to close the gap identified by the answers to questions one through four?

Q: If I buy a standalone AI liability policy, does it replace my existing PI or cyber cover?

No. Standalone AI liability policies (from carriers including HSB, Armilla, and Counterpart) provide affirmative cover for AI agent errors and omissions as a new policy layer. They do not replace professional indemnity or cyber cover, which continue to provide their standard protection for non-AI errors and cyber events. The practical role of a standalone AI policy is to fill the gap created when a PI or CGL policy excludes or does not clearly cover AI agent outputs. The three policies work in parallel: PI for professional errors by humans, cyber for data and network events, and the AI policy for agent-specific outputs.

Insurance renewal documents contain more AI-related exclusion language in 2026 than at any previous point. The language is technical, varies by insurer and jurisdiction, and is rarely flagged explicitly in the renewal summary sent to policyholders. Understanding what a given clause actually covers, and what it removes, requires reading the endorsement directly. This guide identifies the four types of AI exclusion clause appearing in 2026 renewals, explains the specific phrases that determine scope, and provides the five questions to put to your broker before signing.

Key takeaways

ISO introduced two CGL AI exclusion endorsements in December 2023: CG 40 47 (broad total exclusion) and CG 40 48 (limited exclusion preserving cover for non-autonomous AI). Both are now appearing in European market equivalents. The difference between them is the difference between being fully uninsured for AI events and being partially covered.
The critical phrase in any AI exclusion is whether the exclusion applies to AI that "autonomously operates" or to AI more broadly. An agent that makes real-time decisions without human approval is autonomous under most definitions. An agent that presents a recommendation for human approval before acting is not.
Professional indemnity exclusions for AI typically focus on automated advice: advice generated by or based primarily on AI output without human professional review. These are appearing in renewals for lawyers, accountants, financial advisers, and technology professionals across the Lloyd's and European markets.
Cyber policies are adding AI-specific sublimits in 2026, not blanket exclusions. This creates a new dynamic: AI event costs may be capped at a lower sublimit than the policy's general cyber limit, even if the AI event was caused by a cyber security failure.
Where your renewal policy excludes or sublimits AI liability, a standalone AI errors and omissions product from HSB, Armilla, or Counterpart can fill the gap. The three products address different market segments and underwriting approaches. Selecting the right product requires understanding your AI deployment model, not just your revenue bracket.

Why AI exclusions are spreading through the renewal market

Insurers add exclusions when they cannot adequately price a risk within their existing rating models. The AI liability market in 2026 is exactly this situation: actuarial data on AI agent error frequency and loss severity is limited, model behaviour is difficult to audit at underwriting, and the legal theories for AI liability are still being established through case law. Rather than price unknown risk into the premium, most carriers in the general commercial market are adding exclusions to remove the exposure until better data emerges.

This is not a new dynamic. The cyber insurance market followed a similar path between 2010 and 2015: general liability and professional indemnity policies initially provided incidental cyber coverage, then exclusions were added, and finally a specialist cyber insurance market emerged to address the coverage gap with dedicated products and premium structures built on actual data. The AI liability market is on the same trajectory, approximately five years behind the cyber market in maturity.

For operators, the practical implication is that the coverage gap is widening right now. Policies written in 2022 or 2023 may still provide incidental AI coverage through their standard wording because the exclusions had not yet been introduced. Policies renewing in 2026 are being rewritten to remove that incidental coverage. An operator who assumes their current coverage position applies to their renewal without reading the new wording is taking a risk that many have discovered only after a claim.

The four exclusion types

Type 1: Total AI exclusion (broadest form)

A total AI exclusion removes coverage for any loss caused directly or indirectly by the use of artificial intelligence, regardless of whether the AI operated autonomously, whether humans were involved in the decision, or whether the loss was foreseeable. The ISO CG 40 47 endorsement for commercial general liability is the US standardised version of this form. European markets have developed equivalent wording without the ISO numbering.

The key indicator of a total AI exclusion is the phrase "directly or indirectly." If the loss can be traced in any part of the causal chain to an AI system, the exclusion applies. A human who reviewed and approved an AI recommendation before acting on it does not break the causal chain under most total exclusion wordings: the AI was still a contributing cause. Total exclusions are increasingly common in standard commercial general liability and public liability renewals.

Type 2: Autonomous operation exclusion (limited form)

An autonomous operation exclusion limits the excluded territory to AI that independently makes decisions or operates without human oversight. ISO CG 40 48 is the US standardised version. The preserved territory is AI that presents recommendations or information for human review before action is taken. An AI that generates a quotation which a human sales representative then delivers to a customer would typically fall outside this exclusion. An AI that sends the quotation directly to the customer without human review would typically fall within it.

The key indicators of an autonomous operation exclusion are phrases including "independently makes decisions," "operates without meaningful human oversight," or "takes actions without prior human authorisation." The boundary between covered and excluded can be narrow in practice: an AI that auto-schedules a customer appointment without human review is autonomous; an AI that suggests a scheduling option is not. The distinction matters when a claim arises.

Type 3: AI-generated professional output exclusion

Professional indemnity and errors and omissions policies are developing a third category of exclusion specific to AI-generated professional output: advice, recommendations, analyses, or documents generated primarily by AI without the exercise of independent professional judgment by a human professional. These exclusions are appearing in PI renewals for law firms, accountancy practices, financial advisers, and technology professionals.

The policy intent is to preserve coverage for professional work that is assisted by AI tools, such as a lawyer using AI to draft a first version of a contract and then reviewing it thoroughly, but to exclude coverage for work product that is AI-generated without substantive professional review. The practical difficulty is that the threshold for "substantive professional review" is undefined in most exclusion wordings, creating disputes in claims when the professional argues they reviewed the output and the insurer argues the review was insufficient.

Type 4: AI sublimit in cyber

Rather than excluding AI liability from cyber policies entirely, some markets are preserving coverage but imposing a lower sublimit specifically for AI-related events. An example structure is: the cyber policy has a EUR 5 million limit, but AI-related events are subject to a EUR 500,000 sublimit within that overall limit. This preserves some coverage while protecting the insurer against large AI-driven losses.

AI sublimits are appearing most commonly in technology sector cyber renewals and in financial services E&O renewals. They are less visible than total exclusions because the policy remains in place and the coverage is not removed entirely. An operator who assumes their full cyber limit applies to an AI event may discover only at claim time that the sublimit caps their recovery at a fraction of the loss.

How to review your renewal documentation

The renewal summary sent by brokers typically does not highlight exclusion changes with the prominence they deserve. To review your position, you need to look at three specific documents: the endorsement schedule (which lists all endorsements attached to the policy by number and title), the endorsement text for any AI-related endorsements, and the definitions section of the base policy for how AI, automated systems, and similar terms are defined.

In the endorsement schedule, search for the following terms: "artificial intelligence," "AI," "automated decision," "autonomous," "machine learning," "AI exclusion," "technology exclusion," "digital services exclusion." The presence of any of these terms in an endorsement title warrants reading the full endorsement text.

In the endorsement text, identify: the scope of the exclusion (what categories of loss are removed), the trigger for the exclusion (what conditions must be met for the exclusion to apply), and any exceptions carved back in (what losses remain covered despite the exclusion's general scope). The difference between a manageable exclusion and a catastrophic coverage gap often lies in these carve-back exceptions.

In the definitions section, find the definition of the key trigger terms: "artificial intelligence," "autonomous," "independent decision," and similar. Definitions that are drafted narrowly (AI that learns from data without human input, or AI that takes irreversible physical actions) provide more residual coverage than definitions that are drafted broadly (any system that uses data to produce an output). The breadth of the definition determines the breadth of the exclusion.

For enterprises assessing coverage across a portfolio of AI deployments, the E&O bifurcation article and the market map on this site provide context on where the market is moving. For the operator documentation that reduces exclusion risk at underwriting, see the Agent Certified assessment framework.

The five questions to ask your broker

Before signing a renewal that involves any of your business's existing or planned AI deployments, put these five questions in writing to your broker and require written answers.

Question 1: Does this renewal policy include any AI-related exclusion endorsement, by any title or reference number? If so, please provide the full text of each such endorsement.

Question 2: Under the exclusion language in this policy, is an AI system that presents recommendations to a human for approval before acting considered "autonomous" or "independently operating"? Does this distinction matter to the coverage position?

Question 3: What would this policy pay out if our AI agent gave a customer materially incorrect information and the customer suffered a quantifiable financial loss as a result? Please provide a specific coverage scenario, not a general statement about the policy's purpose.

Question 4: Are there any AI sublimits within this policy that apply to losses caused by or involving AI systems? If so, what is the sublimit amount and how does it relate to the policy's general limit?

Question 5: Can you place a standalone AI errors and omissions policy or AI liability endorsement alongside this renewal to provide affirmative coverage for AI agent outputs? If so, what are the indicative terms?

Written responses to these questions create an audit trail that is valuable in two circumstances: first, if a claim arises and the insurer's coverage position differs from what the broker communicated; second, if a regulator or counterparty requests evidence of your insurance coverage review process for AI systems.

The emerging affirmative market

The growth of AI exclusions in conventional policies has accelerated demand for standalone AI liability coverage. Three carriers have established affirmative AI liability products in the UK and European markets as of mid-2026: HSB (Munich Re subsidiary), Armilla (Lloyd's coverholder, Chaucer underwriting), and Counterpart (Apollo Global Management backing). Each product takes a different underwriting approach and serves a different segment.

HSB's AI Liability Insurance product for SMEs is a straightforward errors and omissions structure: it covers third-party claims arising from AI errors, including incorrect advice, wrong decisions, and harmful autonomous actions. The underwriting process requires basic disclosure of what AI systems are deployed and how they are supervised. Premiums start at approximately GBP 1,500 annually for modest SME deployments.^[1]

Armilla's AI Performance Insurance covers model errors and downstream liability with limits up to USD 25 million. The underwriting process is more technical: Armilla assesses the model's historical performance data, incident history, and governance documentation. The product is designed for technology companies and enterprises with significant AI deployments and corresponding loss potential.^[2]

Counterpart's management liability and E&O products explicitly address AI agent decisions as insured events, with a particular focus on technology companies and companies for whom AI is core to their product. The underwriting approach focuses on governance maturity: companies with documented AI policies, human oversight procedures, and incident response plans receive better terms.^[3]

The AIUC-1 framework, developed by the AI Underwriting Consortium and first applied in the ElevenLabs policy, provides the underlying technical specification for AI agent insurability assessment that these and other emerging carriers are adapting. Operators who have undergone an Agent Certified assessment at agentcertified.eu have already completed much of the documentation work that affirmative AI carriers require at underwriting.

Frequently asked questions

What is ISO CG 40 47 and how broad is it?

ISO CG 40 47, introduced in December 2023, is a commercial general liability endorsement excluding bodily injury, property damage, personal injury and advertising injury caused directly or indirectly by any artificial intelligence. The exclusion is broad and applies regardless of whether the AI operated autonomously or assisted a human. Where this endorsement applies, a CGL policy provides no cover for any harm caused by the insured's AI systems.

What is the difference between ISO CG 40 47 and ISO CG 40 48?

ISO CG 40 47 is a broad total exclusion removing coverage for any loss caused directly or indirectly by AI. ISO CG 40 48 is a limited exclusion that preserves coverage for AI that does not independently make decisions and does not autonomously operate without human oversight. The practical distinction is whether your AI agent makes consequential decisions autonomously or requires human approval before acting. Fully autonomous agents typically fall into the excluded category under CG 40 48 as well.

Are European insurers using the same AI exclusion endorsements as US insurers?

The ISO endorsements were developed for the US market. European insurers are developing equivalent exclusion language through Lloyd's and the European market, without using ISO numbering. The functional effect is similar: AI-specific carve-outs are being added to cyber, PI, and general liability wordings. The specific language varies by insurer and syndicate, making it essential to review the actual wording rather than relying on the renewal summary at each renewal.

What should I ask my broker about AI exclusions at renewal?

Ask five specific questions: Does this policy include any AI exclusion endorsement? Does the exclusion apply to AI that assists human decisions, or only to fully autonomous AI? Are there AI sublimits within this policy? What would this policy pay out for an AI agent error causing a customer financial loss? And can you place a standalone AI errors and omissions product alongside this renewal to close the gap?

If I buy a standalone AI liability policy, does it replace my existing PI or cyber cover?

No. Standalone AI liability policies from HSB, Armilla, and Counterpart provide affirmative cover for AI agent errors as a new policy layer. They do not replace PI or cyber cover. PI continues to cover human professional errors; cyber continues to cover data and network events; and the AI policy fills the gap created when PI or CGL policies exclude agent outputs. The three products work in parallel.

References

HSB (Hartford Steam Boiler, a Munich Re subsidiary). AI Liability Insurance SME product, UK market launch March 2026. Indicative premium structure based on published product information and broker communications as of Q2 2026.
Armilla AI Inc. AI Performance Insurance. Series A funding of USD 25 million, January 2026, with capacity provided by Chaucer Syndicate at Lloyd's. Policy limits up to USD 25 million as of Q1 2026. See the Agent Insured waitlist for access to product information.
Counterpart Inc. Management Liability and E&O products with AI agent coverage. Backed by Apollo Global Management. Available in US and UK markets as of Q1 2026.
ISO CG 40 47 (Exclusion, Artificial Intelligence) and ISO CG 40 48 (Exclusion, Certain Artificial Intelligence). Commercial general liability endorsements, Insurance Services Office, December 2023. Applicable to ISO-based CGL forms. For European equivalent language, consult Lloyd's market bulletins and individual insurer renewal terms.
AIUC-1: AI Underwriting Consortium Framework, version 1.0. First applied in the ElevenLabs AI agent insurance policy, 2024. Technical specification for AI agent insurability assessment. Available via agentcertified.eu.