We are moving from a world of "human error" to a world of "architectural systemic risk."


Reading time: 5 minutes
Listen time: 5 minutes

Almost everything published about AI risk in insurance is about the cyber threat or the regulatory response.

This edition is about the exposure your own systems are building quietly, from the inside. For at least the last five years we've watched the failure point migrate from the person at the keyboard to the architecture underneath your portfolio.

Three developments caught our attention this week:

  • There is no public case yet where an insurer's AI model or an MGA's automated binding workflow produced a correlated covered loss at scale. We sketch out how both claims could land, and which forms are not ready.
  • A law firm is telling companies to patent the prompts that run their revenue. Read it through a coverage lens and three separate exposures open at once.
  • The IMF mapped a cyber loss that never has to breach you. It only has to hit the one vendor your whole market depends on.

Every week our team rips through 200+ insurance, legal, regulatory, and market-risk articles so you don't have to!

Prefer to listen? Check out the audio version.

The careless employee was a risk you knew how to price

Summary

For thirty years the insurance model assumed a person made the mistake.

Someone clicked the link. Someone fat-fingered the wire. Someone mis-rated the policy.

Underwriting, training, and the policy forms were all built around that fallible human at the keyboard.

Price the diligence, price the controls, price the odds that one employee slips on one transaction. That assumption is quietly breaking. A second pattern is replacing it.

The decision gets made once, by a system, and then repeats ten thousand times before anyone reviews one output.

A prompt. A model. An automated pipeline.

The mistake doesn't happen at a desk. It sits in the design, and the design runs at machine speed across the whole book. When the failure lives in architecture, it fails the way architecture fails.

All at once, correlated, and at scale.

There is no clean, high-profile case yet where an insurer's or MGA's automated system, AI model, or prompt produced a correlated covered loss at scale.

That case has not happened, or at least it has not surfaced publicly. But the architecture for it is being built right now, and the path from design flaw to claim is shorter than most boards realize.

How the claim could land for a carrier.

A regional insurer deploys an AI-assisted pricing model across its homeowners book.

The model ingests property data, weather exposure, and loss history to generate rate recommendations that flow straight into the quoting engine. For eight months it appears to run cleanly. Then a data-feed error in the weather layer goes undetected.

The model underprices wind exposure across 14,000 policies concentrated in coastal counties.

A single active storm season turns the mispriced tranche into a reserve deficit that wipes out a year of underwriting profit on that segment. The board asks who reviewed the model's output. The answer: nobody reviewed individual quotes.

The system was the reviewer.

The E&O carrier asks whether this was a professional underwriting error or a product defect in the software. The D&O carrier asks when the board approved the model and what oversight was in place. Both questions land on forms that were written for a world where a human held the pen.

How the claim could land for an MGA.

An MGA building a specialty program under delegated authority writes a prompt library that drives its automated binding workflow.

The prompt ingests submission data, applies the carrier's underwriting guidelines, and issues quotes under delegated authority. A flaw in the prompt logic misapplies a classification rule. For five months the MGA binds risks in a class the carrier expressly excluded from the program.

The carrier discovers the pattern during a quarterly audit.

Hundreds of policies sit on carrier paper, mispriced. The carrier rescinds authority and tenders a claim against the MGA's E&O. The MGA's E&O carrier asks who made the underwriting decision. The answer: the prompt made it.

The next question is whether the MGA's E&O form covers a defective automated workflow. Or whether the error falls outside the definition of a "wrongful act" because no human underwrote the risk. The carrier's own D&O board faces its own set of questions. What oversight existed over delegated authority? Did anyone have visibility into the MGA's use of AI in the binding process?

So what?

The thing you are underwriting has changed.

The old question was whether one underwriter is careful. The new one is whether a system was built to fail safely. Neither of these scenarios requires new technology.

They require only the technology carriers and MGAs are adopting right now, running at production scale.

The governance frameworks have not kept pace. For directors and officers coverage, that puts board oversight of automated decisions squarely in the frame. For errors and omissions, it raises a question no court has answered yet: when a system repeats the same error across thousands of risks, is that a professional mistake or a product defect?

The answer will determine which policy responds.

The forms were not written with either scenario in mind.

Monday morning, find the place in your operation where one design choice now drives thousands of decisions without a human checkpoint. If you run delegated authority, ask which automated binding workflows could produce a pattern your carrier partner discovers at audit. Then ask what control would stop that pattern at ten policies instead of ten thousand. That is where the next correlated loss is sitting.

Source: LION Deep Research

The prompt just became property. Coverage has not caught up.

Summary

Rivkin Radler IP partner Nancy Del Pizzo is advising companies to protect their sophisticated AI prompts as intellectual property.

These are not simple questions typed into a chatbot. They are complex instruction sets that define how an AI reasons, processes information, and produces output. A Forbes piece by Luis Ibarra, CTO at PingWind, calls what is coming a "prompt patent storm" that most companies have not prepared for.

Del Pizzo lays out three routes to protection.

A patent offers strong rights but requires public disclosure, and utility patents expire after twenty years. Copyright may cover the original arrangement of prompts, though likely not a single prompt on its own. Trade-secret protection can last indefinitely if the company maintains strict confidentiality and the prompt resists reverse engineering.

Read it through a coverage lens and the picture sharpens fast.

The moment a prompt becomes an asset, it can be stolen, infringed, or defective. Each of those is a separate exposure. Each one lands in a different policy.

Stolen prompts pull trade secret, cyber, and crime forms into play. Infringement triggers IP, media, or technology E&O. A defective prompt that produces flawed output at scale lands on E&O, technology E&O, or product liability.

Source: Rivkin Radler; Forbes

The LION Lens

What happened — Rivkin Radler advised companies to evaluate their most valuable AI prompts for IP protection. The routes: patent, trade secret, or copyright (Rivkin Radler, June 15, 2026).

Why it matters — A prompt that drives revenue and automates a critical workflow is a business asset. Assets get stolen. They get infringed. They turn out to be defective.

Practical implications — Three exposures open at once. Trade-secret theft if the prompt library walks out the door. IP claims if prompts copy someone else's protected work. Professional liability if the prompt produces a flawed output at scale.

So what?

For any carrier or MGA running AI in underwriting, claims, or pricing, your own prompts sit on both sides of the ledger.

They are an asset worth protecting and a source of loss worth insuring.

The protection decision carries real tradeoffs. Trade-secret status has no fixed expiration, but courts regularly find it lost when companies fail to maintain adequate confidentiality measures. A patent is public from the moment you file, and the clock starts on twenty years of protection.

Whether copyright protects the arrangement of prompts is unsettled. Courts have not ruled on the question.

The harder problem is the loss.

If a defective prompt drives the same underwriting error across thousands of risks, is that a professional error your E&O form responds to, or a product defect it excludes? If a departing employee copies the prompt library, is that a trade-secret claim, a cyber event, or a crime loss?

The current forms were not written with any of these scenarios in mind. That is how silent exposure builds.

The LION POV

Here's how we're advising clients:

Inventory the prompts that drive revenue. Treat the prompt library the way you treat any other schedule of assets. Assign an owner. Keep an access log. Track version history.

Lock down confidentiality before you reach for a patent. Trade-secret protection can last a lifetime. A patent filing is public and expires in twenty years. Sequence matters.

Map prompt failure to a specific policy trigger now. Walk the scenario across your E&O, technology E&O, and cyber forms before a claim-made trigger and prior-acts language force the answer in litigation.

The companies treating prompts as disposable today may be building the silent AI exposure their carriers will be arguing about in three years.

Source: Rivkin Radler; Forbes

Want to pressure-test where AI exposure hides in your own E&O and cyber forms? Contact LION Specialty for a confidential review.

Or just reply to this email with PROMPT REVIEW and I'll send over a short checklist you can run against your current forms before renewal.

The worst cyber loss may not be your breach

Summary

The IMF issued a warning in May that AI is changing the shape of cyber risk at the system level.

When banks, insurers, and MGAs run on the same cloud platforms, a single vulnerability can hit many of them at once. AI sharpens the danger on both sides. Attackers use it to find and exploit flaws faster. Defenders depend on the same AI-powered tools and shared vendor infrastructure.

For now, some buffers hold.

The most capable AI attack tools are not yet widely distributed. Closed, industry-specific financial software is harder to target than open-source code.

But the IMF is clear: those buffers may erode as the technology spreads.

Source: IMF

So what?

For a regional insurer or an MGA, this reframes where the worst day comes from.

It may not be your own breach. It may be the morning a shared vendor, model, or cloud provider goes down and a wave of your peers reports a loss in the same week.

That is correlated loss. Many institutions failing at the same time, from the same cause.

Most cyber reinsurance programs were not built to absorb that pattern. They were priced on the assumption that one company's breach is independent of the next, with aggregation language keyed to discrete events rather than vendor-level failures.

The exposure runs past your own controls. It sits in the concentration underneath your entire book.

If your reinsurance treaty has aggregation clauses built around independent events, those clauses deserve a second read before renewal.

Before your next renewal, ask one question about your cyber book or your own cyber cover: how exposed are we to one vendor or one model that the rest of our market also depends on?

And ask your reinsurance broker whether your treaty aggregation language accounts for the scenario where dozens of cedents report losses from the same vendor in the same week.

The Bottom Line

A law firm wants you to treat your prompts as property. The IMF wants you to treat shared infrastructure as a fault line.

Both describe the same shift: the loss that matters is baked into the system before a person ever touches it.

The board question heading into renewal season is where that design quietly drives thousands of decisions, and who owns the loss when it fails. Your balance sheet, or a policy that was never written for this pattern.

That's why we created the D&O Contract Vigilance Blueprint. It's a 5-day email course that helps you spot where AI-driven decisions, delegated authority, and systemic cyber exposures are, or are not, picked up in your D&O language:

  • Secure better D&O insurance: Learn how to avoid common policy mistakes
  • Protect your personal assets: Understand your potential liability

Don't wait until a claim hits to find out your institution is under-protected.

Thank you for reading today's edition!

Want to share this edition via text, email or social media? Simply copy-and-paste the link below:

https://lionspecialty.kit.com/posts/we-are-moving-from-a-world-of-human-error-to-a-world-of-architectural-systemic-risk

And if this briefing was forwarded to you, subscribe directly here.

Stay Covered Out There Y'all,

FLIP

Co-Founder and Managing Partner
LION Specialty

P.S. Want the D&O Contract Vigilance Blueprint? Comment BLUEPRINT on today's LinkedIn post and we'll send it over.

P.S.S. Nothing in this briefing constitutes legal advice. These are the opinions of the founder. It's market intelligence designed to help you ask better questions of your advisors and make sharper decisions at your next insurance renewal.

​Thanks for reading! If you loved it, consider telling your colleagues (and/or) friends to subscribe.

If you didn't enjoy the email you can unsubscribe here.

LION Specialty

Everything you need to know to navigate the financial institution insurance market in ≈ 5 minutes per week. Delivered on Fridays.

Read more from LION Specialty
A record $110,000 sanction. A federal AI-evidence rule sent back for a rewrite. And a defense play that works whether or not the rule ever arrives. Five minutes, boardroom-ready.

Reading time: 5 minutesListen time: 11 minutes Good morning. Two forces are reshaping litigation at once. Claims are getting more polished and more plentiful. The proof behind them is not keeping up. Generative AI can draft a flawless-looking brief in minutes. It cannot manufacture the evidence that brief needs. That gap is where this week's intelligence lives. Here's what's in front of you: Courts have now caught AI-invented citations in more than 1,700 filings (as of July 2026), and one...

1,822 lawsuits, a $91M judgment, and 8 more you couldn't stop clicking

Reading time: 5 minutesListening time: 6 minutes The Boardroom Brief — Quarter in Review America turns 250 this weekend. Nobody will mention insurance at the barbecue. But the industry you run is older than the country it's celebrating. Marine underwriters financed the Revolution when the colonies had no navy and no central bank. The receipts are real. So instead of a new Brief this week: ten editions from the past quarter that you told us mattered, measured in the ones you opened and the...

The single most important thing your D&O underwriter grades has nothing to do with your technology.

Negotiating D&O at Every Stage of the Build My first insurtech client was convinced he was going to be the Steve Jobs of insurance. Ten years ago he had everything investors wanted. A growth curve doubling every quarter. A proprietary pricing algorithm. And a claims and reserving operation so unglamorous it never made the deck. Guess which one kept him solvent. The growth curve drove the keynote. His algorithm set the valuation. The reserve discipline no one put in the deck is the only reason...