Major insurers are carving AI out of standard professional indemnity policies. If your firm treats AI as a cost-saving tool rather than a governed business system, you are about to discover why that matters.
AI Governance  Trovix WatchLegal · Insurance · Financial Services · Accountancy

In July 2026, the insurance market is finally pricing AI risk the way it should have been pricing it all along. Great American, Chubb and W.R. Berkley have secured regulatory permission to exclude AI-related claims from corporate policies — not just commercial general liability, but errors and omissions cover and directors and officers policies too. The Insurance Services Office has issued a standard generative AI exclusion that allows carriers to implement these carve-outs at renewal. For a mid-market UK law firm, accountancy practice, financial services firm or insurer, this means: if a client loses money because your AI made a bad decision, or your team relied on an AI tool that produced inaccurate output, you may have no coverage. The FCA's Consumer Duty (PS22/9) and the SRA's Code of Conduct for Solicitors already require firms to take responsibility for the decisions they make. Insurance companies are now saying they will not share that responsibility for AI-generated decisions unless you can prove your governance was solid.

This exclusion is not a black swan event. It is the inevitable result of three years of unmanaged AI deployment in professional services. Firms have adopted tools like ChatGPT, Microsoft Copilot, and various legal-specific platforms (Harvey, Legora, Luminance) without meaningful governance frameworks. Some have been excellent. Many have not. Insurers have watched claims trickle in — hallucinated case citations, missed compliance steps, misdirected financial advice — and calculated that the liability is unmeasurable. They are right. If you cannot audit what your AI did, why it did it, or prove it was appropriate for the task, then you have transferred your professional judgment to a black box. Insurance companies will not insure that. Regulators will not permit it. The PRA's Supervisory Statement (SS1/23) on operational resilience and the ICO's guidance on UK GDPR make clear: you own your AI decisions, traceable or not.

Trovix's position is blunt: AI integration must be built on governance, not grafted on top of tools. We have watched firms fail with Harvey and Luminance not because these platforms are bad — they are not — but because firms implemented them without first building the audit trail, the human review checkpoint, and the documented decision framework that makes them insurable and regulable. The difference is fundamental. A tool like ChatGPT is a productivity lever; it is not a substitute for judgment. Tools like Legora and Luminance that sit deeper in workflows can and should be auditable — but only if your firm has first designed a governance system to track them. That is where many firms stumble. They buy the tool. They do not buy the framework. Our view: implement Trovix Audit first. Map exactly where AI touches client decisions, where humans must validate output, what the audit trail looks like, and how you will demonstrate compliance to the FCA or SRA. Only then does the tool choice make sense. And only then will your insurer cover you.

Here is what your firm should do this month. First: audit where AI is currently in use. Be honest. Second: request from your insurer a written position on any exclusions being applied at your next renewal — do not assume you have coverage. Third: map the decisions your firm makes that carry professional liability risk and design a governance layer that sits on top of every AI tool touching those decisions. Fourth: ensure every instance of AI-assisted work has a human checkpoint and a documented reason for the decision. This is not regulatory theatre. The FRC's International Standard on Auditing (UK) already requires auditors to assess the risks of material misstatement when using automated tools. The EU AI Act, which influences UK regulatory thinking, explicitly requires audit trails for high-risk AI. Your insurer is telling you: prove you have done this, or we will not cover you. Trovix Watch will help you track the regulatory framework as it hardens. But the real work is internal: designing governance that makes your AI use defensible.

Source: Forbes

Related Trovix product:

Trovix Watch →Book a demo →