Two Kinds of AI Exclusion — And the One Your CGL Renewal Won't Tell You About

The headline is real. The story underneath has two halves.

A wave of trade press in early 2026 reports that major US insurance carriers are filing AI exclusion endorsements with state regulators — InsuranceIntel calls out Berkshire Hathaway, Chubb, and Travelers; Fast Company and Tom’s Hardware repeat the framing; an underlying Wolfe Research analysis cited in The Information (April 2026, paywalled) claims 80%+ state regulator approval across “thousands of filings.”

The framing collapses two structurally different exclusions into a single narrative. For a CIO or General Counsel preparing for a 2026 cyber or commercial liability renewal, that collapse is operationally costly — the two exclusions cover materially different exposures, apply to different insurance lines, and use definitions of “AI” that diverge in ways that matter for whether your specific systems are covered.

This essay separates the two halves, with verbatim form text from primary-source filings.

Style A — the ISO narrow exclusion

The Insurance Services Office (ISO) — whose forms hundreds of US carriers license — published three new commercial general liability endorsements effective January 1, 2026 multistate. All three exclude losses “arising out of ‘generative artificial intelligence’” from standard CGL coverage; they differ only in which coverage they exclude:

• CG 40 47 strips both Coverage A (BI/PD) and Coverage B (Personal & Advertising Injury) — broadest CGL form
• CG 40 48 strips Coverage B only — addresses defamation, copyright/trademark in advertising, etc.
• CG 35 08 strips Products / Completed Operations BI or PD — addresses downstream defect / failure-to-warn claims arising from GenAI in delivered products or completed work

All three share an identical definition of “generative artificial intelligence” (verbatim from the SAMPLE-watermarked CG 40 48 and CG 35 08 PDFs hosted at assets.alm.com):

“‘Generative artificial intelligence’ means a machine-based learning system or model that is trained on data with the ability to create content or responses, including but not limited to text, images, audio, video or code.”

The structural characteristic that matters: the exclusion triggers only when the loss can be tied to generative output. A claim involving a predictive model — fraud detection, credit scoring, recommendation system, classification — is arguably outside scope under the ISO definition. The exclusion applies to GenAI specifically, not “AI” generically.

Style B — the Berkley “Absolute” broad exclusion

WR Berkley filed a categorically different exclusion at the management-liability layer: form PC 51380 00 (06-24) — Artificial Intelligence Exclusion (Absolute). Verbatim from the Hunton-hosted PDF:

“The Insurer shall not be liable to make payment under this Coverage Part for Loss on account of any Claim made against any Insured based upon, arising out of, or attributable to: (1) any actual or alleged use, deployment, or development of Artificial Intelligence by any person or entity, including but not limited to: (a) the generation, creation, or dissemination of any content or communications using Artificial Intelligence; … (f) any alleged representations, warranties, promises, or agreements actually or allegedly made by a chatbot or virtual customer service agent…”

The exclusion goes further than the ISO forms in scope (covers use + deployment + development + content generation + chatbot statements + inadequate AI policies + AI regulatory disclosures) AND in line of business (D&O, E&O, Fiduciary — not CGL).

But the most consequential difference is the definition of AI:

“‘Artificial Intelligence’ means any machine-based system that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments…”

This definition captures inference-based systems generically — not just generative AI. An algorithmic credit-scoring model with no GenAI component is within scope under Berkley’s form. A recommendation system. A fraud-detection model. A claims-routing decision tree built with traditional ML. None of these involve generative content, but all of them “infer… how to generate outputs such as predictions [or] decisions.”

If you only read the headlines about “AI exclusions” and assume your CGL renewal is the place to worry, you’ll miss the much broader exclusion sitting in your D&O renewal.

The definition arbitrage in concrete terms

Pick a representative mid-market scenario: a fintech-adjacent company at $500M revenue using an internally-built algorithmic credit-scoring model. No GenAI involved. The model classifies loan applications into risk tiers using a gradient-boosted decision tree.

Under ISO’s CG 40 47 (CGL exclusion): the model probably doesn’t trigger the exclusion. It doesn’t generate content. A claim arising from a discriminatory scoring outcome might be covered under Coverage B (personal & advertising injury, if defamation theories are pled) — though the exclusion applies to GenAI specifically, not classification models.

Under Berkley’s PC 51380 (D&O / E&O / Fiduciary exclusion): the same model probably IS within scope. The definition explicitly captures systems that “infer… predictions [or] decisions” — that’s exactly what a classification model does. A securities class-action alleging the model produced discriminatory outcomes (a real and growing claim shape post-CFPB algorithmic-fairness scrutiny) would face exclusion at the D&O layer.

The same underlying AI system is treated differently by two different insurance lines on the same renewal cycle. That’s the arbitrage — and it’s invisible if you read the headlines as “AI exclusions in insurance” without disaggregating by line.

The Big-3 carrier claim — asymmetrically verified

The Berkshire / Chubb / Travelers reporting deserves a separate caveat — and the three carriers do not have equal evidence.

Chubb has the strongest case. The Financial Times independently named Chubb in November 2025 alongside AIG, WR Berkley, and Great American — before the Wolfe Research analysis ran. So Chubb has two independent reporting chains: FT-direct (Nov 2025) and Wolfe/Information (April 2026). FT specifically reports Chubb’s approach is to exclude “widespread/correlated AI loss events” while continuing to cover discrete AI-related incidents. Specific subsidiary, form number, state, and effective date are not in the public record, but the existence of a filing is corroborated.

Travelers and Berkshire Hathaway are single-sourced to the Wolfe Research / The Information chain alone. Neither is named in FT’s Nov 2025 story. Neither appears in any legal-analyst writeup (Hunton, PolicyholderPulse, Lathrop, Wiley) or in Business Insurance / Commercial Risk Online coverage as of May 2026. Berkshire Hathaway Specialty Insurance’s own published material (Bailey/Parsons D&O essay) treats AI as risk being monitored, not coverage being withdrawn. The Wolfe/Information claim for these two carriers is reported but not independently verified.

We tried to verify form filings directly against SERFF (the public State Electronic Rate and Form Filing system). SERFF Filing Access blocks automated fetches at the tool layer; manual verification would require a human researcher with a SERFF account searching by company name and line of business.

What this means for your renewal preparation:

• If your CGL or management-liability carrier is Chubb: ask your broker for the AI exclusion endorsement form number and scope (FT corroboration makes a filing likely; specifics undisclosed)
• If your carrier is Travelers or Berkshire: ask your broker, but don’t assume an exclusion exists until you see the form text. The public record doesn’t yet confirm specific filings.

What IS verified with primary-source filings: ISO’s three CGL endorsements (CG 40 47, 40 48, 35 08); WR Berkley’s “Absolute” AI Exclusion (PC 51380, Connecticut + other states); AIG (via National Union) filings in Idaho and Illinois; Great American filings in Washington; Philadelphia Indemnity content-only exclusion; Hamilton Select management-liability exclusion. These are the documented exclusions you can plan around with confidence.

Cyber lines specifically — moving in the OPPOSITE direction

The trade-press framing collapses two different categories of news into a single “AI exclusions in insurance” narrative. The CGL story is real and documented (above). The cyber-line story is the opposite — and worth separating cleanly:

Affirmative AI coverage extensions (the opposite of exclusions) launched in 2024-2026 across major cyber carriers:

• Coalition — Affirmative AI Endorsement (March 2024), expanded into Active Cyber Policy (April 2025), plus Deepfake Response Endorsement (December 2025)
• Cowbell — Prime One (April 2026) with affirmative AI and quantum risk coverage
• AXA XL — GenAI Cyber Endorsement covering data poisoning, EU AI Act fines, usage-rights infringement
• QBE North America — AI-focused cyber coverages (July 2025) including LLMjacking + regulatory extensions

Draft AI sublimits — not yet bound on in-force policies. Beazley and QBE are working on ~10% sublimits (e.g., $250K on $5M cyber tower) per Financial Times reporting in April 2026. Aidan Flynn, Beazley’s Head of Cyber Underwriting Management, confirms the sublimit wording is “still in development and has not yet been applied to in-force policies.” Beazley’s public position is no plans to exclude AI.

ISO has not released a CY-series AI exclusion to parallel CG 40 47/48/35 08. The CGL exclusion infrastructure does not have a cyber counterpart in the public record.

The clearest summary of this bifurcation comes from the broker side:

“Organizations today do not need to panic that their coverage is in a position to deny an AI-related claim if it’s for something that is already traditionally intended to be covered by the policy.” — Alexandra Bretschneider, VP, Johnson Kendall Johnson, via Insurance Business Magazine, December 2025

For your cyber renewal preparation: expect AI questions in your underwriting submission (per Marsh, Aon, Lockton — see the Cyber Underwriting Readiness Brief for the six question categories appearing in 2026 mid-market submissions). But coverage exclusions targeting AI are not yet a bound-policy category. The pressure is on answer quality, not on coverage availability.

What CIOs should ask their broker

Five specific questions to surface before your next renewal:

1. “Across all our insurance lines — CGL, D&O, E&O, Fiduciary, Cyber, Crime — which carriers in our policy stack have filed AI exclusions, and what form numbers apply to our renewal?”

2. “For each filed exclusion, what’s the definition of AI in the form text? Specifically — does it use the ISO ‘generative artificial intelligence’ definition or the broader Berkley-style ‘inferring system’ definition?”

3. “What’s the carve-out language? Are there exceptions for AI that’s incidental to the underlying business activity, or is the exclusion absolute?”

4. “For our D&O renewal specifically: if our company uses any inference-based ML system in decision-influencing functions (credit, hiring, claims, recommendation), what’s the buy-back or modification path on the exclusion?”

5. “What does our submission packet’s AI section need to document to position us favorably for negotiated exclusion modifications or coverage extensions?”

The first two questions are diagnostic. The next three are negotiation-shaping. Most mid-market customers we’ve talked to have asked none of these. The brokers who get asked respond seriously because the questions signal an informed buyer.

What this means structurally

The cyber + management-liability insurance market is going through a transition where the underwriting of AI exposure is moving from “we’ll figure it out at claim time” to “we’re filing exclusions and pricing the coverage explicitly.” That transition compresses the window where ad-hoc AI deployments can sit comfortably under existing policy language. The orgs that get through the transition cleanly are the ones who:

• Know which AI exclusions apply to which of their insurance lines (line bifurcation)
• Understand definition differences between ISO-style narrow exclusions and Berkley-style broad ones (definition arbitrage)
• Document AI governance maturity at the level carriers can underwrite against (the 10-Layer Assessment framework is our published version; NIST AI RMF and ISO 42001 are the cross-framework standards)
• Surface the exclusion landscape to their broker proactively, before the renewal questionnaire forces the conversation

The full filing landscape — verbatim quotes, carrier-by-carrier matrix, additional regulatory context — is in our Cyber Underwriting Readiness Brief. The brief is free, no email required, markdown source downloadable. It includes the answer templates we’d use for our own renewal if we were on your side of the conversation.

Anyone selling you a vendor-specific “AI governance product” that promises X% premium reduction is overclaiming the current state of the carrier market. Anyone telling you to ignore the exclusion landscape because “it doesn’t apply to your cyber policy yet” is missing half of the picture. The honest answer is operational: know which line each exclusion sits in, which definition each exclusion uses, and what your governance documentation can credibly answer at the renewal-call level.

The exclusion landscape will evolve again before year-end. The framework for navigating it is stable.