Illinois' Artificial Intelligence Safety Measures Act, signed July 6, 2026, gives insurers a first statutory catastrophic-risk trigger for AI: a single incident causing 50-plus deaths or serious injuries, or over $1 million in property damage, reportable within 72 hours. Generative AI litigation grew 978% from 2021 to 2025 (Gallagher Re, 2026), just as ISO's new CGL exclusion stripped away the industry's fallback coverage.

From tracking state AI insurance bills move through Colorado, Georgia and now Illinois over the past two quarters, the pattern is that each new statute quietly redraws where a claim lands on the coverage tower before any underwriter has finished repricing the last one. Senate Bill 315, also called the AI Safety Measures Act, passed the General Assembly with bipartisan support and takes effect January 1, 2027 (Illinois General Assembly, July 2026). "People want protections from the risks of AI and Illinois is stepping up with a bipartisan, first- and most-protective-in-the-nation law," Governor JB Pritzker said at the signing (Office of the Governor, July 6, 2026). Attorney General Kwame Raoul, who will enforce the statute, put it more bluntly: Illinois is "stepping up to fill the gap" left by the absence of federal AI oversight (Office of the Governor, July 6, 2026). For an insurance market that has spent two years watching AI exposure accumulate without a single agreed definition of what a bad AI outcome actually is, a state legislature just wrote one down.

The Catastrophic Risk Trigger: Reading SB 315 as an Underwriting Document

SB 315 requires developers of the largest frontier AI models to publish and annually update a safety framework describing how they identify and manage "catastrophic risk," which the statute defines as the reasonable possibility of an incident causing death or serious injury to more than 50 people, or more than $1 million in a single incident's property damage (Illinois General Assembly, July 2026). Developers must report qualifying incidents within 72 hours of discovery, or within 24 hours if the incident poses an imminent risk of death or serious physical injury, and the law creates the nation's first mandatory requirement for annual independent third-party safety audits of frontier systems (Governing, July 2026). Trade press has read this as a general AI safety story. It is also, whether the drafters intended it or not, the closest thing the insurance industry has to a statutory occurrence definition for AI catastrophe risk.

General liability policies define an "occurrence" to decide whether a string of related losses attaches once to a single retention or attaches per-claimant across a portfolio. Cyber policies solved an analogous problem with "related events" language, so that one exploited vulnerability triggers one retention even when it produces claims from thousands of insureds. AI liability has lacked any equivalent convention, because no regulator had defined a severity threshold at which a model flaw stops being an ordinary error and starts being a single, aggregatable catastrophe. SB 315's 50-death, $1 million property-damage threshold is not written as an insurance term, but it functions as one the moment an underwriter uses it. A carrier writing a standalone AI-E&O or AI liability form could plausibly borrow the statutory threshold as the attachment point that separates a primary layer, priced against ordinary hallucination and negligence claims, from an excess or facultative layer priced against the batch-clause scenario: one model defect propagating across every deployer that licensed it.

The 72-hour and 24-hour reporting clocks do similar work on the claims-handling side. Claims-made E&O and D&O forms already condition coverage on prompt notice; SB 315 effectively imports a statutory notice deadline that an insurer can underwrite around rather than negotiate policy-by-policy. A retention structure keyed to the statutory clock, where failure to report within the mandated window forfeits a coinsurance credit or triggers a coverage exclusion, gives carriers a lever to push disciplined incident response onto insureds without inventing new policy language from scratch. That is a meaningfully different starting point than the ad hoc notice provisions standalone AI MGAs have been drafting independently since 2025.

Three Postures in One Filing Cycle

Illinois is not legislating in isolation, and a national carrier filing rates this cycle has to reconcile at least three structurally different state postures inside the same book.

Illinois regulates the model, not the insurer. SB 315's obligations fall on frontier AI developers, and the statute is silent on insurance-specific carve-outs. That silence matters: unlike Colorado or Texas, Illinois has not exempted insurers from general AI oversight, which means a carrier building AI underwriting or claims tools in-house could itself become a covered developer if its systems meet the law's frontier-model thresholds, separate from any question of writing AI liability coverage for others.

Colorado exempts the insurer, not the model. Governor Polis signed SB 26-189 on May 14, 2026, rewriting Colorado's original AI Act into a narrower automated-decision-making-technology framework effective January 1, 2027 (Holland & Knight, May 2026). Insurers subject to Colorado's existing algorithmic-discrimination rules under DOI Regulation 10-3-1104.9 are deemed compliant with the broader ADMT statute in the "practice of insurance," except for their own employment decisions (Holland & Knight, May 2026). Colorado, in other words, trusts its insurance regulator to police AI used in underwriting and claims, but not AI used to manage the carrier's own workforce.

Georgia regulates the decision, not the model or the insurer. SB 444 bars health coverage denials issued solely by AI, requiring a licensed clinical peer to participate in any adverse determination, effective January 1, 2027 (Sheppard, 2026). The bill passed the state Senate unanimously before advancing through the House. Sponsor Sen. Kay Kirkpatrick, a retired orthopedic surgeon, framed the rationale as keeping "a doctor involved in tough calls while still letting insurers lean on artificial intelligence for everyday administrative work" (Hoodline, March 2026). Georgia does not touch general liability exposure at all; its trigger is narrowly a health utilization-review process point.

Three regimes, three different objects of regulation: the model in Illinois, the insurer's own compliance posture in Colorado, the specific decision workflow in Georgia. A multi-state life, health, or commercial-lines carrier now has to map each AI system it operates against all three tests independently, because passing Colorado's deemed-compliant safe harbor says nothing about whether the same underwriting model would trip Illinois' frontier-developer threshold if the carrier trained it in-house, and neither statute touches Georgia's utilization-review mandate for the health book.

Quantifying the Coverage Gap

The regulatory patchwork is arriving at the same time the traditional liability market is actively retreating from AI exposure. The National Insurance Services Office rolled out three optional generative AI exclusion endorsements effective January 1, 2026: CG 40 47, which excludes bodily injury, property damage, and personal and advertising injury arising from generative AI under both CGL Coverage A and B; CG 40 48, a narrower personal-and-advertising-injury-only version; and CG 35 08, which attaches to the products and completed operations liability coverage part (Gallagher, 2026). The endorsements are optional, but ISO forms underlie roughly 82% of U.S. property and casualty policies, and carrier adoption is expected to be near-universal by the end of 2026 (Gallagher, 2026).

That withdrawal is happening against a litigation curve moving the opposite direction. Generative AI-related lawsuits in the United States grew 978% from 2021 to 2025, with cumulative filings climbing past 700 over that period and year-over-year growth accelerating to 137% in 2024 to 2025 alone (Gallagher Re, cited in Risk & Insurance, 2026). A separate market study puts the median demand across generative AI lawsuits at $5 million, with 70% of cases seeking less than $10 million but roughly 16% demanding more than $100 million, and the top 5% of cases accounting for 99% of total dollars demanded (Testudo, January 2026). Model hallucination drives only 4.9% of these suits, and 32% are filed as class actions (Testudo, January 2026), which tells underwriters that the exposure is broader and more procedurally aggressive than the narrow "chatbot said something wrong" scenario most silent-AI conversations still default to.

Technology E&O, the policy form enterprises have historically leaned on, was built to protect providers of technology services, not the much larger population of companies deploying third-party AI tools inside their own operations (Risk & Insurance, 2026). As CGL, cyber, and tech E&O forms add AI exclusions in parallel, deployers, the hospital system using an AI triage tool, the insurer using an AI claims model, the retailer using an AI pricing engine, are left holding exposure that no admitted form was underwritten to price. That is the gap the standalone AI liability market exists to fill, and as of early 2026 it remains genuinely thin: Armilla, a Toronto-based MGA, wrote what is described as the first standalone AI liability policy at Lloyd's in April 2025 with backing from the Chaucer syndicate, and had expanded per-organization limits to $25 million or more by January 2026 (Medium/Purdy House, 2026). Munich Re's aiSure product and Testudo, a Lloyd's-backed MGA that began underwriting U.S. mid-market business in early 2026, round out a market The Insurer's Program Manager desk counts at roughly five standalone products worldwide (The Insurer, April 2026).

The Accumulation Problem

Even a well-capitalized standalone AI liability market faces an actuarial obstacle that catastrophe risk, for all its severity, does not: AI accumulation has no geographic or sectoral boundary. Property catastrophe modeling works because a hurricane's footprint is finite and correlated losses cluster along a coastline that actuaries can map, zone, and price against decades of storm-track data. Enterprise AI deployment is concentrated instead among a small number of foundation model providers and cloud infrastructure vendors, so a single upstream defect, a regression that introduces hallucination on a specific class of prompts, a security flaw in a shared model-serving layer, a regulatory action pulling a model from market, can generate correlated claims across thousands of unrelated policyholders simultaneously, with no exogenous trigger and no obvious severity scale to anchor a return-period curve (Gallagher Re, 2026; arXiv 2605.18784, 2026).

This is the structural reason capacity has entered the AI liability market cautiously. Some Lloyd's capacity providers remain wary of the category, and MGAs need both underwriting discipline and technical fluency in the underlying models to attract backing, a dynamic close observers compare to the early years of standalone cyber insurance (The Insurer, April 2026). The difference is that cyber accumulation modeling had roughly two decades to mature around a reasonably stable set of attack vectors. AI accumulation modeling is starting from a model landscape that itself changes every retraining cycle, which means the aggregation exercise a reinsurer would normally run once a year has to run continuously.

Pricing an Exposure With No Loss History

A prospective AI-E&O underwriter building a standalone book from SB 315's framework downward needs three things a traditional E&O or CGL filing does not require: a new exposure base, a credit structure tied to the audit mandate, and a capital plan built for correlated rather than idiosyncratic severity.

Exposure bases beyond payroll or revenue. Traditional E&O rates off headcount or professional revenue because both proxy for the volume of professional judgments a firm renders. Neither proxies AI risk well: a five-person startup running a foundation model against millions of consumer interactions carries more aggregate exposure than a thousand-employee firm using AI for internal document review. Underwriters entering this line need exposure units closer to inference volume, the number of end users or consequential decisions an AI system touches per year, and a concentration score for how much of that volume runs through a single third-party foundation model versus a diversified or proprietary stack. The higher the single-vendor concentration, the closer a policyholder sits to the correlated-claims scenario described above.

Audit-attestation credits. SB 315's mandatory third-party safety audit for frontier developers creates something underwriters have lacked: a verifiable, dated, externally produced data point about a model's safety posture. That is structurally similar to the security-control attestations cyber underwriters now use to price multifactor authentication or endpoint detection, credits earned for demonstrated controls rather than self-reported questionnaire answers. A carrier or MGA writing AI liability could plausibly build a rating plan that prices policyholders relying on SB 315-audited frontier models more favorably than those relying on unaudited or proprietary models with no comparable third-party review, at least for Illinois-domiciled exposure and any insured whose vendor stack includes an audited developer.

Capital implications for MGAs. Because AI severity is correlated rather than idiosyncratic, an MGA cannot simply diversify across policyholders the way a traditional E&O book does; writing a thousand small AI-deploying insureds that all depend on the same three foundation models does not reduce tail risk the way writing a thousand independent law firms does. That pushes capital structuring toward excess-of-loss reinsurance attaching well above the primary layer, facultative placements for the largest single-vendor concentrations, and, eventually, the kind of alternative capital, quota-share sidecars or cat-bond-adjacent structures, that cyber reinsurance built once aggregation modeling matured enough for capital markets investors to underwrite the tail. Lloyd's syndicate capacity, exemplified by Chaucer's backing of Armilla, remains the dominant source of that capital today; broader reinsurance treaty capacity is unlikely to commit at scale until an accumulation model exists that a reinsurer's own capital modeling function can defend to its board.

The State Patchwork Actuaries Must Now Track

State Statute What it regulates Insurer-relevant mechanism Effective date
Illinois SB 315, AI Safety Measures Act Frontier AI model developers Catastrophic-risk definition; 72-hour/24-hour incident reporting; mandatory third-party audits January 1, 2027
Colorado SB 26-189 Automated decision-making technology generally Insurers deemed compliant via existing DOI Reg 10-3-1104.9, except employment decisions January 1, 2027
Georgia SB 444 Health coverage adverse determinations Bars AI-only denials; requires clinical peer review January 1, 2027

All three take effect within days of each other on January 1, 2027, which means the 2027 rate and form filing cycle is the first in which carriers must demonstrate compliance with three non-identical AI regimes simultaneously, on top of the NAIC's own model bulletin and evaluation-tool infrastructure layered across dozens of additional states.

Why This Matters for Actuaries

The practical consequence for pricing and reserving actuaries is that AI liability is moving from a silent-exposure problem, an unpriced risk hiding inside CGL and tech E&O books, toward a standalone-line problem with its own exposure base, its own accumulation math, and now its own statutory severity threshold. Appointed actuaries opining on reserves for any carrier writing standalone AI-E&O or AI liability coverage will need loss development patterns for a line with essentially no historical triangle, which argues for scenario-based and exposure-based reserving methods over traditional loss-development-factor approaches until enough accident years mature. Pricing actuaries building rate plans around SB 315's audit mandate should treat the credit as a leading indicator rather than a settled rating variable, because the audit regime itself does not take effect until January 2027 and its practical rigor is untested. And capital modeling actuaries at any carrier or reinsurer considering entry into this line need an aggregation methodology that treats foundation-model concentration the way catastrophe modelers treat storm tracks, as the variable that determines whether a book of a thousand policies behaves like a thousand independent risks or one very large one.

Further Reading

Sources