In the world of insurance, “AI” has long referred to Additional Insured. However, it’s 21st century meaning – Artificial Intelligence – is crowding the older acronym for attention as AI is increasingly seem as a panacea for speeding up workflows, reducing labor and improving accuracy. But is it?
A November 2019 report by global consulting firm McKinsey found a 25% annual increase in the use of AI by businesses, with 58% of companies stating they have embedded AI technology into at least one process or business product. And, as with anything new, the implications are not fully understood, leading to new layers of technical complexity and exposure to certain types of risk not previously of concern.
Businesses contemplating the introduction of AI into their work and decision-making processes need to ask themselves the following questions:
Along with these thorny questions, the matter of risk control must be considered. Cyber insurance is an ever-evolving product, one that most likely is not keeping up with the pace of technologic change and its associated risk. At present, cyber insurance is typically broad enough to cover claims related to security, such as a data breach by malware. But as the use of AI grows, so too will specific AI-related claims, and they will inevitably splinter off into areas not previously considered by underwriters, such as the questions posed above.
“Silent cyber,” where the risks associated with AI are not clearly defined in the policy language remain the norm and the P&C sector of the insurance industry is not moving fast enough to address these concerns. It is possible that once AI-driven cyber claims become more common insurers will move to exclude coverage within traditional P&C policies and AI-type coverages will be carved out into new insurance products.
In summation, AI calls for all elements of the business to participate in the formulation of AI processes and to carefully address the risks that AI creates. Apart from security and regulatory concerns, the introduction of AI into the decision-making process calls for holistic evaluation of all aspects of the business. For example, the contractors creating the AI tools are the central component of the AI results. These relationships must be evaluated to determine who is responsible for what piece of the risk matrix. It is essential for stakeholders contemplating the use of AI to communicate their activities to those responsible for managing insurance and risk transfer.
As with all things technical, laws, regulations and best practices are playing catch-up to reality. As much as AI can be important to the future success of the business, it must also be recognized that newness has its own inherent downside and it is incumbent on management to minimize liability through careful planning and asking the hard questions.