·3 min read·Agency Play #93

You've been shipping AI-assisted work for two years. Your insurance policy still thinks you haven't. Here's the AI coverage-gap audit that finds out before a claim does.

by Ayush Gupta's AI

Delivery & OperationsHigh pain·3-4 hours plus broker turnaround time to implement

The problem

Your professional liability policy was almost certainly written and last renewed without anyone asking how much of your delivery work now runs through AI. Insurers have started adding AI-specific exclusions and sublimits to E&O and tech-E&O policies, and most agency founders have no idea whether their current policy still covers a claim that traces back to an AI-generated error: a hallucinated stat in a client report, AI-written copy that lifts language too close to a competitor's, AI-assisted code that ships a vulnerability. Nobody finds out the answer until a claim gets denied.

Web dev agenciesSEO agenciesContent agenciesMarketing agenciesAutomation agenciesFull-service digital agencies

The fix

Run a structured coverage-gap audit against your actual policy wording, get a specific written answer from your broker or insurer about AI-originated claims, and close whatever gap turns up with an endorsement, a carrier switch, or a documented internal control that reduces the exposure the policy won't cover.

The Playbook

1

Pull the actual policy wording, not the broker's summary

The one-page declarations sheet or the broker's renewal email is not the policy. Get the full policy document and read the exclusions section and the definition of 'insured services' directly. Look specifically for language mentioning artificial intelligence, machine learning, automated tools, or generative technology, and note whether it's an exclusion, a sublimit, or silent on the topic entirely. Silence is not the same as coverage.

2

Build a plain-language inventory of every AI touchpoint in delivery

You can't ask an insurer to confirm coverage for exposure you haven't named. List every place AI plays a real role in what actually reaches a client: drafted copy, generated code, research and stats pulled into reports, images or design assets, summarized client communications. Be specific about which of these could plausibly cause a claim if the AI output was wrong, infringing, or defective.

You are helping me build an AI-touchpoint inventory for an insurance coverage review.

I'm going to describe how AI is used across our agency's delivery work.

Your job:
1. Organize the inputs into categories (content, code, design, research/reporting, client communication)
2. For each category, identify the specific failure mode that could turn into a client claim (factual error, IP issue, security defect, reputational harm)
3. Rank each touchpoint by how directly it could lead to a claim if the AI output was wrong and nobody caught it
4. Flag any touchpoint description that's too vague to hand to an insurance broker as-is

Description of how we use AI in delivery:
[PASTE DESCRIPTION HERE]
3

Send the insurer a specific written question set, not a general 'are we covered' ask

A verbal 'yeah you should be fine' from a broker is worth nothing in a claim dispute. Turn the touchpoint inventory into concrete what-if scenarios and require a written answer for each one: an AI-drafted report cites a wrong statistic that leads to a bad client decision, AI-generated copy is flagged for infringing existing IP, AI-assisted code ships a vulnerability that gets exploited. Put the questions in an email, not a call.

Turn this AI-touchpoint inventory into a specific written question set for our insurance broker.

Touchpoint inventory:
[PASTE INVENTORY FROM STEP 2]

For each touchpoint, write one concrete claim scenario (what went wrong, who was harmed, roughly what it cost) and a direct yes/no question asking whether our current policy would respond to that specific scenario.

Format as a numbered list ready to paste into an email to our broker. Tone: professional, direct, expects a written answer, not a reassurance.
4

Cross-reference the broker's written answer against the actual exclusion clauses

Don't accept 'you're covered' without seeing where in the policy that's true. When the broker or insurer responds, hold their answer up against the specific exclusion and definitions language from step 1, paragraph by paragraph. A confident answer that doesn't map to specific policy language is not an answer.

Compare this broker's written response against the actual policy exclusion and definitions language and flag any mismatch.

Broker's written response:
[PASTE RESPONSE]

Relevant policy exclusion and definitions clauses:
[PASTE POLICY LANGUAGE]

For each claim scenario the broker addressed:
1. Does the policy language actually support their answer?
2. Is there a gap, a sublimit, or vague wording that weakens the answer?
3. What specific policy amendment or endorsement would close the gap, if one exists?
5

Close every real gap, and put a recheck on next year's renewal date

Where a gap is confirmed, get a written endorsement that names AI-assisted work explicitly, or get quotes from carriers who already underwrite for it. Where a gap can't be closed at a price worth paying, reduce the exposure directly: tighten client-facing disclosure language, add a human review step before AI-touched deliverables ship, and document both. Insurance underwriting on this is moving fast, so put an actual reminder on the renewal date to run this audit again instead of assuming last year's answer still holds.

What changes

The founder knows in writing, not in hope, whether an AI-originated claim is actually covered, has real leverage to negotiate an endorsement or switch carriers instead of discovering the gap during a denied claim, and treats renewal as an active check instead of an autopilot signature.

Ask most agency founders what their E&O policy actually says about AI-generated work, and you'll get a shrug. Not because they're careless, but because nobody has asked them the question before, including their broker.

That's the problem. The policy was written, and probably last renewed, back when "delivery" meant a human wrote the copy, a human wrote the code, a human pulled the research. AI now touches most of that work in most agencies, and the insurance conversation hasn't caught up.

The gap isn't hypothetical anymore

Insurers aren't ignoring this. Tech E&O and professional liability carriers have started adding AI-specific exclusions, sublimits, and narrower definitions of "insured services" into new and renewed policies, precisely because claims involving AI-generated errors are showing up. A hallucinated statistic in a report that drove a bad client decision. AI-written copy that landed too close to someone else's IP. AI-assisted code that shipped with a vulnerability nobody caught before launch. Every one of those is a plausible claim, and every one of those is exactly the kind of claim an AI exclusion is designed to deny.

The agencies at risk aren't the ones behaving recklessly with AI. They're the ones who never checked whether their coverage moved when their delivery process did.

"We have E&O insurance" is not the same claim as "our E&O insurance covers AI-originated errors." Only one of those is something you can actually verify, and most founders have never tried.

Why a verbal "you should be fine" isn't an answer

Brokers are not being dishonest when they say a policy should cover something. They're often working from a general read of the policy, not a scenario-specific one, and definitely not a written commitment they'd stand behind in a dispute. When a claim actually comes in, what matters is the exclusion language on the page, not what anyone said on a call eighteen months earlier.

That's why this audit has to produce something in writing: specific scenarios, specific questions, specific answers, checked against specific clauses. Anything less is just a more expensive version of hoping.

The fix is boring, which is exactly why nobody's done it

This isn't a strategic project. It's a few hours of reading policy language, naming the actual AI touchpoints in delivery, and forcing a written answer instead of accepting a reassuring tone. The reason most agencies haven't done it isn't difficulty, it's that insurance review sits at the bottom of every founder's list until the moment a claim makes it urgent, and by then it's too late to negotiate anything.

Bottom line

AI changed what your agency actually delivers. There's a real chance your insurance policy hasn't been updated to match, and the only way to find out is to ask the specific question in writing and check the answer against the actual clause. Do that once a year, starting now, and a denied claim never becomes the way you find out your coverage was already a step behind your delivery process.

Tools in this play

More agency plays every week.

Real workflows for agency founders, not generic AI advice.

Subscribe