By Premesh Chandran

In April 2024, Air Canada learned a costly lesson.

Its website was accurate. Its policies were clear. But its artificial intelligence (AI) chatbot — trained on the same information from the site — told a customer something else. The customer relied on it, booked a ticket, and sued. The airline argued the chatbot was a separate legal entity, responsible for its own words.

The tribunal disagreed. Air Canada paid. It was a small claim, just a few hundred dollars, but it exposed something much larger: an AI system made a promise. The company had to honour it. You cannot outsource liability to a machine.

Closer to home, a Malaysian media outlet paid a six-figure penalty after publishing an inaccurate national flag generated by AI. At a global event, organisers scrambled when an AI-assisted announcer referenced former leaders instead of current ones — an international faux pas broadcast in real time.

Individually, these are contained failures. But AI does not operate at human scale. It operates at system scale.

Now, imagine the same errors multiplied. An AI system providing incorrect tax advice to thousands of clients. A credit model systematically denying loans due to biased training data. A trading algorithm misreading signals and executing flawed strategies across markets before humans can intervene.

These are no longer isolated mistakes. They are cascading failures.

The Risk Nobody Knows How to Price

Modern finance runs on risk models. Credit, market, operational — these are risks we understand because they follow patterns. AI does not.

Traditional systems are deterministic. Given the same input, they produce the same output.

However, AI systems are different. They are probabilistic engines. The same input can produce different answers. Errors are not always traceable and failures are not always explainable.

If traditional software is a calculator, AI is something else entirely — a fast, confident junior analyst — working at scale, without supervision, and occasionally wrong in ways no one fully understands.

Now, put that analyst in charge of loan approvals, compliance checks, fraud detection, customer advice. The question is no longer whether mistakes happen, but how do you price a mistake that has never happened before?

The Insurance Gap

Insurance is the quiet infrastructure of finance, like a circuit breaker in an electrical system. Invisible when things work, critical when they don’t.

But today’s insurance models were not built for AI. Professional indemnity assumes human judgement, cyber insurance assumes breaches and attacks. AI introduces a third category: autonomous error.

This raises difficult questions. If a bank deploys a flawed credit model built by a third party, who is responsible for discriminatory outcomes? If an AI-driven trading model generates systemic losses, does liability sit with the developer, the user, or both?

The result is a widening gap. Insurers are quietly excluding AI-related risks just as those risks are expanding. It’s the equivalent of building self-driving cars and refusing to insure accidents unless a human was driving.

The Illusion of Control

For now, many institutions rely on a familiar safeguard: the ‘human in the loop’. In theory, humans review AI outputs before decisions are made. In practice, this safeguard is eroding.

As AI embeds deeper into workflows — credit scoring, underwriting, compliance — the human reviewer increasingly depends on prior AI outputs. What begins as oversight gradually becomes an endorsement. It’s like a pilot monitoring an aircraft on autopilot; the better the system performs, the less the pilot intervenes. Until something goes wrong. And when it does, it is often sudden, systemic, and difficult to correct.

The result is a dangerous illusion — humans appear to be in control, while risk quietly shifts to the machine.

Turning Algorithms into Insurable Assets

A new class of insurers is stepping into this gap — not by avoiding AI risk, but by making it measurable. Their approach borrows less from traditional insurance and more from engineering.

Instead of asking what went wrong before, they ask: how does this system behave under stress?

AI models are audited like aircraft — tested for accuracy, probed for bias, and stress-tested under edge cases. From this emerges something new: insurance tied not just to outcomes, but to performance.

If a model operates within defined thresholds, coverage holds. If it deviates — if error rates spike, or bias emerges — payouts are triggered. This is not insurance against accidents, it is insurance against algorithmic underperformance. A warranty for intelligence.

A Market Taking Shape

Specialist firms are already moving into the space.

Armilla AI – backed by Lloyd’s – provides coverage of up to USD25 million; newer entrants like Testudo – which has Goldman Sachs as an early investor – offers mainly US companies up to USD9.25 million specifically for AI-related risks, covering exposures ranging from model failure to data bias and performance shortfalls.

The Artificial Intelligence Underwriting Company recently raised a USD15 million seed round to offer similar insurances covering AI use.

The structure is telling. These firms design and underwrite policies, but pass the ultimate risk to global reinsurers. Because the truth is that AI risk is too large, and too uncertain, for any single balance sheet.

Two Sides of the Same Risk

AI risk does not sit in one place; it moves across the value chain. On the supply side, developers are no longer just selling software; they are selling decision infrastructure. When their systems fail, the impact ripples across entire organisations.

On the demand side, users, especially financial institutions, carry the ultimate accountability. Regulators will not accept ‘the algorithm did it’ as a defence.

This creates a dual exposure — developers face product liability while users face operational and regulatory risk. In reality, responsibility is shared, but rarely clearly defined. AI risk, then, is not about insuring a single system. It is about insuring an ecosystem of decisions.

How AI Insurance Works in Finance

In financial services, this is already taking shape as a new stack. First, the model is audited.

Credit scoring, fraud detection, and trading systems are tested for accuracy, bias, and robustness.

Second, risk is verified independently. A third-party view establishes how the system behaves under stress.

Third, insurance is layered on top, covering both liability and performance guarantees.

Finally, risk is distributed globally, through reinsurers who absorb systemic exposure.

Different approaches are emerging. Some focus on deep technical audits and continuous monitoring, while others model risk based on litigation data and precedent. Both are trying to answer the same question: how do you turn uncertain AI behaviour into something that can be priced, traded, and transferred?

The Flywheel That Follows

Once that happens, something powerful begins — banks deploy AI more confidently, data on performance and failure improves, insurance pricing becomes more accurate, costs fall as uncertainty declines and finally, adoption accelerates.

We’ve seen this before: marine insurance enabled global trade, deposit insurance stabilised banking, and derivatives allowed risk to be hedged and scaled.

Each time, risk management did not slow innovation — it unlocked it. AI insurance sits in that same lineage.

A Strategic Role for Banks

So far, most banks are treating AI cautiously, as a tool to be tested, contained, and gradually deployed. This is understandable, but it is also limiting. Banks are not just consumers of risk frameworks. They are builders of them.

This is a moment for the financial sector to lead. To finance the emerging ecosystem of AI assurance and insurance, to integrate risk transfer into their own AI deployments, to define what ‘trustworthy AI’ means in financial terms.

Because the real constraint on AI is not capability. It is confidence. And confidence, in financial systems, is built on one thing — someone willing to stand behind the risk.

The Bottom Line

AI will fail. That is not the question. The question is: who absorbs the failure? Without insurance, institutions will slow down or carry risks they do not fully understand.

With it, something different happens. Risk becomes measurable, transferable, and tradable. Once that happens, innovation accelerates.

The banking sector has a choice. It can sit back and adapt to AI, or it can do what it has always done best — price risk, move it, and in doing so, expand the frontier of what is possible.

Because in the end, AI will not scale on intelligence alone. It will scale on trust.

The institutions that finance that trust, and insure it, will not just manage the future. They will profit from building it.

Premesh Chandran is the co-founder of Malaysiakini and Awatar Innovations, a company focused on AI-driven software innovation. He writes about how risk, power, and accountability shift in the age of artificial intelligence, focusing on the institutions — from newsrooms to banks — that will define trust in an AI-driven world.