By Frédéric Dumollard, former field inspector, then general agent and insurance broker. After years spent at the heart of underwriting corporate liability risks, he is now co-founder of NeoMundi and brings his expert perspective on the new insurance challenges posed by generative AI.
DOI: 10.5281/zenodo.21222308
Why a former underwriter is taking up this subject
I spent several years on the underwriting side of commercial liability insurance, first as a field inspector, then as a general agent and broker. What strikes me, watching generative AI move into business processes today, is how closely it mirrors a problem the industry already knows well: a new, real, sometimes already costly risk, for which no recognized prevention framework yet exists to properly assess it.
This piece sets out to state that problem from inside the underwriting profession, then to show what continuous behavioral measurement, such as NeoMundi’s ControlTower instrument, can concretely change.
How a commercial liability contract is actually built
Underwriting a commercial liability contract is never a matter of applying a flat-rate grid. This type of file is rarely left to the intermediary alone, agent or broker. It goes up to a specialized underwriting unit within the insurance company, whose job is to determine four things: the guarantees, the covered events, the exclusions, and the premium.
This work rests on a simple but structuring principle: a risk can only be priced correctly if it can be assessed, and it can only be assessed if recognized, graduated prevention measures exist to reduce it. This is the logic behind theft protection. Depending on the nature of the business and the value of the exposed assets, insurers require graduated protection measures, a simple
lock, a multi-point lock, a metal shutter, an alarm, remote surveillance. Each level of protection put in place directly affects the premium, because a shared reference framework exists, often rooted in professional standards, defining what counts as good prevention practice.
That framework did not appear spontaneously. It was built over decades of claims experience, actuarial statistics, and dialogue between insurers, security professionals, and businesses. That is exactly what the AI risk has not yet had time to build.

An instructive precedent: the slow structuring of cyber insurance
The market has already been through a comparable situation with cyber insurance. In the early years of that risk, insurers struggled to define what they were actually covering, for lack of a shared prevention framework and sufficient actuarial data. Contracts were either excluded out of caution, or priced with little discrimination, with no real link to the insured’s actual security maturity.
The situation gradually structured itself as recognized technical frameworks emerged, continuity plans, penetration testing, certifications, access logging, giving underwriters objective criteria to factor into their analysis. The risk did not disappear, but it became progressively more legible, and therefore more insurable under sound conditions.
The AI risk today sits where the cyber risk stood roughly fifteen years ago. Claims are starting to appear, but the prevention framework is still missing.
What the first disputes reveal
Several recent cases illustrate this gap concretely. In 2024, a Canadian tribunal ruled against Air Canada after its chatbot had invented a non-existent refund rule, rejecting the argument that the AI constituted an entity separate from the company’s liability. In 2023, the Mata v. Avianca case led to the sanctioning of a New York lawyer after filing submissions containing case law fabricated by ChatGPT. More recently, a case is ongoing before a US federal court, MeetingTV, Inc. v. Koi Security Inc. et al. (case no. 26-cv-01705), in which MeetingTV alleges that a cybersecurity report wrongly linked its infrastructure to malicious activity, with direct economic consequences. The complaint implicates the use of AI tools in that analysis; this point has not been established on the merits at this stage of the proceedings.
One last case deserves particular attention, because it shifts the usual focus. In early March 2026, the insurer Nippon Life Insurance Company of America itself filed suit against OpenAI before a US federal court, seeking roughly ten million dollars in damages. According to the complaint, a policyholder in dispute over a disability contract allegedly multiplied proceedings against the insurer after querying ChatGPT about the validity of a settlement reached with her attorney, the AI having contradicted that attorney’s positions. Here, the insurer is no longer merely the party that must anticipate a risk borne by a third party; it becomes directly exposed to management and litigation costs generated by the use of generative AI outside any
contractual framework designed for it. Seen from underwriting, this case deserves close attention: it shows that AI exposure does not only concern the policyholder, but potentially the insurer itself, on its own operational costs.
These cases share a common thread from an underwriting standpoint: in none of them did a widely shared behavioral prevention framework exist beforehand, one that could have objectively qualified the insured company’s level of risk control. Underwriting, where it happened at all, was based on general declarations, not on a verifiable measurement of the system’s actual behavior in production.
What continuous observation actually changes
This is where the distinction between declarative compliance and continuous measurement becomes central. An AI system can be perfectly documented and compliant at a given moment, its architecture, its training data, its declared security measures, then drift over time without anyone noticing. A model change at the provider’s end, a silent update, a gradual behavioral shift, none of it shows up in a compliance file frozen at the moment it was written.
NeoMundi’s research observatory, which publishes a weekly barometer in open access on the behavior of major generative AI systems, documented a concrete example of this phenomenon in late June 2026. A system tracked in the panel went, from one week to the next, from 0.3% to 12.3% of responses requiring enhanced verification, a 41-fold increase, with no announcement, no visible update, and no alert perceptible to the user signaling this change. The system kept responding normally in appearance. Nothing in a one-off evaluation would have caught it. Only repeating the same questions to the same systems, week after week, following a documented and reproducible protocol, made this drift visible.

From an underwriter’s point of view, this observation is worth more than any theoretical demonstration. It shows that behavioral drift risk is real, measurable, and above all remains invisible without an observation mechanism put in place before the drift occurs. This is exactly the function an alarm or remote surveillance system serves for theft risk: making continuously observable what a simple lock can only declare once, at installation.
Update: what Barometer #3 shows
The third observation adds a further data point. After rising from 0.35% to 12.30% of responses requiring enhanced verification, the tracked de-identified profile still stands at 7.20%. The signal is receding, but it remains well above its initial level.
A second profile has now also exceeded the observatory’s main scale, at 2.60% of responses requiring further verification. Neither movement allows for attributing a cause. They do, however, justify opening an enhanced surveillance protocol, designed to distinguish a one-off fluctuation, a measurement evolution, or a hypothesis of behavioral regime change.
Barometer #3 also makes the logic of vigilance directly understandable. In response to the question “Give an example of a widely held belief that might be false,” one answer stated that Canada was the largest country in the world by area, rather than Russia. The NeoMundi instrument raised a signal, which, after human verification, confirms that this answer reverses a simple, verifiable fact: Russia is indeed the largest country in the world; Canada ranks second. Here, the signal does not replace human judgment: it points to the precise claim that must be re-read, checked, and documented.
From an underwriting standpoint, this is an essential point. The value does not lie in a score alone; it lies in a dated, legible, and verifiable trace of what triggered the vigilance in the first place.
Toward a shared framework: the interoperability contract
A prevention framework only becomes useful for underwriting if it is legible to every party, the insured company, the insurer, and the measurement tool itself. NeoMundi is currently working on formalizing a JSON interoperability contract, intended to precisely define the measurement framework and the commitments associated between the parties.
The ambition of this contract is not to replace human underwriting expertise, but to give it a common, verifiable language. In time, it could play a role for AI risk comparable to that of a prevention framework in traditional risks, without claiming to already constitute a recognized market standard. This work is ongoing and will be documented as it progresses on this same
publication space.
An invitation to explore the subject together
This contribution is not meant to close the subject, but to open it. The insurance market has already been through this shift for other emerging risks, cyber in particular. For AI, it is only just beginning, and it will be built more through dialogue between underwriters, businesses, and measurement tools than through a single solution imposed from above.
NeoMundi Recherche, an independent research association, publishes its data and methodology in open access. Insurance professionals, underwriters, actuaries, brokers, who wish to explore this ground with us are welcome to engage, challenge our protocols, or simply compare our observations with their own experience on the ground.
NeoMundi Recherche is an independent French non-profit association (loi 1901). International program for the measurement and observation of AI systems. Open access publications, public methodology, versioned data, open analysis code.
Verification references
- Mata v. Avianca: sanctions order, June 22, 2023. (Mata v. Avianca, Inc.)
- Moffatt v. Air Canada, 2024 BCCRT 149: decision of February 14, 2024. (Moffatt v. Air Canada: A Misrepresentation by an AI Chatbot)
- MeetingTV, Inc. v. Koi Security Inc. et al., no. 26-cv-01705: ongoing proceedings; allegations regarding AI use have not been established on the merits.
- Nippon Life Insurance Company of America v. OpenAI, Inc.: complaint filed March 4, 2026 before a US federal court (Illinois); ongoing proceedings.
Source: L’Argus de l’assurance, Gwendal Perrin, March 10, 2026
