Navigating agentic AI in insurance–

Unread Leave a comment

https://www.financialexpress.com/opinion/navigating-agentic-ai-in-insurance/4255865

India has regulatory intent, but the framework for AI, specifically agentic AI liability and insurance coverage, have not yet been built

June 1, 2026 00:58 IST

Trusting Untrusted Workers: How to Architect Cybersecurity Cover for Agentic AI Liabilities
Trusting Untrusted Workers: How to Architect Cybersecurity Cover for Agentic AI Liabilities

As businesses embrace AI and identify use cases to enhance their product/service propositions, improve efficiency, and strengthen decision-making, they need to regularly evaluate the risks and manage them. Where their first line of defence fails, particularly in regard to cybersecurity, they seek reimbursement of losses by way of cybersecurity liability covers from insurance firms.

As more and more use cases gravitate towards the use of agentic AI, the risks change and so does the risk and mitigation management. This article discusses the possible first line of defence and examines the aspects of insurance-supported mitigation.

Agentic AI is AI that acts, not just answers, and therefore it is a worker and not an assistant. It requires proper planning — breaking goals into sub-tasks, memory-retaining context across multiple steps, and using tools to interact with the world beyond generating text. Together these enable autonomous goal-directed behaviour. This is where evaluating the risks, designing controls, and conducting regular vulnerability assessment begins.

The governing principle should be to treat each agent as an untrusted actor. This is the most important mindset shift. Most businesses extend implicit trust to their agentic systems because they built or configured them. The control measures to manage risks include identity and access with the least privilege architecture and this principle extends to database access specifically. Then there should be human-in-the-loop controls for irreversible actions or decisions.

STORIES YOU MAY LIKE

The third control is prompt injection defence — the agentic AI equivalent of SQL injection and unfortunately the most underappreciated risk in enterprise deployments. When an agent reads external content — a webpage, email, document, database record — that content can contain instructions designed to hijack the agent’s behaviour. A malicious actor who knows a company uses an AI agent to process supplier invoices could embed hidden text in a PDF that instructs the agent to redirect payments.

The fourth measure is the observability and immutable audit logging. Logs should capture the full decision chain. The fifth control could be the sandboxed execution. Then there should be database-specific protections. Database activity monitoring tools should sit independently of the application layer. There is an emphatic use of controls for vendor and supply chain risk. Third-party tools and plugins should be explicitly whitelisted. There should be incident response planning specific to agentic AI. Last but not the least is the governance structure.

Now let us examine the insurance covers available for agentic AI liability. The subject has drawn the attention of tool developers, businesses, deployers, regulators, and insurers. The European Union (EU) has moved furthest and fastest, creating a binding legal architecture that directly shapes insurance obligations. It started with the AI Act which came into force in August 2024. Thereafter, governance obligations for general purpose AI (including agentic) models became applicable in August 2025.

The full obligation for high-risk AI systems — which are most relevant to insurance — will take effect from August 2. For agentic AI specifically, the Act’s prohibitions on harmful manipulation apply immediately (August 2024). If an AI agent classifies as a high-risk system, it faces additional requirements around safety, trustworthiness, logging, conformity assessments, and post-market monitoring.

ALSO READ

The new EU Product Liability Directive, to be implemented by December, explicitly includes software and AI as products. This enables strict liability — liability without proof of fault — where an AI system is found to be defective. This is a game changer. An organisation, for instance, can face civil claims for breach of statutory duty including laws prohibiting discrimination.

Singapore stands out as the most forward-thinking jurisdiction on agentic AI. Its Infocomm Media Development Authority released the world’s first model AI governance framework specifically addressing agentic AI in January. It introduces several genuinely novel concepts: Agent identity cards — a standardised disclosure format specifying capabilities, limitations, authorised action domains, and escalation protocols; a five-tier graded autonomy taxonomy. So for insurance, Singapore’s Monetary Authority has been encouraging insurers to develop coverage products that map to this autonomy taxonomy.

Compared to these advanced jurisdictions, India is approximately where the EU was in 2022. The regulatory intent is present, the direction is right, but the framework for AI — specifically agentic AI liability and insurance coverage — have not yet been built. The infrastructure and governance foundation on which agentic AI-specific requirement can eventually be built are now available.

Against this backdrop, Indian businesses seeking insurance cover for mitigation of the risk remains open and tied up to the policy contracts between them and insurers. Pricing for the agentic AI liability risk is evolving and could be very subjective, and have serious implications when losses are claimed by businesses.

Evidencing controls, particularly in agentic AI, is fundamentally hard. This is because the attack surface is dynamic and non-deterministic. An AI agent is constantly making decisions, calling tools, querying databases, writing data, and interacting with external APIs — often simultaneously across systems. Then again, the responsibility to test controls regularly is distributed across multiple principals, and as is often seen, controls may exist on paper but not active during the incident.

There is a way in which businesses can evidence controls, particularly when losses have to be claimed. Most progressive insurers in India have a panel of experts, who have a deep understanding of the malicious attacks and threat actors behind it. They also offer assistance to policyholders to mitigate or minimise the losses. This service therefore is a win-win for both the business and insurer to contain risk or loss.

ALSO READ

There is a particular benefit for the business policyholder to engage with one of these panel experts when incidents happen. The expert can evidence the controls and their root-cause analysis will assist corporates in claiming the loss amount from the insurer. There is however one flaw in this arrangement. A close look reveals that at least some of the experts of all the major insurers have the skills and expertise to assist the company in AI risk mitigation. For agentic AI deployment, they have inadequate skills and experience.

Agentic AI deployment is an underdeveloped subject in India and will evolve. We are known for our entrepreneurship and ability to adapt and leapfrog. With assistance from policymakers in designing statutes and regulators in providing right guidelines, India will hopefully emerge as a major AI developer and user.

The author is the Managing Partner, Ashvin Parekh Advisory Services LLP

Disclaimer: The views expressed are the author’s own and do not reflect the official policy or position of Financial Express.

This article was first uploaded on June one, twenty twenty-six, at fifty-eight minutes past twelve in the am.

© The Indian Express (P) Ltd

Leave a Reply