Your team shipped AI agents last quarter. One handles code review, another triages support tickets, a third drafts Slack replies to clients. The vendor dashboard glows green. Nobody consulted legal. Life is calm.
Until it isn't. An agent merges a breaking change at 3am. Another sends an incorrect billing figure to a client. The postmortem starts — and the uncomfortable discovery follows: nobody is contractually responsible for the damage. Not the AI vendor. Not your insurer. Just you.
The April agent wave — and the fine print beneath it
In the first half of April 2026, the three largest AI platforms each launched or expanded autonomous agent infrastructure — and each quietly drew the same liability line.
On April 8, Anthropic launched Claude Managed Agents — a hosted API (a way for programs to talk to each other) for deploying autonomous AI agents on Anthropic's cloud. Standard terms apply: Anthropic caps liability at $100 or six months of fees, whichever is greater. Anthropic disclaims all warranties — including fitness for purpose, accuracy, and reliability.
Days earlier, on April 5, The Register reported that when The Register asked them directly about their liability positions, Microsoft and SAP refused to comment, while Workday, Salesforce, ServiceNow, and Oracle didn't respond at all.
The pattern had been forming for weeks. On April 1, GitHub expanded its Copilot cloud agent to handle autonomous research, planning, and coding. A March 25 terms-of-service update replaced Copilot-specific language with broader "GitHub Generative AI Services Terms" — and notably removed a dollar cap for defending third-party claims. OpenAI's terms follow the same playbook: liability capped at $100 or twelve months of fees, everything else is "use at sole risk."
Three vendors. Three disclaimers. One consistent message: we provide the tool, not the judgment.
Malcolm Dowden, senior technology lawyer at Pinsent Masons, told The Register that both sides are essentially "trying to establish the other as the liable party."
The insurance side of the gap
Here's where it gets structural.
While vendors spent early 2026 shipping agent platforms, the insurance industry built walls. In January 2026 — three months before the April agent launches — ISO/Verisk exclusions CG 40 47 and CG 40 48 took effect. These optional endorsements (add-on clauses to standard policies) let carriers attach broad AI exclusions to commercial general liability policies. CG 40 47 excludes bodily injury, property damage, and personal injury claims linked to generative AI — the umbrella term for systems like ChatGPT, Claude, and Copilot that generate text, code, or media.
On April 13, law firm Pillsbury published an analysis confirming that AI exclusions now appear across CGL, professional liability, and D&O policies, with language broad enough to bar any claim with even a remote AI connection.
So the vendor says: "not our problem." The insurer says: "not covered." And the enterprise sits in the middle.
The numbers that should worry legal departments
Just before the April agent wave, on April 2, Gartner issued guidance urging General Counsel to assess AI insurance coverage gaps immediately — guidance that now reads as prescient given what shipped the following week. Their predictions: over 2,000 "death by AI" legal claims by end of 2026, and more than $10 billion in remediation costs from unlawful AI-informed decisions by mid-2026.
Meanwhile, according to Jones Walker LLP, 88% of AI vendor contracts cap liability at the monthly subscription fee. Only 17% provide regulatory compliance warranties. And 78% of organizations already deploy or pilot agentic AI — agents capable of taking autonomous actions without human review.
In February 2026 — weeks before Anthropic and GitHub would ship their agent APIs — law firm Clifford Chance put it plainly in their briefing: suppliers typically provide this software on an "as is" basis, disclaiming responsibility for accuracy, reliability, and fitness for purpose — and that leaves customers without a clear legal pathway to recover costs.
People are building fixes — slowly
The gap is real enough that researchers are already engineering around it. On April 8, Fortune reported on the Agentic Risk Standard (ARS) — a financial protection framework that researchers from Microsoft Research, Columbia University, Google DeepMind, and others built. ARS introduces escrow vaults (locked funds released only when conditions are met) and collateral requirements for AI agent transactions — essentially rebuilding what clearinghouses do for traditional finance.
And there's a market forming: Armilla AI, the first Lloyd's of London coverholder for AI liability, raised $25 million in January 2026, offering up to $25M per organization in coverage that explicitly includes hallucinations — when an AI confidently produces wrong information — agent failures, and AI regulatory violations. Startup Nava raised $8.3 million on April 14 to build trust infrastructure for autonomous AI payments.
But these are early, niche solutions. The vast majority of enterprises deploying agents today have neither specialized AI insurance nor updated vendor contracts.
The tradeoff you can't ignore
The tension is real. Pausing agent deployment for legal review kills the productivity advantage that justified the tool in the first place. But deploying without coverage turns a single AI-caused production incident into a potentially existential event — especially for companies without deep balance sheets.
Mayer Brown argued in February — anticipating exactly the kind of autonomous agent APIs that arrived in April — that agentic AI contracts must shift from SaaS (software-as-a-service) boilerplate to BPO-style (business process outsourcing) service agreements, with supervision requirements, human-in-the-loop provisions, and audit rights.
What to do before Monday
Before enabling any autonomous agent feature, pull two documents your engineering team never reads: the vendor's liability disclaimer and your commercial insurance policy's AI exclusion clause. The gap between them is your company's actual risk exposure. ⚙️
If that gap is wide — and for most organizations as of April 2026, it is — you now have a concrete item for your next leadership meeting that isn't about productivity metrics.
The deployment veto moved
The AI agent landscape shifted in April 2026, but not the way most teams noticed. The real shift wasn't technical — it was contractual. The first agent platform that ships with a built-in liability backstop, or partners with an insurer to offer agent error coverage, will own enterprise procurement. Because legal departments, not engineering teams, now hold the deployment veto. 🫶
And that, quietly, changes everything about who wins the agent race.
