Armilla and the Lloyd's Coverholder Model: What European Enterprises Need to Know About AI Agent Coverage

The first question most European risk managers ask about AI agent insurance is not "which product should we buy?" It is "which market can actually write this risk?" The answer, for the moment, is short. Among the handful of insurers that have published AI-specific wordings, Armilla stands out for having formalised its relationship with Lloyd's of London through a coverholder structure, giving it access to the deepest pool of specialist insurance capital in the world.

This piece explains what a Lloyd's coverholder actually is, how Armilla uses that structure to write AI agent coverage, what the product covers and what it excludes, and what a European enterprise needs to prepare before submitting for assessment. It draws on Armilla's published documentation, the Lloyd's market framework, and the two pieces of EU legislation that will shape any coverage claim made by a European policyholder.

What a Lloyd's coverholder is and why it matters for AI insurance

Lloyd's of London is the world's largest specialist insurance and reinsurance market. It is not itself an insurance company. It is a market where syndicates of capital providers underwrite risk through managing agents, operating under Lloyd's oversight and governance. A buyer seeking coverage at Lloyd's would ordinarily work through a Lloyd's broker, who places the risk with one or more syndicates. The syndicates accept or decline, set terms, and hold the risk on their capital.

A coverholder is a different route into the same capital. A company that has been granted coverholder status by Lloyd's has received delegated underwriting authority from one or more syndicates. It can accept risk and bind coverage on their behalf, within limits set out in a binding authority agreement, without the buyer needing to go through a Lloyd's broker or approach the syndicate directly. The risk still ultimately sits with the syndicate. The coverholder earns a commission for its underwriting service. From the buyer's perspective, the practical difference is speed and access: a coverholder can issue a policy backed by Lloyd's capital in a fraction of the time a direct syndicate placement would take.

For AI insurance specifically, the coverholder structure is significant because it allows a specialist firm with deep technical knowledge of AI systems to act as both underwriter and evaluator. The insurer is not separate from the technician making the assessment. Armilla's team assesses the AI system, determines whether it meets the criteria set out in the binding authority, and issues or declines the policy accordingly. The Lloyd's syndicates set the capital limits and the underwriting criteria. Armilla applies them case by case.

How Armilla became a Lloyd's coverholder for AI risk

Armilla is headquartered in Toronto, Canada. It was founded with the explicit purpose of creating insurance products designed for AI systems, at a time when the established market had no systematic answer to the problem. Its entry into the Lloyd's market as a coverholder reflects a broader pattern in specialist risk: where the established market lacks the technical capability to underwrite a new class of risk, it delegates authority to a specialist firm that does.

Armilla's binding authority from Lloyd's gives it the ability to write AI coverage up to the limit set in the binding authority agreement. In January 2026, Armilla raised the per-company coverage limit available under its programme to USD 25 million. That figure is the headline limit for a single insured entity under the current binding authority. It does not represent the ceiling for all placements in the market; larger or more complex deployments would typically require a direct Lloyd's broker placement rather than a coverholder submission.

The significance of the coverholder relationship extends beyond the capital figure. Lloyd's operates under the oversight of the Prudential Regulation Authority and the Financial Conduct Authority in the United Kingdom, and maintains a network of overseas licences that allow policies to be written in a large number of jurisdictions. A policy bound by an Armilla coverholder is a Lloyd's policy, carrying that market's claims-paying reputation and its regulatory standing across markets.

In parallel with its Lloyd's relationship, Armilla has partnered with Trustible, an AI governance platform, to offer an integrated solution combining end-to-end AI risk management with liability coverage. The partnership is structured so that an organisation using Trustible's governance tooling can move more directly into Armilla's underwriting assessment, with the governance artefacts the platform produces serving as submission evidence. This matters for European enterprises because it creates a path from compliance documentation to insurance submission that does not require rebuilding artefacts from scratch for two separate processes.

Armilla's coverage framework: what is included, what is excluded

Armilla's AI policy addresses liability arising from the performance or failure of an AI system. The coverage sits within a broader classification of technology errors and omissions, adapted for the specific characteristics of AI-generated output and autonomous AI action. The published policy form addresses third-party claims arising from incorrect, harmful, or unexpected AI outputs, and extends to the costs of defence, settlement, and corrective action.

The inclusions as documented cover scenarios including financial loss caused by AI-generated content that is factually incorrect or misleading, data privacy breaches caused by AI system behaviour, intellectual property infringement arising from AI-generated output, and liability for autonomous decisions made by the system within its defined scope. Those categories broadly track the framework described in the Agent Insured coverage reference, though Armilla's specific policy schedule will govern for any actual placement.

The exclusions are explicit on two categories of application. Armilla does not currently offer coverage for AI systems deployed in medical diagnostics or mental health applications. These exclusions reflect the elevated and less tractable risk profile of those domains, where the causal chain between AI output and patient harm is complex and where regulatory oversight creates additional liability exposure that the current binding authority does not accommodate. European enterprises in those sectors should not expect to use this programme and will need to seek specialist medical malpractice or health technology cover instead.

Beyond the sector exclusions, the policy form applies standard conditions that will be familiar from errors and omissions cover: actions taken outside the defined scope of the AI system are excluded, deployments lacking the required audit telemetry are excluded, and known defects that were not disclosed at the time of submission are excluded. The operative word is "known": Armilla's pre-coverage assessment is designed in part to surface defects before coverage is bound, so that the boundary between known and unknown is established clearly.

The testing process: how Armilla evaluates AI systems before offering coverage

The evaluation process is what distinguishes Armilla's approach from that of a conventional underwriter applying a paper-based questionnaire to a risk it cannot directly inspect. Before any coverage is offered, Armilla conducts technical testing of the AI system being submitted. The assessment covers vulnerability identification, output reliability under adversarial inputs, and the system's behaviour at the boundary of its defined scope.

Alongside the technical testing, Armilla evaluates the submitting organisation's compliance with ISO risk management standards applicable to AI systems. The relevant frameworks include ISO/IEC 42001, the AI management system standard published in 2023, and ISO/IEC 27001, the information security management standard, where the deployment involves handling of personal data or sensitive corporate information. Organisations that have already pursued certification against these standards will find the submission process materially shorter, because the audits required for certification overlap substantially with the documentation Armilla requires.

The output of the evaluation is a risk assessment that informs both the decision to offer coverage and the terms on which coverage is offered. A system with a clean assessment, documented governance, and ISO-aligned management practices will receive a more favourable pricing signal than one with identified vulnerabilities or governance gaps. Armilla has stated publicly that the testing process is not designed to exclude clients but to price risk accurately and to identify what remediation is required before coverage can be bound.

For European enterprises, the evaluation process serves a secondary function beyond insurance: the artefacts it produces, and the gaps it identifies, feed directly into compliance preparation for the EU AI Act. Article 9 of Regulation 2024/1689 requires high-risk AI system operators to maintain a risk management system. The documentation Armilla asks for is the same documentation that a conformity assessment body will review under the Act. Preparing once for both purposes is substantially more efficient than treating them as separate workstreams.

Coverage limits and pricing signals from the 2025 to 2026 market

The USD 25 million per-company limit that Armilla established in January 2026 is the clearest public pricing signal available in the AI agent insurance market. It reflects the current appetite of the Lloyd's syndicates backing the binding authority and should be read in the context of the risk profile of the deployments Armilla has assessed to that point, which tend to be enterprise software deployments rather than high-stakes autonomous systems in regulated sectors.

The figure is not a ceiling across the market. The Lloyd's market can write substantially larger lines for well-governed risks through direct syndicate placement. But for the majority of European enterprises with AI agent deployments in internal operations, customer service, procurement, or document processing, a USD 25 million limit is likely to be adequate for the first policy period. It is a starting point, not an upper bound.

Pricing in the current market is not publicly disclosed at a per-policy level. The signals from the 2025 cohort of placements suggest that underwriters are pricing against four primary variables: the breadth of the deployment scope, the quality of governance documentation, the outcome of the technical evaluation, and the degree of human oversight retained in the workflow. Narrow scope, strong governance, a clean technical assessment, and meaningful human oversight correlate with lower premiums. Broad scope, thin documentation, identified vulnerabilities, and fully autonomous operation correlate with higher premiums or a decline.

One implication for European enterprises is that the investment required to prepare a clean submission is not a sunk cost. The same governance artefacts, scope documentation, and technical evidence that produce a favourable insurance submission will also satisfy the conformity documentation requirements under the EU AI Act for high-risk systems and will support the burden-shifting provisions of Directive 2024/2853, which from December 2026 will expose producers and deployers of AI software to strict liability for damage caused by defective products.

The Agentic Liability Monitor tracks pricing developments and product announcements as they emerge from Lloyd's and the wider specialist market.

What European enterprises need to prepare before approaching Armilla or Lloyd's

The preparation requirements for an Armilla submission can be grouped into four areas. Each area has a direct counterpart in EU compliance preparation, which means the work serves both purposes.

ISO risk management alignment. Organisations that have not yet assessed their AI deployments against ISO/IEC 42001 should treat this as the first step. The standard provides the management system framework that Armilla uses as a reference for evaluating governance maturity. A full certification is not a prerequisite for submission, but evidence of structured engagement with the standard, including a gap analysis, a documented risk register, and assigned ownership of AI governance, will support both the insurance submission and the Article 9 risk management documentation required under the EU AI Act.

Deployment scope definition. Each AI system being submitted for coverage needs a written scope document that specifies what the system is authorised to do, what classes of decision it is authorised to make, what data it can access, and what human oversight is applied at what points in the workflow. A vague scope produces vague coverage and is likely to produce a less favourable underwriting result. The scope document is also the foundation for the post-incident analysis that will determine whether a claim falls within or outside the coverage terms.

Audit telemetry infrastructure. Armilla's policy requires that audit telemetry be retained for the period specified in the policy schedule. This means a tamper-evident record of inputs, system decisions, and outputs at a level of granularity that allows the chain of causation to be reconstructed during a claim. Organisations that have not yet built telemetry infrastructure into their AI deployments should prioritise it. The absence of telemetry is both a coverage exclusion trigger and a practical obstacle to defending any claim, whether under the insurance policy or under the product liability regime introduced by Directive 2024/2853.

EU regulatory context documentation. A European enterprise submitting for coverage with Armilla is also a regulated entity under the EU AI Act and, from December 2026, a potential defendant under the revised Product Liability Directive. The submission package should include a mapping of each AI deployment to the risk tier classification under Regulation 2024/1689, documentation of any conformity assessment obligations that apply, and a summary of the legal basis for processing personal data where the system handles data subject to GDPR. Underwriters writing EU-facing risks will increasingly expect this context as standard, and its absence will slow the placement process.

For organisations that want to establish independent certification before approaching the insurance market, the Agent Certified framework is designed to produce the governance and technical artefacts that both Armilla's evaluation process and EU conformity documentation require. Certification is not a guarantee of coverage, but it substantially reduces the friction in the submission process and provides a third-party assessment that underwriters can rely on without conducting their own technical audit from scratch.

European enterprises that want to position themselves for the Q3 2026 coverage window should treat the next two months as the preparation period. The technical evaluation, documentation assembly, and ISO alignment work cannot be completed quickly if started at the point of submission. Organisations that arrive at the window with their governance artefacts, telemetry infrastructure, and scope documentation in order will receive meaningful quotations. Those that arrive without them will be asked to remediate before a quotation can be issued, which in most cases means missing the window.

The Agent Insured pre-launch registration places an organisation in the queue for underwriting review as European-facing products come to market. Registered organisations will receive advance access to the submission framework and to the preparation guidance that the platform is developing in advance of the Q3 2026 coverage launch.