Machine-readable companion to the 2026 Risk Index. Structured, citable records covering EU AI Act obligation deadlines, the seven agent risk dimensions with actuarial mappings, decided liability cases, and the current AI insurance market. Every record carries a stable identifier and a traceable source.
Published 2026-06-13 by Future Proof Intelligence. Version 1.0. JSON source Reference list
Key dates under Regulation (EU) 2024/1689 and the revised Product Liability Directive. The Digital Omnibus provisional agreement of 7 May 2026 proposes to defer Annex III high-risk obligations. Formal publication in the Official Journal was pending as of 2026-06-13. The original dates remain legally binding until formal adoption.
| ID | Date (binding) | What applies | Omnibus | Revised date |
|---|---|---|---|---|
| DL-001 | 2024-08-01 | Regulation (EU) 2024/1689 enters into force | No | N/A |
| DL-002 | 2025-02-02 | Art. 5 prohibited practices enforceable. Art. 4 AI literacy obligation applies. | No | N/A |
| DL-003 | 2025-08-02 | Art. 53 and 55 GPAI obligations apply. AI Office mandate and Art. 99 penalty regime operational. | No | N/A |
| DL-004 | 2026-08-02 | Original date for Annex III high-risk obligations (Art. 6, 8 to 15, 26, 27, 43, 50, 72, 73). Binding now; deferral to 2027-12-02 proposed 7 May 2026 but not yet adopted. Provisional, OJ pending | Yes | 2027-12-02 |
| DL-005 | 2026-08-02 | Art. 50 transparency to natural persons. Not deferred by Omnibus. Chatbot deployers must disclose AI interaction. | No | N/A |
| DL-006 | 2026-12-09 | Directive (EU) 2024/2853 revised Product Liability Directive transposition deadline. AI software is explicitly a product subject to strict liability. | No | N/A |
| DL-007 | 2027-08-02 | Original date for Annex I high-risk obligations (AI in regulated products). Binding then; deferral to 2028-08-02 proposed 7 May 2026 but not yet adopted. Provisional, OJ pending | Yes | 2028-08-02 |
Seventeen obligation clusters mapped across Regulation (EU) 2024/1689 and Directive (EU) 2024/2853. Each record identifies who is bound, the enforcement date, and the primary evidence an assessor or underwriter needs to confirm compliance.
| ID | Obligation | Who binds | Article | Date | Penalty ceiling |
|---|---|---|---|---|---|
| OBL-001 | Prohibited practices | Both | Art. 5 | 2025-02-02 | EUR 35M or 7% |
| OBL-002 | AI literacy | Both | Art. 4 | 2025-02-02 | No direct penalty in isolation |
| OBL-003 | Risk management system | Provider | Art. 9 | 2026-08-02 | EUR 15M or 3% |
| OBL-004 | Technical documentation (Annex IV) | Provider | Art. 11, Annex IV | 2026-08-02 | EUR 15M or 3% |
| OBL-005 | Transparency to deployers | Provider | Art. 13 | 2026-08-02 | EUR 15M or 3% |
| OBL-006 | Human oversight design | Provider | Art. 14 | 2026-08-02 | EUR 15M or 3% |
| OBL-007 | Accuracy, robustness, and cybersecurity | Provider | Art. 15 | 2026-08-02 | EUR 15M or 3% |
| OBL-008 | Conformity assessment | Provider | Art. 43 | 2026-08-02 | EUR 15M or 3% |
| OBL-009 | Deployer operational obligations (7 sub-duties including log retention, oversight, incident reporting) | Deployer | Art. 26 | 2026-08-02 | EUR 15M or 3% |
| OBL-010 | Deployer reclassification as provider on substantial modification or rebranding | Deployer | Art. 25 | 2026-08-02 | EUR 15M or 3% |
| OBL-011 | Fundamental rights impact assessment | Deployer (subset) | Art. 27 | 2026-08-02 | EUR 15M or 3% |
| OBL-012 | Transparency to natural persons. Chatbot disclosure, synthetic content marking. Not deferred by Omnibus. | Both | Art. 50 | 2026-08-02 | EUR 15M or 3% |
| OBL-013 | Post-market monitoring | Provider | Art. 72 | 2026-08-02 | EUR 15M or 3% |
| OBL-014 | Serious incident reporting. 15-day notification to market surveillance authority. | Both | Art. 73 | 2026-08-02 | EUR 15M or 3% |
| OBL-015 | GPAI baseline obligations (Annex XI technical docs, Annex XII downstream docs, copyright policy, training data summary) | GPAI provider | Art. 53 | 2025-08-02 | EUR 15M or 3% |
| OBL-016 | GPAI systemic risk obligations (adversarial testing, risk assessment, AI Office incident reporting) | GPAI provider (systemic) | Art. 55 | 2025-08-02 | EUR 15M or 3% |
| OBL-017 | Product liability. AI software is a product. Strict liability. Reversed burden of proof. Applies from 9 December 2026. | Manufacturers, deployers who modify | Directive (EU) 2024/2853 | 2026-12-09 | Strict liability. No cap. Damage categories include data destruction and psychological harm. |
OBL-003 to OBL-014 (Annex III obligations) carry an Omnibus provisional date of 2 December 2027 under the 7 May 2026 agreement. As of June 2026 it is not yet adopted or published in the Official Journal, so the 2 August 2026 date remains legally binding until adoption.
Canonical dimension set from Agent Certified methodology v2.0 (published 24 April 2026). Names, weights, and definitions are reproduced verbatim from the source. Total weight: 100. Scoring formula: ((raw score x weight) summed across all dimensions / 1000) x 100.
The measurable prevention of unsafe, unauthorised, or harmful actions by the agent in production, and the discipline with which unsafe outputs are detected, contained, and remediated.
The quality of the information the agent reasons over, covering provenance, freshness, lineage, and the controls that prevent poisoned, stale, or unauthorised data entering the retrieval pipeline.
The controls that determine who can invoke the agent, under what authority, and how its downstream actions are bounded. Where identity, authorisation, and blast radius meet.
The degree to which the agent behaves as a production-grade system rather than a prototype, covering reliability, regression discipline, evaluation coverage, and the engineering practices that keep behaviour predictable over time.
The institutional scaffolding around the agent. Evidence that it is known to the board, owned by a named accountable senior role, policed by documented policy, and logged to survive audit.
How the agent sits inside the organisation's existing systems of record, identity, approval, and escalation. Integration maturity determines whether the agent extends institutional memory or bypasses it.
The explicit, documented boundary between what the agent may do without human confirmation and what requires a human in the loop. The single clearest determinant of the agent's operational risk profile.
| Tier | Score | Dimension floor | Mark awarded | Insurability read |
|---|---|---|---|---|
| Elite | 75 to 100 | 8 on every dimension | Yes | Preferred risk. PML bounded and documented. |
| Advanced | 55 to 74 | 6 on every dimension | Yes | Standard, accept. Sufficient for most AI liability coverage. |
| Certified | 35 to 54 | 4 on every dimension | Yes | Standard with conditions. Refer on high-autonomy deployments. |
| In Progress | 20 to 34 | Not met | No | Referral. Decline autonomous-action cover. Typically reaches Certified in 3 to 6 months. |
| Pre-Assessment | Below 20 | Not applicable | No | Decline for now. Gap analysis is the roadmap. |
Decided and pending cases that establish real financial loss from AI outputs. No decided European court judgment establishing AI-specific liability exists as of June 2026. The US and Canadian cases provide the operative precedent and loss patterns that underwriters and regulators are reasoning from.
| ID | Case | Citation | Date | Outcome | Loss mechanism | Dimensions |
|---|---|---|---|---|---|---|
| CASE-001 | Moffatt v. Air Canada | 2024 BCCRT 149 | 2024-02-14 | Liability. CAD 650.88 plus interest and fees. Operators cannot disclaim chatbot outputs by framing AI as a separate entity. | Deployer verification gap. No accuracy monitoring post-deployment, no mechanism to flag and correct errors. | D1, D5, D7 |
| CASE-002 | Mata v. Avianca, Inc. | No. 22-cv-1461 (S.D.N.Y. 2023) | 2023-06-22 | USD 5,000 sanctions on counsel. Corrective letters to every judge named in fabricated opinions. Absolute gatekeeping duty remains with the professional deployer. | Hallucination. Six non-existent case citations submitted. No verification layer between output and act of reliance. | D1, D2, D6 |
| CASE-003 | Mobley v. Workday, Inc. | 3:23-cv-00770 (N.D. Cal.) | In discovery. Collective certified May 2025. | No merits ruling as of June 2026. Agency-theory direct liability claim against AI vendor survived motion to dismiss (July 2024). Nationwide ADEA collective certified May 2025. | Algorithmic bias at scale. Potential for AI vendor direct liability across all client deployments simultaneously. | D3, D5, D6 |
| CASE-004 | No decided EU AI liability cases | N/A | 2026-06-13 | Research found no decided European court judgment establishing AI-specific civil liability as of this date. | EU litigation exists as pending complaints and regulatory investigations. Revised PLD (DL-006) and EU AI Act provide instruments; case law not yet formed. | N/A |
Current state of the AI agent liability insurance market as of June 2026. No European-native AI certification body functions as an insurance underwriting partner. The US market is approximately 18 to 24 months ahead of Europe in standalone AI liability products.
| ID | Player | Role | Status | Coverage / limit | European access |
|---|---|---|---|---|---|
| INS-001 | AIUC | First pure-play AI agent certification and insurance standard. AIUC-1 standard (SOC-2 for AI agents). | Active since July 2025. USD 15M seed (Nat Friedman, Emergence, Terrain, Ben Mann). | Hallucination, data leakage, IP infringement, harmful outputs, faulty tool actions. Certs valid 12 months with quarterly testing. First policy: ElevenLabs, February 11, 2026 (5,000+ adversarial simulations). | US-built standard. No European regulatory alignment. |
| INS-002 | Armilla | MGA and Lloyd's coverholder. Only MGA exclusively focused on AI liability. | Active since April 2025. First standalone AI policy at Lloyd's, backed by Chaucer. | Up to USD 25M per organisation. Hallucinations, model drift, data leakage, regulatory violations. Excludes medical diagnostics and mental health AI. Vanguard AI with Chaucer (cyber plus E&O): February 2026. | Via Lloyd's market through brokers. Not European-native. |
| INS-003 | Munich Re aiSure | Parametric-style AI performance insurance from the world's largest reinsurer. | Active. AI performance cover since 2018. Mosaic partnership: February 26 to 27, 2026. | Up to USD 15M (also EUR and CAD via Mosaic). Hallucinations, bias, privacy failures, IP infringement, SLA shortfalls. Parametric triggers: claims on measurable threshold breaches, no negligence required. | Via Munich Re European offices and Mosaic broker network. |
| INS-004 | Counterpart | Affirmative AI in MPL, Allied Health, and Tech E&O. | Active since November 21, 2025. Backed by Aspen, Markel, Westfield Specialty. | For businesses up to USD 10M revenue. AI-generated report errors, biased ML outputs, hallucinations, hiring bias. | US-focused product. |
| INS-005 | Coalition | Cyber insurer adding AI endorsements. | Active. Deepfake Response Endorsement added December 2025 globally. | Forensic analysis, legal takedown, crisis communications. Available in Australia, US, UK, Canada, Germany, Denmark, Sweden, France. | Available in Germany and France through cyber policies. |
| INS-006 | AIG, Great American, WR Berkley | Traditional carriers restricting AI coverage. | Restricting. Filed late 2025 to limit AI liability under standard E&O, D&O, and cyber. | Silent AI coverage being removed from standard policies. | Creates the gap between mainstream withdrawal and specialist growth. |
| INS-007 | Allianz | European insurer. No standalone AI liability product. | No product as of June 2026. | Active in internal AI adoption. No product equivalent to AIUC, Armilla, or Munich Re aiSure. | European HQ. No European-native AI liability product announced. |
| INS-008 | AXA | European insurer. No standalone AI liability product. | No product as of June 2026. | CEO described AI as transforming the insurance business (FY2025 earnings). No standalone product. | European HQ. No European-native AI liability product announced. |
| INS-009 | Zurich | European insurer. No standalone AI liability product. | No product as of June 2026. | Participating in Road to the Global AI Summit Geneva 2027. No standalone product. | European HQ. No European-native AI liability product announced. |
| ID | Segment | Estimate | Source attribution | Quality flag |
|---|---|---|---|---|
| MKT-001 | AI liability insurance market by 2030 | USD 500 billion | AIUC founders, July 2025 launch materials | Founder projection, not an independent analyst estimate. Use accordingly. |
| MKT-003 | Category formation | N/A | Market observation | Category did not exist as a standalone product before 2024. Pace of new entrants July 2025 to February 2026 confirms structural demand. |
Status of national competent authority designation in four primary markets as of June 2026. The EU AI Act is a Regulation applying directly in all Member States. However, Member States were required to designate national competent authorities by 2 August 2025. Of 27 Member States, only eight met that deadline.
| ID | Member State | Deadline met | Implementing act | Designated authority | Practical status (June 2026) |
|---|---|---|---|---|---|
| NAT-001 | Germany | No (missed August 2025) | KI-MIG draft adopted by cabinet February 11, 2026. Before Bundestag as of June 2026. | Bundesnetzagentur: market surveillance authority, notifying authority, and single point of contact. UKIM (AI Market Surveillance Chamber) internal body established. | Most advanced EU Member State implementation. Parliamentary adoption expected H2 2026. |
| NAT-002 | Italy | Yes (Law No. 132/2025, October 10, 2025) | Law No. 132/2025 enacted October 10, 2025. First EU Member State to enact complementing national AI law. | AgID (notifying authority). ACN (primary supervisory and enforcement authority). IVASS retains AI oversight in insurance under Solvency II and EIOPA guidance. | Most formally advanced. Implementing decrees on civil redress and compliance detail due by October 10, 2026. |
| NAT-003 | Netherlands | No (missed August 2025) | AI Act uitvoeringswet consultation published April 20, 2026. Consultation closed June 1, 2026. Enactment expected Q4 2026. | Rijksinspectie Digitale Infrastructuur proposed as single point of contact. Autoriteit Persoonsgegevens expected central role for data-processing AI. | No single national competent authority formally designated. Decentralised hybrid model proposed. |
| NAT-004 | France | No | DDADUE bill November 2025: competent authority provisions withdrawn from bill before Parliament submission. | No formal designation. CNIL proposed for approximately fifteen AI use cases. ARCOM for media and content. DGCCRF as single point of contact. | Furthest behind among the four reference markets. CNIL is the most operationally active body on AI matters through GDPR Art. 22 enforcement. |
Instruments used alongside the EU AI Act as benchmarks by assessors and underwriters. The full numbered reference list is in sources.md.
| ID | Instrument | Published | Type | Role in assessments |
|---|---|---|---|---|
| STD-001 | ISO/IEC 42001:2023 | December 2023 | Standard (not regulation) | AI management system requirements. Compliance creates a presumption of conformity with certain Art. 9 and Art. 17 requirements. Clause 9 covers performance evaluation; Annex A covers controls. |
| STD-002 | NIST AI RMF 1.0 | January 2023 | Framework (not regulation) | Four functions: Govern, Map, Measure, Manage. Structured vocabulary for organisational AI risk governance used by assessors internationally. |
| STD-003 | NIST AI 600-1 | July 2024 | Framework | Twelve named GenAI risk categories. Relevant to D2 Context Integrity for memorization, synthetic data, and training-data contamination controls. |
| STD-004 | EIOPA AI Governance Opinion (EIOPA-BoS-25-360) | 2025-08-06 | Supervisory opinion (not new regulation) | Interprets Solvency II, IDD, DORA, and GDPR for insurance undertakings using AI. Covers data governance, fairness, explainability, human oversight, cybersecurity. Sets expectations underwriters operating in the insurance sector rely on. |
| STD-005 | GPAI Code of Practice | 2025-07-10 | AI Office Code of Practice | Final Code for GPAI model providers. Three chapters: Transparency, Copyright, Safety and Security. Compliance creates presumption of Art. 53 conformity. |