Tell us how useful this was by rating it below.
From crypto laundering to EU AI law, this edition of Risk Wrap highlights six developments shaping compliance, governance, and insurance exposure across high-risk industries.
Crypto Crime Surges and Spreads Across the Ecosystem
Crypto crime has surged over the years. As shown below, sanction violations account for the largest volume of illicit crypto (33%), followed by blocklisted funds (29%), and scams and fraud (24%).
In terms of laundering, the use of stablecoins surged substantially between 2021 and 2024, while laundering using Bitcoin declined. The most common post-theft laundering patterns for Bitcoin are swapping to Monero via instant exchanges, accounting for 45% of stolen BTC. 70% of funds are directed through peel chains, and 30% are funneled through cross-chain bridges.
As for Ethereum, 60% of stolen funds are exchanged for Monero, 25% go through cross-chain bridges, and only 15% pass through peel chains.
Scam-related losses have skyrocketed in the US, increasing 46-fold between 2020 and 2024 (from $0.2 billion to $9.3 billion).
Implications for brokers and their clients:
- Exchanges and other custodians should consider digital asset custody insurance that covers the unique risk profile of digital assets.
- Verify that cyber insurance covers threats including social engineering, ransomware, wallet exploits, and operational security lapses.
- Consider smart contract failure insurance to cover related losses.
Source: CoinLedger (June 9, 2025). Crypto Crime Report: 2025 Statistics & Trends.
As AI Adoption Soars, Major Insurers Quietly Prepare to Walk Away
Major insurers are moving to limit their exposure to AI risks as companies increasingly adopt tools including generative AI and agents. Firms including AIG, Great American and, WR Berkley have sought regulatory approval for broad exclusions that would bar claims tied to the use of AI systems. AIG confirmed that it has no immediate plans to implement these exclusions yet but will have the option to do so later.
Insurers cite unpredictable model outputs, a lack of transparency, and the potential for large systemic losses as reasons to amend their policies. Some are offering AI-related endorsements, but these can narrow coverage and cap payouts.
Implications for brokers and their clients:
- Insurers that provide dedicated AI insurance continue to offer comprehensive coverage for various AI risks.
- AI insurance should cover the risks of AI decision-making and, IP disputes.
- Ensure cyber coverage includes risks connected to AI systems or obtain dedicated AI coverage that includes provisions for cyber threats.
Source: Financial Times (November 23, 2025). Insurers retreat from AI cover as risk of multibillion-dollar claims mounts.
32,000+ Debris Objects Now Threaten Satellites
Data from Blueshift, a provider of thermal protection systems, reveals the extent of Low Earth Orbit congestion. Launch activity has accelerated by 30-40% worldwide in the past three years, and the US has recorded a dramatic 900% increase in launches over the past decade. Over 32,000 pieces of debris larger than 10 cm are now being tracked.
These figures point to a steep rise in collision risk. This is an inescapable element of the emerging space economy, which is characterized by a diverse range of applications and operators.
Implications for brokers and their clients:
- Verify whether policies cover collisions caused by AI faults and cyberattacks that disrupt orbital positions.
- Consider third-party liability cover for damage caused to other operators’ satellites, as well as terrestrial property.
- Verify whether policies cover regulatory risks in cases where collisions are the result from noncompliance.
Source: IOM3 (November 21, 2025). Analysis reveals increased space debris risk.
Did Data-misuse Fuel Figma’s $1.2 Billion Valuation?
Design software company Figma Inc. is facing a proposed class-action lawsuit in federal court in California. The complaint alleges that Figma automatically opted users into allowing the company to use their design data without gaining consent, then used that data to train its generative AI tools. The plaintiffs say this conduct helped fuel Figma’s valuation of $1.2 billion earlier this year.
In response, Figma denied the use of customer data without explicit authorization and claimed that when authorized, training focuses on general patterns not unique customer concepts and ideas.
The lawsuit seeks unspecified damages, and a court order permanently prohibits Figma from using AI models in ways that violate customer rights.
Implications for brokers and their clients:
- AI companies should ensure their Tech E&O policies explicitly cover allegations arising from data misuse, unauthorized data processing, or AI model training practices.
- Secure media liability insurance to protect against disputes over ownership of training data inputs, or AI outputs.
- Ensure coverage responds to accusations of misstatements, valuation-related claims, and other shareholder allegations.
Source: Reuters (November 21, 2025). Figma sued for allegedly misusing customer data for AI training.
Massachusetts Cannabis Sector Set for Disruption
On November 19, 2025, legislation was passed to restructure the Cannabis Control Commission in Massachusetts. Changes include:
- Reducing the number of commissioners from five to three.
- Increasing retail license ownership caps from three to four.
- Increasing the adult-use purchase and possession limit to two ounces.
- Removing the requirement for medical cannabis operators to be vertically integrated.
The bill is back before the House, requiring the two chambers to reconcile conflicting provisions in a conference committee or continued negotiations.
Efforts are also in motion to overturn the adult-use cannabis laws that voters approved in Massachusetts and Maine back in 2016. In Massachusetts, supporters of the repeal initiative are aiming to submit around 100,000 signatures by December 3 — exceeding the 74,574 valid signatures legally required to send the proposal to the legislature.
Lawmakers would have until May 5, 2026, to decide whether to advance it. If they decline to act, campaigners need to obtain a further 12,429 signatures by July 8, 2026, for the question to appear on the 2026 ballot.
Implications for brokers and their clients:
- Ensure D&O policies cover alleged mismanagement amid regulatory changes and investor lawsuits tied to valuation impacts of legislative uncertainty.
- Consider business interruption insurance in case of a loss of revenue caused by regulatory disruption.
- Ensure coverage that responds to regulatory investigations, defense costs, and penalties.
Source: Holland & Hart (November 24, 2025). the buzz: Cannabis News & Policy Update | November 2025.
Fragmented EU Rules Highlight Tension over AI’s True Classification
The EU AI Act and the revised Product Liability Directive are exposing a key tension in Europe’s approach to artificial intelligence: Is AI a product or a service?
Under the product framework, AI systems are treated like traditional manufactured goods. Manufacturers, developers or importers could face strict liability for harm caused by a defective system, even if no fault is proven.
However, many AI deployments resemble services more than static products. In such cases, harm might stem not from a flawed AI system but from how it was applied, configured or maintained. For that reason, service providers, including deployers or integrators, can be liable if they fail to provide an appropriate standard of care. Such claims have to go through national civil tort law which is unharmonized across the EU.
Because the now-withdrawn AI Liability Directive (intended to harmonize fault-based liability across member states) has been shelved, the legal terrain is fractured. Victims may face different standards of proof depending on the country where harm occurred.
Implications for brokers and their clients:
- Work with insurers that have regulatory expertise applicable to the required jurisdictions.
- Obtain robust tech E&O insurance that responds to both product and service-related faults.
- Regardless of the classification as product or service, obtain comprehensive cyber insurance that applies to AI systems.
Source: IAPP (November 19, 2025). AI as product vs. AI as service: Unpacking the liability divide in EU safety legislation.
