HOW USEFUL WAS THIS POST? RATE, LEAVE A COMMENT REQUESTING CHANGES, AND WE’LL AMEND ACCORDINGLY.
From IP in AI systems to crypto regulatory updates, this edition of Risk Wrap highlights six developments shaping compliance, governance, and insurance exposure across high-risk industries.
AI Copyright Frameworks Link Regulatory Burden to Economic Benefit
A report from the European Commission examines copyright infringement in the context of AI-generated outputs, and how legal and economic risk is distributed between rightsholders and AI developers.
The risk tiered matrix shown below links obligations like licensing compliance, output disclosure, dataset transparency, and fair remuneration to different stakeholder groups. It ensures that entities that derive the greatest economic value from AI systems also bear a proportionate share of regulatory costs.
The report further states that risk-tiered models may help policymakers to develop targeted transparency requirements and clear due diligence standards.
Implications for brokers and their clients:
- Consider partnering with insurers that offer bespoke AI insurance that’s aligned with the EU’s evolving regulation.
- Consider media errors and omissions insurance to protect against claims of copyright infringement stemming from AI-generated materials.
- Investigate technology errors and omissions insurance to cover liability arising from faulty AI outputs, including potential copyright infringement.
Emerging insurance industries mentioned: Artificial Intelligence Insurance.
Lines of business mentioned: Tech E&O Insurance, Media Errors and Emissions Insurance.
Source: European Parliament (July 2025). Generative AI and Copyright.
AI Agents Narrow the Window for Financial Crime Detection
Autonomous AI agents vastly reduce the time required to execute financial crime, reducing the window for detection. In 2025, AI-enabled crypto scams surged by approximately 500%. Meanwhile, financial institutions and crypto firms started testing agents that can execute transactions independently.
The layering stage of money laundering is especially vulnerable to automation. AI agents can fragment funds, identify optimal bridge routes based on real-time liquidity, calibrate transaction sizes to minimize slippage, and quickly execute trades across decentralized exchanges.
Autonomous agents also expand the attack surface in a few ways:
- Targeting operational wallets: Agents that have signing authority over treasury assets or operational wallets are critical points of vulnerability. Attackers may exploit prompt injection, manipulate data, compromise governance keys, or take advantage of poorly defined rules to initiate unauthorized transactions.
- Intentionally deploying malicious agents: Threat actors can build AI agents to automate laundering processes, exploit weaknesses in decentralized protocols, and continuously adapt transaction routing to evade detection mechanisms.
- Mistakenly routing funds through high-risk or sanctioned entities: Agents optimized for efficiency or yield may inadvertently interact with high-risk liquidity sources or sanctioned infrastructure if constraints are insufficient.
- Automation of criminal infrastructure: Autonomous agents can streamline the entire attack lifecycle. They can scrape PII at scale, identify system vulnerabilities, select and deploy exploits, and coordinate fund extraction without human involvement.
Implications for brokers and their clients:
- Investigate cyber liability insurance that addresses the risks related to automated infrastructure and digital asset operations.
- Investigate crime insurance that explicitly protects against losses arising from AI-enabled fraud.
- Consider obtaining robust directors and officers liability insurance to safeguard leadership against claims arising from governance failures, compliance lapses, or oversight of autonomous systems and financial crime controls.
Source: TRM Labs (February 26, 2026). Autonomous AI Agents and Financial Crime: Risk, Responsibility, and Accountability.
Lines of business mentioned: Cyber Liability Insurance, Digital Asset Crime Insurance, Directors and Officers Liability Insurance.
Cross-chain Exploits Continue to Expose Weaknesses in DeFi Infrastructure
A hacker has exploited Hyperbridge, a Polkadot-based cross-chain interoperability protocol, minting one billion bridged DOT tokens in a single Ethereum transaction, ultimately extracting about $237,000.
Cybersecurity firm CertiK reported that the attacker injected a forged message to gain administrative control over the Polkadot token contract on Ethereum. Tokens were then minted but due to limited liquidity in the bridged DOT pool, only 108.2 ETH was withdrawn.
In response, Hyperbridge suspended its operations while implementing an update.
Over $168 million was stolen from 34 DeFi protocols in Q1 2026.
Implications for brokers and their clients:
- Investigate dedicated crypto asset insurance to protect against the ecosystem’s unique vulnerabilities.
- Consider business interruption insurance in case operations need to be suspended during remediation.
- Review whether existing crime insurance policies protect against unauthorized token minting, private key compromise, and on-chain asset misappropriation.
Source: CoinMarketCap (April 14, 2026). Hyperbridge Exploit Mints 1B DOT Tokens in Attack, CertiK Reports.
Emerging insurance industries mentioned: Digital Asset and Web3 Insurance.
Lines of business mentioned: Business Interruption Insurance, Digital Asset Crime Insurance.
CBD Products Enter Healthcare Channels Ahead of Clear Regulatory Oversight
The proposed Cannabidiol Products Compliance and Enforcement Policy is currently under review. This has led to concerns over a potential regulatory gap as certain CBD products move into healthcare settings through Medicare reimbursement pathways without undergoing full validation by the FDA.
Currently, it’s unclear how firms will be implicated if these products are used for therapeutic purposes while lacking standardized clinical validation.
Implications for brokers and their clients:
- Investigate dedicated cannabis insurance and consider strengthening product liability coverage to address risks associated with CBD products being used in medical or treatment contexts, including potential claims related to efficacy, labeling, and adverse effects.
- Consider policies that cover regulatory defense and investigation costs in case of enforcement actions tied to evolving oversight frameworks and classification uncertainties.
- Evaluate product recall insurance to mitigate financial exposure from quality issues, inconsistent dosing, or safety concerns in products entering healthcare channels.
Source: Yahoo Finance (March 27, 2026). Medicare CBD Regulatory Cliff: Why FDA Enforcement Must Precede Federal Reimbursement.
Emerging insurance industries mentioned: Cannabis Insurance.
Lines of business mentioned: Product Liability Insurance.
Space Systems Face Rising Cyber Exposure, Prompting New Regulatory Proposals
Cyber risks facing the space sector are intensifying as both the US and Europe advance regulatory frameworks.
Cyber threats affecting space systems include:
- State-sponsored activity: GPS jamming incidents have increased across Europe, while US intelligence agencies have reported a rise in intrusions targeting space companies, often linked to efforts to access proprietary data and disrupt satellite communications.
- Criminal and ransomware activity: Ransomware groups continue targeting the sector to extract value from critical systems and data, with around 25 organizations reportedly impacted in 2024.
- Supply chain risks: Globally distributed supply chains for hardware and software create systemic exposure, with third-party components and software updates serving as potential entry points for adversaries.
- AI-enhanced attacks: Threat actors are increasingly using AI to execute more advanced cyber intrusions, including social engineering attacks.
Space-specific cybersecurity challenges include:
- Remote management: Continuous communication links, often involving distributed ground stations and contractors, create persistent exposure points.
- Legacy systems: Long asset lifespans mean many systems rely on outdated hardware and software that are difficult to patch or upgrade, sometimes lacking modern encryption standards.
- Resource constraints: Smaller operators may lack mature cybersecurity capabilities, while larger companies face challenges deploying updates consistently across non-homogenous
In the US, key regulatory measures to watch include the proposed Space Infrastructure Act. This would designate space systems as critical infrastructure requiring a sector-specific agency to provide cybersecurity oversight. In addition, the Satellite Cybersecurity Act has been reintroduced and aims to strengthen cybersecurity guidance for commercial satellites.
The proposed EU Space Act would provide a unified framework applicable across the region. The Cyber Resilience Act (effective from December 2027) will subject manufacturers of hardware and software with a data connection to a device or network used in the space sector to certain cybersecurity requirements.
Implications for brokers and their clients:
- Review cyber liability insurance to ensure coverage extends to satellite systems, ground infrastructure, and third-party networks, as well as newer threats like AI-driven attacks.
- Investigate coverage that responds to breaches originating from third-party software or hardware.
- Consider business interruption coverage in case attacks and remediation efforts cause service disruption.
Source: Mayer Brown (December 11, 2025). Securing the Final Frontier: Cybersecurity Risk, Regulation, and Compliance Trends in Space and Satellite Operations.
Lines of business mentioned: Cyber Liability Insurance, Business Interruption Insurance.
Crypto Adoption in Latin America Advances as AML and Sanctions Risk Intensify
Argentina is moving towards allowing banking institutions to offer crypto services. A group of private banks is due to participate in pilot programs using JPM Coin, a deposit token issued by JPMorgan Chase that would improve interbank settlement processes.
Meanwhile, regulatory changes are anticipated as authorities respond to ongoing illicit activity within the ecosystem and seek to strengthen transaction security. A report from TRM Labs notes that stablecoins have become the dominant payment rail across Latin America. Stablecoins also account for 95% of inflows to sanctioned entities worldwide, including flows connected with the Sinaloa Cartel.
Crypto firms and financial institutions in the region should watch out for stricter AML controls in the near future.
Implications for brokers and their clients:
- Assess errors and omissions coverage to ensure it addresses risks associated with offering crypto services.
- Review AML and regulatory compliance coverage to help manage exposure to enforcement actions or investigations.
- Consider crime and cyber insurance policies that include protection against fraud, unauthorized transactions, and misuse of digital asset platforms.
Source: Bitcoin.com (April 12, 2026). Latam Insights: JPMorgan’s JPM Coin Pilot, Compliance Advances.
Lines of business mentioned: Errors and Omissions Insurance, Digital Asset Crime Insurance, Cyber Liability Insurance.
