

There is a massive capacity gap between the risks created by a hyperscale AI data center and the insurance that can be written against them. One campus today carries $20 to $30 billion in total insurable value, while the commercial insurance market only absorbs about $5 billion of that per site. This gap is structural: it won’t go away through the ebb and flow of the economy.
Combine that gap with the concentration of essential services in a handful of providers, and the problem starts to look familiar. Three companies (AWS, Microsoft Azure, and Google Cloud) host nearly half of US financial services firms and a similar share of healthcare, logistics, retail, and government workloads. Drone strikes on AWS facilities in the Gulf show the real physical risk to this infrastructure.
What’s at stake when a facility goes down? Business interruption affects not only the data center providers but all the people throughout the economy who rely on them. And although policies exist to cover these interruptions, significant carveouts mean that businesses are less protected than they may think.
Industry analysts and the insurers themselves have warned commercial insurance can’t cover hyperscale AI data centers. Insurers and brokers are rolling out special facilities and products, which are good and necessary innovations, but they won’t close the gap alone and don’t bring about structural changes to incentives or protections. As a result, large operators are retaining more risk and looking for answers.
This all leaves one actor with implicit exposure to a hyperscale failure: the taxpayer. In the event of a major outage due to natural disasters, grid failure, or an attack, there would be an economic cascade into payments, healthcare, public services, and more. The government is already the reinsurer of last resort, without the formal structures to provide economic safety.
The banking system already worked through a version of this problem. After the Panic of 1907, which J. P. Morgan personally contained, Congress created the Federal Reserve in 1913. Bank failures in the early 1930s led to federal deposit insurance in 1933. The 2008 crisis produced Dodd-Frank in 2010, with orderly liquidation authority, stricter capital rules, and mandatory stress testing.
In each episode, the public backstop was made explicit, concentration was brought under oversight, and incentives were aligned for business owners to invest in protecting the system.
If widespread adoption of electricity took a hundred years and the internet about twenty, the AI revolution is on a timeline squeezed by yet another order of magnitude. At only a few years in, AI is pervasive. It makes perfect sense that insurance protections haven’t caught up.
Much AI infrastructure has already been built, and a huge amount more will come online. The question is whether the companies involved manage the risk before they need to, or after. A failure could prompt panic legislation that leads to a suboptimal solution and takes years to work through. This article explores the structural nature of AI data center risk and outlines a three-layer solution, intended as a starting point for conversation.
A key part of the proposed solution is captive insurance, so a brief overview. A captive is a regulated insurance company owned and controlled by its parent company. The parent establishes a captive to write custom coverage, secure capacity that may be difficult to obtain, access reinsurance markets, and profit from good loss performance.
By building up surplus, a captive becomes a powerful financial asset that can be used for many purposes, ranging from better and more holistic risk management to creating innovative insurance products to sell directly to the market. Captive use is widespread among the Fortune 500 and extremely underused elsewhere.
Generally speaking, there is much more that captives can provide to the economy, which is evident in their strong growth across segments. We believe this structure can be a key tool in helping to address AI infrastructure risk at a systems level.
When we say “too big to insure,” we’re responding to a number of parallels between the AI infrastructure buildout and the banking system in the lead-up to 2008. These parallels point to a category of risk the current insurance and regulatory regime was not designed to hold.
While a banking crisis like in 2008 and the current buildout of AI infrastructure have plenty of differences, there are enough parallels to warrant thinking in structural terms about what should be done to bound and price these risks accordingly.
To be clear, the insurance industry's response to this concentration has been rational. Insurers are acting in the interests of their shareholders, taking on risks they expect to be profitable and avoiding ones they don’t, consistent with their access to capital.
S&P projects $10 billion in new data center premium in 2026, roughly twice the entire global aviation book, and Swiss Re sees the number reaching $24 billion by 2030. These numbers reinforce that demand is overwhelming supply. Capacity constraints are binding at the single-asset level, and reinsurers are rewriting treaty language to cap the insured values of data centers included in standard covers. Business interruption extensions, the most important coverage for tenants relying on a hyperscaler, are narrowing. Primary insurers are pushing higher deductibles and layered placements onto insureds.
At the same time, the largest brokers are coordinating multi-billion dollar facilities to provide special data center coverage, leapfrogging one another to offer higher limits. These innovations are useful steps. Creativity is essential to solving this problem and actors throughout the system are needed. Those products alone, however, won’t close the gap, and the gap is growing.
A hyperscale AI campus may require more than a gigawatt of incoming power and $20 billion of installed equipment. The fire risk profile has changed with the integration of lithium-ion battery backup units into server rooms, prompting calls for higher fire resistance ratings. Liquid cooling systems have made water damage the second-largest category of loss cost. Power supply is responsible for 45% of data center outages, and AI racks are arriving at more than 100 kilowatts each, up from 5 to 15 kilowatts for conventional servers. Overall, the industry is moving rapidly from low-hazard electronic occupancy to complex, high-energy-density operation.
A single outage affects training and inference workloads differently, and the affected communities differ too. For a model provider, weeks of training downtime can mean falling behind in a market with short cycles. For the businesses and users that rely on inference services, the same outage produces immediate losses across many firms and industries. Customers experiencing disruption are more likely to switch to a competitor, eroding both the relationship and the revenue. Policies today rarely distinguish between these scenarios, so the exposure is poorly priced and covered.
The economy has long depended on a small number of payment networks, telecom carriers, and chip foundries. And for well over a decade, enterprises have been consolidating workloads onto a handful of cloud providers. The difference now is of degree. Insurable value per site, power demand per rack, share of essential services running on a single campus, and volume of debt collateralized by fast-depreciating hardware are each an order of magnitude beyond what came before.
The insurance market is doing what it can, and the federal government is an implicit reinsurer of last resort. At Luzern Risk, we have been discussing a more holistic solution that brings in new incentives.
This solution isn’t replacing the current insurance industry. Instead, the current industry players will need to be a big part of it, and this solution should be good for them. In our view, the industry as a whole should move in this direction, with the current players and consumers all benefiting.
The architecture has three layers: 1) single-parent captive insurers owned by data center companies, 2) new peril-sliced capital markets for risk, providing significant capacity for insurers, who are best positioned to price those risks, and 3) a federal backstop as small as possible for the far tail. The two private layers (captives and capital markets) absorb most expected loss and produce most of the discipline.
Each hyperscaler and each major colocation operator runs its own single-parent captive insurer. This is the first-dollar loss layer, creating discipline that makes the whole solution work.
A single-parent captive ensures that every dollar of first-loss comes from the operator's own capitalized reserves, which are in turn funded by the operator's earnings. Siting decisions, resilience investment, and redundancy architecture all flow through to the captive's loss experience and therefore to the operator's own profit and loss statement.
The captive is regulated like any primary insurer: solvency margins, reserve adequacy, actuarial reporting, board-level governance. Regulators and capital markets investors in the layer above see each operator's exposures, reserves, loss ratios, and capital adequacy separately. If one hyperscaler is running thin, its ceded risks price higher in the capital markets layer, creating an economic signal that encourages behavioral change.
Why shouldn’t the owners just hold the risk on their large balance sheets, as many of them are doing today? Placing the risk instead into a captive makes their risk retention strategy explicit, provides transparency to their investors, and unlocks the ability to move beyond their own balance sheet to other sources of capital. Furthermore, by modeling the risks as is necessary for a captive, owners can gain confidence that the capital allocated is sufficient for the risks.
The captive must retain a defined slice of every risk it cedes upward.
Above the captives, the commercial reinsurance market does what it can, and what it can’t gets ceded to the capital markets. This is where most of the capacity problem can be solved, and where the most innovation is available. The move that unlocks capacity is creating a marketplace of peril-specific, separately-priced slices that a global capital base can absorb.
Rather than a single "data center cat bond" covering all perils across all sites, asking investors to price a heterogeneous structure that isn’t well understood, the capital markets layer issues peril-specific instruments. These can include, for example:
Each instrument is narrow enough that a specialist investor can model and price it. This slicing provides three capacity gains.
First, capital availability. Making these capital markets available allows for a source of new capital to cover risks. Pension funds, sovereign wealth funds, endowments, and specialist ILS managers each bring distinct capital pools to the table. Taken together, capital markets capacity for this risk is an order of magnitude greater than reinsurance balance-sheet capacity.
Second, diversification for the buyer. A Japanese pension fund already long Florida hurricane cat bonds wants Texas grid risk, not more Atlantic wind. A Scandinavian sovereign light on North American natural catastrophe wants Virginia flood and Ohio tornado. Peril-slicing lets each investor diversify its own book, which means it will accept a lower yield for the same economic exposure.
Third, price discovery. When many peril-specific instruments trade, the market produces observable prices for each peril. Hyperscaler boards, captive managers, and regulators can see which perils have become expensive and why. Resilience investment decisions become present-value calculations against a market price.
For this perils market to work, an aggregating platform is needed. Individual captive issuance is too small and concentrated for deep capital markets participation. A shared issuance platform, owned by participating captives and reinsurers and governed like a mutual or regulated utility, performs several functions. It pools peril-specific cessions across multiple operators, giving buyers portfolio diversification within the deal. It standardizes trigger definitions, event certification procedures, and loss indices so that buyers can access simple term sheets. It hosts the shared modeling infrastructure and industry loss data that do not yet exist for these perils. And it operates the secondary market that lets investors build diversified portfolios rather than holding concentrated positions to maturity.
The platform does not take net risk onto its own balance sheet beyond working capital. This keeps it from becoming the group captive that would undermine accountability.
Above the capital markets layer, a federal backstop covers the tail. The backstop should be triggered only as the smallest possible intervention and with features that align incentives toward reducing AI infrastructure risk.
The key features of the AI risk backstop are as follows. A defined attachment point, above which the backstop pays. A certification procedure that confirms an event qualifies. A coinsurance share retained by the private layers, so the backstop never pays one hundred percent. And a recoupment surcharge that recovers outlays over time.
Access to the backstop is conditional. Qualifying for coverage requires meeting dispersion standards, redundancy architecture, resilience investment benchmarks, and standardized loss and exposure reporting. These requirements help pull hyperscalers onto a resilience standard that cannot be achieved through market pressure.
In addition to this three-layer architecture, we propose requirements to reduce the probability of tail events. There is a need for informed regulation of this rapidly changing space.
Such regulations may include geographic dispersion requirements for critical workloads, mandatory cross-region failover for designated services, grid redundancy standards, standardized resilience benchmarks, and a reporting framework allowing for supervision. Although some regulations have been developed, what’s missing is a coherent architecture that links the resilience standards to the financial backstop so that each reinforces the other.
In developing this article and discussing it with stakeholders who have first-hand experience at the intersection of hyperscalers and insurance capacity, we've identified questions that need further research to inform the specifics of a solution. A partial list:
Systemically concentrated infrastructure does not stay uninsured for long. Either the governance for it is created in advance, with the right incentives for all the players, or it is created reactively after a crisis, with the compromises of panic legislation. In the case of AI data centers, the buildings are being built either way.
Hyperscale AI infrastructure is at an inflection point. The risks are real and beginning to play out, and insurers are stating that private markets can’t cover them. The layered architecture proposed above follows the pattern that previous systemically important sectors have adopted, applied to the critical infrastructure of the modern economy.
Progress doesn’t have to be all or nothing. Hyperscalers employing captive insurance can help better cover the risks whether or not the federal government plays an explicit role. The benefits of captives are here for the taking already: tailored policies, direct access to reinsurance markets, and profit potential from strong loss performance.