AI is changing what a data centre risk looks like

The next generation of data centres demands a different approach to insurance

AI is changing what a data centre risk looks like

Property

By Bryony Garlick

Insurers understand traditional cloud data centres, but AI data centres are different. Facilities built to support artificial intelligence have heavier servers, greater power demands, more intensive cooling requirements, and almost no tolerance for downtime. According to Karl Sawyer, senior director at Willis Towers Watson, those differences are forcing insurers to rethink how data centre risks are assessed and placed.

Sawyer illustrates the distinction with a deliberately ordinary example - pictures of your cats stored in a cloud facility somewhere in the Nordics represent a familiar type of risk. An AI data centre supporting algorithmic trading for a major financial institution is something else entirely.

"You've got to look at it on a completely different basis," said Sawyer. "And that's what they're finding."

A risk profile that has fundamentally changed

Investment in AI data centres has accelerated rapidly, particularly in the United States, bringing insurers and lenders into projects backed by increasingly large financing arrangements. Those facilities often require full-value insurance as a condition of lending, creating pressure to place high-value programmes in a market that is still developing the tools to assess the risk properly.

Swiss Re Institute estimates that hyperscaler capital expenditure on AI infrastructure will reach $750 billion in 2026 alone. That investment is creating entirely new pools of risk: Swiss Re projects cumulative global data centre insurance premiums of around $90 billion between 2024 and 2030, spanning property ($49 billion), engineering ($18 billion), liability ($10 billion), credit and surety ($9 billion) and marine ($5 billion).

For Sawyer, the challenge is not placing insurance but ensuring the programme reflects the way AI has changed the underlying risk. Capacity alone is no longer enough if the exposure itself has fundamentally shifted.

AI infrastructure changes the engineering challenge. Servers are heavier, require substantially more power and generate significantly more heat than conventional cloud infrastructure. That alters structural requirements, increases dependence on cooling systems and, in some locations, raises new questions about water availability. Converting an existing data centre is often a major engineering project rather than a straightforward upgrade.

"You can use an old data centre because it's connected to power," Sawyer said, "but if you're converting it into an AI data centre, it's a big project – do we need load-bearing floors, how are we going to source the additional power and the power backups?"

The resilience assumption that often doesn't hold

For organisations that depend on data centres, the challenge extends beyond the physical asset itself. Business continuity assumptions built around conventional cloud resilience may not translate cleanly to AI-intensive operations where latency, processing continuity and access to specific infrastructure are critical.

Nina Arquint, CEO of UK Corporate Solutions at Swiss Re, sees data centres as part of a broader shift in how organisations think about resilience.

"You need to think about the strategic resilience of your organisation," she said. "Do you actually know what your critical processes are? Do you know the supply chain dependencies you have? Which ones are the most critical?"

The figures bear out the concern. Some of the largest AI data centres now carry total asset values exceeding $20 billion before technology installation, according to Swiss Re Corporate Solutions CEO Ivan Gonzalez, a concentration of value that demands solutions going beyond traditional insurance coverage.

For Sawyer, that question extends to the insurance programme itself. Around one in five conversations with data centre clients and prospects still centres on basic administrative fundamentals: correct documentation, timely paperwork and accurate invoicing. Across complex, multi-jurisdictional financing structures, getting those basics right remains a prerequisite before more sophisticated risk analysis can begin.

The aggregation question

Beyond individual facilities lies a broader question: aggregation.

As capital continues to flow into AI infrastructure, insurers are becoming increasingly concentrated in locations where reliable power, cooling capacity and low latency converge. A market-changing loss has yet to occur, but Sawyer believes that should not be mistaken for evidence the risk does not exist.

"Things can't stay resilient forever," Sawyer said. "So it might happen."

The geography of that risk adds further weight to the concern. Swiss Re Institute estimates that around 40% of US data centre capacity sits in significant-to-very-high tornado-day zones, with approximately a quarter in large-hail day zones, a natural catastrophe accumulation profile the market is only beginning to fully price.

The same challenge extends beyond data centres. The greatest danger is not complexity itself, but complacency. Too often, organisations assume resilience measures designed for yesterday's risks will continue to perform in tomorrow's environment.

For data centres, that observation carries particular weight. The facilities being financed and built today are larger, more power-intensive and more operationally critical than those insurers have traditionally assessed.

The analytical tools are improving. The bigger challenge is ensuring insurance programmes evolve as quickly as the risks themselves.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!