BRIEFING: What the new Product Liability Directive means for your insurance coverage

The EU’s Directive on Liability for Defective Products (the New PLD) will have major implications, not only for EU businesses, but UK-based manufacturers, importers and authorised representatives, software developers, AI providers and – in some cases – online platforms supplying into the EU market.

Policyholders who may not have previously fallen within the scope of the existing PLD – especially technology product-based businesses – should review their coverage ahead of their next insurance renewal. This briefing focuses on the most relevant policies for coverage of these product-related risks, and considers how policyholders can prepare effectively for the increased risks introduced by the new regime.

Impact on existing insurance coverage

The New PLD – details of which can be read here – represents increased risk in product liability litigation for companies whose software falls within scope.

Policies likely to respond and which should be reviewed, include:

Product Liability: These may provide indemnity for legal liabilities including death, personal injury or property damage caused by a defective product. Policyholders should obtain an expanded definition of “Product” that complies with the New PLD, for example expressly including software, AI-related services such as updates and components within products and digital manufacturing files critical to the production of physical products. Other definitions, including “Loss” and “Damage”, should also be reviewed to ensure coverage is sufficiently broad to reflect increased risks and liabilities. In addition, as the New PLD expands potential liability beyond manufacturers, a wider pool of businesses will need to consider whether they require Product Liability insurance.

Corporate General Liability: These policies are unlikely to provide sufficient coverage for ESG-related risks arising from the New PLD. Liability linked to software defects could engage a broad range of ESG issues, such as product lifespan and sustainability requirements. In the context of business human rights and social rights claims, the inclusion of medically recognised psychological harm caused by alleged defective products will be particularly relevant for tech-related companies developing software/apps.

Cyber Liability: Cyber risk or technology errors and omissions policies may be the best fit for defective software and AI-related risks. These policies can cover first-party losses such as business interruption resulting from defective software and costs for IT and forensic accountancy experts, as well as third-party liability. However, as cyber and AI risk increase, insurers may introduce sub-limits of liability to contain risks arising from the New PLD. Although the market has seen increased capacity and lower premiums, broader exclusions are being written into policies. Policyholders should pay close attention to exclusions to ensure cover is fit for purpose.

Professional Indemnity and Professional Liability (including Corporate Entity Liability): These policies can provide cover for third-party claims, regulatory investigations and claims alleging wrongful acts or omissions in providing “Professional Services”. The definition of “Damages” should be broadened beyond financial loss to include property damage and bodily injury, including medically recognised psychological harm. The definition of “Professional Services” should also be reviewed to ensure “Products” aligns with the New PLD.

Public Liability: These policies protect against third-party claims resulting from death, accidental injury or property damage caused by business operations.

Product Recall: These policies offer first and third-party cover for financial loss, business interruption and reputational damage when defective products are recalled. Cover is distinct from product liability policies, focusing on prevention and risk mitigation. This cover may be increasingly relevant given expanded EU product safety requirements applying to standalone software and other digital products, as non‑compliance may necessitate recalls or corrective action and, where damage occurs, may increase exposure to claims under the New PLD. In a digital context, recall or corrective measures may also include software patches, updates, access restrictions or product withdrawal from digital distribution channels.

Directors’ and Officers’ Liability: These policies protect senior management against financial liability and provide legal defence costs for investigations and claims alleging wrongful acts, errors or omissions. Given the shift in burden of proof under the New PLD, the scope of cover, including defence cost limits, should be reviewed.

Policyholders should consider the following across all policy lines:

• Increasing policy limits: The New PLD shifts the burden of proof, meaning defect and causation may be presumed, which could increase in claims and defence costs.

• Extending policy periods/run-off cover: The legal liability long-stop for latent injuries extends from 10 to 25 years, creating longer-tail legal exposure.

• Ensuring policies dovetail: Amended or new policies should align with existing cover to avoid overlap coverage discrepancies.

Ultimately, the New PLD means corporate policyholders may face additional exposures, and may see an increase in claims arising from the more claimant/consumer-friendly directive.

While some companies have made necessary changes to their programmes, some have not yet acknowledged the scope and potential impact the New PLD may have on their risk profile. Policyholders should work with their brokers now to ensure enhanced cover is in place to mitigate against increased risks.