Purdy House Publishing

AI Governance in Education Series

Memorandum No. 2

The Forcing Function: Insurance, Regulation, and the Urgency of AI Governance in Education

Ryan James Purdy

Purdy House Publishing & Consulting

December 2025

Abstract

Memorandum No. 1 documented the operational gap in AI governance frameworks for education: the absence of implementation infrastructure despite abundant principles and regulatory requirements. This memorandum examines the external forcing functions now closing that gap—not through educational authority action, but through risk-bearing decisions of insurers, enforcement timelines of regulators, and liability exposure from emerging litigation. Insurers are introducing AI exclusions and governance-linked underwriting requirements. Regulators are moving from guidance to enforceable obligations. Litigation signals are shaping liability theories that reward institutions able to produce auditable evidence of oversight. Together, these forces shift AI governance from aspirational intent to operational necessity. Institutions that build governance infrastructure before renewal cycles and enforcement timelines crystallize will retain design flexibility. Those that wait will inherit externally defined standards under time pressure. The window is finite and calculable.

Scope and Audience. This memorandum addresses educational institution leaders, risk managers, board members, and EdTech vendors navigating AI governance requirements. It does not address pedagogy, classroom practice, or AI model development.

Introduction: The Forcing Function Defined

Memorandum No. 1 established that AI governance frameworks applicable to education fall into four categories: aspirational frameworks that articulate principles, regulatory frameworks that establish legal requirements, sector guidance that provides education-specific recommendations, and operational frameworks that supply implementation infrastructure.¹ The analysis documented a structural gap: while the first three categories have developed substantially, operational frameworks providing templates, procedures, calendars, and documentation standards remain largely absent.

This memorandum explains why that gap is becoming commercially unsustainable.

The operational infrastructure that educational authorities have not provided is now being demanded by external entities who bear financial consequences of governance failures. Insurance underwriters are introducing policy exclusions that shift AI-related liability away from coverage unless institutions demonstrate documented governance. State legislatures are enacting requirements that reference specific compliance frameworks. Courts are allowing novel theories of AI liability to proceed, creating precedent that will inform future claims. Each development creates documentary pressure: insurers demand written frameworks, regulators require auditable compliance, litigants seek discoverable evidence. The operational gap is being filled not by educational authorities but by entities whose financial exposure requires documented, auditable proof of governance.

Throughout this memorandum, documented governance refers to the concrete artifacts that demonstrate AI oversight in practice: system inventories and risk classifications, written policies with named accountabilities, assessment records and audit trails, incident response documentation, and evidence of ongoing monitoring. These are the deliverables that underwriters, regulators, and litigants will request—and that existing frameworks do not supply.

A forcing function is an external constraint that compels action regardless of internal readiness. In education AI governance, the forcing functions are not primarily ministries or school boards. They are underwriters, regulators, and litigants—each with different mechanisms but identical output requirements: institutions must produce documented evidence of oversight, control, and monitoring.

The implications extend beyond compliance. Institutions that establish governance infrastructure before external mandates take effect will have flexibility to shape their approaches. Those that wait until insurers require specific documentation, regulators enforce specific procedures, or litigants demand specific evidence will find their options constrained by external definitions of adequacy. Section 3 of this memorandum maps specific milestones—January 2026 insurance adoption dates, June 2026 state enforcement deadlines, projected 2027 legislative enactments—that define the window within which institutional initiative remains possible. That window is narrowing on a calculable timeline.

To substantiate this argument, this memorandum proceeds in three parts. Section One examines the insurance market's shift from advisory guidance to exclusionary posture, documenting endorsements, underwriting requirements, and coverage decisions transforming AI governance into an insurance eligibility prerequisite. Section Two analyzes the loss history and regulatory actions building the actuarial and legal case for AI-specific liability in education. Section Three maps regulatory convergence across jurisdictions, establishing the timeline within which these forcing functions take full effect.

1. The Insurance Inflection Point

The insurance industry's treatment of artificial intelligence risk is undergoing a practical transition. For two years following public release of large language models, insurers approached AI primarily through advisory guidance: recommending governance practices, monitoring emerging claims, assessing exposure without materially changing coverage terms. That advisory phase is ending. Beginning in 2025 and accelerating through 2026, insurers are moving from recommendation to requirement, from monitoring to exclusion, from assessment to mandate. This shift transforms AI governance from risk management consideration into insurance eligibility prerequisite.

1.1 From Advisory to Exclusionary: The Market Shift

ISO (a Verisk business) introduced optional endorsements for commercial general liability policies with a January 2026 edition date through ISO Circular LI-CF-2024-175.² These endorsements introduce AI-specific provisions that carriers may adopt beginning January 1, 2026—a date that aligns with standard policy renewal cycles and creates a practical inflection point for institutional risk management.

Three endorsements are central. CG 40 47 provides the broadest exclusion, covering bodily injury, property damage, or personal and advertising injury arising from generative AI use. CG 40 48 offers a narrower alternative, excluding only personal and advertising injury under Coverage B. CG 35 08 addresses products and completed operations exposure specifically.³ Together, these endorsements allow carriers to carve out AI-related claims from commercial liability policies that educational institutions have historically relied upon.

The availability of standardized exclusion language shifts the market baseline. Trade commentary indicates carriers are preparing to adopt these endorsements, and the existence of industry-standard options changes underwriting dynamics.⁴ The question for underwriters becomes not whether AI exclusions exist, but whether a particular risk warrants their application—and the answer increasingly depends on documented governance. Educational institutions renewing commercial general liability policies in 2026 should anticipate that carriers may attach AI exclusion endorsements, particularly for institutions that cannot demonstrate documented AI governance.

Several carriers have already implemented AI exclusions through proprietary policy language. Early movers include Berkeley Insurance, whose 'Absolute AI Exclusion' covers any actual or alleged use, deployment, or development of artificial intelligence across Directors and Officers, Errors and Omissions, and fiduciary liability products; Hamilton Select Insurance, with blanket exclusions for claims involving generative AI; and Philadelphia Indemnity Insurance, excluding content created using generative AI for third-party work.⁵ These actions signal market direction: AI exposure is being isolated from standard coverage, creating gaps that institutions must address through governance documentation, specialty coverage, or risk retention.

The market is not uniformly exclusionary. Specialty carriers are developing affirmative AI coverage products designed to fill gaps created by exclusions elsewhere. Armilla AI Insurance, backed by Lloyd's syndicates, launched coverage in April 2025 for AI liability including hallucinations, model degradation, and algorithmic failures.⁶ Testudo offers generative AI liability policies through Lloyd's. Munich Re has provided performance guarantee coverage for AI technologies since at least 2018.⁷ These products represent emergence of a dedicated AI insurance market, analogous to cyber insurance development over the past two decades.

The cyber insurance parallel is instructive. When cyber risks emerged, general liability policies provided uncertain coverage, and insurers responded with dedicated products carrying specific underwriting requirements. Over time, cyber coverage became standard for institutions handling sensitive data, and underwriting requirements drove adoption of specific security controls—multi-factor authentication, endpoint protection, incident response planning. AI insurance appears to follow similar trajectory: exclusions from general liability create demand for specialty products, and specialty underwriters develop governance requirements that become de facto standards.

Beazley, a major cyber and technology errors and omissions carrier, has stated it has no current plans to exclude AI but that underwriting decisions depend heavily on documented governance practices.⁸ The message is explicit: coverage availability requires demonstrable AI risk management. For educational institutions, this means the governance documentation that was previously advisable is becoming prerequisite.

1.2 Insurance Typology: Distinct Coverage, Distinct Demands

The insurance implications of AI deployment vary by coverage type, and each creates distinct documentation demands.

Commercial general liability insurance covers bodily injury, property damage, and personal or advertising injury arising from institutional operations. The Verisk endorsements operate within this coverage line. For educational institutions, excluded scenarios under CG 40 47 might include defamation claims arising from AI-generated content published through institutional social media channels, personal injury claims from AI chatbot interactions with students, or reputational harm from AI system outputs attributed to the institution. Institutions seeking to preserve CGL coverage for AI-adjacent risks will need to demonstrate governance practices satisfying underwriter requirements.

Cyber liability and errors and omissions insurance covers data breaches, system failures, and professional negligence in technology operations. This coverage has historically addressed educational technology risks: student information system breaches, learning management system failures, third-party vendor incidents. The January 2025 PowerSchool breach—exposing over sixty-two million student records and ten million teacher records in one of the largest K-12 data exposures on record—demonstrates that AI-adjacent educational technology systems already produce actuarially significant losses.⁹ AI introduces additional exposure vectors: algorithmic decision-making errors, training data contamination, model drift affecting reliability, and novel attack surfaces from AI system integration. Cyber and E&O underwriters increasingly inquire about AI governance in standard questionnaire processes.

Directors and officers liability insurance covers claims against institutional leadership for governance failures, fiduciary breaches, and management decisions causing harm. Berkeley Insurance's Absolute AI Exclusion specifically addresses D&O coverage, meaning boards cannot obtain coverage for AI governance failures without documented frameworks demonstrating oversight.¹⁰ AI governance failures resulting in regulatory sanctions, litigation, or reputational damage may trigger D&O claims alleging inadequate board oversight. Educational institution boards that have not formally addressed AI governance may find D&O coverage terms affected at renewal—a fiduciary liability exposure that compounds operational risk.

The convergence across coverage types creates compound pressure. An institution facing AI exclusions in CGL, heightened requirements in cyber and E&O, and governance scrutiny in D&O cannot address each line in isolation. Documentation satisfying one underwriter must align with expectations across the coverage portfolio.

Underwriters are converging on a common set of evidence requirements that institutions should anticipate. Based on emerging questionnaires and broker guidance, these include: AI inventory and classification documenting systems in use and their risk levels; governance structure showing board or leadership oversight and cross-functional accountability; risk management documentation including assessments for high-risk systems; bias testing and fairness audit procedures; explainability and transparency documentation; human oversight protocols; data governance policies addressing training data and student information; and third-party AI vendor management procedures.¹¹ These eight categories represent the operational infrastructure that underwriters expect—and that Memorandum No. 3 will map directly to implementation frameworks.

1.3 Insurers as De Facto Regulators

The insurance market's documentation requirements are evolving toward a de facto regulatory function. Underwriters are not merely assessing risk; they are prescribing governance frameworks, and their prescriptions are becoming conditions of coverage.

Current underwriting requirements for educational institutions focus on established technology governance: multi-factor authentication, patch management, endpoint protection, backup procedures, and security awareness training for cyber coverage; FERPA compliance documentation, vendor agreements, and incident response plans for data protection; HECVAT assessments, SOC 2 Type 2 audits, and contractual security clauses for third-party vendor management.¹² These requirements evolved over decades of cyber insurance market development.

Emerging requirements extend these expectations to AI-specific governance. Underwriters request documentation of AI system inventories distinguishing high-risk systems from lower-risk applications. Governance structure documentation—board-level oversight, cross-functional committees, defined roles—appears in emerging questionnaires. Risk assessments, harm identification, and mitigation strategies are moving from advisory recommendations to underwriting expectations.¹³

Most significantly, underwriters are referencing specific frameworks as compliance benchmarks. The National Institute of Standards and Technology AI Risk Management Framework and ISO/IEC 42001 appear with increasing frequency in underwriting guidance.¹⁴ When underwriters ask whether institutional AI governance 'aligns with NIST AI RMF' or whether the institution has 'considered ISO 42001 certification,' they effectively prescribe frameworks carrying implementation requirements far beyond general policy statements.

This development addresses the governance gap through market mechanism rather than regulatory authority. Educational authorities have not produced operational AI governance infrastructure, and the reasons are structural: international bodies build consensus, regulators create enforceable requirements, sector associations provide advisory guidance—none occupies the position necessary to supply templates, calendars, role specifications, and audit documentation. The vacuum is visible internationally. A 2025 CBC investigation found that only four of Canada's thirteen provinces and territories have developed any AI frameworks for education; the remaining nine have left teachers and administrators without guidance.¹⁵ Similar gaps exist across jurisdictions.

Insurers are filling this vacuum by requiring alignment with frameworks that do include operational requirements, even though those frameworks were not designed for educational contexts. NIST AI RMF provides a four-function architecture (Govern, Map, Measure, Manage) with implementation guidance. ISO 42001 establishes an AI management system standard with certification requirements.¹⁶ Neither framework addresses education-specific considerations—student data protections, age-appropriate AI use, academic integrity, pedagogical integration—but both provide documented, auditable governance infrastructure that underwriters require.

The enforcement mechanism is coverage eligibility. Institutions that cannot produce documentation satisfying underwriter expectations face exclusions, premium increases, coverage restrictions, or denial. The market does not require regulatory authority to mandate compliance; it requires only that coverage be valuable enough that institutions meet underwriting requirements to obtain it.

For educational institutions, this creates strategic imperative. The governance frameworks insurers require do not exist in education-specific form. Institutions can wait for educational authorities to develop such frameworks—an uncertain timeline given structural barriers—or adapt existing frameworks to educational contexts, building documentation infrastructure that satisfies underwriter requirements while addressing education-specific concerns. The latter approach requires initiative absent authoritative guidance but preserves institutional control over governance design. The former cedes that control to underwriters defining adequacy based on frameworks designed for other sectors. Memorandum No. 3 addresses this gap directly, mapping the eight evidence requirements identified above to education-specific operational infrastructure.

2. Loss Signals and the Actuarial Case

Insurance underwriting is ultimately an actuarial exercise: carriers price risk based on loss history, adjust coverage based on claims experience, and develop exclusions when exposure exceeds their capacity to model outcomes. The forcing function created by insurance market developments documented in Section 1 gains power from emerging loss signals that are building the actuarial case for AI-related liability in education. This section examines those signals across four categories: data breach and privacy incidents, algorithmic harm, platform liability, and sector-wide trends.

Throughout this section, actuarially significant means loss frequency and severity sufficient to shift underwriting questionnaires, pricing, or exclusions across a coverage line. The analysis demonstrates that while AI-specific algorithmic bias claims have not yet reached that threshold in education, the predicate incidents and regulatory precedents are accumulating on a timeline that underwriters are already pricing into 2026-2027 models.

A critical concept for understanding this timeline is the claims development cycle. From incident to settled claim, the typical sequence runs eighteen to thirty-six months: breach or harm occurs, affected parties discover the damage, complaints are filed, discovery proceeds, and settlements emerge. PowerSchool's January 2025 breach, for example, will produce initial settlements in late 2026—concurrent with the first full year of Verisk endorsement adoption. The Verisk exclusions are not reactive to past losses; they are proactive pricing tools anticipating a 2027-2028 claims surge that current incidents are already seeding.

2.1 Data Breach and Privacy

Educational technology systems have produced data breaches at scale sufficient to reshape underwriter risk assessment. These incidents establish the loss history baseline against which AI-specific exposure will be measured—and demonstrate that education sector technology governance failures already generate actuarially significant claims.

The PowerSchool breach announced in January 2025 represents one of the largest exposures of children's information in United States history.¹⁷ The incident, which occurred in late December 2024, compromised over sixty-two million student records and ten million teacher records across school districts using the PowerSchool student information system.¹⁸ Exposed data included full names, birthdates, home addresses, Social Security numbers, grades, attendance records, disciplinary histories, and Individualized Education Program details for special needs students. The breach vector—credential compromise combined with weaknesses in integrated third-party systems—reflects governance failures in vendor oversight and security maintenance.¹⁹

The consequences demonstrate how breach exposure translates to actuarial impact. By February 2025, reports of identity fraud and secondary phishing were documented by affected families. Spear phishing attacks exploiting stolen parent email addresses proliferated.²⁰ PowerSchool's seventy-two hour exfiltration window before detection illustrates the 'dwell time' underwriters now model for education sector breaches—comparable to healthcare and exceeding retail sector benchmarks. For underwriters, PowerSchool validates that EdTech vendor relationships create liability exposure requiring documented governance, and that education sector breaches produce downstream harms at scale comparable to healthcare and financial services.

The breach also has direct cross-border implications. The Toronto District School Board alone reported 1.5 million affected students, with over eighty school boards across seven Canadian provinces compromised.²¹ For institutions operating internationally, the incident demonstrates how vendor relationships create liability exposure transcending any single regulatory framework.

The College Board settlement of February 2024 established regulatory precedent with direct insurance implications.²² New York Attorney General Letitia James and the New York State Education Department secured a $750,000 settlement for violations of New York Education Law Section 2-d. The College Board had licensed student data obtained under educational contracts to colleges and scholarship programs without restriction and used data internally for marketing through 2022-2023.

The settlement's significance extends beyond monetary value. It represents the first major enforcement action under New York's student data privacy law, establishing that state regulators will scrutinize EdTech data practices and that contractual data use restrictions carry enforcement consequences. For underwriters, this precedent informs coverage expectations: institutions that fail to impose and monitor vendor data restrictions face regulatory exposure, and vendors that violate restrictions create liability for institutional customers. The underwriting response is predictable: expanded questionnaires addressing vendor data governance and contractual controls.

2.2 Algorithmic Harm

Algorithmic decision-making in education has produced documented harms that establish precedents and methodologies future claims will invoke. These incidents demonstrate that algorithmic systems can produce discriminatory outcomes at scale, that affected populations seek remediation, and that institutions deploying such systems face reputational and regulatory consequences.

The Ofqual grading algorithm incident of 2020 remains the most prominent example.²³ When COVID-19 forced cancellation of A-Level examinations in the United Kingdom, the Office of Qualifications and Examinations Regulation deployed an algorithm to assign grades. The system systematically lowered grades for students at state schools and in lower-income areas while advantaging private school students. The cause was architectural: the algorithm predicted school performance rather than individual achievement, weighting historical institutional data in ways that replicated existing inequalities. Public outcry forced policy reversal within days.

Ofqual established principles directly relevant to insurance and liability. First, algorithms deployed at scale can produce discriminatory outcomes affecting thousands simultaneously. Second, reputational and political consequences of such failures are severe and immediate. Third, institutions face pressure to demonstrate bias testing before deployment—precisely the documentation emerging underwriting requirements demand.

A 2024 peer-reviewed study published in AERA Open documented systematic bias in predictive algorithms widely used by American universities.²⁴ The research found that algorithms designed to identify at-risk students consistently underestimated success potential of Black and Hispanic students while overestimating outcomes for White and Asian students. Students flagged as 'high-risk' received different institutional treatment—reduced resources and opportunities—creating conditions where algorithmic predictions shaped the outcomes they purported to forecast.

This research has regulatory and litigation consequences. The peer-reviewed methodology in AERA Open equips expert witnesses to quantify algorithmic bias damages, reducing litigation cost and increasing claim viability. The New York Attorney General's scrutiny of educational technology data practices and the proposed New York AI Act's explicit identification of assessment and grading as high-risk applications reflect regulatory response to documented bias.²⁵ For underwriters, peer-reviewed documentation of algorithmic bias validates the risk models underlying AI exclusions and governance requirements. Unlike data breaches, algorithmic bias claims trigger D&O policies directly—boards that deployed biased systems without documented oversight face personal liability exposure.

2.3 Platform Liability

Litigation involving AI platforms and minors is establishing precedents that will shape institutional liability for AI tool deployment in educational settings.

In May 2025, U.S. Senior District Judge Anne Conway allowed a wrongful death lawsuit to proceed against Character.AI, rejecting the company's First Amendment defense.²⁶ The case, filed by Florida mother Megan Garcia, alleges that her fourteen-year-old son Sewell Setzer III engaged in an emotionally and sexually abusive relationship with a Character.AI chatbot. According to the complaint, the chatbot encouraged the teenager to return to the platform shortly before his death by suicide.²⁷

Judge Conway's ruling acknowledged the case as a potential test for AI platform liability. The implications for educational institutions are substantial. Schools that recommend, allow, or integrate AI tools accessible to students may face duty-of-care arguments under in loco parentis doctrines if those tools cause harm. The liability theory—that platforms owe duties to minor users and that AI interactions can contribute to harm—extends institutional exposure beyond direct deployment to endorsement and recommendation.

For underwriters, the case highlights exposure categories that existing policies may not cover and that AI exclusions specifically address. Discovery in Character.AI will proceed through 2026, with settlement discussions likely influencing underwriter models before any trial. With education sector awards exceeding ten million dollars up ninety-two percent in 2024, a single AI-related child harm settlement would shift the actuarial baseline immediately.²⁸ The underwriting response will be governance-contingent: institutions with documented AI safety protocols and human oversight procedures will be distinguishable from those without.

2.4 Sector-Wide Trends

Loss data from education sector insurers documents broader trends contextualizing AI-specific exposure. United Educators, a major education sector carrier, reported significant increases in both claim frequency and severity for 2024.²⁹

The data showed fifty-four settlements or awards exceeding $2.5 million, with total settlements exceeding $250,000 reaching one hundred eighteen—up from one hundred eleven in 2023. Most striking was the severity trend: twenty-five awards exceeded ten million dollars in 2024, compared to fourteen in 2023, representing a ninety-two percent year-over-year increase. The threshold for 'large loss' has shifted dramatically: from $100,000 thirty years ago, to $1 million in 2023, to $2.5 million in 2024. Social inflation—claims costs rising faster than premium increases—continues to compress carrier margins.

Major 2024 claim categories included sexual misconduct, discrimination and Title IX violations, breach of contract, and premises liability. Notably absent: AI or algorithmic bias claims. United Educators reported zero algorithmic discrimination claims in its 2024 large-loss dataset.

This absence should not be treated as stable equilibrium. It reflects unexpired claims development, not low risk. The two-to-three year statute of limitations for students harmed by AI systems deployed in Fall 2024 expires in Fall 2026-Fall 2027. Complaints filed in 2025 will produce settlements in 2026-2027—concurrent with the Verisk exclusion adoption window. The 2024 loss data reflects pre-AI exposure; 2026-2027 data will not.

The cyber incident landscape compounds this exposure. Between July 2023 and December 2024, eighty-two percent of K-12 schools experienced a cyber incident.³⁰ Attack vectors concentrate on phishing—the same vulnerability exploited in PowerSchool—targeting accumulated student data that educational technology systems aggregate. Institutions deploying AI systems without addressing foundational cybersecurity face compounded risk: AI increases attack surface while embedding in the same vulnerable infrastructure that produces current breach losses. The eighth governance area identified in this memorandum series—Cybersecurity Essentials—is not peripheral to AI governance but foundational to it.

EU GDPR enforcement has reached educational institutions directly. Bocconi University received a €200,000 fine for remote examination monitoring without adequate student disclosure, establishing that education-specific data processing faces regulatory scrutiny under general privacy frameworks.³¹

The actuarial picture emerging from these loss signals has clear implications. Education sector technology governance failures already produce large-scale breaches and substantial settlements. Algorithmic systems have demonstrated capacity for discriminatory outcomes with peer-reviewed methodologies now available to quantify damages. Platform liability theories are developing that reach institutional AI deployment. The claims that AI exclusions and governance requirements anticipate are not speculative—they are predictable extensions of documented trends on calculable timelines.

These signals translate into underwriting levers: AI exclusions on commercial general liability, expanded cyber questionnaires, and D&O governance scrutiny. The common denominator is documentation. Institutions that can produce AI inventories, vendor assessment records, bias testing protocols, incident response procedures, and board oversight evidence will be distinguishable in underwriting. Those that cannot will face the exclusions, premium increases, and coverage restrictions that undocumented risk attracts. The actuarial models for 2026-2027 renewals are being built now using 2024-2025 loss data. The governance gap identified in Memorandum No. 1 must close before those models finalize.

3. Regulatory Convergence and the Closing Window

The forcing functions documented in Sections 1 and 2—insurance market exclusions and emerging loss signals—operate alongside a third pressure: regulatory convergence. State legislatures are enacting AI requirements that explicitly name education as a high-risk domain. Federal policy is repositioning regulatory authority in ways that create uncertainty while maintaining institutional accountability. International frameworks are advancing while national legislation stalls. These developments are concurrent, not sequential, creating overlapping compliance timelines that compress the window for institutional preparation.

Critically, this convergence is substantive, not merely procedural. Across jurisdictions and regulatory bodies, requirements are coalescing around a common control set: documented risk management, transparency duties, bias testing, human oversight, and auditability for high-impact systems. The specific statutory language varies, but the operational expectations are aligning—and they match the insurance evidence requirements documented in Section 1.

This section maps that regulatory landscape and establishes the specific milestones defining the closing window.

3.1 State Regulation: Education Explicitly Named

State legislatures have moved faster than federal authorities in establishing AI governance requirements, and several have explicitly identified education as a high-risk domain triggering enhanced obligations.

The New York Artificial Intelligence Act (S.1169A) represents the most comprehensive state-level AI regulation with direct education implications.³² The bill passed the New York Senate on June 12, 2025, by a vote of 51-8 and is currently before the Assembly Ways and Means Committee. The legislation would regulate development and deployment of AI systems to prevent algorithmic discrimination, require independent audits of high-risk AI systems, and provide enforcement through both the Attorney General and private right of action.

Education triggers in S.1169A are explicit. The bill identifies assessment and grading systems, plagiarism detection tools, admissions decisions, and financial aid allocation as high-risk AI applications subject to enhanced requirements.³³ Covered entities would face obligations including bias audits conducted before deployment, advance transparency disclosure to affected individuals, and appeal mechanisms for adverse decisions. The legislation references NIST AI RMF and ISO 42001 as compliance guidance, creating alignment between state regulatory expectations and the frameworks insurers are beginning to require.

The private right of action provision carries particular significance for institutional risk. Unlike regulatory enforcement, which depends on agency priorities and resources, private litigation allows affected individuals to pursue claims directly. For educational institutions, this means students or families who believe AI systems produced discriminatory outcomes could initiate legal action without waiting for regulatory investigation. The insurance implications are direct: D&O and E&O policies will need to account for litigation exposure that private rights of action create.

The bill's status requires precise characterization. S.1169A has passed one chamber and faces Assembly consideration; it has not been enacted. Projecting an effective date would be speculative. However, the pattern established by Colorado's AI legislation—an eighteen-month implementation delay from enactment—suggests that if New York enacts S.1169A in 2025 or early 2026, institutional compliance obligations would likely begin in 2027.³⁴

Colorado's Artificial Intelligence Act (SB 24-205) provides the closest existing model for education-specific AI regulation.³⁵ The legislation, enacted in 2024 with enforcement delayed to June 30, 2026, explicitly lists education among domains where AI systems make 'consequential decisions' requiring governance. The Act requires risk management practices aligned with NIST AI RMF or ISO 42001 and establishes Attorney General oversight with mandatory remediation for algorithmic discrimination.

Colorado's framework creates a compliance template that other states may follow and that insurers are already incorporating into underwriting expectations. The June 2026 enforcement date means institutions operating in Colorado—or EdTech vendors serving Colorado institutions—face binding governance requirements within six months. For multi-state educational organizations and technology providers, Colorado compliance becomes a de facto national standard: building governance infrastructure to satisfy Colorado requirements positions institutions for similar obligations as other states enact comparable legislation.

California's approach differs in mechanism but reinforces the regulatory trend. SB 1288, signed in September 2024, directed the state Superintendent to convene a working group to develop AI guidance for educational settings.³⁶ AB 2876 directs integration of AI literacy into curriculum frameworks. These are framework-development mandates rather than compliance requirements, but they signal state-level recognition that education-specific AI governance cannot remain indefinitely unaddressed.

The cumulative effect of state regulatory activity is significant. Dozens of states have now issued some form of AI guidance for education, though comprehensiveness varies dramatically.³⁷ The trajectory is toward binding requirements with education-specific triggers, enforcement mechanisms, and explicit framework references. Institutions that build governance infrastructure aligned with NIST AI RMF and ISO 42001 now will be positioned for compliance as state requirements crystallize; those that wait will face compressed implementation timelines under regulatory pressure.

3.2 Federal Policy: The Governance Vacuum

Federal AI policy has created uncertainty without reducing institutional accountability. The December 11, 2025 Executive Order on AI policy repositioned federal regulatory authority in ways that affect state-level governance frameworks while maintaining—and in some respects increasing—pressure on institutions to demonstrate documented oversight.³⁸

The Executive Order's core mechanism is preemption positioning. Section 5 directs the Department of Commerce to link state eligibility for Broadband Equity Access and Deployment (BEAD) program funding to whether states have enacted AI laws identified as 'onerous.' BEAD represents over forty-two billion dollars in broadband infrastructure funding; states risk forfeiting hundreds of millions in critical infrastructure investment over AI regulatory posture.³⁹ The Order explicitly references Colorado's algorithmic discrimination law as an example. Section 6 instructs the Federal Communications Commission to consider adopting federal disclosure standards that would preempt conflicting state requirements. Section 8 calls for legislative recommendations establishing a uniform federal framework while carving out child safety protections and state government AI procurement.

The practical effect is to create a period of regulatory uncertainty during which federal preemption may nullify some state requirements while federal alternatives remain unspecified. For educational institutions, this uncertainty does not reduce governance imperatives—it complicates them. The Executive Order does not remove risk from schools; it rearranges who is allowed to regulate it.⁴⁰ Institutions cannot defer governance pending regulatory clarity because the insurance and actuarial forcing functions documented in Sections 1 and 2 operate independently of federal policy posture.

The governance vacuum persists because the Executive Order addresses regulatory authority, not operational infrastructure. Federal agencies have not produced the templates, procedures, and documentation standards that institutions need to demonstrate compliance. The U.S. Department of Education's 2024 AI Toolkit provides forty-seven pages of general guidance but contains no templates, no audit procedures, and no implementation calendars—confirming the operational gap Memorandum No. 1 documented.⁴¹

The April 2025 Executive Order on AI education created federal timelines without federal infrastructure.⁴² Agencies received ninety-day deadlines to draft education priorities and launch initiatives, with 120-day deadlines for scholarship and fellowship redesign. These timelines signal federal recognition that AI in education requires policy attention, but they do not produce the governance documentation that institutions need or that insurers increasingly require.

3.3 International Comparison: The Widening Gap

International developments provide comparative context highlighting structural challenges facing educational AI governance in North America.

The European Union's Artificial Intelligence Act represents the most comprehensive binding AI regulation globally and operates on a phased application schedule that creates near-term compliance obligations.⁴³ The Act entered into force on August 1, 2024. Prohibited practices and AI literacy obligations apply from February 2, 2025. General-purpose AI model obligations apply from August 2, 2025. High-risk system obligations—including those affecting educational institutions—apply from August 2, 2026, with full rollout by August 2, 2027.

Educational institutions face specific requirements under the Act. Universities deploying high-risk AI systems must comply with risk management, data governance, transparency, and human oversight obligations. The Act prohibits emotion recognition in educational institutions except for medical or safety reasons.⁴⁴ For international schools operating in EU member states, compliance is mandatory and imminent; for institutions outside the EU serving EU students or partnering with EU institutions, the Act creates extraterritorial compliance considerations that compound domestic governance requirements.

The EU framework demonstrates that binding, operational AI governance requirements for education are achievable. The contrast with North American regulatory development is stark: the EU moved from framework to enforcement while federal legislation in both the United States and Canada stalled.

Canada's Artificial Intelligence and Data Act, proposed as part of Bill C-27, was terminated when Parliament was prorogued on January 6, 2025.⁴⁵ The legislation must now be reintroduced as new legislation, with no timeline for renewed consideration. AIDA's collapse means Canada will have no federal AI law before 2027 at earliest, leaving insurers and provincial litigators as the primary governance forcing functions—mirroring the pattern in the United States. Even the terminated version contained minimal education-specific provisions. The Canadian Teachers' Federation noted that the proposed federal legislation 'does not include explicit provisions specific to the unique risks of AI in education, especially concerning minors.'⁴⁶

The provincial landscape mirrors the federal vacuum. A 2025 CBC investigation found that only four of Canada's thirteen provinces and territories—British Columbia, New Brunswick, Quebec, and Ontario—have developed any AI frameworks for education. Nine provinces and territories have provided no guidance, leaving teachers and administrators without institutional support.⁴⁷ Provincial responses are 'a mishmash' that does not 'offer true, meaningful education for teachers on potential and pitfalls of AI in the classroom.'

UNESCO survey data reinforces the international pattern. Approximately two-thirds of higher education institutions worldwide report having AI policies in place or in development.⁴⁸ This figure reflects recognition that governance is necessary, but the gap between policy statement and operational implementation—the central concern of this memorandum series—remains largely unaddressed internationally as domestically.

3.4 The Sector-Specific Gap

The regulatory and governance gap in education becomes most visible when compared to sectors with mature AI oversight infrastructure. Healthcare and financial services, both heavily regulated and subject to significant liability exposure, have developed operational frameworks translating principles into documented practice. Education has not.

In healthcare, AI systems informing clinical decisions operate within regulatory frameworks that include operational requirements.⁴⁹ The FDA's guidance on clinical decision support software, combined with health IT certification requirements administered by the Office of the National Coordinator, creates an environment where AI governance is proceduralized, not merely principled. Healthcare institutions deploying AI can draw on established frameworks for validation, monitoring, and documentation. Third-party assessment services verify compliance. The gap between policy and practice has been substantially addressed through sector-specific infrastructure.

In financial services, AI governance builds on decades of risk management and audit infrastructure.⁵⁰ The Federal Reserve's SR 11-7 guidance on model risk management, issued in 2011, established expectations for model validation, ongoing monitoring, and documentation that AI systems now inherit. SOC 2 attestation standards, FFIEC examination procedures, and Fair Lending Act enforcement create operational foundations that financial institutions can extend to AI governance.

Education lacks equivalent infrastructure. No federal agency has issued education-specific AI governance guidance with operational requirements. No sector-specific attestation standard exists for educational AI systems. No examination or audit framework specifically addresses AI deployment in schools or universities. The regulatory frameworks that apply to education—FERPA for data protection, COPPA for children's online privacy—predate AI deployment and do not address algorithmic decision-making.⁵¹ Healthcare and financial services institutionalize third-party audit budgets as standard practice; education has no equivalent line item, forcing governance costs into unrestricted funds or unfunded mandates.

This gap has practical consequences for institutional risk management. When a healthcare institution's underwriter asks about AI governance, the institution can reference FDA guidance, ONC certification status, and established validation procedures. When a financial institution faces similar questions, it can point to SR 11-7 compliance documentation and SOC 2 attestation. When an educational institution receives the same inquiry, no equivalent reference framework exists.

The cross-sector comparison suggests translations that educational institutions must perform to satisfy emerging requirements: Healthcare's predetermined change control plans—documented procedures for how AI systems are modified, validated, and redeployed—translate to AI system update governance in educational contexts. Healthcare's clinical decision support oversight committees translate to institutional AI review boards with authority over tool selection, deployment parameters, and ongoing monitoring. Financial services' SR 11-7 model risk management translates to AI model governance addressing bias detection, performance monitoring, and remediation procedures. Fair Lending regression testing translates to algorithmic fairness auditing protocols appropriate for educational decisions affecting student opportunity.⁵²

These translations require initiative that existing educational governance structures have not provided. The forcing functions documented in this memorandum—insurance requirements, loss signals, regulatory timelines—are compelling that initiative regardless of whether authoritative educational bodies supply the frameworks.

3.5 The Calculable Window

The convergence of insurance, litigation, and regulatory forcing functions creates a timeline that institutions can map and against which they can plan. The window for establishing AI governance infrastructure before external requirements mandate specific approaches is finite and calculable.

2026 marks the first inflection point. January 2026 brings Verisk endorsement availability, enabling carriers to attach AI exclusions to commercial general liability policies at renewal. June 30, 2026 brings Colorado CAIA enforcement, creating binding governance requirements for institutions and vendors operating in that state. August 2, 2026 triggers EU AI Act high-risk system obligations for educational institutions in member states. Insurance renewal cycles occurring in 2026 will be the first where AI governance documentation materially affects coverage terms, premiums, and exclusions. Institutions without documented governance entering 2026 renewals face the exclusionary posture Section 1 documented.

The synchronization is critical: underwriters renewing policies in mid-2026 can point to binding state law (Colorado CAIA), pending state law (NY S.1169A), and international obligations (EU AI Act high-risk phase) as justification for governance requirements and exclusionary endorsements. This is not coincidence—it is the convergence this memorandum documents.

2027 intensifies compliance pressure. If New York enacts S.1169A, implementation would likely occur in 2027 based on Colorado's eighteen-month delay pattern. Additional states will advance AI legislation through 2026-2027 legislative sessions, creating a cascade effect as jurisdictions observe peer-state regulatory models. The eighteen-to-thirty-six month claims development cycle documented in Section 2 means incidents from 2025 AI deployments begin producing settlements in 2027, directly affecting underwriter loss models and premium calculations. Institutions that deferred governance decisions in 2025-2026 face compressed timelines and externally defined compliance standards.

2028 and beyond represents the mature enforcement period. Statutes of limitation for 2025-2026 AI-related harms expire, enabling the litigation that loss signals predict. Actuarial models will incorporate settled claims data, stabilizing but likely increasing AI-related premiums. The EU AI Act reaches full application by August 2027, with enforcement patterns established. Early-mover governance frameworks will have established operational track records, creating market differentiation between institutions with mature AI oversight and those implementing under pressure. The window for institutional initiative in governance design will have closed; external requirements will define adequacy.

The strategic implication is clear. Institutions establishing governance infrastructure in 2025-2026 retain flexibility to design approaches suited to their contexts, build documentation records before underwriter scrutiny intensifies, and position themselves as governance leaders rather than compliance followers. Institutions deferring until external pressure mandates action will inherit frameworks designed by insurers, regulators, and litigants rather than educational practitioners.

Memorandum No. 3 addresses this gap directly. It provides the first sector-specific operational framework mapping ten governance areas to the eight insurance evidence requirements identified in Section 1, translating the healthcare and financial services controls documented in this section into education-specific templates, procedures, and documentation standards that satisfy the forcing functions this analysis has established.

Conclusion: From Aspiration to Operational Necessity

This memorandum has documented three forcing functions converging on educational AI governance: insurance market exclusions that shift coverage eligibility toward documented governance, loss signals building the actuarial case for AI-specific liability, and regulatory timelines creating binding compliance obligations with education explicitly named as a high-risk domain. Each forcing function operates through different mechanisms—underwriting decisions, claims development, statutory enactment—but each produces the same institutional demand: documented, auditable evidence of AI oversight.

The convergence is substantive, not merely coincidental. Insurance underwriters requiring NIST AI RMF alignment are prescribing the same framework that Colorado's CAIA mandates and that New York's S.1169A references as compliance guidance. Carriers developing AI exclusions are responding to the same loss signals—PowerSchool's sixty-two million compromised records, Character.AI's platform liability exposure, algorithmic bias documented in peer-reviewed research—that will drive litigation under state private rights of action. The EU AI Act's high-risk system obligations, taking effect August 2026 for educational institutions, require the same transparency, human oversight, and risk management documentation that domestic insurers are beginning to demand. Different regimes, different enforcement mechanisms, identical artifact requirements.

The eight evidence categories identified in Section 1—AI inventory and classification, governance structure, risk management documentation, bias testing procedures, explainability documentation, human oversight protocols, data governance policies, and third-party vendor management—represent this convergence operationally. An institution that builds documentation infrastructure satisfying these categories simultaneously addresses insurance underwriting expectations, Colorado CAIA compliance, anticipated New York requirements, and EU AI Act obligations. The forcing functions are not competing demands requiring separate responses; they are aligned pressures that a single governance framework can satisfy.

The timeline is bounded, not open-ended. January 2026 brings Verisk endorsement availability for carrier adoption. June 30, 2026 brings Colorado CAIA enforcement. August 2, 2026 triggers EU AI Act high-risk obligations. Insurance renewals occurring throughout 2026 will be the first where AI governance documentation materially affects coverage terms. The eighteen-to-thirty-six month claims development cycle means 2025 AI deployments produce settlements in 2026-2027, directly affecting actuarial models and premium calculations. Institutions entering 2026 without documented governance face a synchronized pressure that did not exist in 2024 and will only intensify through 2027-2028.

The strategic choice facing educational institutions is not whether to develop AI governance but when and on whose terms. Institutions that build governance infrastructure in 2025-2026 retain design flexibility: they can adapt frameworks to institutional context, establish documentation practices before underwriter scrutiny intensifies, and develop operational competence before regulatory enforcement begins. Institutions that defer until external pressure mandates action will inherit governance requirements defined by insurers pricing risk, regulators enforcing statutes, and litigants pursuing discovery. The former approach positions institutions as governance leaders; the latter consigns them to compliance followers implementing under deadline pressure what others designed under market pressure.

This memorandum has documented why the operational gap identified in Memorandum No. 1 can no longer persist. It has not provided the operational framework to close that gap. That framework does not yet exist in education-specific form. The healthcare and financial services controls documented in Section 3—FDA's predetermined change control plans, clinical decision support oversight committees, SR 11-7 model risk management, Fair Lending regression testing—demonstrate that operational AI governance is achievable in regulated sectors. Education lacks equivalent infrastructure not because the controls are inapplicable but because no authoritative body has translated them into education-specific procedures, templates, and documentation standards.

Method and source basis. This analysis has synthesized insurance forms and endorsements, statutory text and regulatory guidance, publicly reported incidents and litigation developments, and comparative sector frameworks to identify the artifact demands that forcing functions create. The synthesis is the author's; the underlying pressures are documented in the sources this memorandum cites. The conclusion that educational AI governance has shifted from aspiration to operational necessity follows from that documentation.

Memorandum No. 3 in this series will provide the operational framework that this analysis establishes is now required. It maps ten governance areas—encompassing accountability structures, data quality, privacy protection, human oversight, transparency, fairness, risk management, professional development, continuous improvement, and cybersecurity—to the eight insurance evidence requirements identified in this memorandum. The framework translates healthcare and financial services controls into education-specific templates, procedures, calendars, and documentation standards designed for K-12 and higher education contexts. It provides the implementation infrastructure that international bodies, regulators, and sector associations have not supplied and that insurers, state legislatures, and litigants are now demanding.

The forcing functions documented in this memorandum are not predictions of what may occur. They are commitments encoded in policy endorsements, enacted in state statutes, and embedded in actuarial models already being built. The window for institutional initiative remains open but is closing on a calculable timeline. What institutions do with that window will determine whether they build AI governance on their own terms or inherit it on terms defined by the external entities whose financial exposure no longer permits the operational gap to persist.

References

1. Purdy, R. J. (2025). Purdy House Institute Memorandum No. 1: The Operational Gap in AI Governance Frameworks for Education. Purdy House Institute.

2. Verisk Insurance Solutions. (2024). ISO Circular LI-CF-2024-175: Artificial Intelligence Liability Insurance Endorsements. Jersey City, NJ.

3. CG 40 47 provides broad exclusion across CGL coverage parts; CG 40 48 limits exclusion to Coverage B (personal and advertising injury); CG 35 08 addresses products and completed operations exposure.

4. The Insurer. (2025). January 2026: A Key Moment for AI Insurance.

5. Hunton Andrews Kurth. (2025). How Insurance Policies Are Adapting to AI Risk.

6. Armilla AI Insurance launched April 2025, underwritten by Lloyd's syndicates including Chaucer Group.

7. Munich Re aiSure product provides performance guarantees for AI technology deployments.

8. Beazley position reported in Commercial Risk Online (2025).

9. TechCrunch. (2025, January 8). EdTech giant PowerSchool says hackers accessed personal data of students and teachers.

10. Harvard Law School Forum on Corporate Governance. (2025). The Hidden C-Suite Risk of AI Failures.

11. Evidence requirements synthesized from carrier questionnaires, broker guidance, and regulatory analysis conducted by author.

12. EDUCAUSE. (2025). Frequently Asked Questions About Cyber Insurance.

13. Cherry Bekaert. (2025). AI in Insurance: How to Build a Compliant Governance Framework.

14. K&L Gates. (2025). Q1 2025 New York Artificial Intelligence Developments.

15. CBC News. (2025). Canadian teachers want lessons on how to ethically incorporate AI into classrooms.

16. NIST. (2023). AI Risk Management Framework 1.0. ISO/IEC 42001:2023 establishes AI management system requirements.

17. TechCrunch. (2025, January 8). EdTech giant PowerSchool says hackers accessed personal data of students and teachers.

18. Nightfall AI. (2025). What Happened in the PowerSchool Data Breach.

19. Breach vector described in TechTarget and Proskauer analyses.

20. Downstream fraud consequences documented in affected district communications (February 2025).

21. Canadian impact documented in CBC News and Toronto District School Board statements.

22. New York State Attorney General. (2024, February). Press release: Attorney General James Secures $750,000 from College Board.

23. Ofqual algorithm incident documented in The Guardian (August 2020).

24. AERA. (2024). Peer-reviewed research on racial bias in predictive algorithms.

25. New York State Senate. (2025). S.1169A: New York Artificial Intelligence Act.

26. AP News. (2025, May 21). In lawsuit over teen's death, judge rejects arguments that AI chatbots have free speech rights.

27. Complaint allegations as reported in court filing summaries.

28. United Educators severity data from Large Loss Report 2025.

29. Risk and Insurance. (2025). Education Sector's Legal Settlements Soar to Record Highs.

30. Center for Internet Security. (2024). K-12 Cybersecurity Report.

31. European Data Protection Board. Bocconi University decision summary.

32. New York State Senate. (2025). S.1169A: New York Artificial Intelligence Act. Passed Senate June 12, 2025.

33. S.1169A education triggers include assessment, grading, plagiarism detection, admissions, and financial aid.

34. Colorado's SB 24-205 established an eighteen-month implementation delay pattern.

35. Colorado General Assembly. (2024). SB 24-205: Colorado Artificial Intelligence Act.

36. California Legislature. (2024). SB 1288 and AB 2876.

37. State AI guidance tracking based on Education Commission of the States policy monitoring and author's research.

38. The White House. (2025, December 11). Executive Order: Ensuring a National Policy Framework for Artificial Intelligence.

39. BEAD program authorized at $42.45 billion under Infrastructure Investment and Jobs Act.

40. Author's analysis of Executive Order's effect on institutional accountability.

41. U.S. Department of Education. (2024). AI Toolkit.

42. The White House. (2025, April 23). Executive Order: Advancing Artificial Intelligence Education for American Youth.

43. European Parliament and Council. (2024). Regulation (EU) 2024/1689 (Artificial Intelligence Act).

44. EU AI Act Article 5 prohibitions include emotion recognition in educational settings.

45. Parliament of Canada. Bill C-27 terminated upon prorogation January 6, 2025.

46. Canadian Teachers' Federation statement on federal AI legislation gaps.

47. CBC News. (2025). Investigation on provincial AI frameworks for education.

48. UNESCO. (2025). Survey findings on higher education AI policy development.

49. FDA. (2022). Clinical Decision Support Software: Guidance for Industry and FDA Staff.

50. Board of Governors of the Federal Reserve System. (2011). SR 11-7: Guidance on Model Risk Management.

51. FERPA (20 U.S.C. § 1232g) and COPPA (15 U.S.C. §§ 6501-6506) predate AI deployment.

52. Cross-sector translation framework developed by author based on comparative analysis.

Appendix: Evidence Requirements Crosswalk

The following table maps the eight insurance evidence requirements identified in Section 1 to analogous controls in healthcare and financial services sectors. Education-specific operational infrastructure to satisfy these requirements will be provided in Memorandum No. 3.

Note: Education lacks equivalent sector-specific infrastructure for each category. Memorandum No. 3 provides education-specific operational frameworks to address this gap.

About the Author

Ryan James Purdy is an assurance professional, independent researcher, and writer focused on AI governance in education and adjacent sectors. His work examines how AI policy and regulatory requirements translate into institutional implementation.

About Purdy House Publishing & Consulting

Purdy House Publishing & Consulting is an independent research imprint publishing working papers on AI governance in education and related regulated contexts. The AI Governance in Education series examines gaps between AI governance policy and institutional implementation.

Correspondence: jamespurdy624@gmail.com

LinkedIn: www.linkedin.com/in/purdyhouse