The Insurance Industry Has a Liquid Cooling Problem

The Insurance Industry Has a Liquid Cooling Problem

The data center insurance market is having a banner year. Marsh launched its Nimbus facility in 2025 with up to €1 billion in construction all-risks coverage and an additional €350 million for delay-in-startup. S&P Global Ratings recently called the segment a "meaningful growth opportunity" for insurers. Carrier capacity is flowing in, premiums are rising, and operators report relatively easy placements for new builds.

Underneath all of that activity sits a quiet problem the buy side is just beginning to understand: the policies being written today were not designed for the facility being built today. Nowhere is the gap more visible than in liquid cooling.

What FM Global is seeing

FM Global, one of the largest property-and-loss insurers in the world for industrial risks, recently disclosed a number that should land harder than it has: liquid-related losses now represent nearly 24% of total data center loss costs in their portfolio review. That is one in every four dollars of paid claims, in a segment where the dominant narrative for two decades was that fire and power were the things to worry about.

Swiss Re's Institute commentary, released alongside its 2026 risk outlook, was equally pointed. The reinsurer noted that liquid cooling systems "adopted to manage the significantly higher heat output of modern GPUs, present another growing exposure," and that "the increased scale and complexity of cooling networks create water damage risks from improper installation or maintenance."

"As data centers become increasingly concentrated, energy dependent and systemically critical, they face an evolving spectrum of exposures. For the re/insurance industry, that means moving beyond passive risk transfer to actively enabling resilience, engaging earlier in design, siting and power decisions."
— Jimmy Keime, Head of Engineering and Nuclear, Swiss Re

Translation: the reinsurers writing the bigger checks are starting to push for site-level loss control, not just premium adjustments. That is the leading edge of a re-rating cycle.

The four coverage gaps that matter

A May 2026 analysis by law firm Bracewell LLP identified the specific places where data center policies are most likely to fail their operators in a claim. Four of them are directly relevant to a liquid cooling event.

1. Business interruption coverage assumes a standalone facility

The Bracewell authors are blunt: "Traditional business interruption policies were built around stand-alone manufacturing or commercial facilities, where the insured's revenue stream is tied to a single physical location. Data centers do not operate that way."

A modern hyperscale or AI campus is a node in an interconnected network. When a cooling failure takes down a pod, customers don't wait for restoration — they migrate their workloads to another region within minutes. The economic damage continues even after the leak is repaired and the racks come back online, because the customers are gone. Standard BI coverage measures loss only during the "period of restoration." That window may not match the actual economic loss by a factor of two or three.

2. The "period of restoration" is too short

This is the one that surprises most operators. Period of restoration is defined as the time it takes to return the damaged facility to its pre-loss condition. For a liquid cooling leak that wets three racks and a section of subfloor, that might be 4–6 weeks. But as Bracewell notes, "for a data center operator whose clients have migrated workloads to other facilities during an outage, the economic harm may persist long after physical repairs are complete. Client attrition, service-level agreement penalties and reputational damage can extend the financial impact well beyond the restoration window that a standard policy contemplates."

3. Dependent property / contingent business interruption is usually sublimited

If you are a colocation tenant rather than the facility owner, this is the clause that may save you — or sink you. Contingent BI covers losses that originate at a property you depend on, even if you don't own it. Bracewell notes these clauses are "frequently sublimited or subject to restrictive triggering conditions." A common sublimit is $5–10 million, against an actual exposure of $100M+ for an enterprise tenant in an AI compute facility.

4. Equipment breakdown and property policy interplay

Cooling distribution units, CDUs, and chilled water systems live in a gray zone between "property" coverage (the building and infrastructure) and "equipment breakdown" coverage (mechanical failure of a specific piece of gear). Bracewell warns that "policyholders must confirm that coverage extends to the full range of equipment in a modern data center, and that the interplay between equipment breakdown and property policies does not create unintended gaps." A leak from a CDU manifold may fall into either bucket depending on the cause, the policy language, and the carrier's claims position. The wrong answer costs millions.

"The rush of carrier capital into the data center space should not obscure the reality that policyholders face a distinct and evolving set of risks that existing insurance products were not designed to address."
— Bracewell LLP, May 2026

The valuation problem nobody is talking about

One of the most striking observations in the Bracewell piece is about how data centers are valued for BI purposes. The traditional method — revenue per square foot, replacement value of physical assets — fails badly when applied to a high-density AI hall.

"The revenue generated per square foot at a hyperscale facility bears no resemblance to a conventional commercial building. A single rack of servers may support millions of dollars in client revenue. Policyholders need to ensure that their business interruption limits and valuation methodologies reflect the actual economic output of these facilities, not assumptions borrowed from other asset classes."

In practice, a single liquid-cooled GPU rack supporting an AI inference workload can carry $5–15 million in annual client revenue. A 20-rack pod taken offline by a cooling leak is, in BI terms, a $100M+ revenue exposure — not the kind of number that fits inside a default property BI sublimit. Underwriters and brokers are quietly reworking these calculations, but the policies in force right now were largely written before the math changed.

The regulatory follow-on that nobody factors in

Insurance recovery is one channel of financial impact. Regulatory consequence is another, and it does not show up in any traditional policy.

The Equinix Singapore cooling failure in October 2023 — covered in detail in our facilities operations companion piece — caused approximately two days of outage at DBS Bank and Citibank, with 2.5 million failed payment transactions. The insurance side of that loss was significant. The regulatory side was an order of magnitude worse. The Monetary Authority of Singapore imposed a 1.8x multiplier on DBS's operational-risk capital weight, translating to roughly S$1.6 billion in additional regulatory capital that the bank had to hold against future operational events.

That S$1.6 billion is not insurable. It is a permanent rebasing of the bank's capital structure driven by a cooling event two infrastructure layers removed from DBS's own operations. Bracewell notes that "policyholders should consider whether their programs address regulatory-driven losses or treat them as excluded." For financial-services colocation in particular, this question has become urgent.

Concentration risk: the $20 billion problem

Swiss Re's 2026 outlook included a striking framing: "Construction costs for a single data center location can exceed $20 billion — double once technology is installed — creating concentration exposures in catastrophe-prone areas." The re/insurance industry, the report says, can support only a fraction of the required limits at competitive rates for traditional construction risk policies.

This is the macro version of the same problem. The aggregate insurable value of an AI campus has outgrown the segment's capacity to underwrite it at traditional rates. The industry response will be some combination of higher premiums, lower sublimits, more aggressive risk-engineering requirements at placement, and increasingly granular site-level loss control demands.

Operators who can demonstrate physical risk-mitigation measures at the rack and pod level — not just sensors, but containment, segmentation, and tested response procedures — will have meaningful negotiating leverage in upcoming renewal cycles. Operators who cannot will find themselves either uninsured at the limits they need or paying for that capacity at very different rates than they pay today.

What facility teams should be asking their broker

If you are responsible for a liquid-cooled facility or are a tenant in one, here are the questions worth raising with your broker before the next renewal. None of these is exotic. All of them are routinely missed.

Broker checklist for liquid-cooled facilities

1. What is our period of restoration definition? Does it account for client migration and the time required to re-onboard customers, or just physical repair?
2. What are our contingent BI sublimits and triggers? Are they sized to actual revenue exposure or to a default policy template?
3. Does our equipment breakdown coverage include CDUs, manifolds, and chilled-water distribution? Or only "named" mechanical equipment?
4. Does the policy address ensuing loss from a defective workmanship event? A contractor-caused leak is the most common failure mode and the most contested coverage question.
5. What physical risk-mitigation measures qualify for premium credit? Carriers are increasingly recognizing leak detection, segmented loops, and pre-staged containment as ratable risk-reduction.
6. How does our program treat regulatory-driven losses? Especially relevant for financial-services or healthcare colocation tenants.
7. Are our limits and valuation methods aligned to actual revenue per rack? Not legacy property assumptions.

Where containment fits

This is not a piece about a specific product. It is a piece about the gap that is forming between what AI-era data centers actually need to insure against and what the insurance market currently offers. But there is a practical observation worth surfacing: the same physical risk-mitigation measures that close the operational gap (covered in our facilities playbook) also tend to close the underwriting gap.

Carriers — especially the FM Global / Allianz / Zurich-tier industrial property writers — increasingly want to see documented loss-control measures at the pod level before they will write the limits operators need. Leak detection telemetry. Segmented chilled-water loops. Pre-staged passive containment at aisle ends, cable cutouts, and electrical room thresholds. Tested deployment runbooks. These are no longer "nice to have" items in a Statement of Values; they are increasingly the difference between getting the limit and not, at a rate that pencils.

StormBag's role in that stack is narrow but specific: a deployable, pre-staged physical containment layer that turns a leak into a contained zone rather than a hall-wide event. Product specifications are available on stormbag.co, and our team can provide facility-specific staging recommendations and SOV-attachable documentation for risk filings.

Closing thought

The Bracewell authors put it as well as anyone has: "The time to negotiate these terms is before the loss, not after. Waiting until after a loss to discover that a policy's business interruption language does not account for interconnected operations, or that a cyber exclusion eliminates coverage for a physically destructive attack, is a mistake that the scale of these projects makes unaffordable."

That logic applies to coverage terms. It applies equally to physical risk mitigation. The cost of installing containment, leak detection, and segmented response is a known small number. The cost of discovering, in the aftermath of a $50M loss, that your policy's "period of restoration" definition does not cover the customer churn that followed is an unknown large number. Most boards, given the choice, would rather the cost stay known.

---

This post is the second in a two-part series on liquid cooling risk. The companion piece, How Liquid Cooling Made Flood Protection a Data Center Concern, covers the operational side: incident case studies and practical containment deployment for facilities teams.

Selected sources

• Bracewell LLP — Data Center Insurance Boom May Obscure Claims' Difficulty (May 2026)
• Risk & Insurance — Data Centers Powering AI Create Unprecedented Risk Accumulation Challenges (April 2026)
• DataCenter Dynamics — Marsh Launches €1bn Data Center Insurance Facility (Nimbus)
• DH Lloyd — Data Center Insurance Coverage Overview
• AGC — Insurance Issues in Constructing Data Centers: A GC's Perspective