Authors: Derek Blum, Senior Director, Product Management - Moody's; Theresa Lederer, Director, Advisory Services - Moody's
Part 1: The insurance and capital ecosystem
The massive bet on AI is fueling equally large investments into the construction of data centers and infrastructure. In just a few years, data centers have gone from being specialized real‑estate assets to critical infrastructure underpinning AI, cloud computing, and digital services more broadly.
In this multi-part blog series, we will explore the challenges and opportunities that make data centers top of mind for many insurers.
In this first blog, we’re taking a look at the insurance market behind the rapid expansion of data centers today, and the decisive role it plays within a much larger stakeholder ecosystem. Future posts will dig into modeling approaches and opportunities for market growth and innovation.
Globally, there are now roughly 12,000 data centers, with more than 5,500 located in the U.S. alone.[1] Hyperscalers are investing heavily—according to Moody’s, at least US$3 trillion worldwide over the next five years—to double global capacity by 2030.[2]
Individual campuses now carry replacement costs in the multi‑billion‑dollar range, and centers are increasingly clustered in a small number of locations.
That scale matters. As data centers grow larger, more complex, and more concentrated, traditional insurance frameworks are being stretched, with real consequences for how—and how quickly—projects can be financed.
A risk landscape that doesn’t fit neatly into one box
Insuring data centers is not only about writing bigger policies. The underlying risk profile cuts across multiple domains—many of which insurers have historically treated separately. Following the construction phase, as facilities ramp up to operational status, owners, operators, and investors must manage a range of risks.
At a physical level, data centers face ‘traditional’ perils such as fire, flood, and earthquake. However, historical loss data tailored to these highly complex facilities remains limited, making risk selection challenging and adding ‘uncertainty premiums’ to pricing.
In addition, chronic perils, such as heat stress and water scarcity, are mission-critical for the continuous cooling of electrical equipment but fall outside of standard property coverage terms.
Power is another critical consideration. As data centers concentrate in regions where electricity grids are already strained, competition for access to reliable power sources is amplifying. To manage this, some operators are bringing generation on‑site or exploring new partnership models, for example, with nuclear plants. Standardized, effective insurance solutions have struggled to keep pace with the evolution of power strategies.
Cyber risk adds a further layer of complexity. Attacks can trigger both physical damage and non‑physical losses due to data corruption or ransomware. Coverage often needs to be highly bespoke, carefully navigating exclusions across cyber and property programs.
Finally, service failures can cascade quickly. A few minutes of downtime at a hyperscale facility can translate into millions of dollars in SLA (service level agreement) penalties. When incidents affect multiple sites—for example, following a regional grid outage—losses can quickly become correlated across operators.
As client expectations for resilience rise, the use of traditional insurance sub‑limits and waiting periods is becoming increasingly out of sync with buyer needs.
Other risks add to the above key coverages, including construction‑phase exposures, supply‑chain disruption, transit losses, and third‑party liability issues such as air pollution or local water stress.
Insurance as a gatekeeper for capital
For data center owners and hyperscalers, insurance is not just balance‑sheet protection: it is a critical prerequisite for capital to flow at all.
Without credible, scalable cover, financing can slow—or stall entirely—sometimes before construction even begins. Just a few months ago, in March 2026, investors, including Blackstone, were reported to have passed on data center debt opportunities due to insufficient insurance.[3]
To make things more complex, financing—and with it associated insurance requirements—reflects the evolving lifecycle of a data center.
These centers are not financed by a single capital provider from the groundbreaking to the long‑term operation. Instead, capital rotates as the center, and its risk profile evolves.
Private credit is the most common source of capital for construction and early operation. It can move fast and accept programs that are still ramping, hence, without an operating history. Insurance requirements tend to be less restrictive—but as gaps and uncertainty are priced into spreads, fees, and covenants, that flexibility comes at a cost not all operators may be willing to pay for.
Banks offer cheaper access to capital, but typically step in once operations have stabilized and show an established cash-flow record.
In contrast to private credit, they are subject to strict regulatory frameworks, leaving less flexibility to absorb risks not covered by insurance. As a result, their lower cost of capital is reserved for those who can adhere to stricter, less flexible insurance requirements compared to those required by private creditors.
Capital markets and infrastructure investors may come in later still, looking for long-term operating history and established insurance programs that align with institutional risk appetites.
So while the insured asset may remain the same data center, expectations around what constitutes 'appropriate' coverage can shift materially as capital providers change. However, one thing remains constant: credible insurance is a gatekeeper for investment.
Brokers, carriers—and a capacity gap?
Insurance brokers play a central role in stitching together coverage across the data center lifecycle. For single sites requiring limits well in excess of US$1 billion, this increasingly means building large insurer syndicates and carefully aligning policy wording across participants.
In response, many brokers have launched dedicated data‑center programs designed to tackle scale, complexity, and accumulation risk. Examples include Aon’s Data Center Lifecycle Insurance Program (DCLP), Marsh’s Nimbus program, and Willis' (WTW) Digital Infrastructure Protector, each offering multiple billions of dollars in capacity. These initiatives reflect a market that is innovating—but also one still feeling its way forward.
On the carrier side, the sector’s growth trajectory has attracted insurers and reinsurers in recent years to meaningfully increase their capacity. One example was earlier in 2026 when FM announced limits up to US$5 billion through its FM Intellium program.[4]
All of this bodes well for the rapid expansion of hyperscale data centers, with both insurers and brokers now able to support increasingly high-valued data centers.
Yet caution remains. Limited loss history, rapidly evolving risk profiles, and the potential for large accumulation losses continue to raise guardrails around capacity growth. For now, demand still outstrips supply, with higher retentions, lower limits, and longer coverage negotiations than operators would ideally like.
In particular, high-end facilities such as Meta’s US$30 billion Hyperion campus in Louisiana still struggle to secure full insurance coverage—raising the question whether insuring to full replacement value is even desirable, or whether a Maximum Foreseeable Loss (MFL) coverage is sufficient.
In fact, coverage at that facility is reported to amount to a mere US$4 billion.[5] This gap leaves hyperscalers in search of alternative solutions, such as using corporate bonds to fund (and insure) data centers.
Reinsurers and alternative risk transfer
Irrespective of its funding channels, the risk associated with a data center will end up somewhere and will need to be managed there. With fewer participants at the top of the risk management chain, it is increasingly important to understand accumulation risk both at individual facilities and projects, as well as across a portfolio of these risks. In addition to more traditional reinsurance, some of the gap is being filled by insurance-linked securities (ILS) such as cat bonds.
The path forward is likely less about headline capacity and more about shared understanding of risk. Better analytics—understood and trusted by capital providers, brokers, and the (re)insurance community alike—can support more confident underwriting and exposure management and, ultimately, unlock further innovation.
In the next post in this series, we’ll look at how existing risk modeling solutions can be applied now to understand today's data center risk, and how they can be used not only by insurers but the entire market ecosystem to make more confident, risk-informed decisions.
References:
[1] https://marketstatics.com/the-global-map-of-data-centers-where-the-worlds-digital-infrastructure-lives/
[2] https://www.moodys.com/research/Data-Centers-Global-2026-Outlook-Capacity-growth-remains-robust-Outlook--PBC_1460236?cid=web-wbssts-19438#c6d7065296ec973c105850cdf18d17aa
[3] https://www.ft.com/content/5ba0cf1a-0d81-4479-a58c-3c8b5b088682?shareType=nongift&syn-25a6b1a6=1
[4] https://newsroom.fmglobal.com/releases/fm-announces-significant-increase-in-capacity-for-fm-intellium-clients
[5] https://www.ft.com/content/5ba0cf1a-0d81-4479-a58c-3c8b5b088682?syn-25a6b1a6=1