PFAS-related litigation in France will accelerate, with the class action near Lyon expected to become the largest of its kind in Europe. The legal environment in respect of PFAS is shifting rapidly, with France banning PFAS in cosmetics, clothing, footwear, and ski waxes from 2026, and in all textiles from 2030, marking a regulatory turning point. Enhanced monitoring of drinking water is also underway. The 'polluter pays' principle is also gaining traction, increasing the risk of significant indemnity exposures for both liability and environmental lines. Insurers must be aware of the introduction of additional regulatory requirements, which will drive up compliance costs and could trigger coverage disputes, especially for legacy and silent exposures.

Following a year in which international advisory opinions have generated significant discussion about the future of climate change litigation, France will be a crucial jurisdiction in the year ahead. France will see novel actions progress, following the judgment in the greenwashing action against TotalEnergies brought by Greenpeace on their net-zero claims. A further claim against Total, pursued under the French duty of vigilance, continues its efforts to force the company to report on and take action to reduce carbon emissions in line with the Paris Agreement. That claim was reinstated in June 2024, having initially been dismissed, and ordered to proceed to trial. In addition, a further action brought by activist group Notre Affaire a Tous against BNP Paribas was the first climate-related lawsuit commenced against a commercial bank, also based on the French corporate duty of vigilance law. Although developments in the litigation remain limited, this is a potentially important action.

The rise of generative AI exposes French companies to a diverse range of risks: errors, discrimination, illicit content and deepfakes are all likely to result through increased use. Early court decisions show that both the designers and end-users of AI will be targeted, even without specific legislation. Insurers must adapt cyber and professional liability policies to cover or limit these new exposures. Further, the growing use of AI to generate deepfakes or manipulate images exposes companies to major legal risks as a result of the actions of third parties. These AI creations raise the prospect of privacy actions, defamation and identity theft. Insurers must adapt media liability, cyber and PI covers to address these new exposures.

Confirmed by a decision in the French Supreme Court, an insured must express its intention to pursue a subrogated recovery on behalf of the insurer at or before payment. Insurers will need to take a series of steps to ensure that their position is protected and reduce the risk of having a subrogated claim rejected. Insurers should ensure that written subrogation agreements are obtained from policyholders before the making of payments. Further, insurers should include clear provisions in their policies and ensure that their employees and representatives are familiar with the requirements of a valid subrogation agreement. Failure to do so could risk financial losses for insurers.

Following a decision by the French Supreme Court providing a major change in how direct actions against insurers will be treated under French law, insurers must anticipate more direct actions across several lines. The decision confirmed that an insurance contract may not prevent a direct action if the law of the 'main obligation' giving rise to the underlying claim (such as tort or contract) allows it. This is particularly relevant to actions involving foreign insurers, with liability, transport and marine insurers particularly at risk of direct actions.

The M&A market is expected to be driven by strategic growth, especially in sectors like tech, healthcare, and renewables. However, stricter regulatory environments (especially in the European Union and United States) as well as ongoing economic concerns, such as geopolitical tensions and inflation, may slow down deal processes and add complexity to transactions. As M&A deals become more complex, the demand for warranty and indemnity (W&I) insurance will increase. Increased deal volume and risk perception could lead to higher premiums and stricter terms for W&I insurance.

The German coalition government has announced a landmark step toward strengthening climate resilience: the planned introduction of a mandatory natural hazards insurance for residential buildings. Under the new framework, all new property insurance policies must include cover for floods, storms, and other natural hazards, while existing contracts will be extended by a set deadline. An opt-out mechanism remains under review, balancing consumer choice with universal protection. To safeguard long-term insurability, a state-backed reinsurance scheme will be created, and policy conditions will be more closely regulated. The agreement also highlights the responsibility of planning authorities in high-risk areas and proposes clearer liability rules. This initiative marks a decisive shift in risk management, aiming to protect homeowners and tenants alike while fostering greater accountability among public institutions. It signals a future in which comprehensive disaster coverage becomes a standard, not an exception.

The introduction of the NIS2 Directive will create greater liability risks for directors and officers, and increase their risk profile for insurers. The Directive introduces stricter and more detailed technical and organisational cybersecurity requirements for companies in Germany. Although most businesses still do not fall directly within the scope of the Directive, the ongoing trend towards tighter regulation will significantly impact non-binding security standards and any contractually-owed standards of care. Importantly for those in scope, the Directive introduces accountability on the part of directors and other senior managers for ensuring compliance. This takes the form of monetary and other sanctions, which may create additional risks for D&O insurers through coverage issues such as regulatory defence costs and possible financial penalties (such as may be insured). Although the obligations introduced by NIS2 are not new, having already been part of many risk management duties, especially for companies heavily reliant on data processing and digital operations, insurers may seek to ensure that their policyholders are familiar with any obligations.

Developing and implementing AI technology at all levels of the business will be challenging for general counsel at insurers. New liability claims for damages based on using AI technology should be anticipated. In addition, additional regulatory frameworks should be expected and monitored, again also raising the risk of bringing with them new liabilities.

Germany's continued shift to renewable energy will raise demand for end-of-life liability and environmental coverage for companies involved in repowering and recycling supply chains. The end-of-life costs involved in dismantling and recycling existing energy infrastructure, whether renewable or non-renewable, will increase in coming years. Non-renewable sources are expected to decline and the early generation of renewable infrastructure is now reaching end-of-life. Organisations involved in these supply chains will need to consider any regulations for environmentally sound disposal and the appropriate insurance cover that is required. There is a significant risk that dismantling obligations and recycling processes will create environmental contamination if not carried out in an appropriate manner. Insurers need to ensure that businesses have adequate processes in place to manage the fundamental issue of hazards arising when undertaking these processes.

In a landmark decision in the Italian courts between Greenpeace and others and ENI and others, the Joint Sections of the Court of Cassation provided critical guidance including for the insurance sector. Claims in the context of climate change litigation fall within the scope of tort liability. Liability may extend not only to the legal entity directly involved in climate-harmful conduct, but also to its shareholders, and ultimately, to the State. The order also outlines the potential for a new category of liability borne by corporate executives of legal persons engaged in practices with a potential negative impact on the climate. This decision has the potential to impact claims falling under liability policies and D&O cover. Policy wordings will need to take into account such risks and, if necessary, provide for specific sub-limits and/or exclusions.

On 7 July 2025, the natural catastrophe insurance pool came into operation as an autonomous legal entity and operational hub for Italian insurance companies in the management of catastrophic risks. The creation of the pool marks a watershed moment, enabling the domestic insurance market to meet newly introduced legal obligations through collective risk mitigation and transfer mechanisms. The pool is structured as a consortium with legal personality, but without independent underwriting capacity: it neither retains risk nor capital and operates solely in the name and on behalf of its member companies. Membership of the consortium is voluntary, but companies representing approximately 75% of the Italian market have already joined. Risk transfer will be based on a 'pure premium' principle, with each company free to determine its own commercial premium. In a context where mandatory coverage could generate pricing imbalances and opportunistic behaviour, the consortium model allows for the harmonisation of underwriting practices, contract structures, and strategic approaches. The natural catastrophe pool marks the beginning of a new, structured, and collaborative approach to managing systemic risk.

The new EU Product Liability Directive (PLD),expected to be implemented in Italy by December 2026, is generally considered more claimant friendly. The PLD expressly extends to software, expands the list of entities that may be held liable (including, under certain conditions, online platforms), introduces new circumstances in which products may be presumed defective and provides the right for the injured party to request disclosure of documents from the manufacturer. This will likely increase claims and costs for product liability insurance.

The Digital Operational Resilience Act (DORA), in force since January 2025, is a significant legislative framework designed to enhance digital/cyber security and resilience for financial institutions in Europe. DORA requires management bodies to define, approve and supervise the information and communication technology risk management framework of financial entities. DORA allows for regulatory investigations and the imposition of administrative and remedial penalties in the event of a breach. Importantly, penalties can be imposed personally on management responsible for compliance. This includes directors and officers. Although many D&O policies do not cover regulatory penalties imposed, any breaches could also result in potential liabilities to third parties such as shareholders. These claims may trigger D&O coverage, meaning insurers should both be familiar with the steps that their policyholders are taking to ensure compliance, and check that policies are appropriately worded to limit coverage where necessary.