The 2026 UK Commercial Insurance Market

The 2026 market is not the hard market of 2020 and it is not the soft market of 2017. It is a discriminating market, and that is the harder one to broke through.

After three years of broad rate softening across most general commercial classes, the UK market enters 2026 with capacity that is plentiful in places, narrowly priced in others, and deeply selective in a handful of segments that matter for professional firms. Rate direction is not uniform; it depends on class, sector, claims experience and the underwriter’s view of the firm’s own discipline. This outlook sets out, in measured terms, where Apex sees the market for professional indemnity, cyber, construction PI under the Building Safety Act regime, and the broader regulatory backdrop heading into the 2026 renewal season. We have avoided specific percentages on rate movement — anyone offering them with confidence is selling something.

What this means in practice

For most professional firms with a clean record, 2026 renewals should be approachable. Capacity is available at competitive terms in mainstream professional indemnity classes — solicitors, accountants, surveyors outside problem sub-sectors, architects outside Higher-Risk Buildings work, engineers, insurance brokers, IT consultancies and management consultancies. Rate movement on clean accounts has trended softer for several quarters. New entrants and reactivated capacity from London and overseas have widened the panel options compared to 2022-2023.

The picture is materially different in pockets. Cladding and Higher-Risk Buildings exposure remains heavily underwritten, often on bespoke terms with significant carve-outs. R&D tax credit advisory has narrowed materially as a market following the HMRC enquiry surge. Aesthetic and cosmetic clinic work — particularly for prescribing practitioners offering injectables outside CQC-regulated premises — remains a narrow specialist market. Crypto and digital asset advisory, distressed M&A advisory, and certain financial advisory specialisms have all seen reduced appetite or excess increases. None of this is dramatic; all of it is real.

Cyber is the class to watch. Capacity has expanded materially through 2024 and 2025 from a low base, ransomware claims experience has stabilised from the 2021-2022 peaks, and rates have softened. Underwriters have also become substantially more disciplined on controls. The premium softening is real but it is conditional on demonstrated baseline controls: multi-factor authentication, endpoint detection, backup hygiene, patch management cadence, and incident response planning. Firms that cannot evidence these are still being asked to pay 2023 prices or being declined.

The regulator’s posture matters more than the rate sheet for many of the firms we work with. The FCA’s continuing focus on Consumer Duty implementation, the Building Safety Regulator’s expanding remit under the Building Safety Act 2022, and HMRC’s intensified R&D scrutiny all push compliance costs upward and add to the claim threat. The market is pricing this picture in.

How the cover usually responds

The wordings themselves have been comparatively stable. Professional indemnity continues to be written claims-made-and-notified, with retroactive cover, run-off provisions and aggregation language broadly consistent with prior years. RICS minimum approved wording, SRA minimum terms and conditions, ARB and ICAEW frameworks remain the baseline for their respective regulated classes.

What has changed at the margins is the underwriter’s appetite for specific carve-outs. We are seeing more cladding and combustible materials exclusions on construction PI, more “fire safety”, “Higher-Risk Buildings” or “buildings within scope of section 65 of the Building Safety Act” carve-outs being negotiated case by case. The Defective Premises Act 1972 — as extended by section 135 of the Building Safety Act 2022 to a 30-year retrospective and 15-year prospective limitation — is now central to architects’, engineers’ and contractors’ PI placement strategy. Our Building Safety Act PI guide and the Defective Premises Act overview cover the framework.

For cyber, wordings have moved toward sharper distinction between first-party (the insured’s own loss) and third-party (liability to others) cover, with sub-limits applied to specific perils like business email compromise and social engineering. War, infrastructure, and systemic event exclusions have tightened following the market-wide attention to these issues in 2022-2023.

Section 11 of the Insurance Act 2015 — terms not relevant to actual loss — continues to be under-used by brokers and insureds. Where an insurer relies on breach of a term that did not cause the actual loss, section 11 should be invoked. The market practice on this remains uneven, and we continue to see late-notification arguments resolved in the insurer’s favour where section 11 would have produced a different outcome.

Common mistakes

• Treating “the market is softening” as a green light to switch insurer chasing a quote. Continuity of cover and the prior insurer’s claims handling track record are usually worth more than a five-figure premium saving.
• Failing to disclose Building Safety Act exposure on construction PI proposals. Underwriters expect a clear breakdown of in-scope work; ambiguity here is a section 3 fair presentation issue.
• Buying inadequate cyber limits. The headline ransomware risk has stabilised, but business email compromise, supplier-induced outage and regulatory action under the UK GDPR can produce losses that exceed the limit on legacy wordings.
• Ignoring the run-off conversation in M&A. Selling a practice without modelling run-off cover is selling someone else a problem; buyers are increasingly pricing it in.
• Reading the proposal form as a compliance exercise. The disclosure made on the form is the disclosure relied on at claim.

Worked example

Consider a typical multi-disciplinary architecture and engineering consultancy — 80 staff, fee income £9m, mixed residential and commercial work, around 15% of fee income on residential schemes within Higher-Risk Buildings scope. PI cover at £10m any one claim and aggregate.

At 2026 renewal the firm is presented with three options. Option A: the incumbent insurer offers continuity at a modest reduction with the existing wording, including a sub-limit for Building Safety Act fire safety claims, an extra excess for HRB work, and a carve-back for cladding allegations on schemes commenced before 2022. Option B: a new market offers headline premium 15% below incumbent but with a full cladding and combustible materials exclusion and a higher general excess. Option C: a specialist market offers a Building Safety Act-positive wording at materially higher premium.

The right answer is not on the rate sheet. It is in the firm’s risk register: which schemes are in scope of section 135 of the Building Safety Act 2022 for the next 15 to 30 years, what is the realistic worst case on the residential HRB book, and which wording covers it? In this example the firm chose Option A on continuity grounds, with a documented agreement to migrate toward Option C over two renewals as the HRB book matured.

What to do at renewal

1. Start the renewal process at least 90 days out for non-specialist classes and 120 days for any account with Building Safety Act, cyber complexity or sector-specific concerns.
2. Prepare a fair presentation document that anticipates the underwriter’s questions. Disclose work split by scheme type, technology stack, regulatory body, and any in-scope HRB exposure.
3. Update incident and claims registers, including circumstance notifications, ICO interactions, and any regulator correspondence.
4. Test the limit against the worst plausible scenario, not the average claim. Aggregation clauses repay close reading. See claims-made trigger for the mechanics.
5. Cross-check PI and cyber for boundary issues — particularly AI use, supplier-induced outage, social engineering and data breach. The boundary is more often the failure point than either policy alone.
6. Where the firm is restructuring or any partner is retiring, model run-off explicitly. The cost of run-off is a transaction cost; it should not be discovered after completion.
7. Use section 11 of the Insurance Act 2015 to push back on insurer arguments that rely on technical breach of conditions where the breach did not cause the loss. The argument is available; it is under-used.

Apex’s view

Apex’s view: 2026 is a year to be deliberate, not opportunistic. The cheapest quote in a softening market is rarely the best policy, and the lessons of the 2021-2022 hard market are still close enough that buyers should remember what discontinuity of cover costs. We continue to advise the firms we work with to prioritise the wording over the rate, the panel relationship over the new entrant, and the conversation about Building Safety Act and AI exposure over the conversation about premium. The regulator is paying attention, the claimant solicitors are paying attention, and the underwriters who will be there in five years are paying attention. The firms that match that attention come through the cycle. The ones that chase the rate sheet end up needing to broke their renewal from the wrong end of a claim.

See also

• AI and professional liability
• Run-off cover explained
• Building Safety Act 2022
• Cyber insurance
• Fair presentation of the risk

Sources

1. Insurance Act 2015, sections 3, 8 and 11
2. Building Safety Act 2022, sections 130 and 135
3. Defective Premises Act 1972, section 1 (as extended)
4. Financial Services and Markets Act 2000
5. FCA Handbook, ICOBS, MIPRU 3.2, SYSC
6. Data Protection Act 2018 and UK GDPR