Skip Ribbon Commands
Skip to main content


Note: This page is a representation of information published on the PHIAC website prior to 1 July 2015. This information is provided for reference and research purposes only. 

The Private Health Insurance Act 2007 (the Act) provides PHIAC with clear supervisory and enforcement powers to encourage or compel compliance. When enforcing compliance, the level of response to an emerging issue is informed by the nature and severity of the identified risks, the potential impact of an issue on the insurer, the industry and consumers, and the insurer’s responsiveness to PHIAC’s ongoing inquiries.

Powers of the Council

The Council has a range of regulatory powers, including compliance and enforcement, under the Act. The Council’s response to an emerging issue is proportionate to the potential impact of the issue on the insurer, the industry and consumers. A decision by the Council to intervene in the affairs of an insurer is based on the circumstances of the individual case.

To assist the private health insurance industry in understanding their obligations under the Act and the Council’s options for monitoring and where necessary intervening in the affairs of an insurer, Standard Operating Procedures (SOPs) are being developed. There are currently five SOPs available:

Council’s Key Regulatory Powers

To identify whether enforcement action is warranted and what level is appropriate, PHIAC uses a risk assessment tool: Assessment of Risk Impact and Likelihood (ARIAL) to rate the overall level of risk for individual insurers.

Once the level of risk has been determined, PHAC’s Regulatory Oversight and Assessment Determination (ROAD) framework assists the Council in determining appropriate regulatory response. The Council has a broad range of discretionary response options from ongoing routine dialogue through to employing the full range of formal powers in the Act. The level of regulatory intervention is informed by the nature and impact of the identified matter, the urgency, the likelihood the issue may further escalate and the insurer’s ability to resolve the issue in-house.

Enforcement options available to the Council include:
  • commencing an investigation
  • accepting a written undertaking from an insurer
  • issuing a direction to comply with a standard or prevent or address a contravention of a Council supervised obligation
  • appointing an external manager
  • undertaking civil or criminal prosecution in the Federal Court

A Graduated and Flexible enforcement response options

The graduated range of discretionary response options allows the Council to escalate an action, or reward an insurer for improved performance, by reducing the level of oversight.
Figure 1 provides information about the Council’s graduated levels of regulatory oversight of private health insurers.
Enforcement Framework
Click on the diagram to enlarge
Figure 1: Enforcement Framework

The higher level powers are employed when the Council believes:

  • the situation is urgent
  • the interests of policy holders are threatened, or
  • the insurer has breached or may breach a requirement of the Act
The Council’s collaborative and flexible approach to emerging risks enables the Council to implement responses that:
  • are targeted at the highest priority risk
  • are proportionate to the risks identified
  • acknowledge the capacity and motivation of the insurer to resolve the issue
  • signal the seriousness with which the Council views the issue/s
  • are timely and lawful

Enforcement Principles

The Council’s enforcement actions are governed by the following principles:
  • no surprises: the Council prides itself on fostering a close and positive working relationship with insurers. The concept of “no surprises” works both ways, with the Council expecting insurers to disclose potential compliance issues in a clear and timely manner. By the same token, the Council commits to giving insurers fair warning of proposed regulatory interventions.
  • transparency: where appropriate the Council’s decision-making takes place within a rigorous corporate governance framework. This ensures that the Council acts consistently, proportionately and within the principles of procedural fairness. Its actions are able to be reviewed by a range of bodies, including the Administrative Appeals Tribunal (AAT) and the Federal Court.
  • confidentiality: in general, PHIAC’s investigations of insurers are conducted confidentially and the Council does not generally comment publicly on matters it may or may not be investigating.
  • timeliness: the investigative process and the resolution of enforcement matters will be conducted as efficiently as possible to avoid costly delays and insurer uncertainty.
  • fairness: the Council aspires to strike a balance between voluntary compliance and enforcement. The Council will generally give an insurer the opportunity to be heard and to rectify potential regulatory issues. However, where necessary, the Council will not hesitate to act to protect consumers of private health insurance should their interests be at risk.
  • responsibility: all insurers are responsible for their compliance with the legislation and for establishing processes and protocols to ensure compliance.
  • accuracy: the Council expects insurers to provide timely and accurate information to support its oversight of the industry. Inaccuracies or delays in providing information to the Council may undermine the Council’s ability to properly assess an insurer’s prudential position, respond to emerging issues and advise stakeholders on the state of the industry.