Background
APRA publishes aggregated statistics from the National Claims and Policies Database (NCPD) using information provided under the NCPD reporting standards.1
APRA is updating how NCPD statistics are delivered to external users. Historically, external users accessed NCPD outputs through a portal-based approach that generated many preprepared reports. Under the refreshed approach, APRA proposes to provide a smaller, defined set of publication outputs as downloadable datasets. This simplification is intended to make the statistics easier to access and use.
Data collected by APRA under the NCPD reporting standards is protected under section 56 of the Australian Prudential Regulation Authority Act 1998 (APRA Act). APRA may disclose protected data in certain circumstances, including where APRA has determined the information to be non-confidential under section 57 of the APRA Act.
In 2020, APRA consulted on collecting cyber insurance and management liability data for the purposes of the NCPD. APRA also sought representations on whether information about cyber insurance and management liability should be determined non-confidential at the same level of aggregation as other products such that those data may be published as separate products in the NCPD statistics. APRA received no objections to this approach within our previous consultation.
APRA subsequently updated the NCPD reporting standards to collect cyber insurance and management liability data but did not at that time determine data on those additional product types non-confidential.2 APRA is consulting now on the basis that APRA intends to include cyber insurance and management liability data as separate product classes in NCPD publications going forward.3
Proposed NCPD publication approach (what will be published, and how it will be delivered)
Under the refreshed approach, APRA proposes to publish NCPD statistics through a defined set of publication outputs (downloadable spreadsheets) using consistent measures and dimensions. The proposed outputs are set out below. Importantly, this is a change in format (delivery), not a change to content (other than the addition of cyber insurance and management liability data as separate, standalone, product categories).4 The core measures or dimensions, the level of aggregation and the excluded combinations of related data (cross-dimensional data) will remain substantively as described in the existing non‑confidentiality determination for the NCPD.
Policy statistics (General insurers) – publication outputs
APRA proposes to publish four policy cross-sections with the following data measures for each cross-dimensional bucket: the number of policies, number of risks written, number of risks in force, gross earned premium (sum across all policies in a bucket) and gross written premium (sum across all policies in a bucket).
The dimensions will align with those previously published: reporting year, underwriting year, product type, class of business, state, occupation/industry group, excess/deductible/attachment point (EDA) and limit of indemnity. Occupation/industry group, EDA, and limit of indemnity will be published at previous levels of aggregation. Only product types previously separately published, with the addition of management liability and cyber insurance, will be separately published.
APRA intend to publish four policy cross-sections in order to exclude, in accordance with existing practice, high-granularity combinations. The four cross-sections will be by:
- state and limit of indemnity bucket;
- state and EDA bucket;
- occupation/industry and limit of indemnity bucket; and
- occupation/industry and EDA bucket.
Claims statistics (General insurers) – publication outputs
Similarly, APRA proposes to publish four standard claims cross-sections with the following data measures for each cross-dimensional bucket: number of all claims, number of finalised claims, gross claim payments (sum across all claims in a bucket) and gross claims incurred (sum across all claims in a bucket).
The dimensions will align with those previously published: reporting year, underwriting year, accident year, year claim reported, year claim finalised, product type, class of business, state, occupation/industry group, EDA and limit of indemnity. Occupation/industry group, EDA, and limit of indemnity will be published at previous levels of aggregation. Only product types previously separately published, with the addition of management liability and cyber insurance, will be separately published.
As with the policy reports, to exclude high-granularity combinations, the four cross-sections will be by:
- state and limit of indemnity bucket;
- state and EDA bucket;
- occupation/industry and limit of indemnity bucket; and
- occupation/industry and EDA bucket.
Facilities statistics (General insurers)
APRA proposes to publish one facilities publication with the following data measures for each cross-dimensional bucket: number of facilities, number of policies, premium received in the reporting period (sum across all policies in a bucket), number of claims and gross payments made for reporting period (sum across all claims in a bucket).
The dimensions will align with those previously published: six-monthly reporting period (month ending), occupation/industry group, class of business and runoff indicator. Occupation/industry group will be published at the previous level of aggregation.
Lloyd’s publications
APRA proposes to continue to publish three separate Lloyd’s publications, with one publication each for policies, claims and facilities. Consistently with the prior Lloyd’s publications, these will mirror the general insurer publications but exclude some data dimensions and measures:
- The policy publication will exclude occupation/industry group, EDA, limit of indemnity, state, product type and the number of risks in force;
- The claims publication will exclude occupation/industry group, EDA, limit of indemnity, state and product type; and
- The facilities publication will exclude occupation/industry group, runoff indicator, number of facilities, number of policies and number of claims.
Access to NCPD reports
APRA is currently considering how it will deliver the reports to stakeholders and whether any additional data privacy safeguards are needed for residual granular data, including whether any conditions should be imposed on use or access of the reports. APRA will finalise its consideration of these matters following the consultation on non-confidentiality.
Confidentiality proposal
APRA proposes to replace the existing non-confidentiality determination to reflect the addition of cyber insurance and management liability aggregates as separately published product types and the refreshed NCPD publication approach. This will involve making a determination in respect of the cross dimensional aggregates described above, which are contained across the six NCPD reporting forms listed earlier in this paper.
Other than these changes, the proposal is intended to preserve the scope of the existing non-confidentiality determination.
APRA does not propose to make the underlying data items non-confidential, nor to change the levels of granularity or aggregation previously determined to be non-confidential. The existing carve out for high granularity combinations will be retained.5
Consultation (how to respond)
APRA invites feedback on:
- the confidentiality proposal, including whether any information proposed to be released should remain confidential.
Written submissions should be sent to dataconsultations@apra.gov.au by 16 June 2026 and addressed to:
Manager, Supervisory Data
General Insurance and Banking Division
Australian Prudential Regulation Authority
APRA will then finalise its response to the consultation, and subject to feedback, will provide a timeline for the release of the NCPD publications. This will coincide with the formalisation of the data confidentiality determination.