Skip to main content
Media Releases

APRA launches review of insurance risk management frameworks

Monday 19 July 2021

The Australian Prudential Regulation Authority (APRA) will require a number of general insurers to review the soundness of their risk management frameworks in light of recent issues with business interruption (BI) insurance.  

Lockdowns and other restrictions associated with COVID-19 have triggered a spate of potential BI claims, with many insurers exposed through policy wordings that had not kept up-to-date with changing legislation. The resultant legal uncertainty, and significant financial exposure for insurers, has raised concerns about the strength of insurers’ risk management frameworks.   

In response, APRA has written to a number of insurers asking them to undertake a self-assessment of their risk management frameworks in the context of BI, so as to prevent similar problems occurring in the future. The review will also focus on cyber risk, however APRA expects insurers to ensure their risk frameworks are robust across all product areas and potential exposures.

APRA Deputy Chair Helen Rowell said: “Insurers are in the business of managing risk, yet the impact of the pandemic has raised clear concerns about how well some insurers are doing this. Although the legal disputes around BI cover for some COVID-19 claims have yet to be fully resolved, the fact that so many insurers were selling policies with outdated wording exposes clear deficiencies in risk management.

“As well as examining the root causes of the BI problems, we are keen to identify whether similar hidden issues exist in other insurance products. The growing threat posed by cyber adversaries makes this a prudent place to probe.

“Where the self-assessments identify material concerns, APRA will consider whether further supervisory action is warranted. The consolidated findings will also be published to send clear messages to all insurers around observed weaknesses, better practice, and the importance of maintaining robust insurance risk management frameworks,” Mrs Rowell said.

APRA has published the letter and guidance material that supports the self-assessment exercise, and urges non-participating insurers to consider whether a similar self-assessment would enhance their own risk management practices.

Self-assessments are due to be completed and submitted to APRA by 30 November.

The letter to industry is available on APRA’s website at: Insurance Risk Management (IRM) self-assessment.

Cyber

Media enquiries

Contact APRA Media Unit, on +61 2 9210 3636

All other enquiries

For more information contact APRA on 1300 558 849.

The Australian Prudential Regulation Authority (APRA) is the prudential regulator of the financial services industry. It oversees banks, credit unions, building societies, general insurance and reinsurance companies, life insurance, private health insurers, friendly societies, and most members of the superannuation industry. APRA currently supervises institutions holding $7.7 trillion in assets for Australian depositors, policyholders and superannuation fund members.