AFCA have published its updated Approach to family violence and Approach to financial abuse of older people following a comprehensive consultation process. AFCA have: expanded and refreshed the Approach to family violence, which will replace AFCA’s existing Approach to joint accounts and family violence revised and updated the Approach to financial abuse of older people, which will replace the superseded Approach to financial elder abuse. I have extracted the parts of the Approaches relevant to General Insurance however the full Approaches should be considered and can be accessed here. The AFCA Approach to family violence What is family violence? The Family Law Act 1975 (Cth) defines family violence as: “…violent, threatening or other behaviour by a person that coerces or controls a member of the person’s family (the family member),or causes the family member to be fearful.” Family violence can have serious and lasting effects on a person’s physical, psychological and financial wellbeing. These impacts may compound over many years. Family violence impact does not necessarily end when the relationship does. In some cases, it can begin or escalate after the relationship has ended. Family violence refers to both intimate partner violence and violence between family members. This includes (but is not limited to): physical, psychological, sexual and emotional abuse coercive control financial abuse parental or elder abuse General insurance Family violence in the misuse of insurance products is a growing risk. Insurance policies can be exploited to perpetrate abuse by changing or cancelling policies, changing beneficiaries, restricting access to information, interfering with the claims process, or preventing victim-survivors from obtaining a payout. Warning signs of potential family violence and financial abuse There are warning signs that a customer may be experiencing family violence and/or financial abuse specific to insurance products. These may include when one policyholder may: not understand, or is not aware, that: > cover has been taken out in their name or covering their property > they have been removed from a policy or the policy has been cancelled by a joint policyholder have concerns about protecting their personal privacy or safety or the security of their policies be reluctant to involve the other joint policyholder when making changes to the policy, making a claim or seeking hardship assistance. Warning signs that a policyholder may be a perpetrator of family violence include that they: ask questions about a joint policyholder’s behaviour or activities request to remove the other joint policyholder from a policy or claim are reluctant to involve the other joint policyholder when making changes to the policy, making a claim or seeking hardship assistance. Common issues that may arise In the context of insurance, issues that may arise with jointly held policies in situations involving family violence, include: cancellation of the policy by one policyholder payment of benefits under a jointly held policy disadvantage to innocent co-insured by a perpetrator’s failure to disclose perpetrators forcing victim-survivors to pay an excess following an accident policies that may exclude damage to property by the perpetrator of family […]
I’m often asked when must a certain document be provided to a client? Disclosure documents for general insurance generally have have 2 requirements: content requirements; and timing requirements This article will focus on the timing requirements. Customer/client journey The simplest way to think about the timing requirements for disclosure documents is to think about the various customer touchpoints or the customer journey. Insurance brokers often send an important noticedocument when invoicing clients containing all relevant information such as FSG, general advice warning, duty to take reasonable care, duty of disclosure etc. While convenient, care should be taken with this approach to ensure the regulatory timing requirements are met Code requirements Brokers and insurers (including underwriting agencies, TPAs and other material service providers) also have requirements under respective industry Codes to provide certain information at a specific time. The customer/client journey should not only be mapped out to cover regulatory disclosure documents but should also pick up Code requirements such as providing a Terms of Engagement (brokers). The regulatory disclosure cycle It should be noted that disclosure documents are only required to be provided to Retail clients however it is common practice for a FSG to be provided to both retail and wholesale clients. A TMD is not a disclosure document as it only must be made available by a product issuer before it distributes a general insurance product. The product issuer must make a TMD available and a distributor must not engage in retail product distribution conduct unless a TMD is available or not required (see RG 274). It’s important to note that a TMD is not only relevant for Retail clients. The test is whether a Retail client could purchase the product, even if intended for Wholesale clients. Let’s explore the disclosure documents relevant for general insurance based on the customer experience or journey. I’ve included the reference in the Corporations Act for the content requirements in case you wish to have a look at these requirements in addtiion to the timing requirements. FSG Obligation to give a FSG if financial services provided to a Retail client (s941A for licensees and s941B for authorised representatives) Timing of FSG (s941D) Content requirements (s942A – 942E including a combined FSG/PDS) A FSG must be given to the (retail) client as soon as practicable after it becomes apparent that the financial service will be, or is likely to be, provided to the client, and in any event must be given to the client before the financial service is provided. (s941C provides situations in which a FSG is not required). Practically speaking, the FSG will be provided before any financial product advice is provided, this means on appointment (for brokers) or at quote stage (for underwriters). A claimant intermediary must provide a FSG before they provide any claims handling settling services to the client (s941C(7A)). This is because they are acting on behalf of the insured. A claims manager, acting on behalf of the insurer, is not required to provide a FSG, as […]
In 2024, ASIC reviewed 11 general insurers to understand how they are supporting customers who make a complaint. ASIC’s review focused on how general insurers are complying with select enforceable obligations in Regulatory Guide 271 Internal dispute resolution (RG 271). While ASIC’s review focused on general insurers, the findings in this report are relevant for all financial firms that must comply with RG 271, this includes Underwriting Agencies, Claim Managers (TPAs), Claimant Intermediaries and Insurance Brokers. ASIC‘s key findings included: Insurers failed to identify 1 in 6 customer complaints Insurers only identified 85 systemic issues from over 1.4 million complaints Insurers had immature systems for handling complaints and reporting on complaints 1 in 8 IDR responses for rejected complaints did not meet mandatory content requirements 1 in 5 delay notifications failed to meet mandatory content requirements All insurers failed to provide delay notifications within required timeframes The General Insurance Code Governance Committee highlighted complaints handling as a main priority for 2025-26. Respondents to our consultation raised significant concerns about how insurers identify and handle complaints. We raised our own concerns about the handling of complaints in our Industry Data and Compliance Report FY24, with the number of complaints increasing by 18%. The Insurance Brokers Code Compliance Committee in their Annual Report 2024-25 found 42% of brokers reported no breaches or complaints (that) suggests continued underreporting and issues with internal monitoring… These failures represent service gaps that can expose clients to risk. Regulatory requirements AFS Licensees, as part of their general obligations (refer s912A(1)(g) and (2) Corporations Act) must have a dispute resolution system that consists of: an internal dispute resolution (IDR) procedure that complies with the enforceable paragraphs of RG 271; covers complaints against the licensee (and representatives) in connection with the provision of the financial services; and be a member of AFCA. All AFS Licensees that provide financial services to retail clients must submit an IDR report to ASIC. Firms must submit an IDR report to ASIC every six months. The reporting periods are: 1 January to 30 June, and 1 July to 31 December. A two-month submission window opens at the end of each reporting period. Submission windows are: 1 January to end of February, and, 1 July to 31 August. Financial firms that had complaints during the relevant six-month reporting period must submit an IDR report through ASIC’s Regulatory Portal that contains an IDR data file in machine-readable format, consistent with the specifications in the IDR data reporting handbook. In a recent media release, ASIC has confirmed that it will proceed with plans to publish IDR data at firm-level. The IDR dashboard will be published later this year. Code Complaint requirements Part 11 of The GI Code of Practice applies to Retail Insurance products. In addition, it is available to an uninsured person making a claim against a customer who is insured under a Retail Insurance policy (see paragraph 60). Part 11 also applies to Wholesale Insurance products where you are entitled to Financial Hardship support under […]
Compliance training in general insurance is not only a legal and Code requirement, it is also necessary to ensure that you have adequate compliance measures and for an individual’s growth and development as they progress through their insurance career. Compliance training for front-line staff, compliance teams, responsible managers and boards is one of the core compliance services that I offer to my clients. Over the years, I have identified what works. How do you know whether your compliance training has been successful? The measures of success Some of the metrics that can be adopted to measure the success of your compliance training are: a sustained increase in the number of incidents and complaints being identified and reported internally; an increase in the level of complexity of compliance questions being asked by front-line staff; a decrease in issues that were previously identified as pain points; a desire to attend future compliance training; better customer conversations (as assessed by monitoring); feedback from post-training surveys aimed at engagement and knowledge retention; and an increase in the maturity of compliance discussions within business team meetings. Importantly, some metrics that should not be used to assess the success of your compliance training are: the number of CPD/CIP points attained or annual hours of training completed. ; and the cost of training per employee. However these metrics are useful for other purposes The key requirements to conducting successful compliance In my professional experience, the following are some of the strategies that I adopt to ensure successful compliance training outcomes: Target the audience – training on financial services laws is not a one size fits all approach. Training for front-line staff differs to training for senior management, responsible managers or the board. Similarily, training must be tailored for different groups such as IDR teams, Authorised representatives, claims staff, sales & underwriters, onshore teams v offshore based teams. Understanding the lens of your audience is critical in how you poistion the same topic but to different audiences. For example RG 271 training for a mature IDR team will be different to complaints training for front-line customer service and claims teams. Fun and engaging – when an invite to a compliance training session pops in to your diary it may not necessarily generate your enthusiasm especially when accompanied by the dreaded words ‘attendance is compulsory.’ I consider that I have a training duty to ensure that the time that a person spends with me is of value and justifies them spending time away from their important day-to-day job (which continues even in their absence). Reading through the verbiage of s912A(1) Corporations Act may not be everyone’s cup of tea however, ensuring that s912A(1) is presented and discussed in a fun and engaging manner through, for example, story telling and case studies will faciliate learning as part of an overall enjoyable experience; Story telling – story telling brings compliance to life. I have 40 years experience in general insurance and in the last 8 years (as Compliance Advocacy Solutions) have […]
Misleading or deceptive regulatory obligations The Corporations Act prohibits engaging in conduct, in relation to a financial product or a financial service, that is misleading or deceptive or is likely to mislead or deceive (s1041H). Further, under the the ASIC Act, a person must not, in trade or commerce, engage in conduct in relation to financial services that is misleading or deceptive or is likely to mislead or deceive (s12DA). A breach of the misleading or deceptive conduct provisions is a Reportable Situation to ASIC unless: the breach has been rectified including consumer remediation within 60 days; and the number of impacted consumers is less than 10; and the total financial loss or damage to consumers is less than $1000. If a breach satisfies all these thresholds, it is not deemed reportable to ASIC. What is misleading or deceptive conduct? The key requirement is that the impugned conduct leads, or is likely to lead, a person into error. Advertising financial products and services (including insurance): Good practice guidance ASIC has developed good practice guidance (RG 234) to help promoters comply with their legal obligations to not make false or misleading statements or engage in misleading or deceptive conduct. The promoter will sometimes be the insurer, underwriting agency or broker but can also be a distributor or agent. ASIC’s guidance applies to advertising communicated through any medium in any form, including: magazines and newspapers radio and television; outdoor advertising, including billboards, signs at public venues, and transit advertising; the internet, including webpages, banner advertisements, video streaming (e.g. YouTube), and social networking and microblogging (e.g. LinkedIn); social media and internet discussion sites; mobile phone messages (e.g. SMS, MMS, text messages); product brochures and promotional fact sheets; direct mail (e.g. by post, facsimile or email); telemarketing activities and audio messages for telephone callers on hold; and presentations to groups of people, seminars and advertorials. Overview of Good practice guidance The following is extracted from RG 234, I have added general insurance context where relevant to do so. Returns, features, benefits and risks Advertisements for general insurance products should give a balanced message about the returns, features, benefits and risks associated with the product. Benefits should not be given undue prominence compared with risks. Warnings, disclaimers, qualifications and fine print Warnings, disclaimers and qualifications should not be inconsistent with other content in an advertisement, including any headline claims. Warnings, disclaimers and qualifications should have sufficient prominence to effectively convey key information to a reasonable member of the audience on first viewing the advertisement. Consumers should not need to go to another website (or other page of the website) or document (such as a PDS or TMD) to correct a misleading impression. Fees and costs Where a fee or cost is referred to in an advertisement, it should give a realistic impression of the overall level of fees and costs a consumer is likely to pay, including any indirect fees or costs. The premium, commission and government charges should be clearly identified. Comparisons Comparisons should […]
The true purpose of Compliance What is your compliance narrative? Is it about rules, regulations and laws? A legalistic approach to compliance does not engage your people and projects compliance as a series of task and activities that must be undertaken – hardly inspiring or motivational, with the outcome that compliance is often reactive in nature. How do you change the compliance narrative so that it is about people and caring, driving a proactive approach to compliance? The true purpose of compliance is to protect. The question becomes – protect who and from what? Your firm’s response to this fundamental question is important. People are motivated to act by caring, and its what we care about, that we want to protect. The protect analogy Think about driving a car. You need a drivers licence to drive a motor vehicle on a public road. This licensing process requires you to gain knowledge and skills to operate a motor vehicle in accordance with the road rules. Why? to protect yourself, people you care about (as your passengers), other road users and the community from the cost of motor vehcile accidents – fatalities, injuries and property damage and consequential social costs. Similarily, in order to conduct a general insurance business in Australia you need to be authorised by APRA and to provide a financial service (which includes general insurance) you need to be licensed by ASIC, or be a representative of a licensee. Like a drivers licence, you need to demonstrate to APRA and ASIC the knowledge, skills, and experience in general insurance with the approriate capital requirements and human, financial and IT resources with people who meet standards of honesty, ethics and integrity. Why, to protect what matters, and who you care about. Let’s explore this further. Who does compliance protect? Compliance, in a general insurance context, protects: our customers, clients and consumers from the risk of financial harm and detriment and consequential impacts on their life, business and assets (due to issues such as availability and affordability; partial or total declined claims; underinsurance, claim delays etc); our people (this includes staff, external representatives, material service providers and anyone involved in the insurance sales & claims supply chain) from the risk of being banned or disqualified, individual fines & penalties, damage to their reputation and asscoaited mental health issues and impacts to the enjoyment of their life; our business – the risk of fines & penalties, loss of licence, enforcement action, lost management time, loss of business, reputational impacts and class actions including shareholder actions for ASX listed entities; our business partners such as insurers, MGAs, TPAs, service suppliers, authorised representatives, referrers, distributors, and material service providers from the risk of financial and reputational harm, regulatory enforcement action, loss of business partner and associated loss of business; and the community, arising from systemic failures and mistrust in the general insurance industry. What happens when we care? Caring motivates people to take action, and to perform tasks that make a positive difference. This […]
The following are extracted from remarks by ASIC Commissioner Alan Kirkland at the Insurance Council of Australia Annual Conference on 10 October 2025. I have grouped the remarks under various headings for ease of reference. The full speech may be accessed here. Claims handling – 2022 floods It’s hard to forget those who let you down when you’ve had a hard time – and that was unfortunately the experience of many Australians in the aftermath of the 2022 floods. “Some people, who turned to their insurer in their darkest hour after paying premiums for years, felt that they became engaged in an adversarial situation with a company meant to be on their side.”[9] That quote is from the House of Representatives Standing Committee on Economics report into claims handling failures after the 2022 floods, which was handed down almost a year ago. It’s fair to say that there remains a significant trust gap to be addressed following this report. Reputation data from RepTrak[10] and Roy Morgan[11] suggests that insurance is among Australia’s most distrusted industries – and you only need to look at the testimony of individuals impacted to understand why. David Norris, whose family owned the Central Hotel in Eugowra, told the inquiry after more than 60 years with their insurer it was apparent that “loyalty only goes one way[12]. This is the challenge that must be addressed by you as you try to “pitch your tent” in the middle of these storms – showing people like David that loyalty is a two-way street. Areas of improvement in claims handling As insurers though, you are in the business of recovery. You know that rebuilding doesn’t happen overnight. It takes continual effort and care. And we know from our latest review that some of you are putting in the work and starting to see some green shoots of recovery as a result of that work. As noted recently by AFCA[13], the industry has made progress on reducing historically high complaint numbers, which should be commended. And we have also observed some promising signs in our recent follow-up on Report 768 – which of course was the report that examined claims handling practices following the 2022 floods[14]. When that report was published, we found that poor communications, poor resourcing, and poor treatment of vulnerable customers were endemic across the insurance industry. But it is clear that a lot of work has happened in the past two years in response to those findings. For example, every insurer we looked at this time around had established a program to improve their approach to claims handling. Most had introduced a single point of contact for claims, so customers didn’t have to tell their stories over and over again. Some had gotten smarter about how they used their data to identify and support vulnerable customers, before and after major events. And a few went beyond this – towards truly consumer-centric practices. For example, we’ve seen some insurers appoint a dedicated consumer advocate to be a […]
Last month I attended the AILA 2025 National Conference in Melbourne. One of the highlights was the regulators panel featuring: Jane Magill Executive Director General Insurance & Banking, APRA Peter Soros Executive Director, Regulation & Supervision, ASIC David Locke CEO, AFCA Chair Alexandra Hordern General Manager, Regulatory & Consumer Policy, ICA (Insurance Council of Australia) General insurance – areas of increased regulatory oversight The following areas were identified as subject to regulatory oversight during 2026: it was noted the increased complaints for motor vehicle insurance, this will be a focus for ASIC claims handling is improving however areas such as cash settlements will be a focus risk culture including how this permeates throughout the organisation feedback on CPS 230 based on reviews of larger insurers the use of AI however both ASIC and APRA consider that the existing regulatory regime is sufficient to manage the risks and are continuing to observe this space. A human should be involved in any AI decision-making process. APRA will be undertaking a narrow review of larger entities to test that principle based Prudential Standards 220, 230 & 234 are adequate to manage the risk of AI the use of AI by complainants as part of the IDR and EDR was observed and is being considered by AFCA (and is consistent with what I’m being told by my clients) pricing; the expectation is for transparency, and insurers to recognise efforts by insureds to improve their own risk sustainability reporting requirements The role of the regulator David Locke provided the following view on the role of the regulator which I have produced below with David’s permission: As a regulator your role is to clearly spell out where the red and yellow flags are on the beach and make it very easy for the public (and financial firms) to swim between the flags. There will always be some people who drift or accidentally swim just outside them and you blow your whistle and use the lightest regulatory tools necessary to get them to swim back in safe water. You then focus the majority of your compliance resources on the idiots jumping off the rocks at the end of the beach. You want to prosecute them to deter others from doing so, and in some cases want them permanently off the beach. David’s analogy strongly resonates with my ‘Compliance protects what matters‘ theme. A company’s compliance arrangements can serve a similar purpose of keeping their people and other representatives swimming safely between the flags (that is: conducting general insurance business efficiently, honestly, fairly, transparently and timely) by adopting the following compliance operating rhythm: the documented compliance process and procedures, training and IT systems provides a safe place to conduct business protecting the business, its people, its customers and cliients and its business partners; the firm’s people acting as ‘an early warning system’ to quickly identify and raise incidents and complaints; an effective monitoring program; and a culture of wanting to do the right thing. Disclaimer: Reproduction of statements […]
Underwriting Agencies generally require an APRA-regulated insurer as a partner to provide general insurance products in Australia. The Underwriting Agency typically has delegated binding authority from an insurer (see section 916E Corporations Act). In this instance, the Agency is acting on behalf of the insurer. In other arrangements, such as an open-market placement, it’s likely that the agency is acting on behalf of the insured (commonly referred to as wholesale broking) and would require the relevant authorisation under their AFS Licence. It is necessary for an Underwriting Agency to ensure that the insurer is authorised by APRA to carry on general insurance business in Australia. Who is an insurer and what authorisation does an insurer require to carry on general insurance business in Australia? Under the Insurance Act 1973, it is an offence to conduct insurance business in Australia without the proper authority. If your business intends to conduct any business that can be classed as insurance business, you need a licence from APRA giving you the authority to conduct insurance business in Australia. Part 3 of the Insurance Act defines ‘insurance business’ as the business of undertaking liability by way of insurance (including reinsurance), in respect of any loss or damage. It includes liability to pay damages or compensation, contingent upon the happening of a specified event, and any business incidental to insurance business as so defined. There are some exclusions to the definition of insurance business, such as life insurance (covered by the Life Insurance Act 1995) and health insurance (covered by the Private Health Insurance Act 2007). The Insurance Act only allows corporations or Lloyd’s underwriters to carry out insurance business in Australia, which means APRA cannot consider applications from partnerships or unincorporated entities. APRA expects all applicants to be able to comply with all of its prudential requirements, as set out in the Insurance Act and prudential standards, from the commencement of insurance business in Australia and continuously thereafter. Requirements APRA will consider the following matters in the application: ownership governance including board composition and FAR Capital and Assets in Australia including minimum capital requirements Risk management framework Compliance Reinsurance management Informations security and accounting systems Intra-group transactions and arrangements General insurers authorisation – Section 12 A general insurer, including a foreign general insurer, is authorised under section 12 to carry on general insurance business in Australia. The obligation to comply with APRA Prudential Standards applies to general insurers authorised under section 12. Lloyds Underwriters – Section 93 Part VII, section 93 of the Insurance Act authorises Lloyd’s Underwriters to write Australian insurance business. Sections 65 to 73 of the Act provide for special Australian policyholder protection provisions associated with Lloyd’s. At all times, Lloyd’s must ensure that security trust fund arrangements, and ancillary or incidental arrangements, in accordance with Lloyd’s security trust fund instrument No. 2 of 2017 are in existence. Unauthorised foreign insurers Certain insurance business is an exemption under the Insurance Act (subsection 3A(1)) Insurance Regulation Section 8 provides that where insurance is […]
ASIC has released its Corporate Plan 2025-26. ASIC Chair Joe Longo Mr Longo said the plan formalised ASIC’s focus on regulatory simplification. (Media Release 25-177MR) ‘A focus on simpler and better regulation is now a concrete part of ASIC’s 2025-29 plan and will see the agency continue that focus to make it easier to interact with ASIC, to understand our expectations, for us to administer the law, and ultimately to cut red tape.’ ASIC’s Corporate Plan also outlines how the agency is maturing its approach to measuring and assessing its performance, including introducing a new suite of performance measures. ‘This will help our stakeholders better understand ASIC’s impact,’ Mr Longo said. Impacts for General Insurance I have extracted the parts of ASIC’s Corporate Plan 2025-26 that impact general insurance. 12 month work Guided by the strategic priorities set out in the plan, ASIC’s work over the next 12 months and beyond will include: driving regulatory reform to ensure the stability, fairness and transparency of our capital markets ensuring stable, secure and resilient market infrastructure pursuing continuous improvement in artificial intelligence (AI) governance and cyber security holding superannuation trustees accountable for Australians’ retirement savings, and reducing the regulatory burden on businesses. 2025-29 plan highlighting general insurance impacts ASIC are focused on addressing the most significant issues in the regulatory environment and bolstering ASIC’s capabilities to achieve this. In 2025–29, work under ASIC’s key activities will be guided by five strategic priorities. Improve consumer outcomes Strengthen market disclosure and professional conduct Support better retirement outcomes and member services Strengthen operational digital and data resilience and safety Drive integrity and transparency across markets Improve consumer outcomes – general insurance IDR – ASIC will review compliance by licensees with their obligations to report to ASIC on complaints, IDR processes, and outcomes. ASIC will continue publishing IDR data, a key part of the IDR reporting requirement. General insurance premiums – ASIC will examine the accuracy and transparency of general insurers’ disclosures about premiums and work to better understand consumer experiences. General insurance cash settlements – ASIC will review general insurers’ use of cash settlements to better understand the practices and disclosures surrounding the offers being made and to assess whether there are risks of consumer harm. Indigenous consumer outcomes – ASIC will maintain their Indigenous Outreach Program to ensure ASIC consider and understand the needs of Indigenous consumers responding to misconduct impacting Indigenous communities. ASIC will continue to build our understanding of how Indigenous communities are engaging with general insurance products and using these products to manage risks to assets of value. Strengthen market disclosure and professional conduct Sustainability-related actions – ASIC will take regulatory or enforcement action, where necessary, to protect investors and consumers. ASIC will focus on greenwashing and complaints handling by insurers following severe weather events. Auditor independence and conflicts of interest – ASIC will continue to examine auditors’ compliance with their independence and conflicts of interest obligations and publish our surveillance findings. Director and officer conflicts of interest – ASIC will […]