Released – APRA's findings from its insurance risk management review

The Australian Prudential Regulation Authority (APRA) has published the findings of its review into the general insurance industry's approach to insurance risk management following the emergence of business interruption (BI) issues during the COVID-19 pandemic.

For the review, APRA required 10 insurers to conduct a self-assessment against the robustness of their risk frameworks in the context of BI and to extend the assessment to other product lines that most likely become vulnerable, including cyber risk. In all cases, the insurers found weaknesses that required remediation and have implemented programs to address them.

The review found:

• Failure to update policy wordings to reflect the change in the Quarantine Act legislation, opening insurers up to the legal challenge to “make good” on claims in a pandemic;
• The burgeoning of complexity in policy wordings and distribution channels, without commensurate controls to identify, prioritise, quantify, and manage exposures;
• A reticence to “move first” when correcting wordings that compromised risk appetite settings, especially in small and medium enterprises. Competitive pressures overriding sound risk judgments signals weaknesses in risk culture and accountabilities;
• Reinsurance contract wordings out of step with direct insurer policy wordings, an oversight that could have left some insurers without sufficient reinsurance cover;
• Inadequate attention to strong control effectiveness testing, including its frequency and intensity; and
• Insufficient adoption of a “what-if” mindset around emerging and evolving risks.

Read more: APRA releases latest annual general insurance statistics

APRA deputy chair Helen Rowell said comprehensive remediation plans were being undertaken to remedy the issues found in the review. She said: “The self-assessment exercise affirmed APRA's view that insurers took their eye off the ball of sound insurance risk management.

“While the legal uncertainty has largely abated in recent weeks, the BI issue was a near miss for insurers and one which cannot afford to be repeated. APRA expects all insurers and reinsurers to review their approach to risk management in light of these findings, and we are determined to ensure the various remediation plans of the 10 insurers involved are fully implemented.”

APRA sent a letter outlining the review's key findings and its ongoing supervisory focus on insurance risk management to its regulated general insurers.