By Henry Clark – Head of Professional & Executive Risks



In September, the Australian Cyber Security Centre (ACSC) published its annual cyber threat report for the 2020-2021 FY, revealing total self-reported losses from cybercrime in Australia in excess of $33 billion.  The escalating prevalence and severity of cyber attacks, along with changes in governance expectations, director liabilities, and regulatory reform is seeing business leaders place significantly more emphasis on their organisations’ cybersecurity and risk management strategies. Head here for our in-depth analysis of the cyber insurance market and updates across a range of different industries, including financial institutions, professional services, and technology. 

Following consecutive years of rate increases, there is clear evidence pricing is beginning to plateau for the public company D&O insurance market. Whilst insurers still applied rate increases during the Q1 renewal period, these were much lower than the prior quarter. This suggests the corrective portfolio measures required in the D&O space have largely been achieved and pricing is reaching a sustainable level for insurers. Challenges remain for companies with poor financials and industries heavily impacted by COVID-19. The ability of brokers to differentiate these clients by communicating in-depth knowledge of their risk exposures and being able to provide quality information about their risk management and risk mitigation activities is crucial to securing positive renewal outcomes for clients.  

The professional indemnity (PI) market remains challenging for certain professions, particularly design and construct professionals, digital banks, mortgage brokers, financial planners, and non-bank lenders. These professions still face supply and demand issues due to several insurers withdrawing from the market. Premium rates increased on average 15-20% in the last quarter, with insurers being highly selective in risks they choose to insure.  



For management liability (ML) and insurable exposures for private enterprises, the full effects of COVID-19 remain unknown. As a result, underwriters are cautiously monitoring their portfolios and the solvency of Insureds. Crime and employment practices liability coverages continue to be the main triggers for ML claims, accounting for over 70% of combined losses for ML insurers.   


In this hardening insurance market where demand outstrips supply, Honan is working to ensure all clients understand the outlook for their renewal programs to ensure the right level of cover for their organisation. Our insurer partners expect strong underwriting submissions, based on the best available information, in order to optimise the price, terms, and conditions for your risks.  



At the forefront of renewal negotiations are cyber placements. These remain challenging for certain risks and risk management around ransomware attacks in particular. Insurance carriers and cyber underwriting practices continue to evolve from a traditionally narrow focus on factors such as revenue, number of employees, record count, and industry class, to a wider underwriting lens encompassing loss modelling tools and continual system scanning, both in-house and via outsourced IT security. Insurers are delicately balancing the growth of their portfolios, whilst remaining disciplined in the face of surging claims and declining profitability.   

As always, engagement with your broker well in advance of renewal dates is essential. 



Market Update: Q1 FY22



5 Essentials in Cyber Security


The Australian Cyber Security Centre’s annual Cyber Threat Report for FY21 makes for sobering reading, revealing 67,500 cybercrime reports were made in that year (a 13% YoY increase), and estimated to have cost Australians $33 billion. Following the report’s release, Honan hosted a cyber seminar with partners Clyde & Co., sharing the latest updates on the cyber risk landscape, practical strategies for managing the growing risks, as well as regulatory changes to data privacy, and upcoming legal reforms set to affect businesses. As emphasised in the seminar, no industry is immune from the impacts of cybercrime. Here are our key considerations for business leaders to keep in mind as they navigate the evolving situation:


1. Cyber insurance is critical

A robust cyber insurance policy works to complement existing IT security systems to protect your organisation against damages that can result from cyber attacks, data security breaches, and costs associated with response and recovery. While cyber insurance is an essential part of a business cyber security toolkit, it is not a standalone solution. Learn more about how cyber insurance can compliment your cyber security strategy here


2. Embed a tailored Cyber Incident Response Plan (CIRP)

An effective CIRP is a framework designed to protect your business’ reputation, minimise losses, limit business disruption, and help businesses avoid common mistakes in the event of a cyber incident. This plan should be reviewed on an annual basis and clearly define the roles and responsibilities of relevant key staff. Critically, in the event of a security breach, if a board can demonstrate that 1) they were aware of a cybersecurity risk, and 2) that they activated a framework to mitigate that risk, it is less likely to risk breaching its fiduciary duties under both the Privacy and Corporations Acts. To find out more about developing a CIRP to meet your business’ needs, speak with your broker.


3. Understand your governance requirements

Changes in governance expectations, director liabilities, and regulatory reform is seeing business leaders place significantly more emphasis on their organisations’ cybersecurity and risk management strategies. Directors can be held responsible for not acting to progress a company’s cybersecurity framework and may be punished if they are found to have failed to ensure a company has an adequate cybersecurity risk management plan in force, not responded in a reasonable time frame to a known data breach or failed to respond altogether. You can read more about this in our simple summary.


4. Multi-Factor Authentication (MFA) is a must

MFA is a method of electronic authentication that requires a user to provide at least two forms of identity verification before access is granted to a program, network, or system.  Ensure MFA is installed across all remote working systems for your business’ employees, contractors, and vendors. Learn more about MFA and password best practice in this guide.


5. Use a separate Virtual Private Network (VPN) for remote working

With hackers taking advantage of widespread remote working arrangements, it is more important than ever to ensure your staff use a separate VPN whenever they are working outside the office. This is vital for various reasons in preventing security breaches. It is equally important to notify your broker that these procedures have been implemented because this helps them to gain access to insurance capacity as a risk transfer solution for your business.




Click here to watch the Cyber Seminar Recording and enter the Passcode: HbK+7U7P

You can find out more about managing your business’ cyber security in our Cyber Capability Statement.


Ben Robinson

Placement Manager – Professional & Executive Risks



By Henry Clark – Head of Professional & Executive Risks





Following significant re-alignment of premiums over the past three renewal cycles, the public company D&O insurance market now sits in a more sustainable position. The regulation of litigation funders’, proposed changes to continuous disclosure laws, and the Federal Court dismissal of the Worley Case are all positive developments. We now see signs of recovery with new capacity and fresh entrants offering competitive options for our ASX clients.



After several years of portfolio remediation, insurers underwriting financial institution risks now have more clarity on their underwriting appetite. Some insurers have even made aggressive client acquisition plays by way of targeting well-performing sectors, particularly Australian Financial Services Licence (AFSL) holders providing products and services to wholesale clients.



Companies offering lending products and services continue to experience supply and demand issues. Such issues are largely due to capacity constraints and reduced limits being offered by insurers still willing to provide Professional Indemnity (PI) cover, particularly ACL holders supplying products and services to retail clients.

All Australian Law Firms renewed their top-up PI insurance on 30 June. This sector continues to be challenged by the aftermath of the Lloyds Decile 10 Review (a focus on their poorest performing businesses), which had a significant impact on capacity, particularly for Firms looking to purchase large PI limits. Replacing capacity on these programs is now far more costly.



The most topical class in Q4 has been cyber insurance, which has experienced hardening conditions due to the increased severity of attacks, particularly ransomware events. Industry data shows business email compromise and ransomware are the most frequent cyber-attacks, with ransomware causing the highest severity of losses. The professional services sector has been most affected by cyber incidents. Real estate, non-profit, and healthcare also experienced notable increases in cyber incidents.

Supply chain attacks targeting Managed Service Providers (MSPs) and technology clients have triggered large losses globally and these risks continue to be a major threat for insurers. This was highlighted by the recent Kaseya ransomware event which spread quickly across the globe. The threat actors used patches to Kaseya software to install malware on client systems. Experts predict this will be the largest supply chain loss globally. Currently, up to 1,500 organisations are believed to have been impacted, but how many will ultimately be affected remains unclear. The hackers (believed to be Russia-based REvil Corp) have issued a demand for US$70,000,000 in return for a universal decryption tool for all victims.

We expect Australian MSPs and their customers to be impacted by this event, resulting in an increase in claims activity.


We encourage Insureds to continue to work with their brokers in identifying their risk tolerance and agreeing on what will be acceptable from a coverage, price, limit, and risk retention perspective.

As a result of the increase and severity of cyber-attacks, we expect cyber underwriting practices to evolve from narrowly focusing on risk factors such as revenue, the number of employees, Personally Identifiable Information (PII) count, and industry class, to a wider underwriting lens. We anticipate greater reliance on loss modelling tools and continual system scanning, utilising both in-house and outsourced IT security resources as underwriters evaluate prospective Insureds.

As always, we encourage clients to begin the renewal process early and proactively supply insurers with information that improves the perception of their risk exposures.



The Federal Government is considering measures whereby businesses and Government agencies would be required to notify the Australian Cyber Security Centre (ACSC) before paying a ransomware demand. The Bill has introduced penalty measures for entities that do not comply with the reporting framework will be subject to fines of up to $222,000.

There is considerable public discussion about whether ransomware payments should be payable by insurers.  Some insurers are now introducing policy conditions requiring Insureds to contribute towards ransomware payments to encourage better risk management and prevention strategies.




Discover more market updates from this edition of HoneIn.

Run-Off Insurance 101: What Companies & Directors Need to Know


Run-Off insurance, also known as the ‘Discovery Period’ or ‘Extended Reporting Period’ is an insurance policy provision that provides tail coverage for various financial lines products written on a ‘claims made and/or notified basis’. Run-Off insurance provides protection from claims of negligence or loss resulting from a breach of professional services or wrongful acts by Management prior to the date of transaction (being an acquisition, merger, or cessation of operations).

Policies typically written on a ‘claims-made and/or notified basis’ include:

  • Directors and Officers Liability
  • Management Liability
  • Professional Indemnity
  • IT Liability
  • Cyber Liability
  • Statutory Fines and Penalties
  • Employment Practices Liability

For a claim to be triggered under these products, an active policy must be in force at the time a claim and/or notification is made. If a policy has lapsed and is not active at the time a claim is brought against a director and/or the company, cover will not respond, regardless of when the wrongful act occurred.

An acquiring company will commonly require the company being acquired to purchase Run-Off insurance to protect itself from past liabilities. Run-Off insurance can be purchased on an annual basis or multiple periods for an upfront payment.



If a company has been acquired, merged, or ceased operations, it is vital that Run-Off insurance is purchased for policies issued on a ‘claims made and/or notified basis’ to ensure protection is in place in the event a claim arises. We recommend our clients purchase Run-Off insurance for a period of 7 years to coincide with the statute of limitations. Under the statute of limitations, companies and directors can be held liable for decisions made for up to 7 years.



Insolvency is among the top concerns for Directors & Officers Liability and Management Liability insurers, as insolvency administrators typically look to regain losses from directors. Over the past 12 months, insurers have taken longer to review submissions and are being more rigorous and prudent in requesting detailed information about the effects of COVID-19, along with audited financials.    

Run-Off insurance is made available at an insurer’s discretion. It is therefore imperative that you review the ‘Discovery Period’ clause in your policy wording to ensure you are aware of the insurer’s terms and conditions. If insurers are uncomfortable with a company’s financials, insolvency exclusions will likely apply, often going hand in hand with a Discovery Period Deletion clause, deleting the Discovery Period entirely. At Honan, we recommend contacting your insurance advisor to confirm your ‘Discovery Period’ clause.



Premiums provided are at each insurer’s discretion, however, typical coverage costs are as follows:

1 Year = 100% of expiring premium

3 Years = 150% – 200%

5 years = 200% – 350%

7 years = 350%+




If you have any questions or concerns about Run-Off insurance, please reach out to your Honan adviser.  


Monique Reibelt

Senior Client Executive – Professional & Executive Risks




Learn how the global insurance market impacts local pricing.



Financial Lines Snapshot: FY21 Q3


In this update, we share practical insurance insights from the quarter that’s been, and forecasts for the quarter ahead.



In Q3 we started to see more consistency and certainty around insurer appetite for Professional and Executive Risks. Whilst insurers continue to press for increased premiums and deductibles, the severity of increases are not as high as previous renewals as insurers start to reach a viable tipping point, particularly for ASX Directors & Officers (D&O) placements.

Cyber risks surged locally and globally over Q3, which has led insurers to reposition pricing and coverage. Two significant cyber-attacks hit the press – the Nine Network attack which disrupted live broadcasts and the cyber-attack on Microsoft Exchange, which breached over 100,000 Exchange Servers. Microsoft released emergency security updates in March to address server vulnerabilities. Insurers expect Insureds to have implemented effective patch management programs as part of the firms’ broader cyber security strategies to provide coverage.

For financial institutions, global economic volatility presents a concern for insurers. With the resurgence in Australian capital markets now floating on an unprecedented level of monetary and fiscal support, investors are sitting on large cash reserves and rapid accelerations in equity gains. As a result, underwriters are concerned about sudden devaluations to the market and consequent investor legal suits. The lingering effects of the Hayne Royal Commission also remain an integral rating factor, as well as any potential long tail claims arising from COVID-19. You can find out more in our early April Financial Institutions market update.

Forthcoming insolvency warnings are among the top concerns for the Management Liability insurance sector with insolvency administrators typically looking to recoup losses from directors. Following the end of COVID-19 Government support packages, SME and private enterprises are being examined for solvency risk and can expect greater scrutiny at renewal time to cover this exposure.

After a tough year in 2020 for Australian mergers and acquisitions, there is cautious optimism about the year ahead. Mid-market deals that were put on hold due to COVID-19 will now progress and the acceleration in capital markets will likely prompt owners to test the waters. Warranty and indemnity insurance continues to have an accelerated take-up in the Australian mergers and acquisitions landscape.



For Q4, cyber insurance rate increases are anticipated across all industry classes after a notable acceleration in claims. With the global pandemic serving as a catalyst, cyber criminals have taken advantage of new and exposed vulnerabilities to target companies’ most valuable resources – their intangible assets (such as data, brands, customer and supplier information, content, code, trade secrets and industrial know-how).

Ransomware claims have increased significantly in both frequency and severity. According to Chubb, ransomware claims accounted for up to 78% of their value of losses incurred during 2020.

A number of cyber markets have flagged that coverage will be restricted for companies with inadequate security measures, while others may decline to offer terms altogether under new underwriting guidelines.

The impact of the SolarWinds cyber attack that spread to clients and went undetected for months will also have critical implications for cyber risks going forward. The Trojan Hack that gained entry via a software update could not only cost cyber insurers AUD$116 million, but could also improve hacking tools for cyber hackers.

In general, insurers expect comprehensive underwriting submissions across all financial lines products to ultimately provide clients with the best price, terms and conditions for their risks. Early engagement with your Broker well in advance of renewal dates is required to achieve optimal outcomes.



The COVID-19 Continuous Disclosure relief for ASX Listed entities has now lapsed. Whilst the Bill has passed through the House of Representatives, this has now been referred to the Senate Economics References Committee (SERC) and ASX entities must continue to act with caution regarding their continuous disclosure obligations.

The proposed Bill outlines various changes to ease the continuous disclosure rules which would raise the threshold to lodge claims, and potentially aid the Directors & Officers (D&O) market. The SERC must report by June 30, and the Senate is expected to debate the Bill in the first Parliament sitting for August 2021.

Clients in the construction industry may have new obligations under the Design and Building Practioners Act (DBA) 2020. Although the Act came into effect on June 11 2020, new details have now been released by The Design and Building Practitioners Regulations which commence on July 1, 2021. The DBA Act which applies to Class 2 buildings and buildings that include class 2 components such as “two or more sole occupancy units, each being a separate dwelling” will now be subject to an industry-wide statutory duty of care along with a number of proposed compliance reporting and registration requirements. The statutory duty of care operating on a retrospective basis is one of the most notable changes to watch over the coming quarter. Given the retrospective element, clients could face litigation relating to work performed years ago. Building and Construction clients should ensure they are well-informed about the changes.


We’re With You All The Way

Feel free to reach out to discuss your risk exposures.


Henry Clark

Head of Professional & Executive Risks



Read the Corporate Snapshot: FY21 Q3.  


Australian CEOs’ cybersecurity concerns prompt major changes to risk management strategies


PWC’s 24th CEO Survey released earlier this year, revealed the escalating prevalence and severity of cyber-attacks, along with changes in governance expectations, director liabilities, and regulatory reform is seeing business leaders place significantly more emphasis on their organisations’ cybersecurity and risk management strategies, with around 80% of CEOs surveyed strengthening their cyber security and privacy infrastructure in response.  


Why are business leaders concerned?

Critical infrastructure, the subject of Government reform at the end of 2020 – is particularly important for ASX listed companies and their directors. It is not just cyber policies being affected, with some (Directors & Officers) D&O insurance policies containing new ‘Cyber Endorsements’, which can include affirmative language responding to wrongful acts or in some cases, exclusions or remain silent altogether. In turn, this is placing more pressure on boards to build and implement robust governance strategies to protect their shareholders and ultimately, their bottom line / share price in the event of an attack.

Directors can be held responsible for not acting to progress a company’s cybersecurity framework and may be punished if they are found to have failed to ensure a company has an adequate cybersecurity risk management plan in force, not responded in a reasonable time frame to a known data breach, or failed to respond altogether.


Risk mitigation through Cyber and Directors & Officers Insurance (D&O)

A typical D&O policy will provide coverage for individual directors (often including the board), for wrongful acts, errors and omissions arising from their professional conduct acting in their capacity as a director – which could include those matters relating to a cyber incident. ‘Dishonesty/Misconduct’ exclusions may prevent cover for claims arising from misconduct, such as wilful breach of statute, dishonest conduct, or fraud. In rare circumstances, a wilful blindness to cyber-related legislation could trigger exclusion(s).

Whilst the area of potential D&O exposures to cyber-related claims continues to evolve, it is critical to ensure your organisation has sufficient D&O limits of liability. In addition, our preference is to ensure insureds incorporate affirmative language where possible, to avoid ambiguity should a D&O claim arise from a cyber incident occurring. Areas for directors to consider within their insurance program include:

  • Investigation of cyber circumstances – costs incurred investigating any circumstance resulting from a cyber event where litigation is anticipated.
  • Investigation costs – regulatory investigations arising out of a cyber incident, and at full policy limits.
  • Insured individuals (policy language) – all persons (including, but not limited to Managers and Chief Technology Officers) who are involved in significant cyber-related decisions and implementation on behalf of the company.
  • Shareholder litigation – shareholder actions brought against the organisation arising from a cyber-related incident and subsequent disclosure (e.g., following a stock drop).
  • Policy holders must also ensure there is no broad cyber exclusion sitting across the policy, which could nullify cover.


Fiduciary Duties and Business Continuity

The Australian Information Commissioner (OAIC) recommends that organisations implement a data breach response plan (BRP / Business Continuity Plan). In the event of a security breach, such as a cyber-attacks or theft of data, if the board can demonstrate that not only were they aware of a cybersecurity risk, but they also activated a framework to mitigate that risk, it is less likely to risk breaching their fiduciary duties under both the Privacy and Corporations Act. A good approach is to address the following five areas of cybersecurity management with experienced IT professionals:

  • Identifying and developing an understanding of the overall cyber risk landscape which can include data management, operational environment, and an effective risk management strategy.
  • Protecting and deploying safeguards for threat actor entry control.
  • Detecting and allowing timely discovery of breaches and anomalies.
  • Responding and implementing plans to effectively manage cyber incidents and subsequent damage control.
  • Recovery -enabling the organisation to resume operations as soon as possible.


Embedding cyber risk management practices in the workplace

While cybersecurity is recognised as an essential part of a business’ risk management strategy, PWC’s report highlights that organisations have work to do in training their staff to identify and manage cyber risks. Find out more about protecting your systems from cybercrime from Honan’s Head of Information Technology and member of the Zoom Customer Advisory Board, Stuart Madden.


With you all the way

To learn how D&O and cyber security policies can be tailored to meet your business’ specific needs, please feel free to reach out at any time.


Ben Robinson

Placement Manager – Professional & Executive Risks



Read about the latest Financial Institutions Insurance Update.

Changes ahead for the Buy Now Pay Later sector: Key implications for Australian FinTechs


Cries for regulation in the currently self-regulated Buy Now Pay Later (BNPL) sector are nothing new. Financial services providers and consumer rights groups have long expressed concern that these services enable financial overcommitment from vulnerable Australians. But are we reaching a point where the size and scale of these businesses, the emergence of several new market entrants, and the disruption to traditional credit markets is forcing the Government’s and regulators’ hands?  This article looks at the current situation for BNPL FinTechs in Australia, how insurers currently view their risk exposures, and how this may change if regulations are introduced.



In 2018, digital laybuy platform Afterpay and the BNPL sector avoided regulation when ASIC reported it was not looking to bring them under the National Credit Act. In late 2020, a Senate Committee on Financial Technology and Regulatory Technology backed the BNPL sector’s code of practice, saying self-regulation helped to protect innovation. This code is currently being finalised by The Australian Finance Industry Association (AFIA) in collaboration with its BNPL members. It aims to have the BNPL industry Code of Practice operating by 1 March 2021.

Recently, however, a report provided to the UK’s financial regulator, the FCA, following a review of the unsecured credit market, has made the strongest case yet for implementing regulation within the BNPL sector, at least in the UK.



The BNPL sector is never far from the sights of ASIC, which released an industry update in November 2020. ASIC currently holds Product Intervention Powers (PIP) over BNPL products which provides a regulatory tool to address any significant harm to consumers. Come October 2021, the Design and Distribution Obligations (DDO) legislation will also apply to most ASIC regulated products, which will include BNPL products.

Whether these regulatory controls, complemented by industry self-regulation, will provide consumers sufficient protection without stifling innovation remains to be seen. What is certain, however, is this topic remaining hot for a while yet. According to IBISWorld, the market is predicted to maintain strong growth, with Australian BNPL revenue forecast to grow from AUD 680M (USD 488M) in FY20 to AUD 1.1BN by FY25, with users set to double to 4M within three years.



FinTechs are a blend of technology and financial businesses, exposing them to risks common in both sectors, where insurers’ appetites are commonly limited.

Examples of such risks include:

  • Technology risk – tech failures leading to 1st and 3rd party financial loss
  • Financial and credit risk
  • Financial crime, fraud, and identity risk
  • Cybersecurity and Data Privacy – 1st and 3rd party losses
  • Directors & Officers Liability
  • Public & Products Liability
  • Regulatory Investigations and Statutory Liability
  • Money Laundering risk

Although some do, BNPL FinTechs are not required to hold an Australian Credit Licence (ACL). Thus, in the eyes of insurers, they do not have the same responsibilities and obligations as ACL holders under the National Consumer and Credit Protection Act. This lack of regulation makes insurers nervous, and securing adequate insurance is therefore challenging. It will be interesting to see whether insurers’ risk appetites change if regulation is introduced into the BNPL sector – as recommended in the UK.


We’re with you all the way

With significant experience in the financial, technology and FinTech sectors, Honan welcomes the opportunity to assist all businesses operating in this space. Feel free to reach out at any time to discuss your insurance needs. 


Dominic Brettell

Head of Client Service – Corporate Insurance & Risk Solutions



Discover the 4 Risk Protection Essentials for Tech Start-Ups.

Financial Lines Snapshot: FY21 Q2-Q3


In this update, we share practical insurance insights from the quarter that’s been, and forecasts for the quarter ahead.

The 2020 calendar year was one of the toughest on record for Professional and Executive Risks, with rate increases and capacity reductions continuing to pervade the market, driven fundamentally by large claims reserves.  We do expect pricing to gradually stabilise as insurers reach critical mass in gross written premium, though this will also be heavily reliant on the attraction of new capital to support the market.  Without more capital, pricing will remain elevated and put simply, will be a “supply and demand” problem.



Following substantial rate increases, Directors and Officers (D&O) market woes for publicly listed companies continued into FY21 Q2. We witnessed renewal premium uplifts within the vicinity of 150% – 200%, with historically under-priced or distressed accounts receiving as much as 300%.  These increases were primarily driven by an insurer portfolio correction to buffer against the bottleneck of existing class action activity, as well as claims arising from COVID-19.  

Q2 also saw a flurry of insurance activity from initial public offerings (IPOs) in a buoyed market. Buying patterns in the space indicated a growing trend to incorporate standalone public offering insurance into annual D&O programs, with clients even opting to strip out Side C (Entity Securities Cover) due to pricing constraints.



For Q3 FY 21, further rate increases are anticipated given Q3 FY 20 accounts eluded price adjustments associated with COVID-19.  With no signs of abating, this adjustment phase may carry into FY 21 Q4 (albeit not with the same severity we witnessed last year) as programs look to stabilise.

In the wake of COVID-19, most D&O insurers have adopted a “wait and see” approach with respect to writing new business, and have been meticulous in the underwriting process; particularly in terms of company free cash flow, cash runway and debt serviceability.  Conversely, some markets have taken a more active stance in writing new business; bolstering their position in response to more attractive rates and a healthier post-pandemic market.

Pertaining to other product classes, Employment Practices Liability has presented challenges to insurers with an increased incidence of unfair dismissal allegations and higher regulatory burdens for company health safeguards and protections resulting from COVID-19. Higher premium rates, reduction in capacity and considerably decreased take up of new business has followed, and is likely to continue in Q3.

Cyber Security policies have also been affected, given the potential network vulnerabilities exposed while working from home.  The scale and speed of the workforce displacement in 2020 has seen a significant increase in the prevalence of new attacks not previously contemplated with the higher volume of losses translating to higher premiums – another trend to continue in Q3 and another reason why Cyber is considered the number one business risk for company boards.

The Design and Construct Market has also been a focal point against the background of Government stimulus packages. Soaring premiums and limited appetite for risk that have discouraged insurers from offering cover to building certifiers and surveyors are now affecting other professions. Engineers have been severely impacted, and extra work coming from stimulus spending has exposed them to greater risk. Further to this, the NSW Government’s draft regulations for the Design and Building Practitioners Act 2020 has presented difficulties. The new “duty of care” provision in the Act applies “retrospectively” which will likely have serious ramifications for the PI Insurance market; broadening the launching pad from which owners can bring claims.

Now, more than ever, it is important to have a highly skilled and experienced broker to represent such clients in the market.



There are some bright spots in the insurance market, particularly for D&O. The recent landmark Worley court decision on class actions has sent a powerful signal to boards and directors that they may successfully defend class actions if they can show reasonable steps were taken to determine how decisions were made.  This is an important decision because very few shareholder class actions have progressed to a judgment of the Court on merits.  If there are more decisions of this ilk, where courts are given the opportunity to interpret continuous disclosure provisions and demonstrate the successful application of defences available, we may see a longer-term recovery in the D&O market.

Furthermore, The Parliamentary Joint Committee on Corporations and Financial Services (the Committee) has completed its inquiry into litigation funding and the regulation of the class action industry. Reforms, such as the push to make the easing of the continuous disclosure “director at fault” rules permanent would raise the threshold to lodge claims and aid the D&O market considerably. The reforms (if implemented) will also substantially increase regulatory and judicial oversight of litigation funders and plaintiff firms, and thereby (in theory), reduce the volume of class actions.


We’re With You All The Way

Feel free to reach out to discuss your risk exposures.


Henry Clark

Head of Professional & Executive Risks


Dennis Moens

Client Manager – Professional & Executive Risks



Find out more about Honan’s Professional & Executive Risk Services.

Financial Lines Snapshot: FY21 Q1-Q2


In this update, we share practical insurance insights from the quarter that’s been, and forecasts for the quarter ahead.



Pressure remains in the Professional and Executive markets, with COVID-19 causing continued uncertainty for insurers.

Fallout from the Royal Commission into Misconduct in the Banking Superannuation and Financial Services Industry continues to impact insurers’ bottom lines through the payment of inquiry defence costs and securities class action activity. This is expected to materialise further as the economy begins to stabilise, with many litigation promotors seeking new ‘real estate’ and the regulator supporting the ‘why not litigate’ approach.

The Australian Competition and Consumer Commission’s (ACCC) Targeting Scams 2019 report has identified Australians lost more than $634 million to scams in 2019. While the true cost of cybercrime to the Australian economy is difficult to quantify, the industry has estimated cyber security incidents to be in the vicinity of $29 billion annually. Managing cyber risk exposure effectively is more important than ever. The process for enhancing and governing cyber security will be very similar to the process businesses implement for other exposures (e.g. OH&S) and how well these are ‘live drilled’ or rehearsed.



It’s not all doom and gloom. If the following variables are controlled correctly, they can have meaningful impacts on renewal outcomes.

Corporate Governance – It is important that best practice framework is implemented: entities that are well managed, identifying clear procedures to business operations and communication channels will see a more positive outcome when it comes to achieving reduced premiums. This has been a topical issue, with revelations of a handful of large listed companies being subject to poor corporate governance, driving investor concerns and share price uncertainty.

Financial Steadiness – will continue to be a focus for insurers, as the ongoing concern for a business will remain a material risk factor. In the COVID-19 climate, there will continue to be greater attention on liquidity, cash flow and debt maturity. For franchisees, the ‘JobKeeper’ program may be providing critical revenues for these entities that are potentially masking insolvency problems. 



Financial Modelling will play a crucial part in all financial lines insurance classes, and proposal forms and financials will no longer satisfy many underwriters. Insurers will want to understand what the future holds for many organisations. Underwriters will likely request to see a robust Business Continuity Plan and a recovery ‘roadmap’, identifying any loan facilities and those suspended covenants and how they propose to weather the next 6-12 months.



We’re With You All The Way

Feel free to reach out to discuss your situation and address any questions or concerns.


Ben Robinson

Placement Manager – Professional and Executive Risks


COVID-19: Business Interruption, Contingency and Workplace Risk


On 30 January 2020, the World Health Organisation declared the Coronavirus outbreak a Public Health Emergency of International Concern. We sympathise with everyone who has been impacted by the virus and Honan Insurance Group have implemented additional resources and contingency planning to ensure that we remain able to provide advice, insurance and support to our clients as the situation develops.


As the impact of COVID-19 on local and international economies continues to evolve, we highlight to all clients the need for management to consider financial, strategic and business risks to operations. In this article, we examine the key areas we have received the most queries about: Property and Business Interruption, Business Contingency and Workplace Risk.


Industrial Special Risks* (Property and Business Interruption) Insurance & COVID-19 

(Potential Policy Response under ISR Mark IV Policy)

It is expected that many businesses will suffer disruption as a result of the spread of the Coronavirus (COVID-19).   With the situation changing rapidly and restrictions on the movement and gathering of people (both at local level and internationally), there is no doubt many companies will suffer from loss of revenue and/or additional expense.


Property Damage

Generally, property policies (including office risks) cover physical loss, destruction or damage to insured property resulting from a covered peril (all risks).  In the case of the Coronavirus, the ISR (Mark IV) policy exclusion 4(a) excludes physical loss destruction or damage occasioned by or happening through disease.  Office-related risks also have very similar exclusions. The ISR policy can include a myriad of endorsements with some coverage writebacks for costs to clean-up a site (where required by order of a public authority), however, this would need to be reviewed on a case by case basis.


Business Interruption

An ISR insurance policy extends to include under Section 2 coverage for business interruption.  This cover traditionally applies only to interruption caused by an insured material damage event such as fire, storm, impact or accidental damage.

In addition, cover is extended to include closure of the business by public authority for several risks including human infectious or contagious diseases.   This coverage was designed to cover events such as an outbreak of Legionnaires disease or measles which could affect one or two buildings and a small number of businesses.  Some ISR policies can extend to provide coverage for outbreaks in a 20-50km radius from the insured location.

Specifically, in relation to the COVID-19 outbreak, the ISR policy contains a specific exclusion for loss resulting from interruption of or interference directly or indirectly arising from or in connection with Highly Pathogenic Avian Influenza in Humans or any other diseases declared to be quarantinable diseases under the Quarantine Act 1908 and subsequent amendments.

Following the H5N1 virus (avian influenza) outbreak in 2006 and the H1N1 virus (swine influenza) outbreak in 2009, insurers adopted this exclusion as a market standard position in Australia.

The Australian Quarantine Act 1908 was replaced by the Biosecurity (Consequential Amendments and Transitional Provisions) Act in 2015.  COVID-19 was added to the Act as a listed (quarantinable) human disease on 21 January 2020, under Biosecurity (Listed Human Diseases) Amendment Determination 2020 (Cth) F2020L00037.


Listed Human Diseases under the Act are thus now:

  • Human influenza with pandemic potential
  • Plague
  • Severe acute respiratory syndrome (SARS)
  • Middle East respiratory syndrome
  • Smallpox
  • Viral haemorrhagic fevers
  • Yellow Fever
  • Human Coronavirus with pandemic potential

As a result of the above, the business interruption section of your insurance will not provide cover for COVID-19 disruptions. As with any other threat it is important to consider what risk management measures you can introduce to mitigate the risk to your staff, customers and business.


Risk Management Tips: How to avoid infection

Here is a short list of ways to minimise the spread of Coronavirus

  • Practice good personal hygiene.
  • Avoid contact with anyone with or suspected of having Coronavirus.
  • Boost your immune system by eating well, exercising, having enough sleep, and keeping your stress levels under control.
  • Cancel or delay any travel until the crisis is over.


Recommended Actions for your organisation:

  • Implement a home quarantine regime for anyone that has travelled to an infected country or is likely to have been in contact with someone infected with Coronavirus.
  • Review and update if necessary human resource (‘HR’) policies on fitness for work including possible quarantining of employees and formalising the requirement for employees to remain off work if affected.
  • Consider or extending flexible working arrangements to reduce the likelihood of the spread of the virus in the workplace or the community.
  • Update travel rules and arrangements limiting non-essential business travel.
  • If not already in place, provide sanitized hand washing stations for use by staff and visitors.
  • Review arrangements for workplace hygiene and cleaning protocols including “cough and sneeze” etiquette.
  • Protect the mental wellbeing of employees concerned about the Coronavirus.
  • Ensure clear and honest communication to employees on their welfare.


Keep Informed

Everyone should remain alert for updates and advice from the relevant authorities on additional steps to manage the spread of the disease. The health department in each state is providing excellent resources and advice and regular updates. Before travelling, check for and take the advice of any travel warnings on


Business Continuity Management Planning

A pandemic is just one risk facing modern organisations.   Having a fully documented and exercised business continuity management plan is important for every business.  Honan has resources to assist you in developing a business continuity plan and please speak to your Client Manager for further information.

*Property/Office/Business Interruption


Business Contingency

The Coronavirus may impact revenue for businesses through:

  • Production slowdown & disruption to workforce (sick or quarantined employees)
  • Disruption to Supply chains and supplier services
  • Decrease (or increase) in demand for stock
  • Large scale closures of consumer markets and public spaces due to quarantine
  • Delays in customers paying outstanding invoices within normal trading terms
  • Economic slowdown on global and local scale


Whilst there is coverage available under Corporate and Business Travel insurance policies in certain circumstances, there is limited cover available under most standard General Insurance policies for loss of trade and interruption to business operations.

As a general rule, it is not viable for most insurance markets and products to cover “global pandemics” as an insurable event. This is because the financial impacts of a pandemic are not quantifiable, meaning risk cannot be priced accurately or sustainably by insurers. If you do suffer a loss, please contact our team to discuss the specific circumstances and how your policy may respond.

Whilst insurance cover availability may be limited, businesses can prepare.  We would strongly recommend formation of a working committee to evaluate the impact to business as conditions continue to evolve, with accountability to the board or executive team.


Considerations for a COVID-19 working group should include:

  • Review of policies, procedures and protocols in place to protect the safety and wellbeing of employees and prevent further risk of spread of COVID-19 within the workforce and community.
  • Assess venerability of IT Infrastructure (including stress-testing) for an organisation’s ‘Work from Home’ capabilities in the event of premises closure/staff quarantine
  • Consider the impact on supplier and customer contracts to meet delivery/service obligations from both parties (how Contractual Penalties & Force Majeure clauses may be applied)
  • Evaluation of possible supply chain disruptions and how these can be mitigated or bypassed through appropriate work arounds and contingency planning
  • Evaluation and stress testing of stock levels and planning for inventory shortage as supply from China recommences operations
  • Review ability to support alternative revenue streams that are not as severely impacted by COVID-19
  • Review communications with key customers and other stakeholders to maintain relationships and manage challenges in a sensible, commercial & collaborative manner
  • Review credit and debt facilities to ensure that cash is available in the short term to manage financial impacts and support increased business restart
  • Communicate with creditors if a reduction in revenue has the potential to impact on cash flow and financial obligations.



Workplace Risk: Workers’ Compensation and Coronavirus (COVID-19)

There has been much discussion around the exposure and potential liability under Workers’ Compensation should an employee or contractor contract Coronavirus.

As outlined by Safe Work Australia (2020), Workers’ Compensation arrangements differ across schemes, however there are common threshold requirements that would apply in the case of COVID-19:

  • that the worker is covered by the scheme, either as an employee or a deemed worker
  • that they have an injury, illness or disease of a kind covered by the scheme, and
  • that their injury, illness or disease arose out of, or in the course of, their employment.

Compared to work-related injuries, it is difficult to prove that a disease was contracted in, or caused by particular employment. In the case of a virus such as COVID-19, establishing the time and place of contraction may become increasingly hard. We have sought clarity from our legal partners and obtained publications from the governing state regulators. Their view is it will be challenging to prove workplace exposure to Coronavirus as questions will arise as to the exact time and place of contraction.

For coverage to exist, a determining authority would need to be satisfied that the employment significantly contributed to the employee contracting the virus. For viruses, it can be difficult to accurately determine the exact time and place of transmission. As a result, it may be difficult to determine that employment significantly contributed to the virus.

However, where an employee’s employment puts them at greater risk of contracting the virus the significant contribution test may be easier to meet. For example, if the employment involves:

  • travel to an area with a known viral outbreak
  • activities that include engagement or interaction with people who have contracted the virus
  • activities that contravene Department of Health recommendations.

Each workplace illness would need to be considered on its individual merits, having regard to the individual circumstances and evidence in relation to the claim. More information is available here: Comcare Australia.

Deeming an illness or disease as work related and unique to the workplace may require court intervention to distinguish medical opinion from legal facts. There is no liability determination available to declare an illness or disease compensable or non-compensable; each case is determined on its own merits and circumstances.

Although you may not be able to eliminate the potential risk of employees contracting Coronavirus while carrying out work, you must do what is reasonably practicable to minimise the risk of employees contracting Coronavirus.


Coverage while travelling overseas for work

Any liability or workplace contribution applies to both employees working overseas and those working within Australia. Each case will be determined on its own merits and circumstances.

Note: For international employees engaged locally, state or country specific legislative conditions will apply. Queries should be directed to Honan. Depending on the state of urgency, travel restrictions and periods of self-isolation may need to be considered and communicated to all employees and contractors.


Employer Support

It is important that employers refer to internal policies and procedures to ensure measures for employee safety are in place. Honan has resources to actively advise on Workplace Risk exposure, as well as Legal and Work Health and Safety partners who can assist with ongoing management of this changing environment.


All companies will need to keep up to date in what is evolving environment.  Please see below some resources to do so:

Australian Government Department of Health

Safe Work Australia


McKinsey & Company have released a briefing paper (9th March 2020) which provides some insight into possible global economic impact as well as some common steps that can/need to be taken in preparation for businesses being affected and the formation of a working group: link here.

For any additional queries or concerns, please contact your Honan client manager.


*Property/Office/Business Interruption

The advice in this paper is general in nature. While the utmost care has been taken in the preparation of this preliminary advice or opinion, you use it at your own risk.

If you have difficulty reading and/or understanding the cover provided in the policy(ies) that you have please contact your Client Manager.

Suggested Searches

  • Melbourne Office
  • Financial Service
  • Quote
  • Insurance Services
  • Trade Credit Insurance
  • Strata
  • Claims
  • Real Estate

Contact Us

Contact Information

  • Suite 8.01, Level 8, The Gardens North Tower, Mid Valley City (Lingkaran Syed Putra) 59200 Kuala Lumpur