Significant delays in the movement of goods due to the closure of ports, redirection of shipping routes, coupled with a surge in consumer spending are impacting whole industries across the globe – from construction to retail. These forces are causing major business interruptions with potentially devastating consequences for profitability and sustainability.
This article examines the global shipping crisis from an insurance and risk management perspective, setting out how insureds can take action to reduce their risk exposures and the impact on their bottom line.
HOW DID WE GET HERE?
While many of the above factors can be linked to interruptions caused by COVID-19, supply chain vulnerabilities existed before the pandemic. Over time, global economic factors have caused shipping companies to restrict their operating costs, leading to reduced investment in new vessels, reliance on older containers, and the rerouting of inefficient shipping routes. Meanwhile, demand for larger capacity container vessels grew, leaving older, smaller capacity fleets idle. Fast forward to 2020 when an almost overnight surge of online consumer demand triggered the reopening of abandoned shipping routes.
Further delays are occurring in some of the world’s largest container ports in China and the United States caused by closures following COVID-19 infections amongst dock workers as well as additional biosecurity measures being applied. These disruptions cause spillover into other ports and congesting spikes. Freight companies implemented workarounds such as leasing passenger and cargo aircraft to transport goods. This provided some relief while international travel was restricted, but as borders reopen, this is no longer such a viable solution.
WHAT DO IMPACTED INDUSTRIES NEED TO CONSIDER?
Industries that import or export products or raw materials have felt the impact of these supply chain disruptions, particularly the Food & Beverage, Retail, and Construction industries. From an insurance perspective, there are key policy considerations that can help reduce your business’ changing risk profile and ensure the appropriate cover is in place to minimise losses. These are outlined below.
Deterioration of stock (fresh food and perishables) caused by delays
Delays are normally excluded in most Institute Cargo Clauses, however, deterioration of stock is usually covered (depending on the cover written into the policy). This adds an element of complexity when settling a claim and often leads to partial or commercial settlements. Insurers are willing to offer forms of extended cover to write back some protection for loss or damage caused by the delay with terms and conditions (pricing, limits, and deductibles) linked to the exposure and likelihood of loss.
Insurers are also starting to see claims arising from failure of older, refurbished shipping containers (e.g., refrigerated motor failure) so a policy review to ensure stock deterioration is covered is encouraged.
With the shortage of containers, limited access to ship tonnage, and increased freight rates, some insureds may look to consolidate loads, which can cause increases in conveyance limits. What was deemed appropriate in the past may need to be reviewed and the insurance policy should reflect this.
Additional risk management and inspection conditions
Inspection of containers prior to transit and upon delivery is sound risk management practice and where possible, it should be built into your overall risk protection/mitigation strategy. Larger conveyances can include inspection warranties/conditions at the port. If this is not completed and a claim is made, it can impact an insurer’s view on indemnity. Therefore, clear instructions and effective communication with logistics providers can help prevent claims from being denied.
Indemnity period(s) and limits of liability
Delays in the delivery of raw materials or critical plant and machinery items can, in turn, delay the rebuild, reinstatement, or replacement of insured property in the event a loss occurs. Increased turnaround times may exceed the policy indemnity periods. This can lead to a portion of the loss not being paid out, underinsurance, or inadequate insurance in the form of the policy limit.
When assessing an adequate policy limit, freight is often considered an uninsured working expense and is factored in the Rate of Gross Profit. A formal Business Interruption review should be regularly undertaken to ensure cover and limits are appropriate.
Costs that are reasonably incurred to expedite the transportation of insured raw materials, plant, and equipment following a loss are covered under most Property policies. An example here is the additional costs of leasing an aircraft instead of a ship. Some insurers may have different stances on clients paying additional fees to ‘buy their way up the line’, and whether this is covered under expediting extensions. Therefore, open, and early communication with your broker is vital.
Contract Works insurers have also seen significant increases in the cost of construction projects, fuelled by the growing costs and limited availability of raw materials (timber, bricks, glass, etc.) and labour. Clients are encouraged to undertake regular reviews of their limits, values, and contracts with their customers to ensure they have adequate insurance in place.
Fines and penalties
Supply chain disruptions are also impacting completion periods within the construction industry as well as industries downstream where project completion has been postponed. Most Contract Works insurance policies do not provide cover for fines and penalties incurred as a result of shipping/transport delays pushing out completion periods. Some insurers can write this cover back in, however strict underwriting protocols will be applied when assessing the risk to determine pricing, terms, and conditions.
WHERE TO FROM HERE?
While many factors continue to disrupt the global supply chain and the impacts can be devastating to businesses, our message to clients is that having the right insurance policies in place and reviewing these closely with your broker is an effective risk management strategy. Feel free to reach out at any time to discuss your business needs.
Independent brokerage Honan has positioned itself as a unique challenger in the corporate market, powered by a young and diverse workforce
By John Deex
INSURANCE NEWS MAGAZINE | October/November 2021
Honan isn’t an international broker with massive global operations, but there’s more than a hint of that top-end confidence in the way it has accrued an impressive collection of ASX 100 and 200 clients.
Chief Executive Andrew Fluitsma admits the Melbourne-based brokerage “hasn’t beaten our chest” about its successful push into the tightly held corporate market. But now is a good time to talk about the achievements built on a rebranding and overhaul that have seen Honan flourish on a wave of youthful energy and innovation.
The rebranding exercise has seen Honan adopt a more modern image, that allows it to capitalise on what Mr Fluitsma describes as “a whole new set of rules and a whole new set of values”. “We didn’t want to become just a small version of an international brokerage,” he tells Insurance News. “We wanted to become a unique, very special challenger brand that represented something different.”
Honan’s 260 employees are very much key to its more outgoing and confident identity. “We hired with a view to people that had that growth mindset,” Mr Fluitsma says. “Our average age is 29, and we’re 55% female. That’s reflected in our executive leadership as well. I’m 40, and I’m the old guy.” One of the values adopted by Honan is challenging the normal ways to approach insurance problems, and then to celebrate those challenges and speak up – “to talk and make noise. That’s what we want to do. “[Innovative ideas] don’t come up in a business like ours unless you have that diversity of thought, the challenging age group from a demographic that likes to challenge and likes to speak. “It’s not one individual sitting in a corner office who’s going to be the hero coming up with the ideas. We don’t incentivise single sales people. We do it as a team.”
“Our average age is 29, and we’re 55% female. That’s reflected in our executive leadership as well. I’m 40, and I’m the old guy.”
While Honan intends to retain that challenger mentality as a core part of its culture, it’s got genuine scale too. Formed in Melbourne in 1964 by Geoff Honan, the father of current Executive Chairman Damien Honan, the business now has a presence across Australia as well as offices in Auckland, Singapore and Kuala Lumpur. It is also part of the Worldwide Broker Network.
“Honan has gone past $400 million across their General Insurance business heading towards $500 million, with Employee Benefits the fastest growing part of our business”. “If you think of $400 million, that is easily the largest independently held insurance brokerage in Asia Pacific,” Mr Fluitsma says.
Significant size and profile is necessary to broke at the corporate end of insurance, and he sees the company’s success working with large institutional listed and private businesses as a matter of some pride. “We’re really proud of that, but I think our trajectory is probably not as well known as it could be in the marketplace,” he says.
“We’ve invested significantly in the back end – legal compliance, technology and people and culture. Now we’re at a point where we’re highly scalable. “But we don’t want to be the traditional risk management-style broker that brings out all this literature that is targeted at risk managers and insurance people. We want to focus on CFOs and sophisticated buyers. We want to make it clear. We want to make it simple. We want to make it sophisticated and we want to make it Honan.”
That seems to be a successful combination, with a client retention rate of 98.4% in a market that Mr Fluitsma describes as “incredibly challenging”.
Honan’s corporate focus is supplemented by a strong presence in strata, a real estate and landlord facility, and value-added services in workplace risk, workers’ compensation, risk engineering, risk accounting, and claims management.
And through its Singapore licence, Honan is providing wholesale insurance to other brokers including Steadfast and Austbrokers, and facultative reinsurance.
Honan has powerful backing – a fact underscored by the decision last year to partner with US private equity firm TA Associates. It’s a $US30 billion fund, and gives Honan access to more than just finance.
“We tap into something that they’ve got called the Strategic Resource Group, which is 30 people based out of London who are data scientists, data analytics people, and finance people,” Mr Fluitsma says. “What that’s done is take our aspirations around data analytics from ‘this is what we think we want to do conceptually’, to executing it.”
The business is aided during the hard market by a service timetable model called RISE – Risk Insurance Service Excellence – which gets rolled out to all clients. “It’s all about transparency,” he says. “Our retention rate is so high because we’ve been able to say, ‘look, this is where it’s going’.”
“There’s no reason why we can’t be challenging to be the best insurance firm, not only in Australia but Asia Pacific. And that’s absolutely where we want to be.”
Strong thought leadership channels keep clients and the broader business community informed, he says.
“The one thing that I can’t stand is the opportunistic nature of some brokers out there to say, ‘well, there’s a 400% increase, I’ll drop this on the client at the death, and then they’ve got no choice – I’ll take the money.’ “It’s very short-sighted, but we’ve seen a lot of that. We’ve won a lot of new business because we see it as our job to educate. “If we can’t bring those best-in-the-market terms, we’re not doing our job. But if we haven’t given the transparency and the runway to understand why, then again, we haven’t done our job.”
On directors’ and officers’ insurance, which has seen huge premium increases over recent years, Mr Fluitsma says tough decisions are having to be made, particularly for listed businesses with Side C cover for securities class actions.
“They are challenging conversations. Once upon a time, in a soft market, we just said, ‘Buy as much insurance as possible [because] it’s the cheapest form of risk management’. “Now, it’s a conversation six months out, where you say, ‘well, we need to look at what we should retain and what we should buy. Should you even be buying Side C?’
“Now, are we looking at a balance sheet protection instrument or we have to actually increase those retentions to say, ‘You guys need to take some responsibility here.’ “It’s no longer the cheapest form of risk management. It’s a catastrophe instrument.”
Cyber is also rising to the top of client boardroom priorities, and there’s the traditional problem sectors such as food and beverage businesses using expanded polystyrene panels.
But the hard market will also be a learning experience, Mr Fluitsma says.
“They’re hard conversations, but we’re going to come out of the other end with every single broker in here having worked through a really hard market, and that’s just going to make us all a lot better. “I think it’ll make everyone in the industry a lot better because we haven’t seen a really hard market for 20 years.”
Another industry challenge is the upcoming debate on broker remuneration, with a Hayne-recommended review set to start soon. Mr Fluitsma welcomes the scrutiny, saying Honan is “heavily fee-based”, which brings sustainability and transparency.
“I believe that there needs to be a fair price for work done, but I totally agree that there needs to be a complete overhaul of transparency,” he says. “We have looked at a lot of [brokerages] from the acquisition point of view and walked away from them because their average commission rates are unsustainable.
“So, there is an issue with the lower end, and it has to be addressed. We’re all for that. But we’re also very much for being paid for the work that we’re doing. And that’s where the practical and commonsense position will land.
“The intermediary is not going to die. It’s just going to correct and be transparent to a point of sustainability.”
Brokers need to believe in themselves and understand the work they are doing has genuine value, Mr Fluitsma says. “I think a lot of the time brokers don’t actually think that. That to me is part of the problem.
“A lot of brokers are out there thinking, ‘I’m sneakily taking 20 points, and I got away with it.’
“Let’s be transparent. Let’s be confident enough to say, ‘I deserve X amount of money for the work that I’ve done and here’s the reasons why.’ “We put a scope of fees to every single client. So, we actually break down what we’re doing and what we’re getting paid for. I think that’s quite unique.”
Honan’s growth and transformation has been significant over the past five years, but Mr Fluitsma wants the next five years to be even more so.
Competition for acquisitions is fierce, but he says Honan is looking for a specific type of partner and plenty of opportunities remain. “We’re positioning ourselves so differently [and] there’s a bunch of firms that just align with us. “Granted that market is not going to be as big, but there are a bunch of them there that will join us.”
He says spending time in the US has made it clear to him just how significant independent brokerages can become.
“We want to continue with the same DNA, the same brand, the same challenging philosophy, the same challenge of thought, and we absolutely want to grow. “There’s no reason why we cannot be a top five in Australia, if we’re not already.
“There’s no reason why we can’t be challenging to be the best insurance firm, not only in Australia but Asia Pacific. And that’s absolutely where we want to be.
“So we set the challenge to our people, and they’re running pretty hard with it.”
The last quarter has seen further stabilisation within the property and liability insurance markets, as rate increases continue to moderate with insurers clawing back profit following a difficult natural catastrophe season (CAT) season in 2020-2021. Whilst the cost of transferring risk still favours the seller, the pricing pendulum has started to swing towards buyers. Longtail liability lines however are still seeing rate increases of 15-20%. Certain segments are seeing much higher increases. For example, purchasing molestation cover remains highly challenging, with markets withdrawing capacity and decreasing appetite for these types of exposures. Honan is continuing to guide clients through more sophisticated risk transfer and retention program structure options as a strategy to manage these risks, either by electing aggregate deductible structures to offset premium increases, or through non-traditional forms of insurance such as discretionary mutuals or captives.
KEY MILESTONES / CONSIDERATIONS FOR CLIENTS FOR THE NEW QUARTER (FY22-Q2):
As NSW and VIC commence their paths out of lockdown, clients in the hospitality, tourism and retail industries are expecting improved business results for the quarter ahead. Honan is working closely with clients as they navigate the complexity of returning to the office and liability exposures around the relevant State/Territory orders concerning vaccinated vs unvaccinated customers.
Australia’s east coast experienced severe weather over the first weekend in October, a possible harbinger of events to come in the natural catastrophe (CAT) season. Meteorologists are again predicting equal chances of La Niña events, bringing with it a risk of associated storms and flooding. Marking the official onset of Australia’s CAT season, October is the time for clients to work with their broker to ensure they’re adequately prepared. A CAT plan and undertaking preventative maintenance on your assets in advance are advisable at the beginning of Q2.
ANY INDUSTRY TRENDS YOU CAN SEE ARISING IN OVER THE REMAINDER OF FY22?
Insurers will continue to take a conservative approach to underwriting through pricing and capital deployment. For clients, this will mean insurance supply will continue to remain ample, leading to increased competition and further stabilisation of pricing. Following the Haynes Royal Commission, a raft of new financial services industry regulations come into effect in FY22 including the Claims Handling AFSL license requirements, revised Dispute and Complaints Processes, and the implementation of Target Market Determinations. The industry is preparing to implement new policies and processes designed to give greater protection to consumers, particularly retail clients.
Following consecutive years of rate increases, there is clear evidence pricing is beginning to plateau for the public company D&O insurance market. Whilst insurers still applied rate increases during the Q1 renewal period, these were much lower than the prior quarter. This suggests the corrective portfolio measures required in the D&O space have largely been achieved and pricing is reaching a sustainable level for insurers. Challenges remain for companies with poor financials and industries heavily impacted by COVID-19. The ability of brokers to differentiate these clients by communicating in-depth knowledge of their risk exposures and being able to provide quality information about their risk management and risk mitigation activities is crucial to securing positive renewal outcomes for clients.
The professional indemnity (PI) market remains challenging for certain professions, particularly design and construct professionals, digital banks, mortgage brokers, financial planners, and non-bank lenders. These professions still face supply and demand issues due to several insurers withdrawing from the market. Premium rates increased on average 15-20% in the last quarter, with insurers being highly selective in risks they choose to insure.
KEY MILESTONES / CONSIDERATIONS FOR CLIENTS FOR THE NEW QUARTER (FY22-Q2):
For management liability (ML) and insurable exposures for private enterprises, the full effects of COVID-19 remain unknown. As a result, underwriters are cautiously monitoring their portfolios and the solvency of Insureds. Crime and employment practices liability coverages continue to be the main triggers for ML claims, accounting for over 70% of combined losses for ML insurers.
In this hardening insurance market where demand outstrips supply, Honan is working to ensure all clients understand the outlook for their renewal programs to ensure the right level of cover for their organisation. Our insurer partners expect strong underwriting submissions, based on the best available information, in order to optimise the price, terms, and conditions for your risks.
ANY INDUSTRY TRENDS YOU CAN SEE ARISING IN OVER THE REMAINDER OF FY22?
At the forefront of renewal negotiations are cyber placements. These remain challenging for certain risks and risk management around ransomware attacks in particular. Insurance carriers and cyber underwriting practices continue to evolve from a traditionally narrow focus on factors such as revenue, number of employees, record count and industry class, to a wider underwriting lens encompassing loss modelling tools and continual system scanning, both in-house and via outsourced IT security. Insurers are delicately balancing the growth of their portfolios, whilst remaining disciplined in the face of surging claims and declining profitability.
As always, engagement with your broker well in advance of renewal dates is essential.
The Real Estate sector has been hit hard by an increase in frequency and severity of cybercrime incidents. Having moved much of their interactions and processing online over the last 18 months, real estate agents and property managers are especially vulnerable to social engineering attacks. Social engineering is a general term referring to an attack where the fraudster successfully impersonates a trusted employee, vendor, supplier, customer, or even a CEO or CFO; manipulating the victim into disclosing security details and sensitive information. These attacks often come in the form of phishing emails. Sadly, Honan clients are by no means immune to such threats. In the last quarter alone, we have seen multiple successful cyber attacks on our clients. Fortunately, in each instance, an appropriate level of cover was in place via a bespoke cyber policy.
While many organisations believe they can rely on extensions to Professional Indemnity and Management Liability policies to provide adequate cover in the event of a cyber incident claim, this is not the case. To ensure their level of insurance is truly fit for purpose, real estate agents and property managers are strongly encouraged to review their internal cyber security strategies with their broker.
On September 22,2021, a 5.9 magnitude earthquake struckVictoria, with tremors felt across the state and as far away as Newcastle in NSW.While there were no immediate reports of serious injury or death, damageincluded collapsed walls, shattered windows, and cracked roads. Early estimates place the total cost of damage at$150 million, with almost 10,000 claims. At the time of publication (October 14, 2021), the earthquake has not been declared a catastrophe by the Insurance Council of Australia (ICA). Head here to find out more about how a catastrophe is defined and what this means.If you believe you have a claim, please contact your broker directly.
KEY MILESTONES / CONSIDERATIONS FOR CLIENTS FOR THE NEW QUARTER (FY22-Q2):
With heavy rainfall, hail, and tornadoes marking a busy start to the Australian storm season, the Bureau of Meteorology has predicted a 50% chance that La Niña conditions will return this spring (double the normal likelihood). As a result,there is a higher probability ofdamaging events taking place such as flooding.Clients are encouraged to prepare early (now) by ensuringtheir level of cover is sufficient for the season ahead. If in doubt, please reach out to your broker to discuss.
ANY INDUSTRY TRENDS YOU CAN SEE ARISING IN OVER THE REMAINDER OF FY22?
Global supply chain interruptions due (in part) to COVID-19, along with Australia’s Black Summer bushfires in early 2020 have contributed to building material shortages; a trend which is expected to continue over the next 12 months. Materials most affected include steel, timber, roofing products, PVC, and electrical products. In addition, the prices of both containers and dry bulk shipping are increasing, with serious shortages in haulage between Australia and other countries.
These shortages, together with pricing increases, have driven the cost of insurance repairs and replacements upwards. Unknowingly, many property owners may no longer have adequate insurance in place to reflect such increases in costs to repairs/rebuilds. Two simple insurance solutions can assist clients with this: 1) updated property valuations, and 2) those in strata buildings can review theCatastrophe Insurance percentage of the building sum insured.
Building surveyors have continued to experience increases in Professional Indemnity (PI) premiums, excesses, and reductions in limits over the last quarter. However, we are now seeing the emergence of more stable PI premiums. Volatility in engineers’ PI has increased, with multiple insurers leaving the market during Q1, and new entrants simultaneously entering.
Builders operating in the SME construction market have faced several challenges, including shortages in the availability of contractors and sub-contractors, ongoing supply chain problems, and (for some states) restrictions to the number of workers on sites – all leading to increased project costs and delays. This requires constant monitoring to ensure insurance coverage reflects the sums insured, maximum construction periods, and vacant sites.
KEY MILESTONES / CONSIDERATIONS FOR CLIENTS FOR THE NEW QUARTER (FY22-Q2):
For clients in the construction professions with upcoming renewals, insurers are paying particular attention to measures taken to limit risk exposures. We encourage clients to carefully consider the following in their applications to help improve the attractiveness of their risks to insurers:
What type of buildings are you are providing services on – high rise, complex builds?
The steps you take to minimise risk – written contracts, client selection, record keeping, etc.
How COVID-19 has impacted your business and your ability to provide your services.
If you or any of your employees have been involved in any disciplinary hearing or investigation, please provide detail around the circumstances, the outcome, and what you have done to remediate your processes to prevent a re-occurrence.
For any claims or circumstances, you have reported, please provide a status update, details of what happened, any aspects that can be attributed to your client, the outcome, and how you intend to prevent a re-occurrence.
Have you or your employees improved their qualifications or become members of a professional institute or association?
As always, clients are encouraged to return their paperwork early.
For builders facing the renewal of their policies, further increases to construction insurance premiums are expected, particularly for material damage and liability (the latter attracting increases of up to 50 percent). Significant losses on long-tail liability claims are also contributing to higher excesses, especially for worker-to-worker claims.
ANY INDUSTRY TRENDS YOU CAN SEE ARISING IN OVER THE REMAINDER OF FY22?
The Limitation of Liability through the Building Surveyors’ Professional Standard Scheme (PSS) will have a positive impact on the risk profile of Building Surveyors. However, this will take several years to be fully realised, and we do not expect any immediate reduction in premiums. More information about the PSS is available here. Together with the Australian Institute of Building Surveyors (AIBS), BRIC has successfully negotiated a premium discount with one insurer as an incentive to enhance your professional qualifications. Please reach out to discuss this with us.
Builders’ construction insurance premiums are not expected to stabilise in the short term, as insurers remain concerned about the profitability of these risks.
Engineers in NSW are now subject to the Design & Building Practitioners Act 2020 (NSW), and insurers are beginning to express concern on claims movement on the Statutory Duty of Care. As new insurance markets are becoming available for consideration, an active and early engagement with your broker ahead of renewal is critical.
A copy of the draft Bill, along with an explanation of key materials and details about making a submission, is available via WorkCover WA. Honan’s Workplace Risk team is committed to keeping you updated on the impacts to businesses and employees as this situation evolves – please reach out at any time with further queries.
ANY INDUSTRY TRENDS YOU CAN SEE ARISING IN OVER THE REMAINDER OF FY22?
While the onus of responsibility remains on employers to manage their risk exposures, organisations’ Leadership Teams and WHS Systems alongside wider cultural forces are enhancing awareness about safe work environments and reducing stigma associated with workplace injuries.
The Australian Cyber Security Centre’s annual Cyber Threat Report for FY21makes for sobering reading, revealing 67,500 cybercrime reports were made in that year (a 13% YoY increase), and estimated to have cost Australians $33 billion. Following the report’s release, Honan hosted a cyber seminar with partners Clyde & Co., sharing the latest updates on the cyber risk landscape, practical strategies for managing the growing risks, as well as regulatory changes to data privacy, and upcoming legal reforms set to affect businesses. As emphasised in the seminar, no industry is immune from the impacts of cybercrime. Here are our key considerations for business leaders to keep in mind as they navigate the evolving situation:
1. Cyber insurance is critical
A robust cyber insurance policy works to complement existing IT security systems to protect your organisation against damages that can result from cyber attacks, data security breaches, and costs associated with response and recovery. While cyber insurance is an essential part of a business cyber security toolkit, it is not a standalone solution. Learn more about how cyber insurance can compliment your cyber security strategy here.
2. Embed a tailored Cyber Incident Response Plan (CIRP)
An effective CIRP is a framework designed to protect your business’ reputation, minimise losses, limit business disruption, and help businesses avoid common mistakes in the event of a cyber incident. This plan should be reviewed on an annual basis and clearly define the roles and responsibilities of relevant key staff. Critically, in the event of a security breach, if a board can demonstrate that 1) they were aware of a cybersecurity risk, and 2) that they activated a framework to mitigate that risk, it is less likely to risk breaching its fiduciary duties under both the Privacy and Corporations Acts. To find out more about developing a CIRP to meet your business’ needs, speak with your broker.
3. Understand your governance requirements
Changes in governance expectations, director liabilities, and regulatory reform is seeing business leaders place significantly more emphasis on their organisations’ cybersecurity and risk management strategies. Directors can be held responsible for not acting to progress a company’s cybersecurity framework and may be punished if they are found to have failed to ensure a company has an adequate cybersecurity risk management plan in force, not responded in a reasonable time frame to a known data breach or failed to respond altogether. You can read more about this in our simple summary.
4. Multi-Factor Authentication (MFA) is a must
MFA is a method of electronic authentication that requires a user to provide at least two forms of identity verification before access is granted to a program, network, or system. Ensure MFA is installed across all remote workingsystems for your business’ employees, contractors, and vendors. Learn more about MFA and password best practice in this guide.
5. Use a separate Virtual Private Network (VPN) for remote working
With hackers taking advantage of widespread remote working arrangements, it is more important than ever to ensure your staff use a separate VPN whenever they are working outside the office. This is vital for various reasons in preventing security breaches. It is equally important to notify your broker that these procedures have been implemented because this helps them to gain access to insurance capacity as a risk transfer solution for your business.
While businesses leveraged technology to interact with their consumers in revolutionary ways over the last 18 months, so too have hackers.
Hackers can access bank accounts or intercept banking transactions, but most often, they are looking to collate your business’ and your customers’ private information, which they sell to vendors on the black market. Restoring funds, IT infrastructure, and regaining consumer trust in the wake of a security breach can be extremely expensive, with attackscosting Australian businesses $29 billion a year.
WHAT IS SOCIAL ENGINEERING?
Social Engineering describes a broad range of malicious activities achieved by manipulating individuals into providing security details and sensitive information. The hacker identifies their victim and gathers background information, which they use to gain trust and infiltrate their company entry points. Hackers then remove all traces of malware and repeat the process with their next target. Often these attacks are not detected until it is too late. Here are some of the key Digital Social Engineering techniques:
TAILGATING & BAITING
These forms of social engineering require the attacker to execute their deception in person. A hacker simply leaves behind physical redirection in the form of a URL address or a jpeg drive, e.g., in a flyer informing employees of a deal, with instructions to communicate or conduct transactions via a false website. Because the risk of identification can outweigh the reward, hackers have adopted more sophisticated methods.
Phishing scams are the most common form of Social Engineering. Phishing emails are designed to create a sense of urgency or curiosity amongst victims. For example, a hacker may send an email alerting their target to a policy violation that requires immediate action. Crafted to appear similar to correspondence the target would normally receive, the email would advise that credentials or passwords are required to action the request. Without taking precautions to ensure the information or sender is authentic, an employee may allow a hacker access to the company’s data and information. Find out more about phishing emails and browser notifications and how you can reduce the risk of an attack here.
Between February and March 2020 as businesses began working from home, spear phishing attacks increased by 667%. Spear Phishing is similar to Phishing but is tailored to an individual. This technique uses the target’s information against them, utilising characteristics, job qualifications, and their own contacts to impersonate an individual within their network. For example, an attacker may pose as a company CEO requesting an employee makes urgent purchases, process transactions, or provide details directly, enabling them to access a complete database of private information.
SAFEGUARDING YOUR ORGANISATION
A false sense of urgency coupled with the volume of correspondence flowing during business hours, can make it difficult to spot a social engineering campaign, but there are actions you can take to reduce your risk of being targeted:
Know who is at your place of work. Employees should show credentials in the office. If you see someone you do not know, raise this with colleagues, HR, and IT. The assumption that a stranger is a customer or client can be costly.
Be aware of information exposed to the public. Even discussing details verbally can attract a hacker’s attention, marking you as their next target.
Take note of emails received. Should you receive an email from an unknown source, cross-check with your data and members of the company to confirm if the sender is recognised. When receiving an email from a known source, take note of the email address itself. If the email is from a hacker, minor details will often be different, like font or email signature. Do not open suspicious emails, attachments, or associated URL links and raise the issue with IT.
Keep your software, antivirus, and anti-malware software updated.
Multifactor authentication is one of the best ways to protect your credentials.
CYBER INSURANCE: IN THE EVENT YOUR BUSINESS IS COMPROMISED
By implementing these tips, your exposure to social engineering can be greatly reduced. It is also important to implement measures that react if your business is compromised. A cyber insurance policycan support the rebuilding of your business in the event of a cyber-attack. It provides cover for losses such as data destruction, extortion, theft, and hacking. When approaching insurers for cover against cyber attacks, underwriters will consider if your business has the following risk mitigation measures in place:
Encryption of sensitive data
A Cyber Incident Response Plan
Data backup and recovery procedures
Business Continuity and/or Disaster Recovery Plans
Software patching procedures
Antivirus and firewalls.
Therefore, providing evidence that your business has taken action to limit its cyber risk exposure can reduce the cost of insurance.
To discuss your business’ cyber risk exposures and security needs, please feel free to reach out at any time.
In my role advising commercial and residential builders and construction professionals, I am frequently asked “what insurance do our clients need to have in place?” While my response varies, broadly speaking, property owners who are renovating existing structures will require Contract Works insurance. Although it is common for the builder to take out this cover on the owner’s behalf, it is not necessarily required by law, and this is not always communicated clearly to property owners.
A frequent source of confusion among many of our construction clients and their customers (property owners) is whether Contract Works insurance covers the existing structures (buildings) undergoing construction and/or renovation. Whether commercial or residential, many property insurance policies contain a Contract Works/Construction Exclusion, and failure to recognise the limitations of cover can result in significant uninsured losses. This article outlines potential gaps in cover between the Contract Works and Building Insurance policies, and how you can limit risk in the event damage occurs.
DOESN’T PROPERTY/BUILDING INSURANCE PROVIDE ADEQUATE COVERAGE?
In many cases no, not for existing buildings undergoing construction, alteration, or addition. These properties and structures are at a higher risk of damage from events such as fire, explosion, malicious damage, theft, and storm damage (especially when works involve the temporary removal of roofing). Consideration must be given to possible liabilities arising through personal injury, damage to neighbouring properties and/or public utilities, as well as potential pollution or contamination from materials like asbestos. As such, traditional property/building insurance products look to exclude/limit their exposure to the higher risks associated with construction works.
The specifics of Property/Building insurance cover vary between insurers as well as the type of policy (Commercial vs Residential/Retail). While some policies allow for coverage for existing structures, and/or third-party liability, others may exclude all or parts of cover, or exclude cover once works exceed a specified contract value (e.g., $50,000). The intention of these exclusions and limitations is to ensure risks associated with the construction process are insured by the builders’ Contract Works policy, not the Property/Building insurance. As such, commencing works at an insured location without prior notification to the insurer may result in property insurance being voided or substantially limited.
HOW DOES CONTRACT WORKS/CONSTRUCTION INSURANCE WORK?
Contract Works insurance is tailored to the specific risks of a construction project. Cover is commonly broken down into two sections: Material Damage and Third-Party Liability. Amongst other things, the cover is designed to insure both the works under construction and any third-party property damage or personal injury caused as a result of the construction process. While the third-party liability policy may cover damage by the builder to existing structures, damage to the existing structures from other events (e.g., storm, bushfire, etc.) is not normally covered under a Contract Works policy. A Contract Works policy does not automatically cover existing structures, it must be specifically requested. This is generally applied on a case-by-case basis, with the underwriter likely to require more information about the property and additional premium to cover the associated risk.
PLANNING A RENOVATION? NEXT STEPS
While it is common for a construction contract to detail responsibilities relating to the procurement of Contract Works and Third-Party Liability insurance, the responsibility to maintain cover over the existing structures is not always explicit.
When considering works to your home or property, always check with your insurer and/or broker to understand the limitations to cover during the construction period. If your property/building insurance policy does not cover the existing structures during construction, an agreement must be made with your builder prior to commencing works to cover the existing structures under the Contract Works insurance.
Similarly, builders and construction professionals need to be clear on the limitations of cover for existing structures under the Contract Works policy (these are not always automatically covered). When cover for existing structures is required, approval from the insurer/underwriter should be sought prior to commencing works.
WITH YOU ALL THE WAY
We are here to answer your questions and guide you through the process – feel free to reach out at any time.
The Australian Private Hospitals Association (APHA) is the peak national body for private hospitals in Australia. As APHA’s Insurance and Risk partner, we spoke to CEO, Michael Roff about the network’s evolution, and the challenges they anticipate for the term ahead.
THE CRUX OF APHA?
Ensuring the ongoing sustainability and continued development of the private hospital sector in Australia.
REFLECTING ON THE LAST 5 YEARS, HIT US WITH APHA’S TOP 5 MILESTONES.
Securing a $1.3 billion private hospital COVID viability guarantee from the Commonwealth Government.
Addendum to the 2025-2025 National Health reform Agreement to limit public hospitals harvesting privately insured patients at the expense of public patients.
Participation in Private Health Ministerial Advisory Committee to deliver key private health insurance reforms including instant upgrade for mental health, improved transparency in private health insurance products, youth discounts and Second Tier default benefit.
Development of the Private Psychiatric Hospitals Data Reporting and Analysis Service with funding from the Commonwealth Government.
Development of the APHA Benchmarking Service of key private hospitals outcome measures.
AT HONAN, MAINTAINING QUALITY CONNECTIONS WITH OUR PEOPLE, PARTNERS & THE COMMUNITY SITS AT THE HEART OF WHAT WE DO. WHAT RELATIONSHIPS & CONNECTIONS HAVE BEEN CRITICAL TO THE SUCCESS OF APHA IN RECENT YEARS?
APHA benefits from its good relationships with both sides of politics (i.e., major parties). We are also in regular contact with the key players in Government departments, other industry stakeholders including doctors, health fund suppliers among others, and of course our own members to ensure we are representing their interests.
THERE HAVE BEEN SIGNIFICANT INCREASES TO THE COST OF PRIVATE HEALTH INSURANCE OF LATE, WHAT IMPACT DO YOU SEE THAT HAVING ON THE PRIVATE HOSPITAL NETWORK?
Actually, the last two years have seen the lowest premium increases for around 20 years. However, with the costs of providing healthcare increasing, this means health funds have a reduced capacity to compensate hospitals for their cost increases. This is further exacerbated by COVID-19 requirements which have further increased costs and reduced levels of activity.
WHAT ARE THE TOP 3 CHALLENGES THE PRIVATE HOSPITAL NETWORK IS FACING, POST-PANDEMIC?
“Second Wave” health insurance reforms, including prostheses and out-of-hospital care.
Health insurance membership and implications for costs and revenue.
Vertical integration (health insurance entering the health care provider market).
INNOVATIVE CULTURES AND A COMMITMENT TO ONGOING EVOLUTION ARE COMMON HALLMARKS OF SOME OF THE MOST SUCCESSFUL ORGANISATIONS TODAY. WHERE DO YOU SEE PRIVATE HOSPITALS IN THE NEXT 10 YEARS?
The private hospital sector is a strong and vibrant part of Australia’s health system, providing high-quality services to the majority of the population. Australia’s private hospitals take pressure off an already over-burdened public health system, as evidenced by the work done to support the public sector during COVID-19, particularly during Victoria’s second wave. This role will continue to grow and develop, in part due to the improved relationships and understanding built during the Pandemic.
For registered medical professionals within Australia, medical indemnity insurance is mandatory. And so it should be – a doctor’s professional reputation is integral to their ability to practice. Unfortunately, however, not all medical indemnity policies are created equal. A sound policy takes careful consideration and close consultation to develop and must be ready to respond to the unique risk profile of its holder.
Right now, many policies held by Australian practitioners have been placed without adequate consideration or advice, which means in a time of need, the policyholder is often left uncovered and exposed to significant risk; financial and reputational.
Many doctors deal directly with an MDO (Medical Defence Organisation) when securing their indemnity insurance, and it is common for them to retain the same provider throughout their career. Such loyalty is not simply attributed to policy satisfaction, but a perceived difficulty associated with changing providers. As we outline below, however, medical professionals should tread carefully when it comes to indemnity insurance, and quality advice plays a major role in this.
WHY IS MEDICAL INDEMNITY INSURANCE ADVICE IMPORTANT?
Each MDO has a unique approach to both appraising the risk of its customers (doctors) and servicing them during a claim. From our experience at Honan, it is not easy for doctors to access clear and transparent information relating to all policy options available to them. Partnering with a broker helps to ensure all key information has been disclosed, and the policy offers robust, truly purpose-fit coverage for their role. Sadly, when challenged with this request, direct providers will typically refer their clients to the terms and conditions of the policy.
At Honan, we partner with medical indemnity insurers to provide outstanding protection and service for specialists. They are all backed by Government schemes including theDepartment of Health’s Run-Off Cover Scheme, High-Cost Claims Scheme, and offer ‘first time in’ private practice discounts, which remain with the doctor in the instance of transferring policies or moving providers.
PREMIUMS FOR MEDICAL PROFESSIONALS – CHANGES AFOOT
There are several upcoming industry changes set to impact premiums for doctors. As the Federal Government looks to reduce its support of certain schemes, our Honan team is here to provide clients with clear information, options, and advice.
Our clients in the Australian medical space have benefited greatly from our services which include:
Complimentary market analysis – often identifying areas for improvement
Advice on individual circumstances as a specialist
No additional charges on insurance premiums
Access to Honan Private Client team for personal insurance
Run-Off insurance, also known as the ‘Discovery Period’ or ‘Extended Reporting Period’ is an insurance policy provision that provides tail coverage for various financial lines products written on a ‘claims made and/or notified basis’. Run-Off insurance provides protection from claims of negligence or loss resulting from a breach of professional services or wrongful acts by Management prior to the date of transaction (being an acquisition, merger, or cessation of operations).
Policies typically written on a ‘claims-made and/or notified basis’ include:
Directors and Officers Liability
Statutory Fines and Penalties
Employment Practices Liability
For a claim to be triggered under these products, an active policy must be in force at the time a claim and/or notification is made. If a policy has lapsed and is not active at the time a claim is brought against a director and/or the company, cover will not respond, regardless of when the wrongful act occurred.
An acquiring company will commonly require the company being acquired to purchase Run-Off insurance to protect itself from past liabilities. Run-Off insurance can be purchased on an annual basis or multiple periods for an upfront payment.
WHY IS RUN-OFF INSURANCE IMPORTANT?
If a company has been acquired, merged, or ceased operations, it is vital that Run-Off insurance is purchased for policies issued on a ‘claims made and/or notified basis’ to ensure protection is in place in the event a claim arises. We recommend our clients purchase Run-Off insurance for a period of 7 years to coincide with the statute of limitations. Under the statute of limitations, companies and directors can be held liable for decisions made for up to 7 years.
WHAT ARE THE CURRENT ECONOMIC CHALLENGES?
Insolvency is among the top concerns for Directors & Officers Liability and Management Liability insurers, as insolvency administrators typically look to regain losses from directors. Over the past 12 months, insurers have taken longer to review submissions and are being more rigorous and prudent in requesting detailed information about the effects of COVID-19, along with audited financials.
Run-Off insurance is made available at an insurer’s discretion. It is therefore imperative that you review the ‘Discovery Period’ clause in your policy wording to ensure you are aware of the insurer’s terms and conditions. If insurers are uncomfortable with a company’s financials, insolvency exclusions will likely apply, often going hand in hand with a Discovery Period Deletion clause, deleting the Discovery Period entirely. At Honan, we recommend contacting your insurance advisor to confirm your ‘Discovery Period’ clause.
HOW MUCH DOES RUN-OFF INSURANCE COST?
Premiums provided are at each insurer’s discretion, however, typical coverage costs are as follows:
1 Year = 100% of expiring premium
3 Years = 150% – 200%
5 years = 200% – 350%
7 years = 350%+
WITH YOU ALL THE WAY
If you have any questions or concerns about Run-Off insurance, please reach out to your Honan adviser.
PWC’s 24th CEO Survey released earlier this year, revealed the escalating prevalence and severity of cyber-attacks, along with changes in governance expectations, director liabilities, and regulatory reform is seeing business leaders place significantly more emphasis on their organisations’ cybersecurity and risk management strategies, with around 80% of CEOs surveyed strengthening their cyber security and privacy infrastructure in response.
Why are business leaders concerned?
Critical infrastructure, the subject of Government reform at the end of 2020 – is particularly important for ASX listed companies and their directors. It is not just cyber policies being affected, with some (Directors & Officers) D&O insurance policies containing new ‘Cyber Endorsements’, which can include affirmative language responding to wrongful acts or in some cases, exclusions or remain silent altogether. In turn, this is placing more pressure on boards to build and implement robust governance strategies to protect their shareholders and ultimately, their bottom line / share price in the event of an attack.
Directors can be held responsible for not acting to progress a company’s cybersecurity framework and may be punished if they are found to have failed to ensure a company has an adequate cybersecurity risk management plan in force, not responded in a reasonable time frame to a known data breach, or failed to respond altogether.
Risk mitigation through Cyber and Directors & Officers Insurance (D&O)
A typical D&O policy will provide coverage for individual directors (often including the board), for wrongful acts, errors and omissions arising from their professional conduct acting in their capacity as a director – which could include those matters relating to a cyber incident. ‘Dishonesty/Misconduct’ exclusions may prevent cover for claims arising from misconduct, such as wilful breach of statute, dishonest conduct, or fraud. In rare circumstances, a wilful blindness to cyber-related legislation could trigger exclusion(s).
Whilst the area of potential D&O exposures to cyber-related claims continues to evolve, it is critical to ensure your organisation has sufficient D&O limits of liability. In addition, our preference is to ensure insureds incorporate affirmative language where possible, to avoid ambiguity should a D&O claim arise from a cyber incident occurring. Areas for directors to consider within their insurance program include:
Investigation of cyber circumstances – costs incurred investigating any circumstance resulting from a cyber event where litigation is anticipated.
Investigation costs – regulatory investigations arising out of a cyber incident, and at full policy limits.
Insured individuals (policy language) – all persons (including, but not limited to Managers and Chief Technology Officers) who are involved in significant cyber-related decisions and implementation on behalf of the company.
Shareholder litigation – shareholder actions brought against the organisation arising from a cyber-related incident and subsequent disclosure (e.g., following a stock drop).
Policy holders must also ensure there is no broad cyber exclusion sitting across the policy, which could nullify cover.
Fiduciary Duties and Business Continuity
The Australian Information Commissioner (OAIC) recommends that organisations implement a data breach response plan (BRP / Business Continuity Plan). In the event of a security breach, such as a cyber-attacks or theft of data, if the board can demonstrate that not only were they aware of a cybersecurity risk, but they also activated a framework to mitigate that risk, it is less likely to risk breaching their fiduciary duties under both the Privacy and Corporations Act. A good approach is to address the following five areas of cybersecurity management with experienced IT professionals:
Identifying and developing an understanding of the overall cyber risk landscape which can include data management, operational environment, and an effective risk management strategy.
Protecting and deploying safeguards for threat actor entry control.
Detecting and allowing timely discovery of breaches and anomalies.
Responding and implementing plans to effectively manage cyber incidents and subsequent damage control.
Recovery -enabling the organisation to resume operations as soon as possible.
Embedding cyber risk management practices in the workplace
While cybersecurity is recognised as an essential part of a business’ risk management strategy, PWC’s report highlights that organisations have work to do in training their staff to identify and manage cyber risks. Find out more about protecting your systems from cybercrime from Honan’s Head of Information Technology and member of the Zoom Customer Advisory Board, Stuart Madden.
With you all the way
To learn how D&O and cyber security policies can be tailored to meet your business’ specific needs, please feel free to reach out at any time.