Australian CEOs’ cybersecurity concerns prompt major changes to risk management strategies


PWC’s 24th CEO Survey released earlier this year, revealed the escalating prevalence and severity of cyber-attacks, along with changes in governance expectations, director liabilities, and regulatory reform is seeing business leaders place significantly more emphasis on their organisations’ cybersecurity and risk management strategies, with around 80% of CEOs surveyed strengthening their cyber security and privacy infrastructure in response.  


Why are business leaders concerned?

Critical infrastructure, the subject of Government reform at the end of 2020 – is particularly important for ASX listed companies and their directors. It is not just cyber policies being affected, with some (Directors & Officers) D&O insurance policies containing new ‘Cyber Endorsements’, which can include affirmative language responding to wrongful acts or in some cases, exclusions or remain silent altogether. In turn, this is placing more pressure on boards to build and implement robust governance strategies to protect their shareholders and ultimately, their bottom line / share price in the event of an attack.

Directors can be held responsible for not acting to progress a company’s cybersecurity framework and may be punished if they are found to have failed to ensure a company has an adequate cybersecurity risk management plan in force, not responded in a reasonable time frame to a known data breach, or failed to respond altogether.


Risk mitigation through Cyber and Directors & Officers Insurance (D&O)

A typical D&O policy will provide coverage for individual directors (often including the board), for wrongful acts, errors and omissions arising from their professional conduct acting in their capacity as a director – which could include those matters relating to a cyber incident. ‘Dishonesty/Misconduct’ exclusions may prevent cover for claims arising from misconduct, such as wilful breach of statute, dishonest conduct, or fraud. In rare circumstances, a wilful blindness to cyber-related legislation could trigger exclusion(s).

Whilst the area of potential D&O exposures to cyber-related claims continues to evolve, it is critical to ensure your organisation has sufficient D&O limits of liability. In addition, our preference is to ensure insureds incorporate affirmative language where possible, to avoid ambiguity should a D&O claim arise from a cyber incident occurring. Areas for directors to consider within their insurance program include:

  • Investigation of cyber circumstances – costs incurred investigating any circumstance resulting from a cyber event where litigation is anticipated.
  • Investigation costs – regulatory investigations arising out of a cyber incident, and at full policy limits.
  • Insured individuals (policy language) – all persons (including, but not limited to Managers and Chief Technology Officers) who are involved in significant cyber-related decisions and implementation on behalf of the company.
  • Shareholder litigation – shareholder actions brought against the organisation arising from a cyber-related incident and subsequent disclosure (e.g., following a stock drop).
  • Policy holders must also ensure there is no broad cyber exclusion sitting across the policy, which could nullify cover.


Fiduciary Duties and Business Continuity

The Australian Information Commissioner (OAIC) recommends that organisations implement a data breach response plan (BRP / Business Continuity Plan). In the event of a security breach, such as a cyber-attacks or theft of data, if the board can demonstrate that not only were they aware of a cybersecurity risk, but they also activated a framework to mitigate that risk, it is less likely to risk breaching their fiduciary duties under both the Privacy and Corporations Act. A good approach is to address the following five areas of cybersecurity management with experienced IT professionals:

  • Identifying and developing an understanding of the overall cyber risk landscape which can include data management, operational environment, and an effective risk management strategy.
  • Protecting and deploying safeguards for threat actor entry control.
  • Detecting and allowing timely discovery of breaches and anomalies.
  • Responding and implementing plans to effectively manage cyber incidents and subsequent damage control.
  • Recovery -enabling the organisation to resume operations as soon as possible.


Embedding cyber risk management practices in the workplace

While cybersecurity is recognised as an essential part of a business’ risk management strategy, PWC’s report highlights that organisations have work to do in training their staff to identify and manage cyber risks. Find out more about protecting your systems from cybercrime from Honan’s Head of Information Technology and member of the Zoom Customer Advisory Board, Stuart Madden.


With you all the way

To learn how D&O and cyber security policies can be tailored to meet your business’ specific needs, please feel free to reach out at any time.


Ben Robinson

Placement Manager – Professional & Executive Risks



Read about the latest Financial Institutions Insurance Update.

Insurance Update: Financial Institutions


The Financial Institutions insurance market continues to harden, with reduced capacity to underwrite risk as we progress further into the 2021 calendar year. Insurers are pressing for increased premium and/or retention levels on a portfolio basis (rather than a risk-by-risk basis) to grow the premium pool. 

Global volatility presents a major concern for insurers, given the anticipated resurgence in the markets and has been the key driver for increased premium rate momentum. With the Australian market floating on an unprecedented level of monetary and fiscal support, investors sitting on large cash reserves, and rapid accelerations in equity gains; underwriters are concerned about sudden devaluations to the market and consequent investor legal suits.  In addition, the lingering effects of the Hayne Royal Commission remain an integral rating factor, as well as any potential long tail claims arising from COVID.

Despite the above however, we are starting to see bright spots in terms of risk appetite navigation.  Following multiple years of the hardening phase, and notwithstanding the unpredictable market cycles, insurers have carved out much better clarity, visibility, and consistency with respect to their appetite across the different FI sectors.



In Q3, Financial Institution clients who were hardest hit typically exhibited some of the characteristics below:


Insureds with substantial FUM increases experienced higher prices, as FUM typically indicates the overall magnitude of potential losses.  Conversely, large redemption runs were heavily penalised, given the harbinger for potential investor claims.


The type of fund was also an influential factor.  Hedge funds with high gearing ratios and an aggressive alpha focus were impacted, compared to those with more benign strategies. Underlying alternative asset classes were also a key premium driver, with funds exposed to private credit, quant strategies and commodities most impacted, especially those to oil futures which briefly entered unprecedented negative territory.  Hedge funds with a history of shareholder activism were also impacted (this can be a major source of claims), in addition to those Hedge funds that were targets themselves – similar to the GameStop short squeeze scenario.

Feeder fund and other similar “fund of fund” struc­­tures were also affected, due to their higher exposure to international markets, particularly when exposed to the more litigious US investor base.  

Passive index funds which delivered solid beta returns with low management expense ratios were least affected, as well as mutual funds with low-risk strategies.  Funds with considerable retail investor bases were impacted, due to the more litigious nature of this class, compared to the sophisticated wholesale/institutional sector.


There were pricing and coverage implications in the venture capital/private equity funds space, depending on the underlying investee company portfolio.  Investee companies with enduring profitability models, recurring and stable revenue streams and strong Series Round interest were looked upon favourably by underwriters.


As banks’ lending criteria have been subject to tighter controls, we have seen an influx of managers allocating alternative capital to private debt and distressed assets.  While not impossible to place these risks with insurers, insureds exposed to one undiversified single underlying asset (especially property development), found it difficult to source a solution.


LICS with high discounts to Net Tangible Assets had underwriters concerned, especially where the risk of further drops was high. Valuation risk and Directors’ and Officers’ SIDE C continuous disclosure are key concerns in this space.


Insureds making aggressive return forecasts or assurances of minimal investment risk in PDS documents have been highly scrutinised. This had been fuelled by the Federal Court finding that promoter Mayfair 101 engaged in false advertising by targeting investors who used Google search engine terms such as “best term deposit”.


Driven by their ability to quickly scale and hence attract higher valuation multiples, we have seen a wave of IT and Cloud focused SaaS companies listing.  Higher multiples can leave companies vulnerable to large devaluations, which can be concerning to insurers.   As such, underwriters have been extremely diligent when deploying capital in the IPO insurance area.



Underwriter appetite in the FI insurance space is highly dependent on the general economic climate.

As long-term bond yields have increased, institutions have moved capital from equities to lower risk fixed interest instruments, with negative consequences for share valuations.  While this is a sign of market recovery, the remaining instability is concerning to insurers. Going forward, insurers will be highly focused on the underlying asset class and risk strategy of each insured, individual fund manager performance, and exposure to retail (compared to wholesale) investors.

Ultimately, the financial markets will need to stabilise before premium increases level off. 




The financial institutions market has been awash with new asset management-focused FinTechs, introducing considerable capital into this space. Many of these FinTechs are challenging the standard rules of investing, trading, clearing, settlement and custody, funds as a service; and insurers have been slow to onboard these risks.


The insurance market is also seeing a higher volume of digital banks and more insurer scrutiny following the recent collapse of one of the first mover neo banks.  This has raised questions among insurers, with many adopting a “wait and see” attitude before deploying capacity.  There are positive signs for the sector however, with APRA now insisting neo banks have an income-generating product e.g., lending product before taking on deposits.


We are seeing more institutions recognise decentralised finance (DEFI) and cryptocurrency as a legitimate asset class.  Many allocators are now acknowledging Bitcoin as a solid store of value, and a “digital gold”. Alternate currencies such as Ethereum are gathering momentum, given their potential for smart contracts in DEFI infrastructure. Major asset managers such as Ark Invest and Van Eck have been pioneers in this space, with others now following suit.   Furthermore, as a discrete asset class, crypto is not regulated, however on the basis cryptocurrency is classified as a “financial product” under the Corporations Law, it is subject to ASIC regulation. This means insurers may become more open to the class.  A number of carriers are now receptive to providing coverage, depending on the weighting of crypto assets to total FUM.


Funds are increasingly embracing the ESG (Environmental, Social, Governance) theme, promoting investments in the electric and renewables space.  Younger investors have been known to focus on this area and arguably, underwriters perceived this as lower risk as it is driven more by ethical investing concepts rather than pure investor return.


With You All The Way

Feel free to reach out to discuss your risk exposures.


Henry Clark

Head of Professional & Executive Risks


Dennis Moens

Client Manager – Professional & Executive Risks



Learn about changes ahead for the Buy Now Pay Later sector and implications for Australian FinTechs.


Digital Innovations Bring Big Wins for Health & Medical

Medical & Health

If there is one good thing to have come out of the pandemic, it is how quickly the medical industry has adopted new technologies to improve the patient experience. From Telehealth to digital prescriptions, these tech solutions are all designed to enhance care and convenience. Recent digital innovations are also improving access to quality health care. In remote and regional Australia, where wait times are excessive in comparison to major cities, tech now allows the Royal Flying Doctor Service to track each flight in real time. The ability to map weather conditions and flight schedules now means hospitals are far better placed to commence patient care as soon as the individual arrives.  

For providers, leveraging the potential of digital technology to elevate the patient experience not only helps attract and retain more patients, but it has the potential to reduce the likelihood of wrangling medical malpractice complaints.



I have recently discovered an amazing tech solution which will further enhance the patient experience by providing detailed, easy to understand information for pre-operative care. The Inform Digital solution gives patients a simple step-by-step explanation of the procedure they are about to receive – all on their mobile phone. The system also has digital consent functionality, allowing the patient to provide informed and considered consent.

This system represents a significant opportunity for medical specialists and medical facilities within Australia. Once the consent process is finished, a report is sent to the physician or facility which highlights the amount of time spent completing each section, allowing the physician to follow up with the patient prior to the procedure. This tech solution is a major step forward in the delivery of information to patients and has the potential to reduce medical malpractice claims, language barriers, and ensures patients have access to relevant information. I can see this tool becoming a real point of difference for specialists and hospitals and impacting the way individuals and facilities are rated from an insurance risk position, with positive implications for their premiums. 



Developments in the medical tech space are seeing the introduction of Artificial Intelligence (AI) in IVF and radiology, enabling greater efficiencies and precision in diagnosis. We are seeing more general practices provide holistic, market-leading patient experiences. For example, mobile applications are increasingly being used to help patients manage their treatment plans in real time.



These advancements in medical treatment do not just exist in the future, they are happening now. The opportunities and efficiencies offered by these tech solutions present a major point of difference to the facilities and practitioners who embrace them. Improved patient engagement will lead to better treatment outcomes which, in time, can benefit the whole community.





Trent Woodward

Head of Health & Medical


Learn more about postponed treatment plans and delays in diagnostics. 

Changes ahead for the Buy Now Pay Later sector: Key implications for Australian FinTechs


Cries for regulation in the currently self-regulated Buy Now Pay Later (BNPL) sector are nothing new. Financial services providers and consumer rights groups have long expressed concern that these services enable financial overcommitment from vulnerable Australians. But are we reaching a point where the size and scale of these businesses, the emergence of several new market entrants, and the disruption to traditional credit markets is forcing the Government’s and regulators’ hands?  This article looks at the current situation for BNPL FinTechs in Australia, how insurers currently view their risk exposures, and how this may change if regulations are introduced.



In 2018, digital laybuy platform Afterpay and the BNPL sector avoided regulation when ASIC reported it was not looking to bring them under the National Credit Act. In late 2020, a Senate Committee on Financial Technology and Regulatory Technology backed the BNPL sector’s code of practice, saying self-regulation helped to protect innovation. This code is currently being finalised by The Australian Finance Industry Association (AFIA) in collaboration with its BNPL members. It aims to have the BNPL industry Code of Practice operating by 1 March 2021.

Recently, however, a report provided to the UK’s financial regulator, the FCA, following a review of the unsecured credit market, has made the strongest case yet for implementing regulation within the BNPL sector, at least in the UK.



The BNPL sector is never far from the sights of ASIC, which released an industry update in November 2020. ASIC currently holds Product Intervention Powers (PIP) over BNPL products which provides a regulatory tool to address any significant harm to consumers. Come October 2021, the Design and Distribution Obligations (DDO) legislation will also apply to most ASIC regulated products, which will include BNPL products.

Whether these regulatory controls, complemented by industry self-regulation, will provide consumers sufficient protection without stifling innovation remains to be seen. What is certain, however, is this topic remaining hot for a while yet. According to IBISWorld, the market is predicted to maintain strong growth, with Australian BNPL revenue forecast to grow from AUD 680M (USD 488M) in FY20 to AUD 1.1BN by FY25, with users set to double to 4M within three years.



FinTechs are a blend of technology and financial businesses, exposing them to risks common in both sectors, where insurers’ appetites are commonly limited.

Examples of such risks include:

  • Technology risk – tech failures leading to 1st and 3rd party financial loss
  • Financial and credit risk
  • Financial crime, fraud, and identity risk
  • Cybersecurity and Data Privacy – 1st and 3rd party losses
  • Directors & Officers Liability
  • Public & Products Liability
  • Regulatory Investigations and Statutory Liability
  • Money Laundering risk

Although some do, BNPL FinTechs are not required to hold an Australian Credit Licence (ACL). Thus, in the eyes of insurers, they do not have the same responsibilities and obligations as ACL holders under the National Consumer and Credit Protection Act. This lack of regulation makes insurers nervous, and securing adequate insurance is therefore challenging. It will be interesting to see whether insurers’ risk appetites change if regulation is introduced into the BNPL sector – as recommended in the UK.


We’re with you all the way

With significant experience in the financial, technology and FinTech sectors, Honan welcomes the opportunity to assist all businesses operating in this space. Feel free to reach out at any time to discuss your insurance needs. 


Dominic Brettell

Head of Client Service – Corporate Insurance & Risk Solutions



Discover the 4 Risk Protection Essentials for Tech Start-Ups.

Critical Cover for Cyber Crime: A Healthcare Imperative for 2021

Medical & Health

From an insurance standpoint, I’ve not witnessed a more challenging year than 2020. The bushfires of 2019-20 shook us to our core, and then COVID-19 hit. The resulting uncertainty has made it extremely challenging for businesses to regain solid footing. Concerns about revenue streams, staff wellbeing, and future forecasts swiftly became, and continue to be, boardroom imperatives. As health providers begin 2021, now is the time to pause and check critical insurance blind spots*, particularly cyber.


Cyber Crime: Healthcare’s Blind Spot

While most businesses traditionally focus on the core structures of their insurance programs such as property, professional risks, and equipment, 2020 saw more complex risks arise as a result of blind spots. Often seemingly minor, ‘blind spot risks’ are not always obvious, but certainly becoming more frequent and damaging, particularly to balance sheets. One of the most common blind spots I witness in healthcare businesses, is cyber crime, estimated to cost Australians $300 million each year.

2020 also saw the first death recorded as a result of cyber crime; a shocking precedent, which may signal a trend of worsening attacks on the medical industry, especially hospitals. Last November, the ACSC (Australian Cyber Security Centre) issued a warning to Australian healthcare providers about the rise in similar incidents, and a recent report on ransomware in Australia identified health as the most targeted sector, ahead of Government, education, transport and retail (shown below).


Figure 1: Top sectors impacted by ransomware as reported to the ACSC FY 2019-20

Source: Australian Cyber Security Centre, 2020.


Cyber Crime: What’s Your Response Plan? 

While I see a vast array of medical facilities in my role, my priority question for each of them remains the same “Do you have a Cyber Response Plan?” – a query typically met with “No” or “I think we have a policy”. Alarmingly, operating without an official Cyber Response Plan is equivalent to leaving the doors wide open when you’re not home. Cyber criminals do not discriminate based on victim circumstances, and to be blunt, they do not care. Knowing full well it may endanger lives, hackers will go as far as locking a hospital’s operating system, and demand a financial ransom to unlock it.


Cyber Protection: Where to Start?

Having a Cyber Insurance Policy is a great starting point for healthcare providers, but knowing how that Policy will respond, and what it will respond to is critical.

While many insurance brokers and underwriters are quick to mention Cyber Insurance, I believe there’s never been a more critical time to elevate Cyber Policy conversations. For healthcare providers, cyber cover should be considered a business-critical inclusion in their broader insurance portfolio, as early in discussions with brokers as possible.

The onset of 2021 marks an opportune time to revisit all blind spots in your business insurance portfolio. A robust policy portfolio will not only help protect your business, your people, balance-sheet and reputation, but your patients too.

Please contact me for further support at any time, or contact your preferred medical cyber insurance specialist to establish a clearer understanding of your risks.


*Keep an eye out for insights on other insurance blind spots in our future publications.



We’re with you all the way


Trent Woodward

Head of Health & Medical


Discover more about how cyber insurance works in this case study on Australia’s education sector.

You can read more about the importance of cyber insurance here.

4 Risk Protection Essentials for Tech Start-Ups


In October 2020, Apple announced its line-up of products that will support 5G, heralding a new era of technological advancement. While your tech start-up might not have the muscle of Apple just yet, your product or service could be solving equally important problems not yet identified in the market. And why not? Wi-Fi was famously invented here in Australia!

There are inherent risks when starting any new business, but from a liability standpoint, various insurances can greatly assist in mitigating risk. For Australian tech start-ups in particular, the following 4 insurance essentials are critical ones to keep in mind:


1. Secure a Comprehensive Information Technology (IT) Liability Policy

Almost every business is required to have Public Liability insurance, but tech start-ups also need to consider cover from an IT standpoint. From crime and defamation, to unintentional infringement of intellectual property, ensuring your IT Liability policy is comprehensive will help in mitigating risk. An IT Liability policy helps protect businesses against claims relating to failure of their products, advice or services. In many cases, a Professional Indemnity policy will not respond to losses related to the supply of goods, while Combined Liability policy can exclude pure financial loss, where personal injury or property damage has not taken place. To reduce uncertainty and maintain comprehensive coverage, an IT Liability policy is tailored to cover Professional Indemnity and Combined Liability under one umbrella. When placing an IT Liability policy, be sure to take note of any extensions and exclusions – these may be relevant in the event of lodging a claim.


2. Prioritise Cyber Insurance

It is estimated that cybercrime costs Australian businesses $29 Billion each year. Together with the rise of remote working practices and the IT vulnerabilities this has revealed, we expect cyber security to remain business critical for years to come. There are many Tips for Remote Working, Cyber Security and Avoiding Email Scams, but even the most tech savvy individuals can fall victim to cybercrime. A data breach can prove costly not only for your clients, but for the reputation, operations and ongoing viability of your tech start-up. In the event of a data breach, a robust Cyber Insurance policy can bear the cost incurred to reduce your future risks, resume business and, when needed, pay retribution for your clients’ losses. Learn more about cyber insurance and how it works in this case study on Australia’s education sector.


3. Review Limits & Sub-Limits of Liability

With limits of liability varying from $500,000 for cyber coverage to $10M for IT, having the correct coverage limits in place is crucial to avoiding being under or over insured during the policy period. Recommended levels of coverage are often advised based on any contractual liabilities between you and your clients. The size and annual turnover of your business can also help in determining the most comprehensive, and competitive policy for your start-up.

*Be mindful of sub-limits that form part of these policies, as the extensions that form part of the policy may not cover the full indemnity. For example, while an IT Liability policy may cover up to $1M for any one claim and $2M in the aggregate during the policy period, there may be a $250,000 sub-limit for product recall. Any financial costs above the sub-limit could see your start-up as financially responsible.


4. Enlist the Advice & Support of a Dedicated Broker

There are many variables that inform a robust insurance policy, and it will take time to tailor these to your start-up’s particular needs. A quality insurance broker does more than place your insurance policies, they identify risks and manage your entire portfolio of risk solutions.

The tips outlined above cover the basics of risk-protection for tech start-ups, but a dedicated, quality broker will support you in building a highly customised, blue-chip protection portfolio for your business. In turn, this frees you up to focus on what you do best – building your business!


We’re with you all the way

To find out how Honan can help support and protect your start-up, please reach out at any time. We’d love to hear from you!


Jason Holmes

Client Executive – Global



Discover more about how cyber insurance works in this case study on Australia’s education sector.

Natural Disaster Season is NOW: Critical Steps to Help Keep Your Business Protected


Alongside the promise of annual leave and great escapes, Australia’s long hot summer marks the height of natural disaster season – a notoriously stressful time for many business owners across the country. While the potential wrath of Mother Nature can leave us feeling powerless at times, significant steps can be taken by business leaders to mitigate the potential impacts to their operations, bottom line, and indeed livelihoods, in the event of a disaster. In the following piece, we’ll explore the two fundamentals for natural disaster risk-minimisation:

    1. Physical risk protection through mitigation
    2. Ensuring a comprehensive, truly ‘catastrophe-fit’ insurance program is in place.



Businesses can take the following preventative steps to ensure their physical assets are protected as much as possible in the face of disaster:



    • Ensure all buildings, plant and equipment (including surroundings) are adequately insured for their replacement* value
    • Keep sites clean, with flammable materials stored off-site
    • Where possible, construct premises from fire-resistant materials
    • Assess business interruption exposures to key customers and suppliers in the event of bushfire.



    • Have a cyclone emergency plan in place and familiarise your entire staff with the plan
    • Regularly monitor weather and associated alerts
    • Back up all electronic files
    • Secure all stock and equipment indoors if currently outdoors
    • Have a business continuity plan in place.



    • Ensure your building(s) and surrounding properties are in a good state of repair
    • If possible, have alternative (backup) power sources available such as generators
    • If situated in a flood prone area, ensure stock / raw materials are stored at height
    • Secure all loose items indoors
    • Source an adequate number of sandbags (if more permanent flood barriers are not an option) for use in the case of emergency.

To discover more about protecting your home and personal assets from extreme weather, be sure to read Protecting Your Assets: Lessons From an Unprecedented Summer of Weather.




In the event disaster strikes, having a robust, ‘catastrophe-fit’ insurance program in place is critical to ensuring business continuity interruptions and implications are minimised. Strong insurance programs will cover off the following four pillars:



It is recommended that clients look to conduct a detailed risk survey of their key operating or business critical sites.  These are typically completed either by a qualified risk engineer who will identify and qualify certain vulnerabilities that may exist within a business, as well assessing:

    • The likelihood of these hazards causing a loss
    • The severity of a loss incurred by such hazards
    • The effectiveness of existing controls within the business to mitigate these hazards.


In some cases, existing controls do not completely mitigate identified losses, meaning additional levels of protection are needed. For instance:

    • Improved fire protection
    • Hot / cold working permits
    • Smoke/fire detection
    • Housekeeping
    • Introduction of business continuity plans.


Risk surveys will typically cover off:

    • Hazards (natural, man-made or operational)
    • Construction materials used
    • Surrounding exposures
    • Production ‘bottlenecks’
    • Existing levels of risk management.

Additionally, a risk survey will set out a number of recommendations (to mitigate risks) in an implementation plan.



According to the Insurance Council of Australia, many properties destroyed in the summer bushfires earlier this year were underinsured, meaning they had cover but inadequate levels to replace or rebuild what was lost. Having accurate and current valuations of your buildings, plant, equipment, and stock will help businesses to ensure they’re adequately covered for their repair and / or replacement in the event of a loss. 

*Being underinsured can bring about financial hardship and a shortfall in cash flow. Thus, understanding the costs to replace all critical items of your business versus the original written or purchase value is imperative. Any capital expenditures (CAPEX) should also be taken into account when considering replacement costs of business assets.



Similar to a valuation of the business’ physical assets, a Business Interruption (BI) review focuses on the financial impact (profit or revenue) of the business and its ability to return to a pre-loss position following an event. Regardless of whether a business is affected directly, indirect losses can arise as a consequence of large-scale catastrophes, therefore understanding what exposures exist is vital. A BI review will assess factors such as:

    • Adequacy of current indemnity periods and whether they align to plant rebuild timeframes
    • Alternative location(s) to conduct business or source raw materials
    • Scenario-test existing scope and levels of cover
    • Exposure to key customers and suppliers
    • Ensure base cover adequately protects the business.



As businesses grow and expand, so too does their direct and indirect footprint. An in-depth insurance program review by your broker will help ensure all required policies are in place, and adequate for the protection of the business. This analysis will also uncover any uninsured risks or perils that may be excluded or limits/sub-limits that require adjustment.  This review should be completed in conjunction with the output from risk assessments, valuations and business continuity plans.




Despite having minimised all physical risks, damage incurred by natural catastrophe is unavoidable. In the immediate aftermath of a bushfire, cyclone, storm or flooding, business owners should call their broker ASAP, and take the following steps:

    • Arrange for a contractor to undertake an ‘emergency make-safe’. This involves temporary repairs to ensure the property is watertight and to minimise/prevent further damage. If you’re unsure who to call, try the SES for emergency assistance.
    • If water has entered the property, do not switch on the electricity until an electrician has undertaken checks.
    • Avoid black water – this is unsafe, contaminated water and must be left to experts.
    • Dry out wet areas – contact a restoration expert to extract water and commence the drying process (i.e. removal of wet carpets and installation of blowers, dehumidifiers).
    • Prepare an itemised list of damage and take photographs to support your claims process.
    • Dispose of spoilt and destroyed items. Again, it’s important to take photographs.
    • Keep any items that can be repaired. If in doubt, speak to your broker.
    • Obtain quotes to repair damaged items, which will help in the claims process too.



To learn how Honan can support you in protecting your business, people and operations ahead of a potential natural disaster, please reach out at any time.


Travis Wendt
Head of Corporate Insurance & Risk Solutions

+61 434 651 918


Additional content provided by Jesamine Shaw and Claudia Pengley.



Learn more about protecting your assets from extreme weather with this guide.



Australian Education at Risk: How Cybercrime Insurance can Help


Around the world, Australia is recognised for its excellence in education and training. Contributing over $32 billion to our economy, this critical industry represents Australia’s third largest export. Unfortunately however, this sector is one of the most vulnerable to cyber threats, due to a high dependency on digital infrastructures and web-based learning. In 2017, the education sector alone accounted for 26% of cyber-attacks in Australia, and 57% of cybercrime across the Asia-Pacific region.


The Impacts: How it Hurts

At present, the Government estimates that cyber incidents involving Australian businesses cost up to $29 billion a year. The financial implications of cybercrime are overwhelming, but they extend beyond the balance sheet. Significant damage to an organisation’s reputation is also common, as demonstrated in the recent attacks on The Australian Catholic University, Australian National University and Toll Group.

The vast number of digital libraries storing sensitive personal data also makes the education sector highly attractive to cyber criminals. Personally Identifiable Information (PII), such as student records, make cyber breaches particularly damaging. Furthermore, high-risk technology systems, hardware and infrastructures such as laptops, tablets, interactive whiteboards, mobile phones and video conferencing are commonplace in the education industry. Designed and utilised by multiple parties across the sector, e-learning platforms also house data relating to students, teachers, curriculums and learning outcomes, all of which may be at risk.


How Hackers Work

Hackers are becoming increasingly sophisticated in their approach to hacking anti-virus/anti-ransomware software. Readily available through the dark web, hackers now use scanning tools to identify particularly vulnerable organisations, and to further isolate the weak points in their systems and networks.

Once a hacker gains access to a device, systems like malware and ransomware can be used to extract confidential information or shut down computer systems/networks, demanding a ransom in return for access.


Cyber Insurance: Protection Through Policy

Cyber Insurance can represent a low-cost way to help protect your business from the risks of cybercrime. Given most organisations are not able to resolve cyber attacks in-house, a robust Cyber Insurance Policy will include an Incident Response Team (IRT). Equipped to respond immediately, the client’s IRT can:

  • minimise further loss to the business (e.g. financial, reputational)
  • regain critical system access ASAP with a view to protecting systems and data
  • limit business downtime, minimising income loss as a result.


Cybercrime Case Study: How Honan Helped

Honan recently supported a client (Sydney-based driver training school) through a cybercrime event.

The cybercrime (insurable event)

A ransomware attack causing the booking and payment processing system to be down for five days, resulting in a $25,000 loss in revenue, plus IT vendor fees.

The resolution

Having a Cyber Security Insurance Policy in place with Honan meant the total costs incurred by the client were covered by their insurance premium. Beyond potential financial loss, the IRT provided valuable insights into the type of attack and the resulting damage. The IRT conducted analysis of the client’s systems to limit the risk of further attacks.



Honan – we’re with you all the way

For more information on how to protect your business from cyber threats and other emerging exposures, please contact us at any time:


Chris Prowse

Senior Client Executive ‑ Corporate Insurance & Risk Solutions

0491 696 380


Construction in Decline: Insurance Implications for Industry


For the first time since 2017, the global construction industry outlook has shifted into decline in the wake of COVID-19.  National construction activity is following a similar trajectory, after a 3% decline in December 2019, and a drop of 0.7% in the June 2020 quarter. Fortunately, the Federal Government’s Jobkeeper and Jobseeker programs have assisted many employers in retaining workers and sustaining business operations, as has the classification of construction as an essential service.


As we enter Q2 of FY21, we’ve summarised how the present conditions are impacting the insurance market for members of the construction industry.


Contract Works – Material Damage
  • Many local insurers have been reviewing their rating models, with knock-on effects to premiums and deductibles. In addition, many have reduced capacity to insure – i.e. where we would normally expect an insurer to insure a risk / builder / project to the value of $100,000,000, we’re now seeing many revert back to a multi-insurer approach, whereby several companies share the risk.
  • Insurers are also closely reviewing the Limits of Liability and sub-limits due to meaningful absences of local capacity.

We believe the above has been brought about by last summer’s unprecedented bushfire season, and the North QLD floods of 2019. Both events have resulted in depleted pools of reinsurance, often making insurance unprofitable for carriers. This is commonly referred to as insurers’ realisation of losses.

  • Previously available coverage enhancements such as Design Exclusion write-backs (LEG3 or DE5) are either seeing a minimum of 30-40% rating increases or scaled back to DE4 reduced coverage, or not offered at all. Following this, we are seeing a large adjustment in DE5 deductibles where insurers would previously have offered coverage and deductibles at a minimum of $100,000. This has been lifted to $150,000-$250,000 due to the breadth of coverage it provides and the complex nature of attritional losses.
  • Contractors with poor loss history and exposure to weather events are experiencing imposed revised deductibles for separate major perils and water damage excesses.

The Lloyd’s of London market has continued to experience change following the Lloyd’s Review
(DECILE 10) and the exit of many construction insurers – where previously they were also providing support to Australian underwriting agencies. Those which remain are increasing minimum rates, securing policy limits and offering higher deductibles.


Early engagement is key to insurance success

Insurers, brokers and contractors must work together in the short to medium term, with early engagement critical to help protect each contractor’s capital position/s and future plans for growth. Working together in a tripartite partnership capacity is essential to avoiding bill shock.


Construction Liability & Completed Operations

The current situation has seen insurers continue to closely scrutinise their underwriting results across all classes of casualty programs. Insurers have set their sights on underwriting profitability (vs gross written premium) and the investment income is being treated as a ‘nice to have’ and relegated as a priority. We have observed similar responses from insurers based in Singapore as well as Lloyd’s of London. Consequently, we are seeing sharp increases in policy excesses and renewal rates on prior years.

Greater insurer scrutiny and changes to the classification of business that should be written has influenced the costs and restrictions imposed by reinsurance arrangements, meaning:

  • Insurers are seeking to increase rates where claims have been poor or where currently underpriced, or looking to scale back offered policy limits. The increase is between 10-25% on well performing accounts.
  • Insurers are requesting much more information around operations to ensure they fully understand the risks and exposures and price accordingly.  If information cannot be obtained or is ignored by contractors, insurers are likely to restrict coverage or exclude certain parts altogether.


Work on bridges, piers, jetties, harbours, defence, civil contractors/earthmoving, and heavy industry are currently considered more susceptible to “long-tail” losses. Insurers are steering away from these risks, which are seen as unprofitable (due to WorkCover recoveries).

Sub-contractor injury or sub-contractor caused property damage deductibles are likely to continue increasing to minimum levels of $50,000 with some seeking up to $250,000 (depending on the industry). Insurers are being selective and treating each risk on their own merits. Options are available for excess buy-down on a standalone product.

An increase to the policy excess can alleviate premium increases. In some events however, the premium reductions are not proportionate to the increase in excess.


Worker to Worker claims continue to be the focus of Construction Liability underwriters

Now more than ever, contractor personal injury claims are being brought on by recovery actions from WorkCover and state-based workers compensation insurers (given the long-tail nature and statute of limitations, which can be up to 7 years). As a result, Worker to Worker deductibles offered by insurers and/or cover is being offered at a minimum deductible level of $50,000 and we are seeing insurers requesting claims data for up to 10 years to analyse trends before writing new business.



We’re With You All The Way

It’s important to be aware of these changes and how they are impacting new and existing insurance policies. As a general rule, it’s best to engage with your broker early to limit bill shock and seek the most appropriate cover for your needs. We encourage you to contact your Honan insurance advisor to discuss your situation and address any questions or concerns.


Adam Richardson 

Head of Client Service (QLD) – Corporate Insurance & Risk Solutions


Honan launches New Extended Mechanical Warranty Policy


Working with Plant & Equipment (P&E) partner, Heavy Machinery Warranty, and underwritten by Lloyds of London, the policy is a new introduction to the Australian market.

Unlike alternative P&E warranty options on the market which typically require machinery dealers to offer indemnity and then seek recovery from the insurance product, the new Extended Mechanical Warranty places policy ownership in the hands of the insured party. Bypassing the need for manufacturer and/or supplier assessments, policy holders (machinery owners) can claim directly against their policy, rather than relying on dealerships to facilitate claims on their behalf.

The cover offered under the policy includes the replacement of parts and/or repair costs to the hydraulics and powertrain following sudden and unforeseen loss. The policy is also available for makes and models of the following types of equipment:


Construction Equipment

  • Excavators
  • Bull dozers
  • Wheel loaders
  • Motor graders
  • Articulated trucks
  • Rollers

Agricultural Equipment

  • Tractors

Material Handling Equipment

  • Telehandlers
  • Forklifts


We’re with you all the way

For further information on the Heavy Machinery Warranty Policy, please contact Scott Cole at any time.

Scott Cole

+61 447 566 008

Suggested Searches

  • Melbourne Office
  • Financial Service
  • Quote
  • Insurance Services
  • Trade Credit Insurance
  • Strata
  • Claims
  • Real Estate

Contact Us

Contact Information

  • Suite 8.01, Level 8, The Gardens North Tower, Mid Valley City (Lingkaran Syed Putra) 59200 Kuala Lumpur