Federal Register of Legislation - Australian Government

Primary content

Determinations/Financial (Other) as made
This instrument determines Reporting Standard GRS 800.2 Claim Data: Public and Product Liability and Professional Indemnity Insurance and revokes the Financial Sector (Collection of Data) (reporting standard) determination No. 17 of 2016, including Reporting Standard GRS 800.2 Claim Data: Public and Product Liability and Professional Indemnity Insurance.
Administered by: Treasury
Registered 26 Mar 2021
Tabling HistoryDate
Tabled HR11-May-2021
Tabled Senate11-May-2021

Financial Sector (Collection of Data) (reporting standard) determination Nos. 1 to 6 of 2021

EXPLANATORY STATEMENT

Prepared by the Australian Prudential Regulation Authority (APRA)

Financial Sector (Collection of Data) Act 2001, sections 13 and 15

Acts Interpretation Act 1901, section 33

Under subsection 13(1) of the Financial Sector (Collection of Data) Act 2001 (the Act), APRA has the power to determine reporting standards, in writing, with which financial sector entities must comply.  Such standards relate to reporting financial or accounting data and other information regarding the business or activities of the entities.  Subsection 33(3) of the Acts Interpretation Act 1901 provides that where an Act confers a power to issue an instrument the power shall, unless the contrary intention appears, be construed as including a power exercisable in the like manner and subject to the like conditions (if any) to revoke any such instrument.

Subsection 15(1) of the Act provides that APRA may declare a day on and after which the reporting standards are to apply.

On 23 March 2021, APRA made the following determinations (the instruments):

(1)          Financial Sector (Collection of Data) (reporting standard) determination No. 1 of 2021 which:

(i)            revokes Reporting Standard GRS 800.1 Policy Data: Public and Product Liability and Professional Indemnity Insurance (GRS 800.1) made under Financial Sector (Collection of Data) (reporting standard) determination No. 16 of 2016; and

(ii)          determines a new version of GRS 800.1;

(2)          Financial Sector (Collection of Data) (reporting standard) determination No. 2 of 2021 which:

(i)            revokes Reporting Standard GRS 800.2 Claim Data: Public and Product Liability and Professional Indemnity Insurance (GRS 800.2) made under Financial Sector (Collection of Data) (reporting standard) determination No. 17 of 2016; and

(ii)          determines a new version of GRS 800.2;

(3)          Financial Sector (Collection of Data) (reporting standard) determination No. 3 of 2021 which:

(i)            revokes Reporting Standard GRS 800.3 Facility Business Data: Public and Product Liability and Professional Indemnity Insurance (GRS 800.3) made under Financial Sector (Collection of Data) (reporting standard) determination No. 18 of 2016; and

(ii)          determines a new version of GRS 800.3;

(4)          Financial Sector (Collection of Data) (reporting standard) determination No. 4 of 2021 which:

(i)            revokes Reporting Standard LOLRS 800.1 Policy Data: Public and Product Liability and Professional Indemnity Insurance (LOLRS 800.1) made under Financial Sector (Collection of Data) (reporting standard) determination No. 19 of 2016; and

(ii)          determines a new version of LOLRS 800.1;

(5)          Financial Sector (Collection of Data) (reporting standard) determination No. 5 of 2021 which:

(i)            revokes Reporting Standard LOLRS 800.2 Claim Data: Public and Product Liability and Professional Indemnity Insurance (LOLRS 800.2) made under Financial Sector (Collection of Data) (reporting standard) determination No. 20 of 2016; and

(ii)          determines a new version of LOLRS 800.2; and

(6)          Financial Sector (Collection of Data) (reporting standard) determination No. 6 of 2021 which:

(i)            revokes Reporting Standard LOLRS 800.3 Facility Business Data: Public and Product Liability and Professional Indemnity Insurance (LOLRS 800.3) made under Financial Sector (Collection of Data) (reporting standard) determination No. 21 of 2016; and

(ii)          determines a new version of LOLRS 800.3.

The instruments commence on 31 December 2021.  

1.      Background

The National Claims & Policies Database (NCPD) was established by APRA in 2003, at the request of Federal Government in consultation with the insurance industry and other stakeholders.  It was created to provide insurers, the community and State and Federal Governments with a better understanding of public and products liability insurance and professional indemnity insurance and the ability to monitor trends in premiums and claim costs.

Under existing reporting standards, GRS 800.1, GRS 800.2, GRS 800.3, LOLRS 800.1, LOLRS 800.2 and LOLRS 800.3, general insurers (within the meaning of the Insurance Act 1973) and Lloyd’s are required to provide information to APRA in relation to public liability, product liability and professional indemnity insurance for the purposes of the NCPD. 

On 5 November 2020, APRA released a consultation proposing to collect cyber insurance and management liability data as separate standalone categories within the NCPD to provide the industry and interested parties with better data to assess performance and pricing decisions for these products.

 

2.      Purpose and operation of the instruments

The purpose of the instruments is to revoke the existing reporting standards, GRS 800.1, GRS 800.2, GRS 800.3, LOLRS 800.1, LOLRS 800.2 and LOLRS 800.3, and replace the existing reporting standards with new versions of the reporting standards to allow for the revised collection of cyber insurance and management liability data (revised reporting standards). The revised reporting standards also include updated technical data specifications to reflect electronic submission requirements and are set out in a revised format consistent with recent APRA instruments. The reporting requirements are otherwise the same under the revised reporting standards as they are under the existing versions of the reporting standards.

Specifically:

(1)          GRS 800.1 requires general insurers that underwrite public liability, product liability or professional indemnity insurance policies to provide data on policies in force during a 6-month reporting period. The information collected includes the class of business covered by the policy, the policy basis, its current status, the premium earned from the policy and details about the insured party, amongst other details. Amendments have been made to the technical data specifications (the field types), in the reporting form included as part of GRS 800.1, in order to include cyber insurance and management liability as a product type. Amendments have also been made to set out information in GRS 800.1 in a format consistent with recent APRA instruments.

(2)          GRS 800.2 requires general insurers that have underwritten public liability, product liability or professional indemnity insurance policies to provide data on claims made or not settled during a 6-month reporting period. The information collected includes the class of business covered by the policy, the policy basis, its current status, the dates of loss and report, the jurisdiction of the claim, the nature of the loss and details of the likely case estimate, amongst other information. Amendments have been made to the technical data specifications (the field types), in the reporting form included as part of GRS 800.2, in order to include cyber insurance and management liability as a product type and Cyber – 1st party loss and Cyber – 3rd party loss as a cause of loss code. Amendments have also been made to set out information in GRS 800.2 in a format consistent with recent APRA instruments.

(3)          GRS 800.3 requires general insurers that underwrite public liability, product liability or professional indemnity facility business to provide data on facility business where the insurer is on-risk during a 6-month reporting period. The information collected includes the facility identifier, the industry code, the number of policies and claims and gross payments made, amongst other details. Amendments have been made to set out information in GRS 800.3 in a format consistent with recent APRA instruments.  

(4)          LOLRS 800.1 requires Lloyd’s to report on public liability, product liability or professional indemnity insurance policies underwritten by Lloyd’s underwriters that are in force during a 6-month reporting period. The information collected includes the class of business covered by the policy, the policy basis, its current status, the premium earned from the policy and details about the insured party, amongst other details. Amendments have been made to the technical data specifications (the field types), in the reporting form included as part of LOLRS 800.1, in order to include cyber insurance and management liability as a product type. Amendments have also been made to set out information in LOLRS 800.1 in a format consistent with recent APRA instruments.

(5)          LOLRS 800.2 requires Lloyd’s to report on claims made on (or not settled by) Lloyd’s underwriters during a 6-month reporting period, being claims that relate to public liability, product liability or professional indemnity insurance. The information collected includes the class of business covered by the policy, the policy basis, its current status, the dates of loss and report, the jurisdiction of the claim, the nature of the loss and details of the likely case estimate, amongst other information. Amendments have been made to the technical data specifications (the field types), in the reporting form included as part of LOLRS 800.2, in order to include Cyber – 1st party loss and Cyber – 3rd party loss as a cause of loss code. Amendments have also been made to set out information in LOLRS 800.2 in a format consistent with recent APRA instruments.

(6)          LOLRS 800.3 requires Lloyd’s to report on public liability, product liability or professional indemnity insurance facility business underwritten by Lloyd’s underwriters, being facility business in relation to which an insurer is on risk during a 6-month reporting period. The information collected includes the facility identifier, the industry code, the number of policies and claims and gross payments made, amongst other details. Amendments have been made to set out information in LOLRS 800.3 in a format consistent with recent APRA instruments.

Where the reporting standards refer to an Act, Regulation, Prudential Standard, Reporting Standard, Australian Accounting Standard or Auditing Standard, this is a reference to the document as it exists from time to time, and which is available on the Federal Register of Legislation at www.legislation.gov.au.

There are a number of powers that may be exercised by APRA in reporting standards which involve an element of discretion and which may impact the interests of the financial sector entity to which the reporting standard applies. These decisions include APRA refusing to change a reporting period, or due date, for a general insurer or Lloyd’s to provide information required by the revised reporting standards. Decisions made by APRA exercising those powers are not subject to merits review.

APRA considers decisions made by APRA exercising discretions under its reporting standards should not be subject to merits review as they are financial decisions with a significant public interest element.

APRA’s reporting standards collect financial data from regulated entities. This data contains critical indicators of a regulated entity’s financial wellbeing, including data on an entity’s assets, capital, liquidity, expenses and risk exposures. APRA relies heavily on this financial data to inform its supervisory actions towards its regulated entities. Without timely and complete data, APRA may miss indicators that a general insurer or Lloyd’s underwriter is taking on imprudent risk or is in distress. APRA’s supervisory decisions may be jeopardised if its receipt of data is unreliable due to entities seeking merits review under its reporting standards.

The data collected by the revised reporting standards is also used to compile the NCPD. The NCPD is deeply established in industry, and has been relied upon by general insurers, Lloyd’s and the wider insurance industry to inform their activities since the early 2000s. Delays caused by an entity seeking merits review of APRA’s decisions under one or more of the revised reporting standards could significantly compromise the NCPD. As the database is presented at an aggregate level, any lack of data from one entity caused by a merits review claim prevents the release of the entire database.

3. Consultation

 

APRA engaged in public consultation on the instruments[1]. On 5 November 2020, APRA released a consultation letter proposing to collect cyber insurance and management liability data within the NCPD as a separate standalone category in place of the collection of the data on an aggregated basis together with data on other product classes. The revised collection was proposed to provide the industry and interested parties with better data to assess performance and pricing decisions for these products. APRA specifically sought submissions on the timing of the revised cyber insurance and management liability data collection, additional cause of loss codes, treatment of historical data and publication of data. APRA released drafts of the reporting standards as part of this consultation.

 

APRA received one submission from the Insurance Council of Australia on behalf of its members in response to the proposals in the consultation letter. The submission supported APRA’s revised collection of cyber insurance and management liability data, and gave feedback in relation to the timing and scope, and use of cause of loss codes as part, of reporting.

 

The revised reporting standards implement the revised cyber insurance and management liability data collection within the NCPD, and includes modifications to the draft versions of the reporting standards released as part of APRA’s consultation, which modifications were made to take into account the submission received in response to consultation.

 

4.   Regulation Impact Statement

The Office of Best Practice Regulation has advised that a Regulation Impact Statement is not required for the instruments.

5.   Statement of compatibility prepared in accordance with Part 3 of the Human Rights (Parliamentary Scrutiny) Act 2011

A Statement of compatibility prepared in accordance with Part 3 of the Human Rights (Parliamentary Scrutiny) Act 2011 is provided at Attachment A to this Explanatory Statement.


ATTACHMENT A

Statement of Compatibility with Human Rights

Prepared in accordance with Part 3 of the Human Rights (Parliamentary Scrutiny) Act 2011

Financial Sector (Collection of Data) (reporting standard) determinations Nos. 1 to 6 of 2021

The legislative instruments are compatible with the human rights and freedoms recognised or declared in the international instruments listed in section 3 of the Human Rights (Parliamentary Scrutiny) Act 2011 (HRPS Act).

Overview of the Legislative Instruments

The purpose of the legislative instruments is to make revised:

·         Reporting Standard GRS 800.1 Policy Data: Public and Product Liability and Professional Indemnity Insurance (GRS 800.1);

·         Reporting Standard GRS 800.2 Claim Data: Public and Product Liability and Professional Indemnity Insurance (GRS 800.2);

·         Reporting Standard GRS 800.3 Facility Business Data: Public and Product Liability and Professional Indemnity Insurance (GRS 800.3);

·         Reporting Standard LOLRS 800.1 Policy Data: Public and Product Liability and Professional Indemnity Insurance (LOLRS 800.1);

·         Reporting Standard LOLRS 800.2 Claim Data: Public and Product Liability and Professional Indemnity Insurance (LOLRS 800.2); and

·         Reporting Standard LOLRS 800.3 Facility Business Data: Public and Product Liability and Professional Indemnity Insurance (LOLRS 800.3).

The legislative instruments determine reporting standards which apply to general insurers and Lloyd’s.

GRS 800.1, GRS 800.2, GRS 800.3, LOLRS 800.1, LOLRS 800.2 and LOLRS 800.3 (the reporting standards) set out requirements for the provision of information to APRA relating to a general insurer’s or Lloyd’s underwriters’ public liability, product liability or professional indemnity insurance policies. The information collected under the reporting standards are used by APRA for the purpose of prudential supervision and publication, including publication in the National Claims & Policy Database (NCPD).

Human rights implications

APRA has assessed the instruments and is of the view that they do not engage any of the applicable rights or freedoms recognised or declared in the international instruments listed in section 3 of the HRPS Act. Accordingly, in APRA’s assessment, the instruments are compatible with human rights.

Article 17 of the International Covenant on Civil and Political Rights (ICCPR) prohibits the arbitrary or unlawful interference with a person’s privacy, family, home and correspondence, and attacks on reputation. Article 17 is exclusively concerned with prohibiting interference with the privacy and/or reputation of individual persons. It does not extend to the privacy and/or reputation of corporate entities.

Determinations No. 1 to 6 of 2021 require general insurers and Lloyd’s to report claim, policy and business facility data on public and products liability insurance including all policies that provide cover for legal liability to the public in respect of bodily injury or property damage, policies that provide for compensation for loss and/or injury caused by, or as a result of, the use of goods, and environmental clean-up by pollution spills. These determinations also require claim, policy and business facility data on professional indemnity insurance, including all policies that provide cover for professionals relating to actions against that person in tort and/or statute law (in respect of advice and services provided as part of their professional practice), Directors’ and Officers’ liability insurance, legal expense insurance and medical indemnity insurance. This provision of data does not involve the disclosure of information directly relating to individual persons.

Further, APRA reviews all releases of data received under reporting standards to ensure that no information pertaining to an individual person can be deduced from the data. APRA does not publish any personal information which it collects. Information provided to APRA under reporting standards is protected information for the purposes of section 56 of the Australian Prudential Regulation Authority Act 1998 and cannot be disclosed except under a limited range of circumstances provided for under that section. APRA is also subject to obligations under the Privacy Act 1988. 

Consequently, the reporting standards do not engage any of the applicable rights or freedoms recognised or declared in the international instruments listed in section 3 of the HRPS Act. Accordingly, in APRA’s assessment, the instruments are compatible with human rights.

 Conclusion

The instruments are compatible with human rights as they do not raise any human rights issues.