The Directors’ and Officers’ (D&O) insurance market for Australian policyholders has seen a period of positive transition in 2025 driven by ongoing capacity from local and Lloyds markets. Premium reductions of 15 to 40 per cent are common, depending on industry and company performance. Recent court decisions point to a levelling of the class action playing field following numerous ‘wins’ by defendants over the past 24 months.
We suggest the exercise of caution in respect of new entrants into the market who have with untested claims philosophies and are seemingly focusing on profitability amid a volatile equity market and increasing disclosure complexity. This has been welcomed by businesses who have been facing a challenging economic environment as a consequence of persistent inflation and rising interest rates which in turn has placed pressure on financial performance.
Businesses which are seen as being a favorable risk have been experiencing flattened or reduced D&O premiums however the construction, food and beverage, healthcare and technology sectors have seen higher rates overall as claims within these sectors have pushed premiums upward.
Insolvencies continue to increase with construction, food and beverage most affected. According to ASICs monthly statistics, there were more insolvencies in FY24 to 30 April compared to the total of FY23.
The risk landscape is continually evolving and although premium decreases are still prevalent, we have seen the pace of reductions slowing. Australian regulators have pursued companies and their boards more aggressively, expressing intent to pursue companies for regulatory breaches, particularly in the cyber, privacy and greenwashing space. We expect the pricing and availability of D&O insurance may be subject to future volatility.
Key trends for boards:
1. Cyber and privacy risk
The Australian Government has introduced its first standalone cyber security legislation which aims to enhance the security and resilience of Australia’s cyber environment and critical infrastructure and addresses the proposals set out in the 2023 – 2030 Cyber Security Strategy.
Cyber-related exposures for companies and their boards will materialise further when changes to the Privacy Act 1988 (Cth) are introduced in 2025. This Act will introduce a new statutory tort for serious invasions of privacy, enhanced regulatory powers for the Office of the Australian Information Commissioner (OAIC) and targeted criminal offences to respond to doxing, just some of the changes outlined. These changes mean we are likely to see a new set of exposures and they have the potential to affect consumer class actions and corporate governance within organisations (not only those in the public eye) following data breach events. Organisations operating in the technology sector specifically will be held to a higher standard when it comes to data and security protection, therefore consideration for corporate organisations as to data collecting, storage and usage, class actions and consent is of utmost importance.
One of ASICs 2025 enforcement priorities is pursuing AFSL holders who fail to have adequate cyber security protections following the RI Advice Case and FIIG securities proceedings currently on foot. This extends to oversight by AFSL holders of the cyber security controls maintained by their CARs.
Insurers are now expecting to see Business Continuity Plans and Disaster Recovery Plans which detail how businesses will respond to a cyber incident and to demonstrate, at least, an annual consultation and testing of these plans. Understanding cyber trends and implementing effective protections are essential steps for businesses aiming to navigate the complex cyber threat environment and ensure long-term resilience. See our article here.
2. Artificial intelligence
While AI can be used to provide data and support to corporate decision makers, as a D&O risk it can lead to questions as to the adequacy of oversight and due diligence.
AI technology may ultimately produce incorrect information and presents ethical concerns with respect to data privacy and protection. Thus, there is potential for the use of AI to adversely impact overall corporate transparency with shareholders holding boards accountable for AI related failures where this results in costly claims and losses.
We recently reported on new guidelines published by the Australian Cyber Security Centre to assist business engage with AI here.
3. ESG related disclosures
ESG activism has continued to impact publicly listed companies with board members being held accountable for upholding companies’ commitments to environmental and social initiatives by shareholders, regulators and the general public.
ASIC have released Regulatory Guide 280, providing guidance for entities that are now required to prepare and lodge sustainability reports under the new provisions within Chapter 2M of the Corporations Act 2001 (the Act). Reporting entities must now prepare a sustainability report for a financial year including climate statements and directors’ declarations regarding the same. Entities must then have their report audited and obtain the requisite auditor’s report.
These new requirements have been released in conjunction with the Australian Accounting Standards Boards (AASB) S1 and S2 (September 2024) which sets out both the general requirements for disclosures, alongside mandatory Australian Sustainability Reporting Standards (ASRS). It is expected that the new sustainability reporting standards will further exacerbate climate change litigation and subsequent D&O losses for non-compliant companies. We expect claims to be made against companies, and in some cases against directors and officers directly, seeking damages for non-disclosure and or misleading and deceptive conduct in reporting or marketing sustainability. For further information on reporting thresholds and the consequential risk advisory and insurance considerations to be taken into account, see our recent article here.
4. Securities class actions
Market capitalisation losses are outpacing the growth of market capitalisation for both U.S. and non-U.S. issuers. During the first quarter of 2025, investor plaintiffs have alleged almost US$300B in market capital losses, accounting for almost half of the losses claimed during 20241.
While Security Class Actions (SCA) filings have been decreasing, with consumer, financial product and employment class action claims headlining new filings, the recent decline in filings does not indicate a corresponding decrease in overall risk. Class actions against financial services providers, including banks and insurance companies remain a significant area of concern in 2025.
On 7 May 2025, the Full Federal Court delivered its appeal judgment in the Commonwealth Bank of Australia (CBA) case “Zonia Holdings Pty Ltd v Commonwealth Bank of Australia Limited [2025] FCAFC 63.” This case primarily concerned alleged breaches of continuous disclosure obligations and misleading or deceptive conduct against CBA in respect of an alleged failure to keep shareholders properly informed regarding its non-compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act). While finding that CBA had breached continuous disclosure obligations, the court ultimately dismissed the appeal as the claimants were unable to prove relevant awareness of potential exposure to the AUSTRAC enforcement action, thus failing to establish causation and loss.
As noted above, Side C action risk does still remain a significant factor for publicly traded companies in Australia and boards must turn their minds to exposures such as litigation and potentially large-scale D&O losses related to misleading or deceptive conduct or breaches of directors’ duties, especially considering increased regulatory scrutiny and upcoming developments in the data privacy and climate change landscape where there will be enhanced focus on greenwashing and climate related disclosures by organisations.
5. Director Penalty Notices
Directors are responsible for ensuring that their company meets its tax and superannuation obligations. The Australian Taxation Office (ATO) has significantly ramped up its debt collection activities against company directors in recent years. Where a company has certain types of unpaid liabilities, the ATO can issue a Director Penalty Notice (DPN) seeking to recover those debts personally from directors.
Given that company debts are often large, personal liability for company debts can bankrupt directors, consequently resulting in an increase in the rate of insolvencies.
To mitigate the risk of receiving DPNs, directors must have a strong awareness of their company’s reporting systems, financial situation, report their company’s liabilities on time and ensure all lodgment deadlines are met, by undertaking early engagement with the ATO to manage payment of company debt.
Summary
Whilst overall market conditions are favorable and have improved with decelerated premiums and increased capacity, it is unlikely that the current soft market will outlast the previous one. Premiums are likely not to continue to decrease at the rapid rate they are in the long-term. We consider that the rate of insolvencies and losses likely to materialise as a result may impact appetite here.
We expect in the short term new insurers will continue to enter the market offering significant cost savings, with established carriers maintaining stricter underwriting standards and stabilising their rates to avoid potential pitfalls with underpricing.
For further guidance on navigating emerging D&O exposures including cyber, ESG, and AI risks, get in touch with your Bellrock Advisor.
1 CA Rule 10b-5 Exposure Report, SAR, April 10, 2025.
Continue reading our full range of market updates:
- Insurance Market Overview: July 2025
- Property
- Commercial General Liability
- Motor
- Contractors Plant & Equipment
- Renewable Energy
- Strata
- Claims
- Workplace Risk
- Executive & Professional Risk
- Construction
