December 2025
Inquiry into small business insurance
On 3 November 2025, the Parliamentary Joint Committee on Corporations and Financial Services launched a parliamentary inquiry focussing on small businesses, charities and community organisations that are facing challenges in obtaining affordable insurance. The inquiry is looking at the ability of small businesses and community organisations to access insurance coverage in areas such as public liability, professional indemnity, cyber security and threats, as well as business interruption. The committee’s review comes amid ongoing concerns about rising insurance premiums and limited availability, which have left many organisations either underinsured or without coverage. Submissions are being accepted until 6 March 2026.
According to a Council of Small Business Organisations Australia and Commonwealth Bank report, 45% of small business owners identified insurance costs as a significant factor affecting their financial situation. Meanwhile, a report from the Australian Chamber of Commerce and Industry found government taxes and levies imposed by the state and territory governments are resulting in small businesses paying up to 30% more for their insurance premiums.
Government review into cyclone and terrorism pools
The Australian Government commenced a statutory review of the Terrorism and Cyclone Insurance Act 2003, with a focus on the performance and future direction of the terrorism and cyclone reinsurance pools. The review will evaluate whether these mechanisms are achieving their policy aims, and consider the ongoing suitability of their governance and operational frameworks.
Meanwhile, Cyclone Alfred drove a record number of claims for the Cyclone Pool, according to the Australian Reinsurance Pool Corporation (ARPC). The ARPC reported receiving 111,860 claims for the quarter ended 30 June 2025, with a total net incurred value of $1.12 billion. TC Alfred accounted for 101,888 of the claims and had an incurred value of $985.7 million. ARPC’s Annual Report 2024-25 showed the year was marked by an operating deficit of $891 million, largely attributed to the impact of TC Alfred.
Tasmania proposes state insurer scheme
The Tasmanian Government has opened public consultation on its plans to establish a state insurer (TasInsure) to tackle affordability challenges in home and contents, SME, farm, and workers compensation cover. Submissions close 9 January 2026.
Australia will not allow AI to be trained on copyrighted materials
The Australian Government ruled out allowing tech giants to train their AI models on the creative works of Australian musicians and other creatives without permission. The Government said tech companies and AI developers will not be exempt from copyright legislation, meaning they will be unable to train their models on Australian creative works without consent. Attorney-General Michelle Rowland confirmed that the Government would not be changing legislation to grant AI giants the ability to non-consensually train their AI on Australian works, reported ABC News. Read our article IP vs AI.
Q3 NatCat losses hit 9-year low
Subdued tropical cyclone activity in the Atlantic and Pacific Oceans contributed to Q3 insured loss totals of approximately US$15 billion – the lowest since 2016, according to Gallagher Re. Losses were the lowest on record for 19 years, according to Aon. Insurers worldwide paid out $US12 billion for natural catastrophe losses in the third quarter – the smallest sum since Q3 2006, and 72% below 21st-century averages for the quarter. Within Australia, natural catastrophe losses fell 25% to $1.97 billion last financial year, but the long-term trend is rising and vulnerable communities are particularly affected, the Insurance Council of Australia (ICA) said. The ICA also noted, Australia has consistently taken the silver medal for extreme weather losses over the last 45 years – beaten only by the United States.
ASIO warns of high-harm cyber sabotage
Australia has entered a new age of high-impact, high-harm cyber sabotage, according to Australian Security Intelligence Organisation (ASIO) director-general Mike Burgess. “Australia has entered a period of strategic surprise and security fragility. We’re facing multifaceted, merging, intersecting, and cascading threats”, he said during a during a speech to an Australian Securities and Investments Commission forum. “As one of my analysts put it, with an uncharacteristic nod to popular culture, ‘everything, everywhere, all at once’… Australia has never faced so many threats at scale, at once… We expect sabotage, particularly cyber-enabled sabotage, to pose an increasing threat in the next five years, both in terms of adversary capability and adversary intent… Cyber is the most immediate vector for sabotage. It’s an attractive option for foreign regimes because it’s low cost but high impact, as well as being deniable and scalable.”
October 2025
Cyberattack threat grows as geopolitical tensions rise
In the Australian Prudential Regulation Authority’s (APRA) 2025-2026 corporate plan, the authority warned that increased geopolitical tensions could result in increased cyberattacks targeting Australia. “The risk environment for cyberattacks could worsen further in the context of escalating geopolitical tensions,” said APRA chair John Lonsdale. According to cybersecurity firm CrowdStrike’s 2025 Threat Hunting Report, nation-state activity rose sharply over the last 12 months – sharper even than regular, financially motivated cybercrime. Operational technology security firm Dragos’ Industrial Ransomware Analysis: Q2 2025 report also noted hacktivism had driven a surge in ransomware attacks during the quarter.
Heightened bushfire risk this spring
The Australian and New Zealand Council for fire and emergency services (AFAC) indicated parts of Australia’s east and west face heightened bushfire risk this spring as long-term rainfall deficiencies persist in southern SA, Victoria, Tasmania and western WA. The Seasonal Bushfire Outlook for spring identified a heightened risk of fire for the Dampier Peninsula, Derby Coast and the Central Kimberley, Little Sandy Desert, and south-eastern Pilbara in Western Australia, the south-eastern agricultural areas of the Murraylands in South Australia, and the south, southwest, central, and southwest Gippsland regions in Victoria.
Re-drawn flood maps spark calls for cyclone pool to be expanded
Following Brisbane City Council’s decision to revise its flood mapping next year, the Australian Consumers Insurance Lobby (ACIL) called on the Federal Government to widen its reinsurance pool to include flood risks. From 19 September, more than 17,000 properties were either added to or reclassified within the flood overlay. The flood mapping update affects 17,246 properties, with 10,129 added for having some risk, 400 removed and others subject to risk changes (including more than 2,000 moved into higher flood-risk categories). A paper from the Actuaries Institute notes that replicating a cyclone pool for flood may be less effective on reducing premiums.
$174 million lost to scams
The National Anti-Scam Centre reported that Australian consumers and businesses reported losses from scams of almost $174 million in H1 2025. The Scamwatch data showed more than 108,000 scams had been reported. While the total number of reports were down 24%, reports involving losses increased 40.5%. The value of recorded losses was 26% higher than the same period the previous year, with the average loss sitting at $12,212.
ATO has GST fraud in its sights
Identifying and preventing fraud is one of the Australian Tax Office’s (ATO) priorities for FY26. “Fraud and serious organised crime are on the increase, fuelled by advancements in technology and digital services, data breaches and fraudsters who can rapidly evolve their tactics and ways of infiltrating the tax system,” the ATO said. The ATO had noted a rise in GST fraud, particularly within the property and construction industries, and issued a warning to businesses. The commitment follows the revelation made by the ABC’s Four Corners program (28 July) that an ATO loophole had allowed tens of thousands of Australians to commit GST fraud, stealing a total of $2 billion. The ATO responded saying it would continue its role to ensure all taxpayers paid the correct amount of tax, regardless of their size or profile. The ATO also issued an alert warning against committing GST fraud. On 5 September a mining company executive was sentenced to seven years and 10 months in prison after committing GST fraud.
One telco sued as another reports breach
On 8 August, the Office of the Australian Information Commissioner (OAIC) announced it had initiated civil penalty proceedings against Optus in relation to the September 2022 cyber incident that resulted in the exposure of the personal information of around 9.5 million customers. The OAIC alleges that Optus did not take adequate measures to safeguard personal data from misuse, interference, loss, or unauthorised access, and that its cybersecurity was inadequate. On 19 August, internet service provider iiNet disclosed it had been the victim of a cyberattack that had impacted the personal data of more than 200,000 of its customers. Based on initial investigations, TPG believes the hackers gained access using the stolen credentials of a single employee. Credential-based attacks have also been suffered by other telcos including Telstra, and Tangerine Telecom, Cyber Daily reported.
