INSURANCE REVIEW

Transcription

INSURANCE REVIEW
INSURANCE REVIEW
may 2016
Contents
Introduction
04
Class Actions ■FIRMLY ON THE RADAR
06
DIRECTORS AND OFFICERS (D&O)
■D&O, CLASS ACTIONS AND SHARED LIMITS –
PERHAPS SOME SELF REGULATION AND COMMON SENSE ?
08
Fintech and the Insurance Industry
■The FinTech revolution
What it means for the insurance industry
10
Construction ■Accessing security under construction contracts
What happens when the music stops?
12
Cyber ■Insuring on Cyber Protection – enhancing
the first line of Defence
15
Developments in defamation law
The year of the Tweet
18
PRIVACY ■ Privacy Concerns in the Healthcare Sector
20
Implementation of the AEC and the impact on
the insurance industry – are we ready?
22
Disclosure Requirements for Environmental Risks
27
Medical Indemnity
■ LONG-TAIL LIABILITIES IN THE MEDICAL MALPRACTICE MARKET
29
Earthquake cases keep New Zealand Courts busy
32
Insurance regulation updates and
pending reforms
34
key insurance Contacts
36
www.insuranceflashlight.com | 03
INTRODUCTION
It is impossible to avoid the pace of change at the moment. The way we do business in Australia
and overseas is evolving rapidly as we move to a digital economy. It wasn’t long ago that we
spoke of the internet as an “information superhighway”. You would be criticised as a dinosaur if
you used the same expression now because it is so much more. Now “blockchain technology”,
“FinTech” and “disruptors” are terms commonly used at all levels of commerce. Every industry
is exposed to digital disruption and the challenges of market penetration in a world increasingly
dominated by social media.
David Thodey, chairman of CSIRO and former CEO of Telstra, was quoted in The Australian on
15 April 2016 as saying:
We are moving to a world where engaging the power of computers – software, cognitive computing,
data analysis – will be part of the job of many Australian workers who have no training in science,
maths or technology. To succeed, we will have to find ways to strengthen our workplaces... In an
uncertain world, adaptability and resilience will be key, both at the individual and institutional levels.
The insurance industry sells risk transfer products to the entire commercial world. In the past,
the word “insurance” was probably associated with words such as “dour”, “conservative” and
probably “mean”. Not so now. Most people that work in insurance would say they “fell” into
the industry, usually because they have the adaptability and resilience so needed at a time of
intense change. Because the industry has such a broad range of touch points with all aspects
of commerce – from investing its capital into technology funds, to collating valuable data and
knowledge about the challenges its customers are facing – the insurance industry is well placed
to prosper in this period of disruption and change.
The insurance industry is part of the DNA of DLA Piper. We have a committed and
co-ordinated global team with a depth of expertise across all ends of the insurance spectrum
from M&A, product design and regulation, through to all aspects of claim management.
And having started in 2005 to grow to one of the largest law firms in the world, innovation,
adaptability and resilience is something DLA Piper knows a lot about.
04 | DLA Piper Insurance Review – May 2016
In Australia, the focus of the partners is to be a trusted and independent advisor to our clients,
focused on encouraging and promoting the best legal talent to serve the industry. We are
committed to delivering an annual symposium to the industry each year, having delivered a
day long symposium in February 2015 and February 2016. We hope you will enjoy the series
of articles provided in this publication that hopefully hit the issues of interest and concern in
2016 – the rapid growth of class actions, how to manage shared limits, fintech, cyber coverage,
developments in Asia, privacy, and of course, natural disasters with Crossley Gates of our
New Zealand office providing a valuable insight into the Christchurch earthquakes.
Yes, this publication is in paper as we expect there are many people who still enjoy turning
pages, but of course it is also available on our website www.dlapiper.com. Readers should also
consider subscribing to our “Insurance Flashlight” microsite www.insuranceflashlight.com which
provides regular and pithy updates on legal developments that impact the insurance industry as
they happen.
Please contact any of the authors of the articles if you wish to continue the conversation, or to
organise a presentation to your staff or clients. And of course, we welcome your feedback on
issues of interest to you for future publications.
David Leggatt and Samantha O’Brien
DLA Piper Insurance Sector Co-Heads, Australia
www.insuranceflashlight.com | 05
Class Actions
CLASS ACTIONS
It has been another active year for class action and mass tort litigation in Australia, with
seemingly very few industries or sectors immune, even the legal industry upon which
this burgeoning area of the law has been built. We saw a variety of new suits filed, large
settlements approved, and little sign that this growth in activity will wane in 2016 and
beyond. According to the Class Actions and Litigation Funding – What’s all the talk about?
article in Finity 2013, with the average class action in Australia taking about four years to
settle, and with an average settlement cost of AU$45 million, the legal cost, disruption
to business cost and reputational cost of a class action should remain firmly on the radar
of corporates and insurers alike.
New suits
Key decisions and settlements for 2015
Class action activity is certainly not on the wane, with
20 odd class actions commenced throughout 2015. The
second half of last year saw a raft of class action suits filed,
with securities class actions filed against infrastructure giant
WorleyParsons and mining and construction firm Macmahon
Holdings. Interestingly, franchisees are becoming increasingly
aggressive in this area, with Eagle Boys, Pizza Hut and
7-Eleven all subject to actual or threatened class actions.
Franchisors are now on notice.
The Federal Court’s decision in Paciocco v Australia and
New Zealand Banking Group Limited (ANZ) saw a significant
setback for “would be” plaintiffs in the consumer class
action space. In overturning a decision of a single judge
of the Federal Court, the Full Federal Court upheld
ANZ’s entitlement to charge various fees, including late
payment fees. The original decision held that a number of
ANZ’s customer fees were penalties, and therefore not
permissible. The matter is now before the High Court.
Whilst the outcome was not plaintiff friendly, and will
certainly have an impact on other similar claims still on foot
against banks and telcos, this is not the last we will see of
high volume consumer class actions, particularly in light
of new technological advances: see Paciocco v ANZ [2015]
FCAFC 50.
Hardly surprising given all the global publicity, class actions
have also been mooted against vehicle manufacturers
Volkswagen and Audi. The close of 2015 also saw media
reports of proposed class actions against poker machine
designers and operators, financial services provider
IOOF, the Department of Defence, Bayer and several
pharmaceutical companies, including Nurofen manufacturer,
Reckitt Benckiser. As alluded to above, plaintiff law
firm Maurice Blackburn announced it was investigating
commencing a class action against its market-share rival
Slater and Gordon, after Slaters sustained significant drops
in its share price as per the article in The Sydney Morning
Herald on 23 December 20151.
Last year we saw the High Court unequivocally reject a
special leave application in Treasury Wine Estates, and in
doing so emphasized that lawyers with seemingly too close a
personal stake cannot wear multiple hats as litigant, solicitor
on the record and litigation funder. In the 2014 decision
that the High Court refused to revisit, the Victorian Court
of Appeal derailed the lead plaintiff’s case (also solicitor on
the record). The Court was also quick to point out that the
Sydney Morning Herald, December 2015 (http://www.smh.com.au/business/maurice-blackburn-launches-class-action-against-rival-firm-slater--gordon-20151222-glttas.html)
1
06 | DLA Piper Insurance Review – May 2016
plaintiff, Melbourne City Investments, had been incorporated
solely to help Mr Elliott generate legal fees for his benefit:
see Treasury Wine Estates Limited v Melbourne City Investments
Pty Ltd [2014] VSCA 351.
The Federal Court’s decision in Babcock & Brown is also
worth noting, in which Perram J commented that a plaintiff
may be able to recover damages without providing a direct
causal link between the non-disclosure and the decision
to invest (the “reliance” test). How this thinking develops
going forward could have significant ramifications in terms of
litigation volume: see Grant-Taylor v Babcock & Brown Limited
(In Liquidation) [2015] FCA 149.
Whilst not a class action per se, the judgment of Macaulay J
in Amaca v CSR & Anor is an interesting (albeit 280 page
long) mass tort judgment on the rights of partners and joint
tortfeasors to claim equitable contribution. The mechanics
of the trial is also an interesting procedural template: 8 out
of 204 claims being put up as “test cases” for the balance of
the claims. The judgment is now on appeal: see Amaca Pty Ltd
v CSR & Anor [2015] VSC 582.
Many class actions issued against manufacturers (across
many sectors including food and beverage and life sciences),
corporates and financial institutions settled, but the most
significant settlement was the Black Saturday bushfire
class actions, with total payouts across all claims nearing
AU$800 million. As another hot Australian summer
resulted in significant bushfires igniting in Victoria and
Western Australia, this is a litigation stream which seems to
be here to stay, with subrogated claims playing a key role in
how these class actions are founded and possibly funded.
Litigation funding and contingency fees
Litigation funders have continued to entrench their
importance in the Australian legal services market, and
remain the predominant means for class action funding
in Australia. Despite the Productivity Commission’s 2014
recommendations that there be greater regulation of third
party litigation funding, and a potential removal of the ban
on contingency fees, we are yet to see greater regulation
of litigation funders eventuate, and litigation funders are
still exempt from the requirement to obtain a Australian
Financial Services Licence. The Federal Government’s stance
on both greater regulation of litigation funders and removing
the ban on contingency fees remains unclear. Notably in
July, NSW’s prohibition on lawyers charging uplift fees was
removed.
We also saw Maurice Blackburn make a second attempt to
introduce a “common fund” funding model in conjunction
with International Litigation Funding Partners. However,
on 7 August 2015, the Federal Court dismissed Maurice
Blackburn’s application. Interestingly, Wigney J noted that
the Court had the power to make such an application,
but that it was not appropriate at that time. It was also
noted that the group members did not appear to be the
beneficiaries of the proposed arrangement: see Blairgowrie
Trading Ltd v Allco Finance Group Ltd [2015] FCA 811.
Conclusions
We expect to see continued class action activity in
product liability, securities, financial services and bushfire/
environmental litigation. The rise of cyber-attacks and
increasingly onerous privacy obligations are also likely to
be emerging areas of activity: data privacy breaches are a
potential flashpoint for companies holding personal, financial
or medical information. However, the dominant change will
no doubt be innovation driven by technological advances,
with entrepreneurial plaintiff laws firms and litigation funders
in the driver’s seat. We are also likely to see more high
volume class action activity. The challenge for insurers, their
customers and defence lawyers is to stay nimble or risk
being left behind.
Kieran O’Brien
Partner
T +61 3 9274 5912
kieran.obrien@dlapiper.com
Natasha Stojanovich
Senior Associate
T +61 3 9274 5869
natasha.stojanovich@dlapiper.com
With thanks to Andrew Burleigh, Solicitor and Bekir Cetinkaya,
Summer Clerk, for their research assistance.
www.insuranceflashlight.com | 07
D&O
D&O, CLASS ACTIONS AND SHARED LIMITS –
PERHAPS SOME SELF REGULATION AND
COMMON SENSE ?
Class actions that impact financial lines are now a fixture
of the Australian litigation landscape. Presently there are
at least 35 class actions being litigated in Australia, with most
actions taking place in Melbourne and Sydney, with close to
equal distribution between the Federal and Supreme Courts.
The nature of these actions is also starting to take a similar
shape from case to case. There is usually a market event – a
company being placed into liquidation or receivership, or
significant disruption to the share price of a listed company –
that initiates a considerable amount of legal activity as ASIC
issues notices for production of documents, plaintiff firms
rush to be the first to issue to bind a class and liquidators/
receivers initiate public examinations to investigate why the
company failed.
Pity the board members of a public company that have to
consider whether or not the company should be placed into
receivership or administration. A decision to do so will show
the “mindset of scarcity” at its worst. The mindset where
all risk is to be avoided, all losses are an error and greed,
fear and mistrust take over. The fact that a healthy economy
necessarily involves investment and occasional failure is
long forgotten, and risk aversion dominates. Each director
will endure years of regulatory attention and litigation in a
market where reputation is everything. They will need legal
support, and lots of it.
The D&O policy is sold to directors that may need this
support. Should the day come when a director is facing the
combined attention of a regulator, liquidator/receiver and
class action lawyer, the policy can be the difference between
corporate oblivion and salvation. It is a rare director that is
able to match the resources of his or her opposition from
their own funds. The insurance coverage is critical and the
first question any director will ask is “how much insurance
08 | DLA Piper Insurance Review – May 2016
cover do I really have?” That relatively simple question is,
unfortunately, very difficult if not impossible to answer in
respect of the D&O products currently available in the
market.
Traditionally, D&O cover had what was called “side A” and
“side B”. Side A provided cover for each director individually,
in circumstances where the company was not permitted to
or did not indemnify the director for his or her liability for
the claim. Side B cover is when the company is obliged to
provide that indemnity. The line between Side A and Side
B is usually dealt with in a “Deed of Access and Indemnity”
that any properly advised company and director will insist on
being signed. That document sets out the claims for which
the company will indemnify the director and the claims for
which it won’t. In most cases, sorting out whether the claim
is Side A or Side B is immaterial because the liability lies
with the director first. “Side C” cover is different. Side C or
“entity cover” is cover for the entity, for a range of wrongful
acts covered by the policy that are committed by the
company. The difference is significant.
Establishing that a director is personally liable for damages
is a difficult task. It usually requires a plaintiff establishing
that each director had knowledge of the essential facts
constituting the contravention. Proving exactly what a
director knew at a particular time is often difficult. The
same cannot be said of a company. A corporation is usually
attributed the knowledge of its workers. For example,
a corporation can be held liable for making a misleading
statement that the Board knew nothing about. In those
circumstances, litigated claims against the director would fail
but the claim against the company would succeed and most
importantly, the “Side C” cover would respond to pay the
damages claim.
The perils of shared limits
Most D&O policies provide a common limit. Coverage
extends to board members and to officers, so a standard
class action often involves the board and senior executives
who may not hold board positions, such as the CEO, CFO
and General Counsel. It is quite common for 10 – 12 people
to seek coverage for defence costs under the policy. Each of
these people usually share the same limit. So, if D&O cover
is AU$10 million, that amount has to be allocated in some
way to the numerous directors and officers entitled to that
protection. If the limit also covers Side C risks, then the
company can “dip into the pot” as well for its defence costs
and damages.
work done by the lawyers acting for the directors. Once
the “defence team” has been marshalled together, it makes
sense for the insurer, via its coverage counsel, to seek
the consent of each director to mutual disclosure of cost
budgets, as well as regular meetings to avoid duplication of
work. The parties should agree to regular reports on the
erosion of the costs limit, so that there are no surprises.
Whilst the contract might strictly permit an insured to
withhold that information, section 14 of the Insurance
Contracts Act makes it clear that all parties to an insurance
contract, including an insured, have the following obligation:
If reliance by a party to a contract of insurance on a provision of
the contract would be to fail to act with the utmost good faith,
the party may not rely on the provision.
This all makes answering the question “how much cover
do I have?” quite impossible, because a director can
find themselves in a situation where they have plenty of
cover one day, but none the next. Take a situation where
directors are the subject of a class action and sharing
a AU$5 million limit, of which AU$3 million has already
been spent. The directors then find out that FOS has
ordered the company to pay a series of side C claims
that total AU$2 million. As that liability has crystallised
to the company, the insurer is obliged to pay it so the
valued money set aside for the director’s defence costs,
evaporates overnight.
Directors defending a suite of regulatory actions and
class actions are in a pressure cooker. One director who
thinks he or she is entitled to spend the limit as they see
fit without regard to their once fellow directors, is in my
view, not entitled to rely on any policy term that would
produce this outcome as to do so amounts to a lack of good
faith. Common sense and good faith simply has to prevail,
particularly when the available limit falls short of the claim
limit, which is almost always the case as the capacity in the
market is a fraction of the potential losses.
So as a rule, in my view, directors would be foolish to have
a policy that shares the limit with “Side C” cover. Brokers
should take particular care to avoid that scenario, or at
a minimum, point out the risks to each individual director
if that is the policy the company wants to go with.
Secondly, the insurance product can be altered. Clauses
dealing with allocation of the limit as between insureds
can be introduced, to ensure joint co-operation between
insureds, regular reporting on the erosion of the limit and
even QC clauses to resolve disputes between insureds.
The problem does not end there. Even with a conventional
side A scenario, where say eight directors are sharing a
limit, how do you fairly allocate access to the limit? The
conventional approach taken by insurance lawyers and
claims staff, is that each insured is not entitled to know
what the other insured has spent; and the limit is eroded
on a “first come, first served” basis. The result is that the
directors and lawyers are often hoping that they will do
work and be paid for it. This can and has resulted in nasty
shocks, where directors have discovered prior to or during
a trial that the limit has been exhausted. The insurance
product has failed at the point it was needed most. This is an
industry problem and it needs to be fixed.
Thirdly, the Board can also deal with agreements in the
Deeds of Access & Indemnity as to how shared limits are to
be dealt with in the event of a claim.
So what are the solutions?
Insurers, lawyers, brokers and insureds need to work
together to solve this problem which, in my view, is easily
done. Presently D&O policies run the risk of being a car that
is going to stop working half way across a desert. Would you
start the journey if you knew that was going to happen?
David Leggatt
Co-Head, Insurance Sector Australia
T +61 3 9274 5473
david.leggatt@dlapiper.com
Firstly, some common sense goes a long way. It is common
for insurers to appoint coverage counsel, that have the role
of protecting the insurers’ interests and supervising the
www.insuranceflashlight.com | 09
Fintech and the
Insurance Industry
The FinTech revolution
What it means for the insurance industry
The FinTech revolution – What it means
for the insurance industry
There was massive growth in “FinTech” (the integration of
finance and technology) last year, especially in Australia,
which has lagged behind Europe and the United States in
the FinTech space. Global investment in FinTech ventures
was more than AU$10 billion in 2014 and is predicted
to be AU$20 billion in 2015. However, only a very small
proportion of this FinTech activity was insurance related.
So what does this mean for the insurance industry? Some
say that the insurance industry is ripe for disruption and
that FinTech startups will be the key disruptors. According
to the World Economic Forum, the most imminent effects
of disruption from FinTech will be felt in the banking sector,
but the greatest impact of disruption is likely to be felt in
the insurance sector1. However, it’s not all bad news for the
insurance industry. It is also widely recognised that FinTech
presents a real opportunity for the insurance industry.
FinTech: What is it and who’s doing it?
FinTech is the term used to describe technology startup
companies in the financial services industry (which includes
insurance). FinTech companies provide services in all areas
of financial services, including payments, peer-to-peer
lending, crowd funding, investment advice, blockchain
technology, capital markets and insurance. FinTech is not just
a buzzword; it is truly changing the landscape of the financial
services sector. Just as Uber and Airbnb have resulted in
changing consumer attitudes to taking taxis and booking
hotels, FinTech will change the way consumers use financial
services, including insurance.
■■
Acorns – A financial services company that automatically
invests a customer’s small change by rounding up every
transaction to the nearest dollar and investing the
change into a diversified portfolio that is in line with
the customer’s investment goals and risk profile.
■■
Fastacash – A global social payments platform that
allows users to transfer value (such as money) through
social networks and messaging platforms.
■■
goHenry – A company that provides a pre-paid debit
card and app with unique parental controls, enabling
children to spend safely in the increasingly cashless and
digital world. Parents can set up automatic pocket money
payments or make one-off transfers into their child’s
account, as well as set the rules for spending and spending
limits.
There aren’t nearly as many examples of FinTech companies
that have ventured into the area of insurance, which
is perhaps surprising given that the insurance industry
comprises approximately a quarter of the whole financial
services sector. However, there is a general consensus that
there will be increasing infiltration of the insurance sector
by FinTech startups. In the insurance industry, examples of
leading FinTech innovators include:
■■
Knip – a digital insurance manager that provides users
with an overview and analysis of existing insurance
policies and is designed to automatically detect insurance
gaps and recommend essential insurance.
■■
Friendsurance – A company that brings peer-to-peer
finances to the insurance sector. It allows small groups of
people to anonymously combine their premiums and, if no
claims are made, up to 40% of premiums will be returned.
■■
PolicyGenius – A highly tailored insurance checkup
platform, where users can discover gaps in their coverage
and review solutions for their exact needs.
■■
ZhongAn – Rated as number 1 in KPMG’s “FinTech 100”
Leading Global FinTech Innovators Report 2015, ZhongAn
(a joint venture between an e-commerce company, an
online gaming and social networking company and Ping An
There are many examples of leading FinTech companies.
Here are just a few:
■■
Stockpile – A company that has revolutionised the
investment world through selling gift cards that are
redeemable for shares.
10 | DLA Piper Insurance Review – May 2016
patterns rather than probabilities. For example, health
insurers and life insurers may make use of Apple
watches and Fitbits to access personalised data about an
individual’s lifestyle and risk of illness or injury. Similarly,
the use of telematics (such as telecommunication devices)
enables motor vehicle insurers to monitor a driver’s
behaviour and price premiums according to the risk. We
can expect the use of such devices to extend to other
areas of insurance, although the extent of this will depend
on the willingness of insureds to share this personal data.
Insurance) is an online property insurance company that
uses big data technology to assist with product design,
automatic underwriting, auto claims, precision marketing
and risk management.
Investment in and support for FinTech startups
There is increasing support from the government for FinTech
innovation. The New South Wales (NSW) Government
supports Stone & Chalk, the not-for-profit FinTech hub that
opened in Sydney in March 2015. The federal government
recently released its Innovation Statement, a AU$1.1 billion
package designed to boost economic growth and jobs
through driving an “innovation boom”. The package provides
investors in start-ups with a 20% tax offset and capital gains
tax exemption. In addition, Australian Securities Investment
Commission (ASIC) is providing support to FinTech startups
through its Innovation Hub, which has the objective
of helping FinTech startups to navigate the Australian
regulatory system.
This level of support from the government will assist in
driving innovation, as will involvement and investment from
large well-established companies in the financial services
industry including banks and insurers. It has been said
that “FinTech is so much larger than just the banks, and
involvement by insurance companies, retailers, industry
bodies, etc would go a long way towards accelerating
innovation even further” (Fran Foo, “FinTech start-ups
become hot property”, The Australian, 14 April 2015).
How are things changing in the insurance industry and
what does the future hold?
We are already seeing FinTech startups in the insurance
industry, and we can expect to see disruption in the
industry in the future. Insurers can minimise the risk of
disruption through collaborating with startups, partnering
with third parties, for example technology companies, and
creating innovation from within.
We are already starting to see significant developments
taking place in the industry and we expect there will be
rapid development in these areas over the next few years.
Here are some examples:
■■
The Internet of Things – The use of internet-connected
devices such as smartphones, personal wearable devices
such as Apple watches and Fitbits, connected car devices
and connected home devices by insurers in order to
access new datasets will be more widely adopted. This
has the potential to revolutionise the insurance industry.
It will give insurers the ability to personalise insurance in
a way that has not been possible in the past, by assessing
risk and pricing insurance based on actual behavioural
■■
The use and challenges of “big data” – Insurers
have been accumulating vast amounts of data for many
years, but the rate at which data is now growing is
unprecedented. This presents both opportunities
and challenges. If big data is used effectively, it has
the potential to drive growth and innovation and gain
a competitive edge. At the same time, this presents
challenges. One challenge faced by insurers is how
to effectively and efficiently analyse and make use of
the ever increasing data available to their advantage.
The use of big data also brings with it the difficulties
and challenges associated with protecting data, such as
complying with privacy laws, protecting personal data and
cybersecurity risks.
■■
Changing consumer expectations – Digital
technologies have resulted in consumer attitudes and
expectations changing. Consumers are increasingly better
connected and better informed. With easy access to
policy comparison websites, consumers and businesses
are less reliant on intermediaries and loyalty is declining.
Consumers and businesses will be very receptive to new
ways of doing things, which presents insurers with the
opportunity to drive the change that consumers seek.
There’s a lot happening in the insurance industry now and
we will see many developments in the next five to ten years.
Changes happen quickly and for those that drive the changes
and innovation, there will be many opportunities. In addition,
there will also be a continuing impact on the intermediary
sector due to online access to insurance. Brokers will
have to continue to innovate to stay in the game. With the
potential for so much change, it’s an exciting time to be part
of the insurance industry.
Sarah Fountain
Senior Associate
T +61 9274 5256
sarah.fountain@dlapiper.com
J Eyers, “World Economic Forum says FinTech is here to stay and don’t forget insurance”, Australian Financial Review, 6 July 2015.
1
www.insuranceflashlight.com | 11
Construction
Accessing security under
construction contracts
What happens when the music stops?
Summary
Last year, the Australian construction sector was marked by
a number of features:
■■
the sector continued to move its focus away from
engineering construction for major resources and energy
projects towards commercial, residential and social
infrastructure construction (stadia, hospitals, roads and
the like);
■■
the increasing appetite for sector participants to access
the security of payments adjudication regimes in order to
maintain cashflow; and
■■
the appreciable fall in commodities prices (particularly
iron ore) has heightened fears of insolvency events,
even among established industry participants including
principals.
These features have contributed to a renewed focus on the
quality and availability of security provided by contractors
under construction contracts.
Principals require contractors to provide security under
construction contracts in order to secure the performance
of the contractor’s obligations, particularly in the event
of the contractor’s insolvency. Traditionally, security
was provided in order to protect the principal from the
damage actually suffered where the contractor breached its
obligations. However, in recent times security has been used
to secure the principal’s position in the event of a dispute as
to whether the contractor has breached its obligations.
2015 saw a series of cases which provide valuable insight into
the current attitudes of the Australian Courts as to the role
of security held under construction contracts. The three
cases discussed below, Yuanda Australia Pty Ltd v John Holland
Pty Ltd [2015] WASC 453, Duro Felguera Australia Pty Ltd v
12 | DLA Piper Insurance Review – May 2016
Samsung C&T Corporation and Ors [2015] WASC 484, and
Fabtech Australia Pty Ltd v Laing O’Rourke Australia Construction
Pty Ltd [2015] FCA 1371 all concerned whether interlocutory
injunctions should be imposed to restrain principals from
having recourse to securities until the substantive hearing
of disputes arising under construction contracts. Further
cases considering the role of security in the construction
context included Best Tech & Engineering Ltd v Samsung C&T
Corporation (No 2) [2015] WASC 447, Sugar Australia Pty Ltd
v Lend Lease Services Pty Ltd [2015] VSCA 98 and Saipem
Australia Pty Ltd v GLNG Operations Pty Ltd (No 2) [2015]
QSC 173.
The clear message from these cases is that the Courts will
not restrain the conversion of security provided that:
■■
the terms of the security clause can be clearly
construed; and
■■
the Court can satisfy itself as to the propriety of the
conversion.
The Courts emphasised that in addition to the traditional
security function, a security clause can also play an
important role in allocating risk between the parties under
a contract. Where the construction of the security clause
provides for risk allocation pending dispute resolution
then, absent compelling reasons, the agreed risk allocation
should not be changed even on an interim basis. The fact
that a contractor willingly agrees to assume this risk weighs
heavily in favour of the principal being able to exercise its
entitlement to the security.
The message for insurers and financial institutions issuing
security (whether in the form of performance bonds,
guarantees or the like) is to know the terms on which
your customer contracts and to know who your customer
contracts with. Both have a significant influence on the
prospects of the security being called upon.
YUANDA v John Holland
John Holland engaged Yuanda to design and install the façade
of the New Children’s Hospital in Perth. John Holland
alleged that Yuanda’s work was defective and required
replacement, at a cost exceeding the value of the security
provided under the contract and an entitlement to liquidated
damages for delay.
After notifying Yuanda of its intention to call on the security,
on 17 November 2015, an officer of John Holland attended
the Sydney branch of the guarantor to convert the security
to cash. Yuanda’s solicitors sought an injunction the following
day to restrain John Holland from taking any further action
to apply the moneys to any alleged costs, expenses or
damage suffered.
Yuanda contended that the security clause contained
an implied term that John Holland not convert the bank
guarantees to cash except to pay for costs, expenses or
damage suffered as a result of a breach which required
John Holland to make a claim for breach to Yuanda. The
Court rejected Yuanda’s argument on the basis that this
approach was inconsistent with the clause’s clear purpose
to allocate risk between the parties in the event of a dispute,
because the clause provided that the security could be
converted into cash “at any time.”
The Court also decided that they were able to dismiss
Yuanda’s claim without taking a view on the proper
construction of the security clause as there was no
evidence that John Holland had converted the security
for any unauthorised purpose. Indeed, there was clear
evidence of the defective nature of the facade and the delay
in completing the contract works. As such, Yuanda failed
to establish a prima facie case in favour of the grant of an
injunction.
Finally, the Court decided that the balance of convenience
would not favour the grant of an injunction in any event,
as Yuanda failed to properly show any irreparable injury
for which damages would be an inappropriate remedy
if an injunction was not granted. Denying John Holland
the benefit of the risk allocation in the security clause by
granting relief was “a powerful consideration against the
grant of interlocutory injunctive relief.”
Duro Felguera v Samsung
This case confirms that undertaking contractual
construction is paramount to determining the conditions
precedent to entitlement to recourse to the security,
followed by a careful consideration of the evidence to
determine whether the principal has complied with those
conditions.
Duro Felguera and Forge, through an unincorporated joint
venture, entered into a contract with Samsung whereby they
agreed to provide engineering, procurement, construction
and commissioning for the Roy Hill Iron Ore Project. Duro
and Forge as the “Subcontractor” were jointly and severally
liable to Samsung for all of the Subcontractor’s rights and
obligations.
Duro and Forge were required to provide security for
performance to Samsung in the form of bank bonds, which
were issued by CGU Insurance and AIG Australia. The
contract provided that if an administrator was appointed
to either Duro or Forge, Samsung could terminate the
Subcontract. An administrator was appointed to Forge on
11 February 2014 and Samsung subsequently terminated
the Subcontract on the 21 February 2014. Duro wished
to continue to provide services to Samsung and entered
into a new contract with Samsung for a portion of the
remaining works.
On 3 November 2015, Samsung made a demand on the
securities issued by AIG and CGU. An ex parte interim
injunction was granted in favour of Duro to restrain
Samsung from calling on the securities. Duro applied for an
interlocutory injunction to restrain Samsung from calling on
the securities and also to restrain CGU and AIG from paying
any amounts to Samsung.
Duro argued that Samsung’s entitlement to call on the
security had expired and did not continue under the
subsequent term sheet agreed between Duro and Samsung,
and alternatively that Samsung had not formed the requisite
bona fide consideration that it was entitled to recourse to
the security.
The Court found for Samsung on both matters of
construction. First, the Court found that Samsung’s
interpretation of the original Subcontract and subsequent
term sheet was a more “business like” construction than
that offered by Duro, and the expiry of the security under
the Subcontract was extended. Second, the Court found
that Samsung was not required by the terms of the contract
to give notice to Duro that it considered that it was entitled
to have recourse to the security. In any event, there was no
evidence suggesting that Samsung was not acting bona fide.
www.insuranceflashlight.com | 13
As to the balance of convenience, the Court also observed
that the risk that the security will be called upon was a risk
that Duro assumed by entering into the Subcontract. The
function of the security clause was clearly that Duro should
carry the risk in the event of any dispute. If the injunction
was to be granted Samsung would be deprived of its right to
determine which party is out of pocket until the resolution
of the dispute.
Fabtech v LAING O’Rourke
Laing O’Rourke engaged Fabtech to supply and install pond
liners and leak detection systems for two water treatment
ponds in rural in Queensland.
On 27 October 2015, Laing O’Rourke notified Fabtech of
various claims, including for recovery of overpayments and
liquidated damages, for the purposes of recourse to the
securities provided under the contract. On 28 October 2015,
Fabtech obtained an ex parte interim injunction restraining
conversion of the securities. In its submissions at the
subsequent hearing at which Laing O’Rourke was
present, Fabtech relied upon four grounds to support its
argument that it had a prima facie case for the grant of an
injunction, including that in seeking to call on the securities,
Laing O’Rourke would be engaging in unconscionable conduct
or acting in breach of an implied contractual obligation to act
in good faith.
The Court decided that it was plainly clear on the wording
of the security clause that Laing O’Rourke could have
recourse to securities whenever it claimed to be entitled
to payment of monies by Fabtech. Accordingly, the security
clause was intended to operate as a risk allocation device
as to which party would be out of pocked in the event
of a dispute. The Court also observed that there was no
express requirement that Laing O’Rourke act reasonably
when having recourse to the security.
The Court emphasised that where a security clause is clearly
designed to allocate risk, establishing that the principal is
acting unconscionably or in breach of an obligation to act
in good faith is extremely difficult. For such an argument to
succeed, the conduct would need to be extreme and almost
merge into bad faith exercises of the power.
14 | DLA Piper Insurance Review – May 2016
Whilst the Court was not prepared to find that Fabtech had
a prima facie case for an injunction, the Court nonetheless
considered the balance of convenience and noted that the
award of an injunction would “defeat an important purpose,
if not the most important purpose”, of the securities, namely
the risk allocation function.
Commentary
These cases provide an insight into the manner in which
principals are exercising contractual rights to security held
under construction contracts in the present economic
environment. They also demonstrate that Courts will uphold
clearly drafted security clauses in order to protect the
rights of the principal, but will scrutinise the construction of
the clause and the evidence to ensure that principals have
complied with relevant pre-conditions.
The cases also highlight that where the security clause
clearly serves a function of risk allocation in the event of
the dispute, this will give further strength to the case of the
principal seeking to enforce the security.
A final point to observe is that the prevalence of cases
suggests that principals appear to be using security more
aggressively over their contractors as a form of private
payment claim. This may reflect the fact that the payment
claim adjudication system is seen to be “pro-contractor”,
and a contractual mechanism of security held under
construction contracts provides a means for principals
to level the playing field of cash flow risk in the event of a
dispute.
Richard Edwards
Partner
T +61 8 6467 6244
richard.edwards@dlapiper.com
Matthew Roberts
Solicitor
T +61 8 6467 6092
matthew.roberts@dlapiper.com
Cyber
INSURING ON CYBER PROTECTION –
ENHANCING THE FIRST LINE OF DEFENCE
Cyber exposure of the banking &
finance industry
Cyber incidents and their fall out continued to make more
headlines in the past year across a broad range of industries
and businesses. It’s no surprise then, that larger corporates
and financial institutions are becoming increasingly aware of
their and, significantly, their customers’ cyber risks.
65% of banking executives surveyed in a 2015 risk
management study expect cyber risks to increase. The
exposure of banks came to sharp focus in early 2015, when
security firm Kaspersky uncovered one of the largest
cyber crimes in history that directly targeted banks. They
discovered that cyber criminals had gained access to bank
systems via spear phishing attacks on employee systems and
the installation of Malware, known as Carbanak. Through
the attack, the criminals were able to infiltrate banking
systems and mimic bank staff conduct to withdraw up to an
estimated US$1 billion over the course of about two years.
The attack was highly sophisticated, with each withdrawal
being orchestrated over a number of months and across
numerous countries, including Australia, Brazil, Bulgaria,
Canada, China, Czech Republic, France, Germany,
Hong Kong, Iceland, India, Ireland, Morocco, Nepal,
Norway, Pakistan, Poland, Romania, Russia, Spain,
Switzerland, Taiwan, the United Kingdom, Ukraine and the
United States.
The banking and finance industry also had to deal with the
impact of other cyber incidents, notably the Target attack.
Millions of Target’s customer base were asked to cancel
credit cards and change passwords due to the extraction of
millions of customer account records held by Target.
Ratings agencies are taking notice. Standard & Poors recently
indicated it may downgrade their ratings on banks that
suffered a cyber incident that caused reputational damage
or did not appear ready to handle a cyber incident (before
a breach has occurred). Moody’s have also indicated they
will examine the duration and severity of a cyber incident to
determine its credit impact, making cyber security a higher
priority in its credit analysis.
www.insuranceflashlight.com | 15
ENHANCING CYBER PROTECTION – GETTING
THE BASICS RIGHT
Given their exposure, it is no surprise that the banking
and finance industry are leaders in cyber protection. We
have identified below key protection measures that, in our
experience, have been implemented across the industry and
can benefit all businesses.
to ensure that personnel are educated about how they
can assist in protecting their organisation against cyber
attacks, and that their compliance with mandated policies
and processes is monitored and regularly reinforced
through compulsory training.
■■
Organisations need to understand the interconnected
nature of cyber risks. A key risk area that has been
targeted in many high profile incidents is the connections
between organisations and their external vendors. This
extends beyond IT vendors – the initial point for entry
for the Target credit card attack in 2013 was a heating,
ventilation and cooling (HVAC) system provided by a third
party vendor. An organisation should develop, implement
and maintain:
No company is immune to a cyber incident. However, and
critically relevant for insureds and insurers, many of these
measures can significantly mitigate the damage caused by
a cyber incident. This, in turn, will limit the quantum of
potential claims under cyber policies.
As always, cyber insurance is just one measure to be
adopted – but it is the last line of defence.
Before a company can implement effective cyber protection
measures, it needs to identify and assess its internal and
external risk factors. This requires an audit of all aspects
of a company’s business, particularly its data collection,
regulation, security and customer and vendor management.
–– strong and effective governance of vendor security,
which includes gateway reviews, mandatory security
requirements built into contracts, and the exercise
of audit rights being exercised on a regular basis to
periodically confirm compliance;
Thereafter, the measures discussed below should be
considered.
■■
■■
–– policies, systems (including technologies) and
processes to ensure that any third party providers
of infrastructure services cannot access information
stored on or passing through that infrastructure unless
authorised; and
Implement, maintain and update IT security
policies and procedures, personnel policies and
device level policies
These policies and procedures (particularly the
inculcation and operationalisation of these within an
organisation) are an essential part of ensuring that cyber
risks are considered and measures implemented to
mitigate these risks. It is impossible to over emphasise
the importance of reviewing and updating these policies
on an ongoing basis – given the rapidly changing nature of
the threat environment and the increasingly sophisticated
methods used by cyber attackers, what constitutes “best
practice” approaches and procedures can change in a
matter of days and weeks, not months or years.
Develop and implement effective compliance
training and personnel education processes
It is important to foster an environment in which the
importance of effective data management and security
is understood, and implementing ongoing monitoring
of compliance with policies and attendance at training.
“Social engineering”, the exploitation of the human
element of organisations, is one of the key methods
used by attackers to perpetrate an attacks (this includes
techniques like phishing and impersonation). SocialEngineer, Inc, a company that helps organisations learn
how to combat and mitigate the effects of malicious social
engineering, has reported that social engineering is used
in over 66% of all cyber attacks. It is therefore critical
16 | DLA Piper Insurance Review – May 2016
Enhance vendor management processes
–– offshoring and/or outsourcing policies and standards
to which the organisation has reference when engaging
external vendors.
■■
Develop incident response plans for specific
data breach or security issues and a process for
periodic review and updating of the plan
The implementation of a comprehensive and tested
incident response plan is critical to effectively manage a
cyber incident. They should cover:
–– the composition of an incident response team and
protocols for communicating amongst the team (which
must take place through off-band communication
channels, given the risk that the security of on-band
channels has been compromised);
–– processes and protocols for communicating
information to stock markets, relevant regulators, law
enforcement bodies, insurers, affected individuals and
the media;
–– processes and procedures for analysing the attached
and preserving evidence of it; and
–– implementing recovery and business continuity plans
(see further below).
The incident response procedures must be regularly tested
and updated, particularly after any significant changes to
business operations occur. A post incident review must also
be performed and documented following any significant
security incident.
■■
Develop, implement and regularly test and update
business continuity plans and disaster recovery
plans and facilities
Cyber extortion is on the rise and organisations must
be prepared to face the encryption of, denial of access
to or deletion of, critical data and systems. This has
the potential to cripple many organisations. Business
continuity and disaster recovery plans that can be
implemented during a cyber incident are critical to
minimising the operational effects on the affected
organisation. Further, the preservation of evidence is
required as part of any claim under insurance policies and/
or law enforcement investigations, which may require
impacted systems to remain offline for a period.
■■
Test and update technologies and systems used
An area of obvious enhancement is within an
organisation’s own systems and technologies. The
inherent levels of security within an organisation’s
deployed systems need to be regularly monitored, tested
and updated. This includes:
–– the IT architecture, systems security and IT access
systems security in place;
–– use of data loss prevention, intrusion detection, data
exfiltration prevention and other relevant security
monitoring and management systems;
–– security testing processes such as penetration testing,
vulnerability assessments, social engineering testing,
including independent third party testers/reviewers
(e.g. a “white hat” provider to undertake efforts to
obtain access to its systems). Vulnerabilities identified
must then be subjected to further review/removal;
–– use of virus detection software which is continually
updated as recommended by the vendor;
–– where relevant, network segmentation, segregation
and separation;
–– security processes which automatically identify
potential misuse/unauthorised use of data; and
–– data back-up cycles which limit the impact of data
becoming corrupted or encrypted by outside actors
(and where such backed up data is also tested).
The benefits for insurers and insureds
The above measures are not new, but are fundamental to
developing sufficient cyber protection within an organisation.
They also greatly assist in reducing the loss suffered from a
cyber incident.
It is therefore beneficial to both insurers and insureds for
these measures to be properly implemented. In this respect,
insurers may be able to assist in the widespread deployment
of these measures.
As part of the proposal process, insurers can ask
prospective insureds to provide details of the measures they
have taken in developing their cyber protection. This will
both highlight these matters to insureds and assist insurers
to identify riskier insureds and price accordingly.
Insurers may also be able to, in conjunction with their
partnered providers, offer “value add” services to insureds,
especially those identified as high risk to assist them in
developing their cyber protection while also reducing the
prospect and quantum of future claims.
Looking forward, we expect these cyber protection
measures to be widespread. Insurers, with the assistance of
their preferred service providers, can help lead the charge in
enhancing the first line of defence. This will, of course, be to
the benefit of both insureds and insurers.
Nicholas Boyle
Senior Associate
T +61 2 9286 8479
nicholas.boyle@dlapiper.com
www.insuranceflashlight.com | 17
Developments in defamation law
The year of the Tweet
During the last year, defamation law was dominated by
emergent technologies, and in particular the continued
explosion of new social media platforms. The Courts
continued to grapple with reconciling Uniform Defamation
legislation, introduced before the advent of many
new technologies, with the raft of cases involving the
inappropriate use of social media. The high profile decision
involving former Australian Treasurer Joe Hockey saw calls
in numerous quarters for legislative reform of defamation
law, including that it be simplified to allow it to keep pace
with the technological advances1. Importantly, the decisions
also emphasize that defamation law remains complex and
costly, and that using the Courts to assign dollar figures
remains a fairly blunt tool for remedying bruised feelings.
Trouble in under 140 characters:
the power of the Tweet
Twitter is a social media platform allowing tweets of
140 characters or less. Given their necessary brevity, tweets
often lack context, and this was a key issue in the high profile
case of Joe Hockey v Fairfax. The case also highlighted the pitfalls
of posting promotional material on social media. In 2015,
the former treasurer became the first Australian politician
to win a defamation case over a tweet. In the proceeding,
Mr Hockey alleged that Fairfax had defamed him in newspaper
articles, tweets and advertising signs and placards.
The underlying allegation was that Mr Hockey was providing
privileged access to a select group in return for donations to
the Liberal party. The first tweet said “Treasurer Hockey for
sale” and hyperlinked to Fairfax’s story. The second tweet
said “Treasurer for Sale: Joe Hockey offers privileged access” and
contained a summary of the contents of the article.
Justice White of the Federal Court found that the articles
published in various newspapers were not defamatory, but
that two Twitter posts by The Age were. He found that
despite containing the hyperlink, the tweets were discrete
publications, which should be considered in isolation, as
there was no guarantee that readers would “click-through”
to review the hyperlinked material. Specifically, His Honour
said that some people may read the tweet “without
going further.” Accordingly, the tweets were found to be
defamatory, even though the articles were not.
Ultimately, Mr Hockey was awarded AU$200,000 in
damages. However, notably, Fairfax was only ordered to
pay 15% of Mr Hockey’s legal costs given that of all the
various publications complained of, only the tweets were
considered defamatory, and as a result, was somewhat of
a pyrrhic victory. The prohibitive legal costs of litigating
defamation actions remain a powerful deterrent to would
be plaintiffs.
Tell him he’s dreaming
The Australian cult movie classic “The Castle”, featuring
the bumbling and incompetent solicitor Dennis Denuto,
featured in a decision of the Queensland District
Court. In Smith v Lucht [2015] QDC 325, the plaintiff
Smith, a solicitor of 36 years’ standing, commenced
Sources include: http://theconversation.com/hockey-v-fairfax-should-start-the-debate-on-defamation-law-reform-44012. Specific reference is also made to comments of
Press Council Chair David Weisbrot, and as quoted in the above article (and referred to in the opening paragraph).
1
18 | DLA Piper Insurance Review – May 2016
defamation proceedings against Mr Lucht, former
husband of his daughter in law, after he referred to him
as “Dennis Denuto”. The references were made in an
email to his daughter in law in early 2013, and again in
two conversations with Mr Smith’s family later that same
year. For the benefit of those who have not seen the film,
or Mr Denuto’s eloquent oral submissions on “the vibe”
of the Australian Constitution, Judge Moynihan described
Dennis Denuto as “likeable and well-intentioned, but
inexperienced in matters of constitutional law and not qualified
to appear in person in ligation of that nature”.
search engines. Given the serious nature of the defamatory
imputations, the Court held that Gluyas was entitled to an
award of damages to vindicate his reputation and standing,
and ordered Canby to pay AU$50,000 in damages, plus
interest. The Court also considered that Canby failing to
remove some of the publications constituted aggravating
conduct. Had the parties been legally represented, the
legal costs would certainly have overwhelmed the ultimate
damages award.
Mr Smith claimed AU$250,000 in damages. The Court
dismissed the claim, finding that the nature of the
imputations did not lead to the solicitor “sustaining harm.”
It was also relevant that the initial publication was confined
to two members of his family, with whom he was having a
dispute. It was relevant that they were able to make their
own assessment of the imputation, and, the statements
were not made, intended or likely to be published by Lucht
beyond the two family members. It was not a relevant
consideration that there was subsequent media interest in
the matter, as this was not part of the initial publication.
Accordingly, the case was dismissed. There was also a sting
in the tail of the judgment for Mr Smith, as he had failed
to accept various apologies and settlement offers made by
Mr Lucht, and accordingly, was ordered to pay costs on an
indemnity basis.
Last year saw a raft of defamation cases arising out of
social media both issued and litigated, and social media,
and Twitter in particular, featured heavily. The plethora of
popular ‘conversational’ social media forums is effectively
rendering many private conversations public. What
may previously have been the subject of a dinner party
conversation between friends, may now end up published
to the world at large through online activity. The ease of
publication, and its effectively instantaneous (global) reach
is a volatile combination, and one which is likely to play out
in the Courts, and significantly, in the defamation context.
Despite the explosive proliferation of social media platforms
and associated ‘publications’ occurring as a result, the cost
of commencing defamation actions nonetheless remains
a significant barrier to most ordinary Australians, unless
privately funded or self-represented.
“Keyboard warriors” and the dangers
of social media
The Victorian Supreme Court decision of Gluyas v Canby
[2015] VSC 11, concerned a war of words between
two bloggers, one based in Australia, and the other in the
US. The plaintiff was Philip Gluyas, a 49 year old Ballarat
based pensioner, and country junior football umpire. Gluyas,
alleged that Oliver Canby, a US resident, had defamed him in
a series of blog posts on his blog “Autism is Bad”. Specifically,
Canby accused Mr Gluyas of being a sexual deviant and a
paedophile who preyed on young football players. Mr Gluyas,
who was unrepresented (save for a duty barrister at trial),
was no stranger to defamation suits, having previously
litigated against US based residents in both the Supreme and
County Courts. Mr Canby, did not attend the trial or have
legal representation, and accordingly, the case against him
was undefended.
Where to FROM HERE?
Natasha Stojanovich
Senior Associate
T +61 3 9274 5869
natasha.stojanovich@dlapiper.com
Benjamin Hine
Solicitor
T +61 3 9274 5035
benjamin.hine@dlapiper.com
Madhavi Lingam
Solicitor
T +61 3 9274 5462
madhavi.ligam@dlapiper.com
In its judgment, the Court noted that the blog posts
were viewed by only a very small number of people.
Notwithstanding the small ambit of the publication,
the Court was conscious of the “grapevine effect” and that
the publication may be picked up and re-published via online
www.insuranceflashlight.com | 19
Privacy
Privacy Concerns in
the Healthcare Sector
The past few years have seen multiple “privacy insurance” policies come on to the
Australian market, with policies tailored to the needs of both SMEs and large corporates.
The healthcare sector is at particular risk of privacy breaches and resultant regulatory
action and claims, but it is not clear that this has led to an increased uptake of privacy
insurance policies in the sector.
Insureds operating in the health sector tend to hold highlysensitive personal information. They are also subject to
onerous regulation.
Their employees, however, fear that their privacy
protections are not up to the task. A 2010 US benchmark
study on patient privacy and data security by Ponemon
Institute found the three key causes for privacy
breaches were:
■■
Unintentional employee action;
■■
Lost or stolen computing devices; and
■■
Third-party errors.
When staff of healthcare providers were interviewed, they
considered that a majority of their employers did not have
sufficient resources to enable the security of patient records
(71%) nor sufficient policies and procedures to protect
health information (69%). Additionally, more than half of the
staff had little or no confidence in their ability to correctly
secure patient records (58%).
20 | DLA Piper Insurance Review – May 2016
These concerns will only grow as trends common across
all industries (computerisation, cloud storage, a desire by
consumers for portability of their information) are affecting
the health sector.
This article aims to highlight some of the privacy issues
raised in recent cases and incidents in the health sector.
Unauthorised Disclosures of
Information
‘EZ’ and ‘EY’ [2015] AICmr 23
Mr Z, a patient of Dr Y, contacted his local police station
in November 2006 to report harassment and damage to
his property as part of an ongoing neighbourhood dispute.
Sergeant X attended the scene and reported that Mr Z to be
acting in a highly excited and paranoid manner.
Following this incident, Sergeant X contacted Dr Y in
December of 2006 to discuss whether, in Dr Z’s opinion,
Mr Z was “psychotic.” As recorded by Sergeant X, Dr Y
advised that “it was possible, but further assessment was
needed.” Mr Z became aware of this conversation and
lodged a formal complaint under section 36 of the Privacy Act
1988 (Cth) (Privacy Act) in relation to Dr Y’s conduct.
In particular, Mr Z alleged Dr Y had interfered with his
privacy by:
■■
■■
■■
Improperly disclosing personal information from Mr Z’s
medical records to Sergeant X;
Citizens claimed RT was liable for its losses on the basis
that RT had violated health privacy principles in the Health
Insurance Portability and Accountability Act (HIPAA). Pointing
to HIPAA’s stated purpose to “improve portability and
continuity of health insurance coverage”, the Court rejected
the suggestion that HIPAA was in any way intended to
protect patients’ banks from possible financial fraud.
Disclosing inaccurate personal information to
Sergeant X; and
The Court also found that RT did not owe a duty of care to
the bank, that it had not been negligent and was not liable
for fraud.
Failing to have adequate security safeguards to protect his
personal information from improper disclosure.
Anthem Inc – Security breach
The Australian Information Commissioner opened an
investigation into Mr Z’s allegations on 29 May 2012. The
matter was later decided under section 52 of the Privacy
Act. The Commissioner found that Dr Y had interfered with
Mr Z’s privacy and failed to take reasonable steps to protect
his personal information. Dr Y had not sought to question
the police on why they sought her views, or to take into
consideration the obligations imposed on health providers
by their professional regulator.
The Commissioner found in favour of Dr Y in one respect,
finding that the information disclosed had been accurate.
Dr Y was ordered by the Commissioner to apologise
to Mr Z and pay AU$6,500. for the loss caused by the
interference with Mr Z’s privacy.
Insuring against Internal & External
Security Breaches
Citizens Bank of Pennsylvania v. Reimbursement
Technologies, Inc., 609 Fed.Appx. 88 C.A.3.Pa.,2015
Citizens Bank of Pennsylvania (the Bank) sued
Reimbursement Technologies (RT), a doctors’ billing and
financial management company, and Leah Brown, a RT
employee, in the United States (US) Federal Court for losses
related to fraudulent withdrawals from customers’ bank
accounts.
The Bank alleged that certain RT employees and agents,
including Ms Brown, accessed non-public financial
information of patients of RT’s doctor clients and provided
it to a third-party “organised fraud-ring.” As a result, it was
claimed, the ring illegally withdrew money from Citizens’
customers’ accounts from branches in six different US
states. The Bank re-credited its customers’ accounts for the
amounts withdrawn and calculated a total loss of at least
US$390,000.
In February 2015, Anthem Inc, the second-largest US
provider of health insurance, had its secure databases
invaded by unknown hackers. Much personal information
was stolen. As a result of the breach, 78.8 million customers
of Anthem were involuntarily put at risk of identity theft.
Several federal and state authorities have since sought
to investigate the company’s security systems and its
response to the wider community. The attack has been
costly to Anthem from both a reputational and commercial
standpoint. In particular, Anthem was obliged to enlist
another company to provide a two-year, free-of-charge
identity theft repair and credit monitoring service to all its
clients.
Conclusion
Insureds in the health sector have onerous obligations to
their patients. New technologies threaten this obligation,
as demonstrated by the above cases, and this will have
implications for policy coverage and insurers’ exposure in
this space.
David Leggatt
Co-Head, Insurance Sector Australia
T +61 3 9274 5473
david.leggatt@dlapiper.com
Summer Dow
Senior Associate
T +61 2 9286 8053
summer.dow@dlapiper.com
Paul Lamb
Senior Associate
T +61 3 9274 5222
paul.lamb@dlapiper.com
www.insuranceflashlight.com | 21
Implementation
of the AEC and the impact on
the insurance industry –
are we ready?
The much-anticipated goal was to implement the ASEAN Economic Community (AEC) by
31 December 2015, thereby forming a single market and production base across ASEAN
member countries (AMC). The insurance industry will have many opportunities and
challenges to overcome as the AMC continue their progress to integrate the market across
the ASEAN region. However, with a new AEC Blueprint for 2025, economic integration still
seems some way off.
THE ASEAN ECONOMIC BLUEPRINT AND THE INSURANCE INDUSTRY
In November 2007, the ASEAN leaders adopted the ASEAN Economic Blueprint (Blueprint 2015) to serve as a master plan in
guiding the implementation of the AEC by 31 December 2015. At that time, ‘free flow of services’ was one of the five agreed
core focus areas in the implementation of a single market. Whilst this deadline has passed, completion of any unfinished
measures under Blueprint 2015 before the end of this year is a priority under the subsequent AEC Blueprint 2025. According
to Blueprint 2015, there will be substantially no restrictions to ASEAN suppliers in providing services and establishing
companies across national borders within the region, subject to domestic regulations.
ASEAN Financial Services Sub-sectors Identified for Liberalisation
Sub-sectors
ASEAN Member Countries
Direct Life Insurance
Indonesia, Philippines
Direct Non-life Insurance
Brunei, Cambodia, Indonesia, Malaysia,
Philippines, Singapore and Vietnam
Reinsurance and Retrocession
Brunei, Cambodia, Indonesia, Malaysia,
Philippines, Singapore and Vietnam
Insurance Intermediation
Cambodia, Malaysia, Indonesia,
Philippines, Singapore and Vietnam
Services Auxiliary to Insurance
Brunei, Cambodia, Indonesia, Malaysia,
Philippines, Singapore and Vietnam
22 | DLA Piper Insurance Review – May 2016
Blueprint 2015 stipulates that the liberalisation of insurance
services would cover four ‘modes’ of supply for the delivery
of services in cross-border trade, which consist of:
■■
■■
■■
■■
‘Cross-border supply’ e.g. an insurer based in Singapore
writing policies for policy holders based in Indonesia;
‘Consumption abroad’ e.g. a policy holder based in
Malaysia travelling to Singapore to buy a policy from an
insurer based there;
‘Commercial presence’ e.g. an insurer based in Singapore
writing policies in Thailand through the Singapore
insurer’s Thai branch or subsidiary; and
‘Presence of natural persons’ e.g. an insurer based in
Singapore managing a claim through an employee working
in Thailand.
The member states have agreed that there should be no
restrictions to the first two of these four modes, with
exceptions due to bona fide regulatory reasons only,
such as public safety, which will be subject to agreement
by all ASEAN member countries on a case-by-case
basis. Liberalisation of these two modes is still far from
complete. The cross-border supply of insurance services
and cross‑border consumption of insurance services are still
widely restricted in the AMC.
For the third of these modes, ‘commercial presence’, foreign
(ASEAN) equity participation of not less than 70% should
be allowed for the services sectors and other market access
limitations should be progressively removed, a goal which
has not yet been met across the board.
Finally, in a move towards the implementation of the last
mode, ‘presence of natural persons’, the ASEAN agreement
on the Movement of Natural Persons was signed in
November 2012 to facilitate the conduct of natural persons
engaged in the trading of goods, services, and investment
between member states. The scope of this agreement
is a limited measure affecting the temporary entry or
stay of persons of a member state, into the territory of
another member state. This will cover business visitors,
intra-company transferees and contract service suppliers,
but does not apply to measures regarding residency or
employment on a permanent basis.
OPPORTUNITIES FOR THE INSURANCE
INDUSTRY
The ASEAN Economic Blueprints will encourage an increase
in cross-border trade within ASEAN, which we anticipate
will directly boost demand for commercial lines such as
trade-credit, marine and surety insurance business.
Insurance penetration rates in ASEAN markets are generally
low, less than 6% according to the Swiss Re Sigma Report,
2013. With increasing awareness, low penetration rates and
strong economic growth prospects, we would expect the
demand for life and accident and health insurance products
to grow.
We anticipate that the surging digitalisation in ASEAN
will change the marketing landscape from the traditional
agencies and brokerage models to digital mass-distribution
of insurance products.
As the insurance industry opens up in ASEAN, there will be
the free flow of key skill employees among member states
to support growth. The anticipated free movement of key
skilled labour would also aid the development of the financial
and regulatory framework of the AMC.
CHALLENGES TO LIBERALISATION
There is no formalised institution, such as the European
Commission, to push through reforms and execute
agreed policies. The ASEAN Secretariat supports the
implementation of ASEAN initiatives. However, the AMC
coordinate the efforts to liberalise and reform local markets
among themselves with regard to the AEC.
As can be expected in emerging markets, the AMC are
progressing economically and socially at different rates,
reflecting the political, social and operational factors of
each member country. There is also no uniform regulatory
framework, therefore insurers engaging in cross-border
supplies will be subject to market conduct, consumer
protection, data privacy, cyber security, and tax laws
applicable to the local jurisdiction of each member country.
LIBERALISATION OF FOREIGN OWNERSHIP RULES
The seven countries (listed in figure 1) that were set for
liberalisation across various insurance types by the end of
2015 are likely to have a greater structural backbone, once
ASEAN leaders have agreed how, in practice, to proceed
with liberalising the insurance industry. For Laos, Myanmar
and Thailand, however, specific plans are yet to be developed
and therefore full liberalisation of the insurance industry is
not likely until nearer 2020.
In Indonesia, foreign equity participation is already fairly
liberalised. Indonesia permits up to 80% foreign ownership
in insurance companies and insurance intermediaries. It is
possible to retain foreign ownership beyond 80%, upon a
request to the insurance regulator Otoritas Jasa Keuangan
(OJK). The OJK will approve applications on a case-by-case
basis, subject to certain requirements, including a mandatory
need to increase the capital in the company.
www.insuranceflashlight.com | 23
The Malaysian insurance industry is open to foreign investors,
with a limit of 70% on foreign equity ownership of insurance
companies, and no limits on the foreign ownership of
Malaysian insurance intermediaries.
In Singapore, there is no foreign equity participation limit on
Singaporean insurers and insurance intermediaries, providing
for a much more liberal market compared to other member
countries.
Thailand did not specifically commit to the liberalisation of its
insurance industry by the milestone date of 31 December 2015,
and currently implements one of the more restrictive of the
ASEAN regulatory insurance regimes. The foreign investment
threshold is low, generally 24.9%, which can be lifted up to
49% with permission from the insurance regulator (The Office
of the Insurance Commission). However, a November 2015
proposal indicated that both life and non-life insurance will be
removed from the list of businesses for which permission is
required for foreign ownership to exceed 50%. This change is
due to come into effect at the end of this year.
CROSS-BORDER SUPPLY
In Indonesia, the cross-border supply of insurance
services relating to insured objects in the country through
an unlicensed foreign insurer is not allowed, except
24 | DLA Piper Insurance Review – May 2016
under limited circumstances where Indonesian insurance
providers are either unable or unwilling to provide the
coverage. A new state-owned Indonesian reinsurance
company however was set up by Presidential Regulation
in October 2015, PT Reasuransi Indonesia Utama
(or Indonesia Re). The purpose of Indonesia Re is to
provide reinsurance capacity to the local Indonesia
insurance market.
In Singapore, unlicensed foreign insurers, who are not
carrying on insurance business in Singapore under a
foreign insurer scheme, such as the Lloyd’s Scheme and
the Lloyd’s Asia Scheme, may not carry on insurance
business in Singapore. Further, Singapore does not permit
non-admitted insurers to advertise or promote their
insurance products.
As the insurance industry shifts to adapt to the
digitalisation of the ASEAN markets, particularly
with regard to cross-border supply, data privacy
regulations and cyber-security laws of each member
country may expose the insurance industry to new
compliance risks. Equally, it could also present
opportunities to the insurance industry as businesses
in the region look to mitigate their own cyber-security
risks by purchasing cyber-related insurance products.
DATA PRIVACY ISSUES FROM CROSS-BORDER
SUPPLY
Indonesia, Malaysia, Philippines and Singapore have data
protection laws, but the rest of the AMC do not have
comprehensive legislations that regulate the processing
and protection of personal data. Instead, member states
without comprehensive data protection legislation have
sectorial regulations with respect to information on certain
industries, e.g. usually the telecommunication and financial
sectors.
Thailand’s Civil and Commercial Code allows an individual
to seek compensation if it can be proven that the damage
was caused by a wrongful act regarding their personal data.
There are also broad provisions in the 2007 Constitution
that recognise an individual’s right to privacy. The fact
that the application and enforcement of existing data
privacy legislation is different among the AMC means that
insurers carrying out cross-border supplies will need to
navigate through a complex web of data privacy protection
provisions.
CONSUMPTION ABROAD
Whilst the end goal of the AEC is to remove boundaries
amongst the AMC, local regulations restrict cross-border
marketing of businesses, thereby creating a barrier that
hinders the free flow of commerce.
In Indonesia, unlicensed foreign insurers are not currently
allowed to advertise their business. An Indonesian resident
or citizen outside Indonesia may purchase insurance
overseas for a temporary or long-term period, but only for
the period they are outside of Indonesia. The consumption
of insurance services abroad is therefore subject to the
residency status of the individual.
In Malaysia, foreign insurers may provide insurance services
through local brokers, if they are approached outside
Malaysia by an approved Malaysian insurance broker to
issue life policies for clients in Malaysia. The soliciting and
advertising of insurance policies in Malaysia by unlicensed
foreign insurers is not permitted, but the consumption of
insurance services abroad is allowed, provided the insurance
policy is concluded outside of Malaysia.
Cross-border consumption of life insurance by Singapore
residents is allowed, if such sales do not render the offshore
life insurer’s business activity to be carrying on a business in
Singapore.
COMMERCIAL PRESENCE
In Indonesia, foreign insurers wishing to issue insurance
policies to Indonesian citizens or residents must establish
a local presence, either by setting up a local entity or by
acquiring shares in a licensed Indonesian insurance company.
Any party wishing to undertake insurance business or
provide insurance to property in Indonesia must obtain a
licence from the OJK.
In Thailand, a non-admitted foreign insurer must be
licenced to carry on any insurance business locally, which
is a significant restriction on cross-border supply and
consumption. A non-admitted foreign insurer is prohibited
from marketing direct insurance products and it cannot
facilitate insurance contracts, although such restrictions
do not apply to reinsurance. Conversely, there are no
restrictions on Thai nationals or residents on the purchase
of insurance from a non-admitted insurance company.
By contrast, in Myanmar, foreign owned insurance entities
with a Representative Office set up in accordance with
the Myanmar Companies Act 1914 may apply for a
license to operate in Myanmar’s special economic zones.
A US$30,000 application fee applies for these new licenses.
To date, three well-known Japanese insurance companies have
been granted temporary licenses to operate for six months
within the Thilawi special economic zone under the new
initiative, mainly offering non-life insurance products.
PRESENCE OF NATURAL PERSONS
In order to work in an AMC, expatriates are required to
satisfy the local visa requirements of that particular member
country. The history, socio-economic and national security
concerns affect the immigration and expatriate policies of
each AMC. Consequently, immigration and work permit
requirements for each AMC vary greatly.
In some member countries, such as Indonesia and Malaysia,
this process can be very complex and lengthy. Other
member countries have a maximum duration of stay for
an expatriate as a foreign worker. For instance, there is
a maximum duration of two years and three years for
completion of employment contracts in Brunei and Vietnam,
respectively. An expatriate’s term of work is less clear in
Indonesia as it depends on the individual’s expertise and
local workforce’s capability; only natural persons who
are either ‘directors’ or ‘specialists’ may supply certain,
specified, insurance services.
www.insuranceflashlight.com | 25
THE FUTURE
We can see that advances towards the implementation of the
AEC are varied among the AMC. Local state regulations remain
heavy, particularly in the AEC goal areas of cross‑border supply
and consumption of insurance services.
Although integration had been set to happen before the
end of 2015, it has been extended by the AEC Blueprint
2025. It is indeed uncertain when these agreed changes will
occur, but it is expected that the integration will occur in
the years leading up to 2025. We see that the legislative and
regulatory changes already made by the AMC as evidence of
a firm commitment to fulfil their obligations under the AEC.
To facilitate the implementation of the AEC, what is
required from the AMC is convergence of regulatory
frameworks, consistency across the region and
improvements in prudential standards. However, barriers to
achieving those goals still need to be overcome, including:
■■
Differences in maturity of regional markets;
■■
Protectionist attitudes; and
■■
The logistical and language issues that surround the filing
of policies on an international scale.
What cannot be underestimated is the scale of the
opportunities the AEC can offer to the insurance industry,
which should open up a market incorporating 10 countries
and 600 million people. The harmonisation of regulatory
regimes across the ASEAN region could lower costs
substantially when it comes to cross-border trade in the
insurance industry, as complexity is reduced and efficiency
increases.
Opportunities in electronic selling as a distribution method
are also expected to open up across the region, in line
with the AEC’s ‘e-ASEAN’ objective. The deep penetration
26 | DLA Piper Insurance Review – May 2016
of tablets and smartphones across the region presents
ripe opportunities for e-commerce, which the Asian
insurance industry has yet to exploit. The principles of the
free movement of persons provided by the AEC should
encourage the movement of talent and knowledge across
the insurance industry, as well as making further efficiencies
possible in the form of outsourcing.
It will be advantageous for insurance businesses to have a
clear strategy in relation to the upcoming changes, and to
be positioned in such a way to take full advantage of the
opportunities offered when the time comes. The insurance
industry depends on an open trading environment, and the
introduction of the AEC should eventually allow insurance
businesses to share information and spread risk across a
global market place.
Peter Shelford
Country Managing Partner, Thailand
Partner, Singapore
Co-Chair Insurance Sector,
EMEA & Asia Pacific
T +66 2 686 8500
peter.shelford@dlapiper.com
Robert Tang
Consultant, Thailand
T +66 2 686 8551
robert.tang@dlapiper.com
Environmental
Risks
Disclosure Requirements for
Environmental Risks
There is nothing new in the notion that companies are required to effectively manage
and disclose risks so that investors can make informed investment decisions. Guidance on
recognition and management of risk for listed Australian companies is contained in the
ASX Corporate Governance Principles (the Principles).
In 2014, the Principles were amended to include a
recommendation that ‘a listed entity should disclose
whether it has any material exposure to economic,
environmental and social sustainability risks and, if it does,
how it manages or intends to manage those risks.’ This
addition to the Principles reflects the increasing importance
of managing environmental and social risks faced by large
companies, particularly those operating across multiple
countries with disparate regulatory requirements. 2015 was
the first year that these risks were expected to be addressed
in Corporate Governance Statements.
Looking overseas, where management of environmental
risks has developed more rapidly, there are many examples
of environmental and social sustainability risks that have
come to a head in the past year.
Notably, in November 2015 ExxonMobil confirmed that it
had been served by the attorney general of New York with a
subpoena to produce documents relating to climate change.
This suggests the possibility that a regulatory investigation
on ExxonMobil’s climate change disclosures is underway and,
if so, enforcement action and shareholder litigation could
well follow.
Some media reports suggest that ExxonMobil was aware of
climate change risk as early as the 1970s. Given the fiercely
contested nature of findings in climate change science, and
ExxonMobil’s duty to its shareholders to generate profit,
when should climate change disclosures have been made?
What information should the disclosures have contained
about the risk? Moreover, what disclosure about how that
risk would be managed should have been included, and
how could ExxonMobil’s commercial interests have been
protected in the course of making those disclosures?
These questions, which just scratch the surface,
demonstrate the complexities that companies face in
reporting environmental and similar risks.
Companies are obliged to disclose a risk and how that risk
will be managed if there is a real possibility that the entity’s
ability to create or preserve value could be substantively
impacted if the risk eventuates. The Principles suggest
that companies are not required to publish a sustainability
report, although many already do, and doing so will likely
become standard practice. Applying the Principles and
preparing reports will be challenging for boards, and failure
to adequately disclose environmental and like risks could
have serious implications for directors.
Aside from the risk of a securities class action, company
directors and officers face the risk of regulatory
enforcement action and potential criminal prosecutions.
Liability for those risks may not be covered by standard
directors and officers (D&O) insurance policies and
directors may face exposure to personal liability. Because
environmental liabilities are normally criminal offences, they
often either do not fall within D&O policy coverage, are
subject to an environmental or pollution policy exclusion,
or are excluded pursuant to a standard criminal offence
exclusion.
While pollution and environmental damage are commonly
excluded by D&O policies, in some D&O policies the
exclusion is not triggered if the claim is a shareholder class
action. Similarly, some D&O policies may contain a defence
costs extension for shareholder class actions for liability
resulting from environmental or pollution based claims.
www.insuranceflashlight.com | 27
Ultimately, whether a director will be personally liable for
environmental liabilities, and whether their D&O insurance
policy will respond, will depend on the nature of the offence
and the terms of the policy/policies. There are three primary
types of liability relevant to environmental offences alleged
against directors.
The first – direct liability – is only likely to be relevant for
small scale businesses where a director has operational
involvement and direct knowledge of any environmental
risks. The second – accessorial liability – is where, by virtue
of acts or omissions, a director is liable as an accessory
to an environmental infringement. The third – deemed or
derivative liability – arises where a director is liable due to
their management position in the company.
Unsurprisingly, directors are most likely to be subject to
deemed or derivative liability for offences committed by
the company, unless they had knowledge or some form
of involvement likely to give rise to direct or accessorial
liability.
When it comes to quantifying the claimed loss, it can be
notoriously difficult to quantify an appropriate amount,
particularly where environmental or social sustainability
issues arise with unknown future consequences. For
example, in the case of failure to disclose a company’s
material risk of causing an oil spill in the ocean, what
would be an appropriate measure of compensation for
shareholders? What loss, if any, should be recoverable by
shareholders for loss of future profits due to increased
compliance requirements or reputational harm? Should
shareholders be able to seek recovery of fines issued to
the company or its directors for committing environmental
offences? Or would those costs be a, preferably avoided, but
necessary business cost? These complexities would need to
be considered in the context of different layers of coverage
and the potential application of different policy wording in
multiple layer policies. Further, different arms of a D&O
policy respond if there is coverage under side-A or side-B,
depending on the nature of the legal action.
It will be interesting to see how the potential environmental
breaches that have come to light in the past year will be
dealt with through regulatory action and shareholder
litigation, as well as how insurers will respond to the
increasing economic, environmental and social sustainability
risks that companies and directors must disclose.
28 | DLA Piper Insurance Review – May 2016
In our view, companies are more likely to face regulatory
action and shareholder litigation for making late or shallow
disclosure of environmental risks. The downfalls of not
disclosing risks, particularly risks with genesis in commonly
understood phenomena such as climate change, are unlikely
to outweigh the disadvantages of disclosing them. However,
companies should be careful to only commit to feasible risk
management strategies when addressing how to manage
a risk. If companies disclose an overly ambitious risk
management strategy, shareholders could sue for loss that
arises from failure to implement the protective measures.
Similarly, directors and officers should bear in mind that
even if they have minimal exposure from environmental
risks, they can be pursued for environment-related nondisclosures through various legal avenues. Personal liability
for claims may vary depending on the particular legal path
taken, and the wording of different D&O policies. Therefore,
care should be taken when arranging cover to avoid any
shortfalls in coverage, especially by those in high-risk
environmental industries.
David Leggatt
Co-Head, Insurance Sector Australia
T +61 3 9274 5473
david.leggatt@dlapiper.com
Benjamin Hine
Solicitor
T +61 3 9274 5035
benjamin.hine@dlapiper.com
Medical Indemnity
LONG-TAIL LIABILITIES IN THE
MEDICAL MALPRACTICE MARKET
In the medical malpractice market, institutional and individual health care providers face
unique long-tail liabilities.
One of the foundations of long-tail liabilities is the duty of
care held by these insured parties to their patients, which
often does not have a clear endpoint. It can be many years
before the harm to a patient crystallises, and years more
before a claim is made.
This challenging situation is compounded by courts’
decisions, in recent years, to grant extensions of time for
plaintiffs to issue proceedings.
DUTY OF CARE ISSUES
When a patient seeks advice or treatment from a provider,
the provider generally assumes a duty of care. This duty
is “discharged” only when the provider has taken the
reasonable care that the duty requires.
There is no hard-and-fast rule about when a duty is
discharged and it can be difficult for a provider to prove that
this was done. A provider might wish to show there was:
■■
Reasonable evidence to infer that the condition had been
successfully treated;
■■
A reasonable referral of the patient to another provider;
■■
Reasonable advice to the patient to take certain steps;
■■
The patient rejecting reasonable advice of any sort.
The question is not whether the provider’s conduct
was effective, for example whether the patient actually
re-attended for further treatment, but whether it was
reasonable.
The Courts accept that patients are assumed to be
autonomous and therefore have the right to accept or
reject advice and treatment. As the NSW Court of Appeal
commented in O’Brien v Wheeler [1997] NSWCA 236, the
case law:
‘‘... reflects the autonomy of the adult patient, who is regarded
as having the right (if properly informed) to decide for himself
or herself ... An adult patient who is in a position to make a
choice has the right to elect a surgical procedure which the
hypothetical ‘reasonable’ person in his or her shoes would avoid,
and to refuse a procedure which the hypothetical ‘reasonable’
person in his or her shoes would embrace.’’
Almario v Varipatis [2013] NSWCA 76
In this case, a plaintiff sued his general practitioner in 2012,
claiming he ought to have been referred to a bariatric
surgeon for advice on weight loss surgery at some point
between 1997 and 2003. He had not been given this referral
and had not lost weight, and had subsequently developed
complications of his obesity including cirrhosis of the liver.
Relevantly, the plaintiff had failed to act on a previous
referral to an obesity clinic and had failed to act on the
advice of another doctor to lose weight.
The plaintiff established liability at first instance, and the
general practitioner (GP) appealed. The NSW Court of
Appeal found that the plaintiff had failed to establish that he
would have accepted a referral to an obesity clinic or lost
weight if he had. The Court commented:
www.insuranceflashlight.com | 29
‘‘If the plaintiff refused to take the firm advice of his general
practitioner, and of experts to whom he had been referred,
there was no breach of duty on the part of a general
practitioner in failing to write a further referral.The duty of care
stopped short of requiring an exercise in futility.’’
The patient applied to the High Court for special leave to
appeal the decision, but it was refused.
Grinham v Tabro Meats Pty Ltd & Anor
[2012] VSC 491
The patient attended his GP clinic for immunisation against
the Q fever virus in 2002. The GP correctly told the patient
that, given the results of certain preliminary testing, he could
not be vaccinated at that time. She provided the patient with
a referral for further testing and asked that he re-attend her
in one month’s time.
The patient did not take the further test, or re-attend, and
the GP took no steps to follow up. Four years later, in 2006,
the patient contracted the Q fever virus, which would have
been avoided had he been vaccinated. The patient issued
proceedings against his employer in 2010. The employer then
brought a third party proceeding against the GP.
The Court commented that the GP’s duty of care did not
cease when the patient left the clinic after the consultation.
It said there was an ongoing doctor/patient relationship with
a continuing duty until, at least, the time the patient should
have re-attended the clinic.
The Court needed to determine whether it was reasonable
for the GP to not have taken the further step of recalling the
patient when he failed to re-attend. Significantly, the Court
commented that:
‘‘…the question of advice and recall cannot be determined on
a generic basis, it must be context specific: all the circumstances
must be considered such as the patient’s symptoms (if any),
presentation, potential risk, comprehension of the advice and
history of compliance.’’
The Court found that the GP had acted reasonably in the
circumstances. It said that the patient understood the advice
provided by the GP, including the risk he faced and the need
to undergo further testing and re-attend. It was his decision
not to do so and the GP had no reason to believe that he
would not follow her advice.
30 | DLA Piper Insurance Review – May 2016
LIMITATION PERIOD ISSUES
Australia’s tort reforms, in around 2003, introduced shorter
limitation periods for personal injury claims. The statutes
vary from state to state.
The trade-off is that, in these claims, the time for a potential
plaintiff to bring a claim begins to run from the date he or
she knew, or should have known, that injury, loss or death
was caused by the defendant, or by some fault on the
defendant’s part. If the potential plaintiff still exceeds the
limitation period, courts generally have the ability to extend
the period.
We are seeing a trend with courts becoming more lenient
in their interpretation of when the period begins, and in
granting extensions.
AME Hospitals Pty Ltd v Dixon [2015]
WASCA 63
The allegations related to the plaintiff’s birth in 2001. The
plaintiff suffered cerebral palsy. His father engaged lawyers
to advise in relation to the birth. An expert report was
commissioned, which found that the care given had been
appropriate. The expert did not comment on the cause of
the cerebral palsy (and was not asked to do so).
A limitation period began to run in 2005 on the passage of
new legislation. This period expired in 2011. In May 2012,
the father instructed lawyers to obtain another expert
report. This new expert report was critical of the care
given in 2001, and said that the birth had led to hypoxic
ischaemic encephalopathy (HIE), which in turn had caused
cerebral palsy.
The father sought an extension of time. The relevant
legislation turned on the plaintiff (or those bringing the
litigation on his/her behalf) knowing that he/she had suffered
“injury” and knowing of the “physical cause” of this injury.
The father argued that the HIE (rather than the resultant
cerebral palsy) was the “injury” or alternatively the “physical
cause” of injury.
At first instance, the Master hearing the application agreed.
He found that the HIE was the injury and that the father had
not known about this, or the causative process, until the
second report was received.
The WA Court of Appeal upheld this decision. An
application for special leave to appeal the decision to the
High Court was unsuccessful.
The plaintiff argued that he had not formed a view, for some
time, that his wife’s death was the fault of some or all of the
medical practitioners involved. The Court did not accept
this, and found he had formed the requisite belief prior to
the 2003 death.
However, the Court granted the plaintiff an extension,
despite the proceedings being brought nearly nine years
after the cause of action accrued, an “undoubtedly great”
delay. In support of this, the Court found that the delay
had not caused any significant prejudice to the defendants.
The Court was unwilling to find that the plaintiff could have
proceeded against his solicitors instead.
CONCLUSION
Insurers understand that the continuing nature of a
provider’s duty of care may often result in a long-tail liability.
This has not been made any easier by the courts seemingly
becoming more lenient in granting extensions of time.
This does not mean, however, that the Australian medical
malpractice market is a high-risk one, and indeed there
appears to be a stable claims environment at this time.
Paul Lamb
Senior Associate
T +61 3 9274 52222
paul.lamb@dlapiper.com
With thanks to Bianca Parussolo, Solicitor, for her assistance.
Jones & Ors v Lu & Ors (Unreported,
County Court of Victoria, Wischusen J,
10 March 2015)
In this case, the plaintiff’s wife was treated by the defendants
in 2001 and 2002. She died in 2003 from breast cancer,
and the gist of the claim was that there had been a missed
opportunity to diagnose and treat this.
The plaintiff had approached lawyers well before the
relevant limitation period expired (in 2006). The Victorian
County Court found that inactivity by the plaintiff’s solicitors
had led to proceedings not being issued by 2006. Ultimately,
these proceedings were not issued until 2012.
www.insuranceflashlight.com | 31
Earthquake cases keep
New Zealand Courts busy
Commercial buildings in New Zealand are insured under
what is called a Material Damage Policy (also known as
an Industrial Special Risks Policy in Australia). Since the
Canterbury earthquakes, this policy has come under
unprecedented scrutiny by the New Zealand Courts as a
result of disputes arising from earthquake claims.
The cover for commercial buildings under this policy tends
to be similar worldwide and so the New Zealand decisions
will become useful precedents for other common law
jurisdictions.
In this article, we look at two of the most recent decisions.
A further issue was whether the building was ‘destroyed’ by
the February 2011 earthquake event, exhausting the policy at
this point. The policy defined ‘destroyed’ as:
… so damaged by an insured event that the property,
by reason only of that damage, cannot be repaired.
The insurer argued the definition contained an implied
requirement that the building could not be ‘reasonably’
repaired, which was the case where the cost of repair made
repair uneconomic. The Court of Appeal rejected that
argument and held that whether a building was destroyed
was to be:
‘… informed by considerations which may include any special
features of the building, the insured’s intentions for it so far as
they are not eccentric or unreasonable, and the respective costs
of reinstatement or replacement.
Vero Insurance NZ Ltd v Morrison
[2015] NZCA 246
The insured’s building was insured for approximately
NZ$3.5 million on a per event basis. This means that
for each earthquake event potentially NZ$3.5 million
was available under the policy. The cover was on an
indemnity only basis. This is commonly referred to
as ‘old for old’ cover based on depreciation applying.
Therefore, the insured was only entitled to the building
being restored to its condition immediately before the
loss (and not to an as-new condition).
The building suffered five earthquake events and the insured
made claims for damage caused by each of them. Because the
earthquake events occurred in relatively quick succession,
little or no actual repairs occurred between them.
There was no straightforward way of determining how much
damage was caused by each earthquake event. To overcome
this, the insured developed a model, which purported to
allocate damage to each event. The insurer rejected this
model on the basis that there was independent and reliable
evidence of the damage from each event in interim reports
prepared by loss adjusters and others. The Court of Appeal
held that although modelling could provide useful evidence
in order to produce practical justice, there were obvious
difficulties with this model and the trial judge had placed too
much emphasis on it. Contrary to the model, the Court of
Appeal found that the final earthquake event in June 2011
had caused little, if any, further damage to the building.
32 | DLA Piper Insurance Review – May 2016
On the facts, the building was still functional, it retained
some heritage value and repair costs were NZ$7.1 million
against replacement costs of NZ$9 million. It was not,
therefore, destroyed.
The final issue was whether the cost of new piles for
the building that were required as part of earthquake
strengthening during the repairs were covered. The Court of
Appeal agreed with the trial judge that they are not because
the building did not have piles before the earthquake and the
policy only provided ‘old for old’ cover.
Parkin v Vero Insurance NZ Ltd
[2015] NZHC 1675
The insured’s house was near new and suffered damage
in both the September 2010 earthquake and the
February 2011 earthquake.
The policy contained a basis of settlement clause that paid
for the costs actually incurred by the insured to repair the
damaged portion of the house, using currently equivalent
materials to a ‘when new’ condition. This is commonly
referred to as ‘new for old’ cover. The dispute related to
what all this meant in a practical sense. The Court held:
■
While it was clear the insured had to incur repair costs
before the insurer faced any liability under the policy, this
did not equate to the insured having to spend his own
money first. Liability is triggered when he is under a legal
obligation to pay the repair costs.
■
■
The insurer had not broken its duty of utmost good
faith by not settling as the insured had requested. In
any event, any duty owed by the insurer to the insured
arising from the policy came to an end once court
proceedings were issued. After that point, the insured’s
entitlement to any consequential losses was governed by
the High Court Rules.
Repairing to the standard of ‘when new’ did not require
the insurers to replace rather than repair every single
damaged item, even although the house was near
new before the earthquakes. The standard of repair
required by the policy was to render the fact of damage
immaterial. Where an item only had a functional purpose,
so long as the repair or replacement restores that
functional purpose to a ‘when new’ condition, the policy
obligation was met. If there was an aesthetic purpose,
the remedial process required is to restore the former
aesthetics to a ‘when new’ quality and that might mean
that in some situations, replacement was the only option.
Despite the 6th anniversary of the first earthquake occurring
in September 2016, there is no sign of earthquake related
court proceedings being at an end. We expect some further
interesting decisions from the New Zealand Courts on the
application of the Material Damage Policy and the Business
Interruption Policy this year and beyond.
Crossley Gates
Partner
T +64 9 300 3823
crossley.gates@dlapiper.co.nz
www.insuranceflashlight.com | 33
INSURANCE REGULATION UPDATES
AND PENDING REFORMS
Numerous reforms in Australia affecting the insurance
industry saw progress throughout last year. Retail life
insurance, firm culture and financial services were
all targeted in a number of regulatory changes and
proposed regulatory changes.
The pending reform of the retail life
insurance sector
In February 2016, the Federal Government released
amendments to the life insurance remuneration
arrangements under the Corporations Act. The draft
Corporations Amendment (Life Insurance Remuneration
Arrangements) Bill 2016 (the Amendment Bill) targets
conflicted remuneration for benefits paid on life risk
insurance products, to ‘‘better align the interests of
consumers and those providing advice.’’ As at 16 March 2016,
the Amendment Bill is before the Senate.
The Amendment Bill is the product of the Financial Systems
Inquiry and a report by Australian Securities Investment
Commission (ASIC) into the retail life insurance industry.
The report identified a number of concerning trends in the
industry in particular the link between the quality of advice
and commissions paid to life insurance advisors.
The proposed changes further distinguish the retail
life insurance market from the general insurance
product market.
34 | DLA Piper Insurance Review – May 2016
The Amendment Bill provides that benefits paid in relation
to life risk insurance products will be subject to the
general ban on conflicted remuneration going forward.
This is the case until ASIC specifies exemption criteria and
the products satisfy those requirements. The proposed
requirements relate to allowable commission and clawback
arrangements. General insurance products have a general
exemption from the conflicted remuneration provisions.
The reforms make both allowable commission and clawback
requirements precursors to the conflicted remuneration
exception. Maximum upfront allowable commissions are
proposed and clawback arrangements act to remove
incentive to rewrite policies to obtain further commission.
The Amendment Bill also facilitates ongoing reporting to ASIC
under its existing powers in the Corporations Act which the
regulator will use to review the new arrangements in 2018.
ASIC has released a consultation paper (CP 245) in response
to the Amendment Bill setting out its position regarding
industry reforms. ASIC endorses a number of the proposals
in the Amendment Bill including restructuring commissions
and clawback arrangements.
A two year transition period was included in ASIC’s
proposal to allow businesses to adapt to the new regime.
This position is premised on the strong correlation found by
ASIC between high upfront commissions and poor advice.
ASIC has also flagged its intention to undertake informationgathering pursuant to its powers in section 912C of the
Corporations Act to require information from life insurers
including exited policies, remuneration data and lapse rates.
consistency with other legislation. Other than the changes
to the retail life insurance industry it is not anticipated there
will be any further significant changes to the FOFA laws.
The Amendment Bill likely signals the last significant
development arising out of the Future of Financial Advice
reforms that commenced in 2010.
ASIC to regulate culture of firms
2015 Snapshot
In October 2015, the Federal Government released its
response to the Financial Systems Inquiry adopting the bulk
of the 44 recommendations made by the Inquiry.
It is expected that the bulk of the reforms in the insurance
sector throughout the next year will be a product of the
recommendations of the Financial Systems Inquiry.
In June 2015, ASIC Chairman Greg Medcraft used his address
to the Senate Estimates Committee to propose new strategies
to target the correlation between poor firm culture and poor
conduct in the financial industry.
These strategies include the regulation of culture through
risk-based surveillance reviews, the implementation of the
‘‘communication, challenge and complacency’’ framework
and the ability to pursue officers for civil penalties where
culture is responsible for administrative breaches.
The reforms anticipated may include expanding ASIC’s
power to intervene in financial product development
and withdraw or modify products from the market that
are harmful. It is expected there will be a number of
enhancements of ASIC’s powers in the market.
David Leggatt
Co-Head, Insurance Sector Australia
T +61 3 9274 5473
david.leggatt@dlapiper.com
A review into the capability of ASIC aimed at considering
how ‘‘ASIC uses its current resources and powers to deliver
its statutory objectives and assess ASIC’s ability to perform
as a capable and transparent regulator’’ is also underway.
It was expected the review panel, chaired by Karen Chester,
would deliver their report by the end of 2015 but it is yet to
be delivered.
Samantha O’Brien
Co-Head, Insurance Sector Australia
T +61 7 3246 4122
samantha.obrien@dlapiper.com
Once the review is completed, it is expected that draft
legislation will be released for consultation addressing
ASIC’s powers and other recommendations of the Financial
Systems Inquiry.
Sophie Devitt
Partner
T +61 7 3246 4058
sophie.devitt@dlapiper.com
Finalising of the FOFA reforms
In June 2015, the federal government announced further
refinements to the Future of Financial Advice laws (FOFA
laws). The regulation introduces technical refinements to
target a number of unintended consequences and ensure
www.insuranceflashlight.com | 35
Key insurance contacts
For more information on our insurance sector, please contact:
ASIA PACIFIC
US & THE AMERICAS
Peter Shelford
Insurance Sector Leader
Asia Pacific
T +662 686 8533
peter.shelford@dlapiper.com
Michael P. Murphy
Global Head, Insurance and Reinsurance
T +1 212 335 4755
michael.murphy@dlapiper.com
John Goulios
Co-Head, Insurance Sector Asia Pacific
T + 65 6512 9517 or +61 416 176 279
john.goulios@dlapiper.com
William C. Marcoux
Head of Insurance Transactions and
Regulation
T +1 212 335 4885
bill.marcoux@dlapiper.com
David Leggatt
Co-Head, Insurance Sector Australia
T +61 3 9274 5473
david.leggatt@dlapiper.com
Samantha O’Brien
Co-Head, Insurance Sector Australia
T +61 7 3246 4122
samantha.obrien@dlapiper.com
UK & EMEA
Andrew Symons
Partner, Insurance and Reinsurance
T +44 20 7796 6580
andrew.symons@dlapiper.com
Prakash Paran
Co-Chair, EMEA Insurance Group
T +44 20 7153 7529
pk.paran@dlapiper.com
www.dlapiper.com
DLA Piper is a global law firm operating through various separate and distinct legal entities. Further details of these entities can be found at www.dlapiper.com.
This publication is intended as a general overview and discussion of the subjects dealt with, and does not create a lawyer-client relationship. It is not intended
to be, and should not be used as, a substitute for taking legal advice in any specific situation. DLA Piper will accept no responsibility for any actions taken or not
taken on the basis of this publication. This may qualify as “Lawyer Advertising” requiring notice in some jurisdictions. Prior results
do not guarantee a similar outcome.
Copyright © 2016 DLA Piper. All rights reserved. | MAY16 | 3069752