APRA unveils latest private health insurance risk equalisation figures

The Australian Prudential Regulation Authority (APRA) has published private health insurance (PHI) risk equalisation figures for the 2021/22 financial year.

Risk equalisation supports the community rating principle legislated under the Private Health Insurance Act 2007. With insurers not allowed to risk rate premiums, risk equalisation partially compensates insurers with a riskier demographic profile by redistributing money from those paying less-than-average benefits to those higher-than-average benefits.

Risk equalisation annual results for each state                          

The annual net transfers for the 2022 financial year totalled $396,810,327. The following are the risk equalisation annual results for each state for the 2022 financial year:

• New South Wales: $2,370,393,162, down from $2,481,389,599 in the 2021 financial year;
• Victoria: $1,778,575,011, down from $1,795,546,354 (2021);
• Queensland: $1,595,765,290, up from $1,587,198,410 (2021);
• South Australia: $556,969,857, down from $575,765,707 (2021);
• Western Australia: $771,216,008, down from $778,741,049 (2021);
• Tasmania: $171,202,477, down from $175,110,874 (2021); and
• Northern Territory: $21,944,811, down from $22,438,695 (2021).

APRA's 2023 priorities for the private health insurance industry

Last month, APRA unveiled its plans for the PHI industry for 2023 as many long-term structural challenges remain, including the increasing pressure on insurance affordability.

In a speech to the Members Health Directors' Professional Development Program, APRA executive board member Suzanne Smith said the regulator will focus on PHI affordability and cyber resilience. She also advised attendees to focus on the following:

• Identifying exposures to critical service providers and what to do if those providers were significantly compromised;
• Regularly testing systems, including recovery testing, to ensure data can be restored from backups;
• Preparing for cyber incidents by educating the staff about their roles and responsibilities during a crisis, having a well-thought-out and practised playbook, conducting dynamic simulations, and selecting external partners who will help during a crisis; and
• Establishing adequate IT risk governance and IT audit coverage.