More than half of Australian general insurers that breached key claims handling timeframes in 2024-25 could not say by how many days they had kept customers waiting, according to annual compliance data released by the General Insurance Code Governance Committee.
The finding is among several in the GICGC’s Annual Industry Data and Compliance Report for 2024-25, which recorded 70,325 code breaches across the industry – a 20.5% rise on the 58,385 logged the year prior. Claims-related failures under Part 8 of the Code of Practice made up 59% of that total, or 41,140 breaches, compared with 30,870 in 2023-24.
Two claims-handling obligations drove much of the increase. The requirement to give policyholders a progress update at least every 20 business days – paragraph 70 of the code –was breached 18,350 times, up 67% from 10,989 the year before. The obligation to advise customers of a decision within 10 business days of receiving all relevant information (paragraph 76) produced 11,180 breaches, a 79% jump from 6,244. The GICGC asked insurers who breached those timeframe commitments to report how far beyond the deadline they had gone. Only 19 insurers were able to provide that information, accounting for 41% of claims handling timeframe breaches. Separately, 12 insurers were unable to report the length of delays when they exceeded those same timeframe commitments, collectively accounting for 59% of breaches across those obligations.
Where figures were available, the median overrun ranged from 10 to 14 business days across four code commitments. At the outer end, one insurer recorded an average overrun of 137 business days on the 10-business-day decision requirement, and another averaged 156 days beyond the four-month threshold under paragraph 77. Veronique Ingram, chair of the GICGC, said the stakes for policyholders in those situations are not abstract. “When customers make a claim, they are often dealing with stressful and uncertain circumstances. Delays in updates or decisions can add to that stress and make it harder for people to recover and move on,” Ingram said. Other notable increases included breaches of paragraph 59(b) – telling customers what excess amounts apply – which went from 24 to 2,864, and paragraph 142, the obligation to acknowledge a complaint upon receipt, which rose from 4,155 to 6,012.
For the fifth year running, insurers attributed the majority of their breaches to staff negligence or error. That category covered 77% of all reported breaches in 2024-25, including instances where the same mistake recurred across high volumes of cases – a pattern the GICGC said is more consistent with structural failure than individual fault. Ingram said without reliable internal data, insurers cannot make the connection between repeated incidents and the operational gaps behind them. “Good data helps insurers see where they are failing to meet their commitments and take action before they become widespread. Without that visibility, it is harder to address the root causes of issues that affect customers’ experiences. It is crucial that insurers have the data to learn from breaches – they cannot simply report breaches and dismiss them as human error, only to report them again the next year,” Ingram said. The committee’s report called on insurers to build compliance measures into their systems before breaches occur, citing automated reminders, system-generated updates, and escalation triggers as tools that can reduce reliance on after-the-fact identification.
Reported breaches under Part 9 of the code, which addresses support for customers in vulnerable circumstances, dropped 11% to 1,540 in 2024-25. Part 10, covering financial hardship, recorded 400 breaches, down 6% from 425. Complaint figures told a different story. Vulnerability-related complaints climbed 70% and financial hardship complaints rose 119% over the same period, against a 30% increase in overall industry complaints. The gap between falling breach counts and rising complaint volumes indicates that internal process adjustments have not consistently carried through to customer experience.
Motor insurance accounted for 56% of vulnerability-related breaches in the period, up from 39% recorded two years earlier. The GICGC said the shift underscores that vulnerability obligations are not confined to catastrophe and home insurance contexts. “For customers experiencing vulnerability or financial hardship, the quality of support they receive can have a significant impact on their overall experience. Clear communication, timely responses, and appropriate support are essential in helping these customers navigate difficult situations,” Ingram said.
The number of customers affected by breaches across all code parts fell 71%, from 347,553 in 2023-24 to 99,909 in 2024-25. A 93% reduction in customers affected by Part 12 breaches – access to information – drove the majority of that decline, dropping from 234,254 to 18,159. Total financial remediation tied to breaches came to $1,327,995, down 14% on the prior year. Part 3 breaches, which relate to core insurer obligations, produced the largest financial toll despite accounting for just 4% of all breaches: 2,385 breaches affected 5,526 customers and resulted in $735,687 in financial impact, averaging $133.13 per customer. Part 8 claims breaches, by contrast, generated an average financial impact of $1.93 per affected customer across 41,941 customers – a total of $80,867. The GICGC noted that low per-customer dollar figures do not capture the broader harm associated with delayed decisions and withheld information during active claims.
The industry reported 41,595,965 policies and 5,714,161 lodged claims in 2024-25. Retail insurers received $39,181,478,863 in premiums and paid out $19,403,670,164 across 4,475,052 accepted claims. Home and motor retail classes produced the highest breach counts. Home breaches rose 30.1% to 32,316, and motor retail increased 25% to 28,896. Sickness and accident breaches grew 79.7%, and travel insurance breaches rose 57%. The most common corrective action reported by insurers was direct customer communication – contacting policyholders to clarify or update information following a breach. Process revisions, staff training, and system changes were also reported as secondary measures. Of 1,795,089 internal dispute resolution complaints resolved in the period, 67% of retail outcomes and 58% of wholesale outcomes were decided in the customer’s favour.
