ESG and Compliance

Sustainability and Security: Top Priorities for Australian Insurers

Key Findings

66% of Australian insurers anticipate environmental factors to significantly impact their ESG strategies over the next three to five years, higher than in any other region surveyed.
58% of insurers in Australia are incorporating ESG criteria into investment and underwriting decisions, while 50% are also prioritising environmental and sustainability initiatives.
Over three-quarters (76%) of Australian insurers anticipate data privacy and security compliance to be the top regulatory challenge in 2025, compared to 70% globally.

Environmental and social factors in the strategic spotlight

ESG is increasingly central to the corporate landscape in Australia, reflecting the global trend towards sustainable and responsible business operations. Regulatory measures such as the Treasury Laws Amendment (Financial Market Infrastructure and Other Measures) Bill 2024 have mandated large entities and financial institutions to disclose climate-related information from 1 January 2025. This has intensified investor pressure on businesses to address their environmental responsibilities and align with evolving sustainability expectations. Almost all ASX 200 companies now disclose to investors how they manage ESG risks to some degree, with nearly three-quarters reporting at a comprehensive or detailed level.^[¹^]

Regulatory pressures and growing stakeholder expectations have insurers deeply embedding ESG metrics into their risk assessment frameworks, enabling them to strategically align their investment decision-making with sustainability goals and evolving market demands. Environmental aspects are taking centre stage, backed by the Climate-Related Financial Disclosure (CRFD) Act, which took effect in September 2024. The CRFD Act mandates climate-related disclosures for Australia’s largest businesses, starting January 2025, with phased implementation for small and medium-sized enterprises by 2027.^[²^]

Unsurprisingly, two-thirds of Australian insurers expect environmental factors to have the most significant impact on their ESG organisational strategies over the next three to five years, compared to social and governance considerations. Only 53% of respondents globally echo a similar sentiment. Australia’s greater emphasis on environmental factors is potentially indicative of the country’s acknowledgement of the need to manage the rising number of climate change events.

Following the environmental aspect, 60% of insurers in Australia view the social aspect as having the next biggest impact on organisational strategies compared to their global counterparts (44%). This highlights the emphasis placed by Australian insurers on addressing social factors such as diversity, community engagement, and employee welfare in strategic planning.

Data privacy, security and compliance requirements: Top priorities for insurers

Insurers in Australia have adapted to the growing importance of ESG by embedding sustainability and social responsibility into their corporate strategies. Over half of Australian insurers (58%) are incorporating ESG criteria into their investment and underwriting decisions, with 50% prioritising environmental and sustainability initiatives to align with evolving market expectations. Globally, the numbers trail slightly, with just less than half (49%) of insurers implementing reporting and compliance processes and using ESG for underwriting decisions in their organisational strategies.

“Globally and regionally, data privacy and security compliance have become the top regulatory challenges. According to the Office of the Australian Information Commissioner (OAIC), there were 527 data breaches reported from January to June of 2024, the highest since late 2020. While most of these breaches affected 100 or fewer people, one incident impacted over 10 million Australians — the largest since the NDB scheme came into effect.^[3]

Consequently, in Australia, 76% of insurers anticipate these challenges, primarily due to the increasing focus on the Privacy Act 1988, which outlines strict guidelines on how organisations must collect, store, and manage personal information. As technology advances and insurers increasingly adopt digital tools, organisations may face growing risks of cyberattacks that can compromise sensitive customer and financial data. This places greater accountability on insurers to implement robust cyber security frameworks and demonstrate compliance.”

Closely following data privacy and security compliance is the challenge of keeping pace with evolving compliance requirements. Over half of global respondents (53%) express concerns about the fast-changing regulatory landscape. In Australia, 46% of insurers express the same sentiment. The challenge is amplified by differing compliance requirements across regions, creating difficulties in keeping pace with changing regulations. To address this, insurers are investing in approaches that combine the need to be agile in the face of a rapidly changing compliance landscape with the need to be comprehensive and cross-functional in implementing solutions.

Streamlining compliance by embracing partnerships

Australian insurers are actively leveraging external expertise to ensure compliance with evolving customer-focused regulations driven by increasing complexities and resource constraints. Nearly three-quarters of Australian insurers (72%) and well over half of global insurers (58%) plan to collaborate with law firms or legal advisors to ensure adherence to evolving customer-focused regulations. This approach facilitates adherence to changing regulations, as well as enhancing operational efficiency and service quality.

Compared to last year, the number of insurers planning to work with trusted claims management partners has increased by 13 percentage points globally. This trend reflects the growing reliance on external expertise while freeing internal resources for strategic initiatives. Additionally, a claims management partner can help insurers streamline operations, mitigate risks, and prioritise strategic initiatives such as customer care and innovation.

^{[1] “}^{ESG reporting trends 2022 Report}^{”, Australian Council of Superannuation Investors (ACSI), June 2022}
^{[2] “}^{Climate-related financial disclosure: exposure draft legislation}^{”, The Treasury, February 2024}
^{[3] “}^{Notifiable data breaches report}^{”, The Office of the Australian Information Commissioner (OAIC), September 2024}