The APRA National Claims and Policies Database is getting a structural overhaul rather than a bigger data pipe. On 1 July 2026, the Australian Prudential Regulation Authority published its response to a consultation on updating the section 57 non-confidentiality determination that underpins the database’s public statistics. The headline change is not more data, but better plumbing: cyber and management liability, including directors’ and officers’ cover, become standalone reporting categories for the first time, while confidentiality guardrails stay exactly where they were.
A Publication Format Rebuilt Around Downloadable Datasets, Not Scope Creep
APRA’s own framing of the reform is deliberately narrow. The regulator’s response letter, also dated 1 July 2026, covers both a proposed non-confidentiality determination for the database and a refreshed approach to how the figures get published. That distinction matters because it signals a change in delivery mechanism rather than a widening of what insurers must report. As detailed in APRA’s broader push to modernise its supervisory data architecture, the NCPD refresh fits a pattern of moving legacy portal reports toward structured, downloadable datasets that actuaries and pricing teams can pull directly into their own models.
The original proposal floated in May 2026 had already promised to keep the same aggregation level and data scope as the existing determination while simplifying how the output looked, and APRA has now confirmed it is following through on that commitment rather than expanding it. The regulator will proceed with the non-confidentiality determination largely as proposed, without broadening the underlying data scope. In other words, this is a repackaging exercise: the same underlying claims and policy data, cut into more usable and more granular publication categories.
Why Cyber and D&O Finally Get Their Own Lane
For years, cyber exposure data in Australia has been thin, scattered across insurer-specific disclosures or buried inside broader liability categories that made benchmarking difficult. The May 2026 consultation proposal covered six NCPD reporting standards spanning policy, claims and facility data, and the refreshed format splits that into four policy cross-sections and four claims cross-sections for general insurers, with facilities and Lloyd’s business handled through separate publications. Carving cyber and management liability out as their own lines within that structure gives pricing actuaries and reinsurers a cleaner reference point than trying to infer trends from combined liability figures.
Splitting cyber and D&O into dedicated cross-sections does not change what insurers report to APRA — it changes how visible that data becomes to the market pricing against it.
The move also lands against a backdrop of heightened scrutiny of insurer boards and risk committees. InsuraBeat has previously covered how APRA has been tightening its expectations around insurers’ readiness for complex, fast-moving risks, and better cyber claims visibility is a natural complement to that agenda: supervisors and underwriters alike need granular loss data to judge whether current D&O and cyber pricing reflects actual claims experience.
Confidentiality Safeguards Survive the Overhaul Intact
Industry pushback during consultation focused less on the new categories and more on whether finer slicing of the data could inadvertently expose individual insurers’ books, particularly in smaller liability lines with few writers. Submissions came from industry bodies including the Actuaries Institute and the Insurance Council of Australia, and APRA’s response addresses that concern directly. External NCPD publications will retain the current level of data aggregation and existing confidentiality safeguards even as cyber and management liability move into standalone categories, meaning the new structure adds resolution between lines of business without adding resolution down to individual insurer level.
For firms that need more than the public aggregates, the door has not closed. More granular data beyond the published aggregated releases remains available on application to APRA’s data analytics team, subject to privacy conditions. That two-tier access model — open aggregates for the market, controlled granular extracts for qualifying requesters — is effectively unchanged from the prior regime, which should reassure insurers wary of a formal review process, such as the one behind APRA’s recent decision to revoke an insurer’s licence, being used to justify wider disclosure of commercially sensitive claims data.
Rollout Timeline: What Lands When
The database itself is not new. APRA established the NCPD in 2003 at the request of the Australian Government, in consultation with the insurance industry and other stakeholders, and it has functioned since then as a comprehensive record of policy and claims information covering professional indemnity and public and product liability insurance. Coverage today extends to public and products liability, professional indemnity and directors’ and officers’ liability, while reinsurance, marine cover and domestic householder liability policies remain outside its scope.
- The consultation on the non-confidentiality determination and publication format closed to industry submissions on 16 June 2026.
- APRA’s most recent statistics update before this refresh was released on 10 December 2025, with the next issue scheduled for 3 July 2026.
- The first publication under the refreshed format will include data through 31 December 2024, with 2025 data following later in 2026.
That staggered timeline means the market will not see a like-for-like comparison between the new cyber and D&O cross-sections and prior-year figures immediately — the reference point only catches up once 2025 data lands. APRA’s last dedicated NCPD analysis report, published 10 May 2023, examined claims trends and affordability across public and product liability, professional indemnity, and directors and officers insurance, and a similarly structured deep-dive is the logical next step once the refreshed cross-sections have a full year of comparable data behind them.
Sources
- apra.gov.au
- apra.gov.au
- apra.gov.au
- apra.gov.au — National claims and policies database statistics
- apra.gov.au — National claims and policies database