Most business owners understand that a company can be fined for breaking the law. You may not know that directors, officers and senior managers can be held personally responsible – meaning the fine, court-awarded damages, or legal costs can come out of your own pocket.

Most business owners understand that a company can be fined for breaking the law. You may not know that directors, officers and senior managers can be held personally responsible – meaning the fine, court-awarded damages, or legal costs can come out of your own pocket.

In serious cases, individuals can also face criminal prosecution and imprisonment. Management Liability insurance is specifically designed to protect you and your management.

The Risk: Which Laws Can Make You Personally Liable?

There are hundreds of Commonwealth, state and territory laws that impose personal duties on people who manage a business – not just on the business entity itself. The key areas of personal exposure are:

• Work Health & Safety (WHS) Laws – officers have a personal duty of due diligence to ensure the business meets its WHS obligations. Breaches can result in personal fines and, in cases of gross negligence causing a death, imprisonment. Industrial manslaughter is now a criminal offence in all Australian states and territories, carrying penalties of up to 20–25 years imprisonment for individuals, depending on the jurisdiction. A WHS fine cannot be insured in most states, but your legal defence costs can and should be.
• Corporations Act 2001 – directors must act with care, diligence and good faith. Breaches can result in personal civil penalties of up to $1.65 million per breach and criminal penalties of up to 15 years imprisonment for the most serious offences, such as fraud.
• Fair Work Act 2009 – directors and senior managers can be personally liable for a company’s breaches of employment laws, including underpayments, wrongful dismissal and adverse action – even if the company goes into administration.
• Environmental Laws – officers can be personally prosecuted for pollution events or unlawful waste disposal under state EPA legislation. Unlike WHS fines, civil penalties under EPA laws can be insured.
• Privacy Act 1988 – amended significantly in December 2024, with new civil penalties of up to $50 million for serious data breaches. Officers who fail to ensure reasonable data protection can face personal liability.
• Director Penalty Notices (ATO) – directors can be made personally liable for unpaid employee superannuation, PAYG withholding and GST, recoverable directly from personal assets.

Managing the Risk

Good governance is your first line of defence. Directors and senior managers should:

• Regularly review and audit WHS, employment and privacy compliance systems
• Ensure board meetings address WHS, employment law and regulatory compliance as standing agenda items
• Understand the personal duties that apply to your role under relevant laws – ignorance of the law is not a defence
• Document decisions and due diligence steps, particularly on matters of safety, employment, financial reporting and data protection
• Seek legal advice promptly if a regulator investigation, employee complaint or incident occurs – early action can significantly limit personal exposure

Good risk management reduces the likelihood of a prosecution, but it cannot eliminate it entirely. When a complaint is made or an investigation begins, the costs of defending yourself are immediate and substantial – regardless of whether you are ultimately found to have done anything wrong.

 How Management Liability Insurance Helps

Management Liability insurance (for SMEs) and Directors & Officers (D&O) insurance (for larger organisations) are designed to protect the personal financial position of directors, officers and senior managers. Without this insurance, you could be personally responsible for legal costs and any damages awarded against you.

A Management Liability policy can cover:

• Your personal legal defence costs when facing a claim, investigation or prosecution arising from your management role – this is often the largest cost in any regulatory matter
• Civil damages and compensation awards made against you personally
• Costs of responding to formal investigations by ASIC, the Fair Work Ombudsman, state WHS regulators, EPA authorities and other bodies
• Wrongful dismissal, discrimination and harassment claims made by current or former employees against the business and its managers
• Fines and penalties for breaches of laws other than WHS (where permitted by law), including environmental, trade practices and consumer protection legislation

An important point: fines imposed for WHS breaches cannot be insured in most Australian states and territories. The law specifically prohibits this. However, the legal defence costs to fight a WHS prosecution – which can run to hundreds of thousands of dollars – can be covered. For non-WHS regulatory breaches, both the fine and the defence costs can generally be insured, subject to policy terms and conditions.

Talk to Your Insurance Adviser

Because every business is different, the right level of Management Liability cover will depend on your industry, the size of your business, your regulatory environment and the personal risk profile of your directors and senior managers.

Management Liability and D&O policies vary significantly between insurers in the scope of cover they provide. It’s important to work with a professional insurance adviser who can review your specific risks, compare policy options and make sure the cover in place actually responds when you need it.

Contact your Insurance Advisernet adviser today for a review of your management liability exposure.

General Advice Warning

This communication including any weblinks or attachments is for information purposes only. It is not a recommendation or opinion, your personal or individual objectives, financial situation or needs have not been taken into account. This communication is not intended to be a constitute personal advice. We strongly recommend that you consider the suitability of this information, in respect of your own personal objectives, financial situation and needs before acting on it. This document is also not a Product Disclosure Statement (PDS) or a policy wording, nor is it a summary of a particular product’s features or terms of any insurance product. If you are interested in discussing this information or acquiring an insurance product, you should contact your insurance adviser to obtain and carefully consider any relevant PDS or policy wording before deciding whether to purchase any insurance product.

The past four years have taught us one thing: global supply chains are fragile. Geopolitical tension, extreme weather, labour strikes, port congestion and trade policy shifts have all disrupted flows. A manufacturer relying on a single supplier overseas faces real risk of extended downtime. A retailer facing supplier delay loses peak-season sales. For many small businesses, a single disruption can threaten survival. 
 

Why supply chains break

Modern supply chains are built for efficiency, not resilience. Most businesses rely on just-in-time inventory, which means you keep minimal stock and order frequently. This cuts storage costs and cash flow tied up in inventory. But it also means you have almost no buffer when a supplier fails. Add to this the complexity of global sourcing: a single component might be made by a supplier in Southeast Asia, shipped to a manufacturing hub, then delivered to you. If any link in that chain breaks, you feel the impact.

Common triggers for disruption are becoming routine. Geopolitical tension creates trade barriers and shipping delays. Extreme weather flooding a key manufacturing region can shut down production for weeks. Labour strikes or visa restrictions disrupt supply. Port congestion in major hubs like Shanghai or Singapore can strand shipments for months. Regulatory changes create compliance delays. And company-specific failures: a key supplier goes bankrupt, loses a major contract, or suffers a quality crisis.

The ripple effect is where supply chain risk becomes serious. If your supplier's supplier fails, you're affected even if your direct supplier is fine. These cascading failures are hard to predict and impossible to prevent by yourself.

The real cost of disruption

When supply gets cut, the financial impact is immediate and multi-layered. There are direct costs: you source from alternative suppliers at premium prices. You pay for expedited shipping like airfreight instead of sea freight. You incur quality assurance costs to verify emergency supplies meet your standards.

Then come the indirect costs. Your revenue drops because you can't fulfill orders. You may owe penalties to customers for late delivery. Customers may switch to competitors, representing lost sales beyond just the immediate disruption. Your staff stand idle, but salaries continue. You've still got lease costs, insurance, utilities, all running while revenue has stopped.

Consider a worked example: a small furniture manufacturer loses access to foam supplies for 60 days. They can't fill customer orders. They lose AUD 200,000 in revenue. They pay AUD 40,000 in wages for idle staff. They incur AUD 30,000 in expedited sourcing costs. Total financial hit: AUD 270,000. For a small business, that may represent 6 months of profit, or more.

The cash flow crisis is the real killer. Even profitable businesses collapse if they can't meet payroll or supplier invoices during extended disruption. Insurance can't restore your supply chain, but it can provide the cash to keep the business running while you find alternatives.

Building resilience beyond insurance

Insurance is the financial backstop, but it's not the only tool. Start by identifying your critical suppliers: which ones would most damage your business if they failed? For those critical suppliers, can you dual-source? Diversifying adds cost, but it buys you optionality. Even modest safety stock, 20 to 30 days of inventory, can absorb many disruptions.

Check your suppliers' health. Do you know where they get their inputs? Are they dependent on a single source for something critical? If all your suppliers are in one region, you're concentrated. Geographic diversification reduces risk. And think about what happens if your supplier goes down. Do you have a backup plan before a crisis hits?

Once you've done the practical work, insurance becomes sensible risk management. Talk to your adviser about ways to manage your risk.

General Advice Warning

This communication including any weblinks or attachments is for information purposes only. It is not a recommendation or opinion, your personal or individual objectives, financial situation or needs have not been taken into account. This communication is not intended to be a constitute personal advice. We strongly recommend that you consider the suitability of this information, in respect of your own personal objectives, financial situation and needs before acting on it. This document is also not a Product Disclosure Statement (PDS) or a policy wording, nor is it a summary of a particular product’s features or terms of any insurance product. If you are interested in discussing this information or acquiring an insurance product, you should contact your insurance adviser to obtain and carefully consider any relevant PDS or policy wording before deciding whether to purchase any insurance product.

Social engineering fraud is one of the most damaging – and most underestimated – cyber threats facing Australian businesses today.

Unlike traditional hacking, it doesn’t target your software: it targets your people.

Key Cyber Crimes against Small to Medium Businesses

Criminals impersonate executives, suppliers, government agencies or trusted colleagues to manipulate employees into transferring funds, disclosing login credentials, or providing access to sensitive systems.

It can happen via email, phone call, SMS, or even in person. And it can happen to any business, in any industry, at any size.

 The scale of the problem is significant and growing. According to the Australian Government Cyber Report - ACSC Threat Report 2024 - 2025, a cybercrime is reported in Australia every six minutes – more than 84,700 reports in a single year. 

Business Email Compromise (BEC), a primary form of social engineering, caused almost $84 million in self-reported losses in FY2023–24, with the average confirmed BEC incident costing over $55,000.

Cost to Businesses

Small and medium businesses are the hardest hit: the average cost of a cyber incident for a small business rose 14% in the most recent year to $56,600 – and 22% of SME owners reported their business was impacted by cybercrime in 2024.

Standard business insurance policies do not cover losses from social engineering fraud or Business Email Compromise.

A specialist cyber insurance policy can cover financial losses from fraud, incident response and forensic IT costs, data recovery, legal expenses, and crisis management.

Free Cyber Guides

The Australian Government’s free Cyber Health Check tool is a good starting point to assess your business’s current exposure. But don’t wait for an incident to find out you’re underinsured.

Cyber Insurance

Cyber insurance covers loss or damage to your own systems, identifying the cause of the loss and plugging the gaps, then reinstating your system. It also covers loss or damage to other people or their systems if you are found to be negligent. With the high risk of being hacked or subject to a social engineering scam, it is money well spent.

Need advice?

Talk to your Insurance Advisernet adviser today about whether your business has the right amount and type of cyber protection in place.

General Advice Warning

This communication including any weblinks or attachments is for information purposes only. It is not a recommendation or opinion, your personal or individual objectives, financial situation or needs have not been taken into account. This communication is not intended to be a constitute personal advice. We strongly recommend that you consider the suitability of this information, in respect of your own personal objectives, financial situation and needs before acting on it. This document is also not a Product Disclosure Statement (PDS) or a policy wording, nor is it a summary of a particular product’s features or terms of any insurance product. If you are interested in discussing this information or acquiring an insurance product, you should contact your insurance adviser to obtain and carefully consider any relevant PDS or policy wording before deciding whether to purchase any insurance product.

Artificial intelligence is no longer just a trend. It is reshaping how professional services firms operate, from client relationships to back-office efficiency. While many teams have dabbled with chatbots or content tools, the real impact comes from having a clear plan.

Why AI Matters Now

• Rising adoption: 41% of professionals use public GenAI tools like ChatGPT, while 17% use industry-specific AI. Organisational adoption has doubled.
• Future focus: 95% of professionals believe GenAI will be central to their workflows within five years.
• Positive outlook: Over half feel AI will boost productivity and client solutions, even with accuracy challenges.
• Skills gap: Only one-third of firms provide GenAI training, giving a competitive edge to those that do.

Start With a Problem, Not a Product

The best AI projects start with identifying pain points, not chasing the latest app. Ask:

• Where is time being wasted?
• Which processes are broken or slow?
• What tasks are repetitive and low-value?

Manual data entry, repetitive emails, lengthy reports, or duplicated notes are often the best starting points.

Practical Use Cases

AI can deliver real value, for example:

• Sales & Client Services: Log meeting notes in CRMs, summarise client calls, enrich records with external data.
• Customer Support: Use chatbots for FAQs, summarise long email threads, draft faster replies.
• Marketing: Generate social content, analyse campaign performance, draft newsletters and blogs.
• Finance & Operations: Match invoices, flag errors, extract data from PDFs, standardise reporting.

The Bottom Line

AI is not just for tech giants. Professional services firms can use it now to cut busywork, streamline operations, and deliver smarter client solutions. You do not need an AI department to start, only a clear problem to solve and a smart place to begin.

General Advice Warning

This communication including any weblinks or attachments is for information purposes only. It is not a recommendation or opinion, your personal or individual objectives, financial situation or needs have not been taken into account. This communication is not intended to be a constitute personal advice. We strongly recommend that you consider the suitability of this information, in respect of your own personal objectives, financial situation and needs before acting on it. This document is also not a Product Disclosure Statement (PDS) or a policy wording, nor is it a summary of a particular product’s features or terms of any insurance product. If you are interested in discussing this information or acquiring an insurance product, you should contact your insurance adviser to obtain and carefully consider any relevant PDS or policy wording before deciding whether to purchase any insurance product.

The coordinated military strikes on Iran on 28 February 2026 and the retaliatory attacks that followed represent the most significant disruption to global trade and travel since the Red Sea crisis in late 2023. If your business involves international travel, imports, exports or supply chain logistics, here is what you need to know.

DFAT LEVEL 4: DO NOT TRAVEL

As at 1 March 2026, Australia’s Smartraveller has issued ‘Do Not Travel’ advisories for the UAE (including Dubai and Abu Dhabi), Israel, Bahrain, Kuwait, Qatar, Iran, Iraq, Syria, Lebanon and Yemen. Jordan is at Level 3.

This affects roughly 11% of all international travel departing Australia each year.

TRAVEL INSURANCE

All standard travel insurance policies exclude or severely limit cover for war and military actions, including state-sponsored cyber attacks. Travel to any country or region under a DFAT advisory, including transit, is not covered for trips commencing on or after 28 February 2026.

1. New policies and trips are not covered. Policies purchased or endorsed, and travel commenced, on or after 28 February 2026 will likely provide no cover for travel or transit to this region. We recommend talking with your insurance adviser before making bookings.
2. In-transit travellers may have limited cover. Those currently travelling who purchased their policy before 28 February may be covered for loss of deposits, cancellation, curtailment or personal safety evacuation. Conditions apply, including leaving the area within seven days and being required by authorities or airlines to make changes to flights or bookings. We recommend talking with your insurance adviser before making or changing bookings.
3. Do not cancel bookings yourself. Some airlines are offering refunds or suspending flights. Cancelling a booking before speaking to the airline may mean the cost is not claimable. We recommend talking with your insurance adviser before cancelling any bookings.

MARINE CARGO

War and strikes cover is already or likely to be cancelled – 7 day notice.

Most marine cargo policies include a War and Strikes clause. Over the weekend (28 Feb 2026), many Lloyd’s insurers issued cancellation notices for this cover, giving seven days’ notice. If your insurer has issued (or is about to issue) a notice of cancellation, you will need to act quickly. Limited cover may still be available at significantly higher premiums for cargo transiting the Gulf area, but this needs to be arranged through your insurance adviser.

SUPPLY CHAIN

Strait of Hormuz and Suez Canal both disrupted.

Both the Strait of Hormuz and the Red Sea/Suez Canal route are now effectively closed to commercial shipping. Around 150 tankers and 170 container ships are trapped or diverted. Dubai’s Jebel Ali Port, the ninth largest container port in the world and the primary hub for Australia–Middle East trade, has suspended operations after missile damage. Freight rates have already started climbing.

• Sectors most affected: fuel, consumer goods, automotive parts, chemicals, food and agriculture (including exports).
• Shipping costs: benchmark Middle East to Asia rates have nearly tripled since the start of 2026.
• Recommended action: consider the steps your business took during COVID and apply those lessons now. Review stock levels, alternative suppliers and lead times.

CYBER

State-sponsored cyber risk is elevated.

Iran has a documented history of state-sponsored cyber attacks. Most cyber insurance policies now exclude country-versus-country cyber operations as a war risk. However, coverage varies significantly between insurers. Some policies explicitly cover state-sponsored terrorism that falls outside the definition of war, while others are more flexible. Now is the time to review your cyber policy cover and wording with your insurance adviser.

WHAT SHOULD YOU DO NOW?

Review your travel, marine cargo, cyber and business interruption policies. Check whether your insurer has issued a notice of cancellation for war and strikes cover. If you have employees travelling through the Middle East, contact your insurer’s assistance line immediately. Do not cancel airline or accommodation bookings without speaking to your insurance adviser first to discuss your cover and your options.

Need to review your cover? Contact your insurance adviser to discuss your specific circumstances. The situation is changing rapidly and early action is important.

General Advice Warning

This article is for general information only and does not constitute financial, legal or insurance advice. Coverage depends on individual policy terms and conditions. Information is current as at 3 March 2026 and the situation is evolving rapidly.

This communication including any weblinks or attachments is for information purposes only. It is not a recommendation or opinion, your personal or individual objectives, financial situation or needs have not been taken into account. This communication is not intended to be a constitute personal advice. We strongly recommend that you consider the suitability of this information, in respect of your own personal objectives, financial situation and needs before acting on it. This document is also not a Product Disclosure Statement (PDS) or a policy wording, nor is it a summary of a particular product’s features or terms of any insurance product. If you are interested in discussing this information or acquiring an insurance product, you should contact your insurance adviser to obtain and carefully consider any relevant PDS or policy wording before deciding whether to purchase any insurance product.

Protecting your business from cyber threats is about more than firewalls and passwords. When an incident happens, how you respond can make all the difference. A cyber incident can disrupt your services, compromise sensitive data and expose you to ransom demands. Cyber criminals may threaten to release stolen data to force payment, sometimes targeting the individuals whose details they’ve taken. Having a clear plan and the right tools at hand will help reduce the damage. That’s where an Incident Response Go-Bag comes in. Think of it as your emergency kit – a combination of digital tools, devices and documentation that allow you to respond quickly and effectively.

Why You Need a Go-Bag

• Swift action: Immediate access to essential tools avoids wasted time in a crisis.
• Preparedness: Plans are never perfect, but a ready-to-go kit keeps your response structured.
• Collaboration: A cyber event isn’t just an IT issue. Leadership, insurers, regulators and advisers all need to be involved.

What to Include

For Businesses:

• Software: Remote desktop tools, cybersecurity software, password managers, backup and recovery programs.
• Hardware: Bootable USB drives with recovery utilities, diagnostic tools, and spare components.
• Connectivity: Power banks, chargers, mobile devices.
• Documentation: Emergency plans, key contacts, regulatory requirements – stored securely in both digital and physical form.
• Physical items: First aid kits, torches and basic safety gear for your IT environment.

For Individuals: 

• Connectivity: Phone, power bank, and backup charger.
• Security & repair: Password manager, recovery tools, emergency contacts and maps.
• Communication: A simple notepad and pen.

Golden Rules for Incident Response

• Don’t assume IT alone can handle the fallout – they’ll be busy fixing systems
• Don’t bypass your business continuity processes – scarce resources need leadership direction.
• Don’t assume recovery times for routine downtime apply to a cyberattack – these are different events.  
• Don’t underestimate data theft – encryption isn’t the only sign of an attack.
• Don’t delay contacting your insurance adviser and cyber insurer – some notifications must be made within 24 hours.
• Don’t risk sharing sensitive data over unsecured channels in the rush to respond.

Key Contacts to Have Ready

• Your business continuity and emergency team
• Key suppliers and partners
• Legal advisers
• Your insurance adviser and cyber insurer
• Relevant regulators

An Incident Response Go-Bag won’t stop a cyberattack, but it will give you the tools to respond quickly, protect your business and reassure your clients. For more guidance, see Cyber.gov.au Incident Response Resources. And as always, speak with your insurance adviser to make sure your cyber cover and response plan work hand in hand.

General Advice Warning

This communication including any weblinks or attachments is for information purposes only. It is not a recommendation or opinion, your personal or individual objectives, financial situation or needs have not been taken into account. This communication is not intended to be a constitute personal advice. We strongly recommend that you consider the suitability of this information, in respect of your own personal objectives, financial situation and needs before acting on it. This document is also not a Product Disclosure Statement (PDS) or a policy wording, nor is it a summary of a particular product’s features or terms of any insurance product. If you are interested in discussing this information or acquiring an insurance product, you should contact your insurance adviser to obtain and carefully consider any relevant PDS or policy wording before deciding whether to purchase any insurance product.

Customer injuries, extreme weather, fires or cyber-attacks can strike at any time. Preparation and managing the impact includes having the right mix of insurances for your business. Insurance can provide cyber experts to help get your systems up and running, pay overheads, such as wages or rent or engage lawyers to defend legal action. 

How Much Does Insurance Cover Cost for Your Business?

Insurance covers a wide range of accident and events, from fire, storm, car accidents, cyber attacks and loss of income.  The price is based on how much cover you want, your industry and prior accident or claims history. Knowing which insurers are the most competitive is key.

Enabling Growth and Opportunity

Insurance doesn’t just protect against loss, it also creates opportunity. Investors, lenders and partners look for well-structured insurance programs, making your business more attractive for partnerships, financing and expansion. When you know that risks are managed, you can focus on growth with confidence. Whether that means entering new markets, trialling innovative technologies or scaling operations, insurance provides the security that allows you to take calculated risks.

Insurance Advisers

Talk to your local insurance adviser about reviewing your financial risks, assets and goals, whether you’re a start-up and established business. They will be able to provide advice and recommend insurance covers tailored to your needs and budget.

Helping You and Your Business Succeed

Managing your key financial risks is important to ensure the financial stability and growth of your business. Talk to your local insurance adviser, they’ll provide advice about the best type and amount of insurance that matches your needs and budget. 

General Advice Warning

This communication including any weblinks or attachments is for information purposes only. It is not a recommendation or opinion, your personal or individual objectives, financial situation or needs have not been taken into account. This communication is not intended to be a constitute personal advice. We strongly recommend that you consider the suitability of this information, in respect of your own personal objectives, financial situation and needs before acting on it. This document is also not a Product Disclosure Statement (PDS) or a policy wording, nor is it a summary of a particular product’s features or terms of any insurance product. If you are interested in discussing this information or acquiring an insurance product, you should contact your insurance adviser to obtain and carefully consider any relevant PDS or policy wording before deciding whether to purchase any insurance product.