The morning ritual for most across the Western world goes something like this: wake, get out of bed and connect to the world – usually via smartphone, tablet, radio or TV.

In Australia, we’re typically catching up with what’s happened across the planet overnight and, in more recent times especially, barely a day seems to go by without a sickening terrorist attack taking place.

According to the 2015 Global Terrorism Index from the Institute for Economics and Peace – a global think-tank based in Sydney – acts of terror cost US$52.9bn* across the world in 2014 – up from just over US$30bn* in 2013, and higher than the previous peak of just over US$51bn* in 2001, primarily attributable, of course, to 9/11.

Take 2001 out of the equation, and between 2000 and 2012, the average cost of terror was around US$12bn*. Australia, while relatively isolated geographically, is far from immune. The statistics bear this out. According to the Federal Attorney General’s Department, since the national terrorism threat level was raised on 12 September 2014, there have been three attacks and nine major counter terrorism disruption operations in response to imminent attack planning in Australia.

Consequently, terrorism is now a very real and legitimate concern for businesses. So, what do businesses need to protect themselves?


In the wake of 9/11, insurance companies in Australia withdrew terrorism cover from their policies.

In response to this, the Terrorism Insurance Act 2003 (TI Act) was introduced by the Commonwealth Government to safeguard the country’s economy.

Employers must take active steps to respond… without preparation there remains the potential for liability claims in the event that the worst should happen.

The Australian Reinsurance Pool Corporation (ARPC) was established under the TI Act to develop and administer a reinsurance scheme to provide terrorism cover for ‘eligible’ policies such as those covering commercial, industrial risks, construction sites and for farms, with business interruption insurance.

Cover is only available if an incident is announced as a Declared Terrorist Incident (DTI) by the Federal Treasurer after consultation with the Attorney General (see breakout box), and – crucially – if the business has the relevant and correct cover. Essentially, the TI Act overrides the terrorism exclusion clause in eligible policies.

“The cover provided by the scheme is for physical assets, contents within those assets and associated business interruption, and follows the terms and conditions of the policy except for the terrorism exclusion clause,” says Mike Pennell, Chief Underwriting Officer of the ARPC.

“Of course, the cover provided by the ARPC is only activated once an incident is officially announced as a Declared Terrorist Incident (DTI).”


When we consider the victims of terror, we naturally and quite rightly focus on the immediately affected – those killed and injured, and their families. According to the Institute of Economics and Peace, deaths from terrorism globally increased significantly between 2008 and 2015, up 286 per cent from 8,466 to 32,715.


Acts of terrorism have many repercussions, with businesses significantly impacted too, as illustrated in Australia by the 2014 Lindt Café siege in Sydney.

“A large section of the city was cordoned off,” says Mike Pennell of the ARPC, “so a number of businesses were affected by prevention of access. Their business was interrupted.”

However, he says, less than half of the affected businesses had prevention of access cover. “We’ve seen all of the details, and the majority of losses from the incident were from business interruption claims, but the majority of businesses affected weren’t covered for prevention of access.”


Clearly, this is an opportunity for brokers to advise their clients what they need to best cover all eventualities, as well as helping them to develop a comprehensive risk management strategy.

Chris MacKinnon, Lloyd’s representative in Australia, says some businesses are more risk aware by nature, and have a better understanding of the cost of terrorism, while others are in need of education.

“Businesses have access to a number of different insurance covers,” he says.

“For example, these should now include business interruption and contingent business interruption and liability, property catastrophe or political risk/violence, kidnap and ransom, workers’ compensation, health and travel insurance.”

On top of that, says Stella Pruscino, Placement Services Manager at Willis Towers Watson Australia, businesses should consider cyber insurance, impairment of access, active shooter, active assailant and loss of attraction.

She says the time is right for brokers to have conversations with clients about how the TI Act will relate to their business, and what the outcome in the case of a DTI would be for them.

Pruscino suggests brokers need to ask themselves the following questions for each of their clients:

  • Is there a policy in place that would respond in the event of a terrorist attack?
  • Does the client have claim for loss?
  • Is it an eligible contract?
  • Does the contract contain a terrorism exclusion?
  • Does the ownership rule apply?
  • Is it an exclusion under the TI Act?


Getting the risk management element of any business right is the first, essential step, to manage and minimise the risk of a terrorist attack.

“For Australian businesses, having a robust risk management plan addressing the terrorist threat is essential, as any adverse publicity concerning the mishandling of a security or terrorist threat or incident can have lasting reputational and financial consequences.”

Pruscino says that as well as property and business interruption exposures, focus is now turning to liability and workers’ compensation.


“Employers must take active steps to respond to the rising threat of active shooter attacks, while providing employees with clear guidance regarding what to do in the event of a terrorist incident,” she says.

“Without preparation there remains the potential for liability claims in the event that the worst should happen.”

A significant terrorist incident affecting a local community is likely to have a multitude of consequences, says Pruscino, including the requirement for businesses to enact trauma response plans, review security measures, test evacuations and lockdown procedures.

Consider what safeguards your clients’ business has to manage the risk of:

  • intruders
  • a hostage situation
  • suspicious packages
  • serious injury or death
  • disruptions to infrastructure, including electricity and water
  • employees travelling to locations considered to be at higher levels of terror attacks
  • traumatic events.

An increasing amount of work is taking place across the industry to help fill the gaps in coverage that exist. Pruscino says that Willis Towers Watson are placing standalone terrorism policies for clients who are either excluded under the TI Act, or are seeking broader coverage, and the company’s risk and analytics teams are risk modelling terrorism scenarios to identify risk exposure for clients.

MacKinnon of Lloyds says, “Risk managers are faced with a challenge as the nature and type of terrorist attacks can vary significantly, and are changing.

“Insurance can provide an element of protection in the form of financial compensation to replace destroyed company assets, however this must be combined with robust site security controls and access policies to increase the resiliency of a location.”

No matter how resilient locations and protocols are, however, the risk for businesses across the country is real. Are you certain your clients wouldn’t become collateral damage should the worst happen?