risk-management.php

Cyber-crime is on the rise in Australia as criminals shift their attention to opportunities in the online world.

LPLC has observed that cyber-attacks cause significant disruption and losses to a law practice – not only the costs of investigation, IT remediation and getting a business back up and running, but also the losses of income and expenses incurred by interruption to a firm’s day to day business.

The LPLC Professional Indemnity Policy of Insurance provides cover to law practices for civil liability in connection with a firm’s legal practice and associated defence costs. Claims to which the LPLC policy responds usually involve a client alleging loss as a result of acts of negligence and/or breach of duty. In other words, claims brought by third parties against legal practitioners. Claims by third parties brought against practitioners for damages relating to cyber-crime also usually fall within the ambit of the LPLC Policy. The LPLC policy however does not cover the firm’s own business losses (first party losses), for instance, the costs of interruption to the firm’s business, retrieval of electronic data, the IT costs and other costs of remediating a cyber-security breach and regulatory fines and penalties.

There are many cyber risks existing and emerging and only some of them will be covered by LPLC’s professional indemnity policy. The LPLC are aware that many firms have been looking for cyber insurance cover to supplement their other insurances.

The LPLC have worked with Marsh who have arranged a commercial cyber insurance policy, underwritten by Chubb, that will sit alongside LPLC’s professional liability coverage for firms. It is an optional cover which firms can choose to purchase.

Visit the Marsh website for more information about the policy. The FAQs on this page answers questions about cyber insurance and how the Marsh policy intersects with the LPLC Professional Indemnity policy.

Marsh/Chubb held a webinar on 4 April 2019 to provide more information and answer questions about the cyber insurance policy.


Marsh/Chubb cyber insurance policy FAQs


Cyber insurance is insurance for the costs associated with data breaches, cyber-crime and cyber-related threats which cause damage through attacks against business information systems or which arise from the use of technology within organisations.

Cyber insurance has developed in response to the growth in cyber-crime and risks related to the collection and use of data as society becomes more digitally connected and technology-interdependent.

Cyber-related events result in both first-party and third-party losses. Cyber insurance responds to losses that are specified in the cyber policy.

First-party loss is loss suffered by the insured itself when a cyber event occurs. These are primarily expenses incurred by an insured to investigate, respond and remediate a cyber incident but can also include business interruption costs, loss of profits, regulatory fines or penalties, and ransom payments.

Third-party loss is loss suffered by clients or other parties resulting from a cyber incident which an insured caused to occur or had an obligation to ensure did not occur. These losses are generally the subject of a claim for damages or compensation by the client or third party, pursuant to a recognised cause of action such as a negligence claim, or an action for breach of confidentiality. They may also result in significant defence costs.

No, cyber insurance is not compulsory for law firms.
Only professional indemnity insurance is compulsory.
Although there can be some overlap, cyber insurance and professional indemnity insurance are different types of insurance.

Yes, LPLC’s policy does cover certain cyber risks. LPLC’s broad professional indemnity policy includes cover for damages/compensation claims in connection with the firm’s legal practice arising from cyber-related events.
Examples of cyber-related claims covered by LPLC’s policy include:

  • compensation claims for breach of confidential information or breach of privacy
  • damages claims for defamation committed on-line
  • claims for loss of client funds through business email compromise (i.e. email hacking by fraudsters redirecting settlement money).

However, LPLC’s professional indemnity policy does not cover a firm for its own losses arising from cyber-related events or for regulatory prosecutions, fines or penalties.

The Marsh/Chubb cyber insurance policy is an optional insurance policy available for law firms to purchase (through Marsh, international insurance brokers) to insure themselves against the specified cyber risks covered by the policy.

The policy is underwritten by Chubb Insurance Australia Ltd (ABN 23 001 642 020; AFSL 239687).

Marsh have negotiated with Chubb to arrange the policy wording and premium rates.

Marsh is offering the policy and premium rates to law firms who have their professional indemnity insurance policy with LPLC, and the policy wording is tailored accordingly.

Cyber incidents are a growing threat to law practices. In recent years many law firms have experienced cyber incidents such as ransom attacks, denial of service attacks and other network breaches causing business interruption, incident-response costs and reputational damage to firms unable to respond quickly and effectively.

LPLC’s professional indemnity policy covers claims made against the firm for compensation or damages arising from cyber incidents but it does not cover a firm for its own costs to investigate, respond and remediate a cyber incident or for business interruption costs, loss of profits, regulatory fines or penalties, and ransom payments.

With cyber-crime on the rise, many law firms have been looking to buy additional insurance protection beyond LPLC’s professional indemnity policy. There are several commercial insurers offering cyber insurance, but the Marsh/Chubb cyber policy has been tailored to sit alongside LPLC’s professional indemnity policy.

LPLC is not receiving any remuneration in relation to the Marsh/Chubb cyber insurance offering for law firms.

The Marsh/Chubb cyber insurance policy is a separate (optional) policy to LPLC’s (compulsory) professional indemnity policy.

It is available for purchase through Marsh insurance brokers.

The Marsh/Chubb policy covers specified cyber-related first-party losses incurred by an insured firm. The LPLC policy does not cover first-party loss cyber losses.

The Marsh/Chubb cyber policy also acts as an excess liability insurance policy sitting above LPLC’s professional indemnity policy in relation to specified third-party cyber liability risks as detailed in the Marsh/Chubb policy wording.

Where the Marsh/Chubb cyber insurance policy sits above LPLC’s professional indemnity policy in relation to a claim for third-party loss, it will respond in accordance with its own policy terms and conditions.

Full details of cover under the Marsh/Chubb policy can be obtained from Marsh.

There is no alteration in cover under LPLC’s professional indemnity policy for any practitioner or firm who elects to purchase the Marsh/Chubb cyber insurance policy.

A range of different cyber insurance limits are available from Marsh/Chubb.

All questions in relation to premiums, cover and excesses must be directed to Marsh. More information and contact details are available on the Marsh website.

Practitioners and firms must contact Marsh.

More information, the application form and contact details are available via the Marsh website.

Chubb has arranged a 24/7 cyber incident response hotline with Clyde & Co Lawyers. The hotline will receive all notifications of claims and circumstances under the Marsh cyber insurance policy and act as a breach coach to provide immediate incident co-ordination to insured firms.

For more information about the notification of claims under the Marsh cyber insurance policy visit the Marsh website.

Yes. Various cyber insurance policies are available for purchase in the commercial insurance market and firms must make their own assessment of the cover that is best suited to their circumstances.

No. Practitioners and firms must make their own assessment and seek their own advice about the Marsh/Chubb cyber insurance offering.

LPLC’s statutory function is to provide professional indemnity insurance to law firms in accordance with Part 4.4 of the Legal Profession Uniform Law.

LPLC is not authorised to deal in other general insurance products or financial products or to give financial product advice.

Practitioners seeking further information about the Marsh cyber insurance policy should contact Marsh via their website.

Load More


11 July 2019

Do they have the authority?

Verifying authority is an essential part of risk management. Snapshot Always verify the authority of the client. Be aware of high risk situations including acting for a company, multiple clients or for an attorney. Use a checklist to verify authority. It should go without saying that you should not act on a client’s instructions if […]

More
27 June 2019

In Check Issue 83 | June 2019

The engagement habit Our risk management focus for the 2019/20 financial year is engagement management. Badly managing the client engagement was the second most costly and numerous underlying cause of claims in the last ten years.  The root causes of these claims included: not clarifying who is the client acting in a conflict not clarifying […]

More
20 June 2019

Checklists can help avoid a claim

LPLC has a range of risk management checklists to help practitioners. Checklists are an essential risk management tool that should be used routinely by any legal practice. If you find it difficult to set aside time to develop these tools yourself, the free checklists on LPLC’s website can help. Here are some fundamental checklists that […]

More
17 May 2019

How to avoid the traps

By Caroline Drew of Obst Legal Introduction Acting on behalf of purchasers of land is a common occurrence for many practitioners. Most of the time the transaction runs smoothly with the client becoming the new owner of exactly what was intended. However, not every transaction is the same and practitioners need to be wary of […]

More
16 May 2019

Law Institute Journal Conveyancing Special Edition 2019

If there is one thing that could reduce professional indemnity insurance premiums over time it would be to reduce the incidence and severity of conveyancing claims. In the 2017/2018 FY, property and conveyancing accounted for 25% of claims by area of practice received by LPLC. For the May edition of the LIJ, LPLC have contributed a […]

More
29 March 2019

Retrospective changes proposed for residential ‘off the plan’ sunset clauses

key risk alerts New bill proposes changes to the operation of sunset clauses in residential off the plan sales contracts. Proposed new requirements will prevent a vendor rescinding ROTP contracts based on a sunset clause without: at least 28 days written notice a purchasers consent The bill provides that the ‘notice’ and ‘consent’ provisions will […]

More
25 September 2018

PEXA, email, electronic funds transfers and cyber-crime

PEXA, email, electronic funds transfers and cyber-crime On 25 June 2018 LPLC published a security warning for PEXA users arising from some recent instances of fraudulent activity impacting PEXA transactions. One of these (‘the MasterChef case’) involved a fraudster entering the PEXA workspace and changing payment account details to divert $250,000 of the proceeds of […]

More
25 September 2018

GST withholding practical examples

Download PDF GST withholding practical examples This bulletin contains practical examples in question and answer format of how the purchaser GST withholding provisions work. For general information about the withholding requirements see the bulletin Some purchasers required to withhold GST from 1 July 2018. Contracts signed before 1 July 2018 Question 1 Our clients purchased […]

More
14 August 2018

Medical Treatment Planning and Decisions Act 2016 (Vic)

Download PDF Key points   Appointments of medical treatment decision makers and advanced care directives replace medical powers of attorney and refusal of medical treatment certificates from 1 July 2018. Medical power of attorneys entered into before 1 July 2018 are taken to be appointments of medical decision makers. Any refusal of treatment certificates created […]

More
7 August 2018

Some purchasers required to withhold GST from 1 July 2018

Download PDF Suggested resources: Vendor/supplier GST withholding notice Key points New GST withholding regime applying to some settlements from 1 July 2018. New notification obligations on vendors of new residential or potential residential land. New notification and withholding obligations on purchasers of new residential or potential residential land. Penalties apply for both vendor and purchaser […]

More
18 July 2019

Make it a rule to include water information certificates

There is a good reason why you should always include a water information certificate in a section 32 statement. The certificates will show the water and sewer lines, which are unregistered easements, and need to be disclosed. Section 32C of the Sale of Land Act 1962 (Vic) says that the section 32 statement must contain: […]

More
3 July 2019

Property damage insurance claims: How long have you got?

The New South Wales Court of Appeal held earlier this year that the limitation period for a claim under a property damage insurance policy starts when the property damage occurs, not when the insurer declines indemnity. In the case Globe Church Incorporated v Allianz Australia Insurance Ltd [2019] NSWCA 27 (26 February 2019), the policyholder Globe […]

More
13 June 2019

Electronic conveyancing obligations – be prepared for a compliance examination and subscriber review

  Download PDF Subscribing to electronic conveyancing is not a ‘set and forget’ process but requires regular checking that you are complying with your subscriber obligations, particularly in relation to client authorisation, verification of identity, right to deal, document retention and system security. Regular checking should also mean that you are well prepared for a […]

More
7 June 2019

Retrospective changes to ‘off the plan’ sunset clauses now law

As foreshadowed in our blog of 30 May the Sale of Land Amendment Act 2019 (Vic) is now in operation having received royal assent on 4 June 2019 — meaning the retrospective changes to off-the-plan sunset clauses retrospectively came into operation from 23 August 2018. The new requirements prevent a vendor rescinding residential off the […]

More
30 May 2019

Retrospective changes to ‘off the plan’ sunset clauses passed in parliament

The Sale of Land Amendment Bill 2019 (Vic) was passed in Parliament on 28 May — meaning the retrospective changes to off the plan sunset clauses will come into operation as soon as the bill receives royal assent. The new requirements will prevent a vendor rescinding residential off the plan contracts based on a sunset […]

More
6 May 2019

Develop the engagement habit

Lawyers can get themselves into hot water when they neglect to go through a thorough client engagement process. Our handy engagement decision tool can help you develop a more manageable approach. Make it routine for every client and every matter.

More
9 November 2018

Key Risk Checklist: Tax issues

This checklist contains the most common taxes and related charges and is not intended to be exhaustive. Ticking a box indicates who is responsible for considering the selected item. Both practitioner and client may be selected. A column has been included for initial comments. It is recommended that a memorandum be sent to the client […]

More
7 May 2018

Key Risk Checklist: Sale of land – questions for the vendor

Sale of land – questions for the vendor   Instructions ☐  Please circle yes or no as applicable. ☐  Please provide the additional information as indicated e.g. a copy of your title(s). ☐  If you do not know the answer or are unable to provide the additional information please insert the words ‘not known’. ☐ […]

More
24 April 2018

Key Risk Checklist: GST

GST is not simple but there are some easy steps you can take to help protect you and your clients. References to divisions and sections can be found in A New Tax System (Goods and Services Tax) Act 1999 (Cwlth). GST alert – for contracts entered into from 1 July 2018, purchaser to collect and […]

More
27 January 2018

Risk management audit checklist

Don’t wait for the worst to happen – use this audit checklist to determine and monitor whether your practice is at risk of a negligence claim. Introduction This audit checklist is a risk management tool for legal practitioners to determine and monitor whether their practice is at risk of a negligence claim arising from poor […]

More
28 February 2019

Claim free conveyancing

Additional conveyancing download: Default notice Introduction Claim free conveyancing has been produced to help practitioners avoid the most common mistakes which have resulted in a claim in conveyancing transactions. By being aware of how and why mistakes occur, you will be in a better position to protect against claims. Claims against practitioners arising from conveyancing […]

More
17 September 2018

Small business big risk

Since LPLC published the first edition of Small business – big risk there have been some changes in the legal landscape which are particularly relevant to transactions for the sale of small businesses including the introduction of: the Estate Agents (General, Accounts and Audit) Regulations 2008, which has made substantial changes to both the form and content […]

More
6 August 2018

Pitfalls in personal injury litigation

Personal injury litigation Clients seek out litigation lawyers only when something has gone wrong. In the personal injury arena, they have the added difficulty of dealing with a physical or mental impairment and its consequences. This means the relationship is going to be challenging from the start. It can be made even more difficult if […]

More
24 July 2018

Keep managing mortgage risk

Additional mortgage downloads Solicitor’s Certificate – Direct Borrower Solicitor’s Certificate – Third Party, Guarantor etc Translator’s Certificate Client acknowledgement Introduction From 1 July 2015 to 30 June 2017 LPLC has received 43 mortgage claims at a total estimated cost of $3M. Smaller law firms continue to be more vulnerable to these types of claims. Of […]

More
24 April 2018

Avoiding superannuation claims

Introduction Every year LPLC sees claims involving superannuation funds. Claims sometimes arise because the practitioner does not have sufficient knowledge or experience with superannuation matters. Practitioners who regularly act in this area will agree that extensive expertise and understanding is required to properly advise clients and to have the best chance to avoid a claim. […]

More
7 June 2019

Risk video bite – Adequate security or loans

Presenter: Matthew Rose, LPLC Risk Manager

More
2 May 2019

Risk video bite – Attention to detail in wills and estates

Presenter: Heather Hibberd, LPLC Chief Risk Manager

More
5 April 2019

Risk video bite – Systems save claims

Presenter: Stephen Bubb, LPLC Risk Manager

More
1 March 2019

Risk video bite – Buying or selling a small business

Presenter: Matthew Rose, LPLC Risk Manager

More
1 February 2019

Risk video bite – Inadequate advice

Presenter: Phil Nolan, LPLC Risk Manager

More
29 March 2019

Retrospective changes proposed for residential ‘off the plan’ sunset clauses

key risk alerts New bill proposes changes to the operation of sunset clauses in residential off the plan sales contracts. Proposed new requirements will prevent a vendor rescinding ROTP contracts based on a sunset clause without: at least 28 days written notice a purchasers consent The bill provides that the ‘notice’ and ‘consent’ provisions will […]

More
15 August 2018

Vendor/supplier GST withholding notice

There is no prescribed form for section 14-255 supplier GST withholding notice. Below is a suggested form of notice practitioners are welcome to use or adapt.Page two of the notice contains some notes for its use.   Vendor_supplier GST withholding notice(PDF Version) | Vendor_supplier GST withholding notice(Word Version)    

More
14 August 2018

Medical Treatment Planning and Decisions Act 2016 (Vic)

Download PDF Key points   Appointments of medical treatment decision makers and advanced care directives replace medical powers of attorney and refusal of medical treatment certificates from 1 July 2018. Medical power of attorneys entered into before 1 July 2018 are taken to be appointments of medical decision makers. Any refusal of treatment certificates created […]

More
7 August 2018

Some purchasers required to withhold GST from 1 July 2018

Download PDF Suggested resources: Vendor/supplier GST withholding notice Key points New GST withholding regime applying to some settlements from 1 July 2018. New notification obligations on vendors of new residential or potential residential land. New notification and withholding obligations on purchasers of new residential or potential residential land. Penalties apply for both vendor and purchaser […]

More
27 June 2018

GST withholding special condition

Download PDF GST withholding 1.1. In this special condition, section references are to Schedule 1 of the Taxation Administration Act 1953 (Cwth) as amended by Treasury Laws Amendment (2018 Measures No.1) Act 2018 (Cwth) and asterisked terms have the same meanings as when used in that schedule. 1.2. If section 14-255(1) applies to the supply […]

More