ASIC flags AI as a dual-edged risk
ASIC’s 2026 Key Issues Outlook puts artificial intelligence and cyber-enabled scams directly on the agenda for Australian financial services – and general insurance brokers are squarely in scope. The regulator acknowledges AI’s potential to improve efficiency and personalisation across product design, pricing, marketing and claims decision-making, but its primary concern is the new forms of misconduct and consumer harm the technology enables. NIBA’s summary underlines that the impact of AI is top of mind for ASIC, and that licensees will be watched on how they govern their use of technology, data and automation.
Two themes stand out. First, AI-driven scams: ASIC calls out cyber-enabled fraud, deepfakes and social-engineering attacks as a growing threat to consumers and small businesses. Second, opaque algorithms: where AI is used in underwriting, pricing or marketing, the regulator warns of unfair discrimination and misleading communications if systems are not properly governed and explained.
The practical risk for brokers
For most small brokerages, these aren’t abstract concerns. Clients are already receiving phishing emails that reference real policy details or impersonate their insurer. AI content tools are accelerating output across the industry – but without a clear review process, they’re also accelerating errors and overstatements.
The risk is two-fold. Operationally, if staff fall for an AI-driven scam, the consequences include data breaches, payment diversion and reputational damage. On the advice side, if AI tools are used in communications, comparisons or recommendations – by the brokerage or under its licensee – the broker remains responsible for accuracy and fairness regardless of how the content was produced.
Three practical responses for 2026
Tighten internal cyber governance. Multi-factor authentication, strong password policies and regular phishing simulations are baseline expectations under ASIC’s operational resilience focus. The ASIC Regulatory Tracker makes clear that weak controls under an AFSL are not a low-priority issue. Incidents should be recorded and reported promptly, with controls reviewed after any near-miss.
Set rules for AI use inside the brokerage. Develop clear internal guidelines for AI tools used in marketing, drafting emails or preparing reports. Require human review of all AI-generated client-facing material and ensure factual claims are checked against primary sources before anything goes out.
Use ASIC’s focus on scams to prompt cyber conversations with clients. It provides a legitimate entry point for tougher questions about SME cyber hygiene and ties naturally to cyber placement and policy conditions – including conditions precedent and endorsements. The Australian cyber insurance market is softening in some segments, but underwriting scrutiny on SME controls remains high and loss frequency from SME incidents is rising. That combination makes risk-management conversations essential groundwork for cover discussions. The Insurance Council’s 2026 cyber submission and the ACP Cyber Insurance Market Update provide useful supporting data for those conversations.
The broker’s position in an AI-driven year
ASIC has been clear that technological change doesn’t reduce the obligation for fair, transparent and well-explained advice. For brokers, this is an opportunity to lean into the human side of the role: translating complex risk, challenging client assumptions and standing between clients and an increasingly hostile digital threat landscape.
Brokers who tighten their own controls, apply sensible guardrails to AI use, and weave scam-risk into regular client conversations will stay well inside ASIC’s expectations – and reinforce their relevance in a year where algorithms and attackers will both be moving faster than ever.
Better Broker Network members have direct access to compliance support and peer guidance for navigating exactly these issues. Find out more at betterbroker.net.au.