Chapter 19 - Data Flashcards

1
Q

Explain the ethical and regulatory issues involved in working with personal data and extremely large data sets

A

South Africa has POPIA in place but other countries have varying levels of stringency on personal data laws so special attention must be paid when transferring data from one country/entity in one country to another.

POPIA is written around eight conditions covering the lawful processing of personal information by individuals and companies:

  1. Accountability
    The party responsible for processing the data is also responsible for compliance with POPIA.
  2. Processing limitation
    Information must be processed in a fair, lawful and relevant manner, after consent is given by the data subject.
  3. Purpose specification
    Personal information must be collected for a specific purpose. Record keeping to be destroyed when personal data is no longer relevant or authorised to be held.
  4. Further processing limitation
    Further processing must be compatible with the initial collection purpose
  5. Information quality
    Data completeness, accuracy and updates to be ensured by holder of the data
  6. Openness
    Documentation to be maintained on all processing operations and maintaining transparency on data use.
  7. Security safeguards Requirement
    Integrity and confidentiality of personal data must be secured and all processing done only by authorised operator. Notification to be done on security compromises.
  8. Data subject participation
    The data subject may request confirmation of personal data held and request correction or deletion of any inaccurate, misleading or outdated information held

Consideration should be given to the quality and standard of the information systems used to store and process personal data to ensure high levels of security, appropriate processing and the ability to correct or delete irrelevant or incorrect personal information held.

Contracts entered into with product suppliers and administrators or other parties must be amended to reflect the requirements of POPIA.

POPIA also requires the appointment of an information officer and the drafting of relevant polices.

Appropriate allowance should be made for the cost of compliance (e.g. an information officer) and system implementation and continuous system management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Competition Legislation

A

In addition to data protection laws, jurisdictions may also have competition laws which may also limit the uses to which data can be put.

The following may be prohibited:
- anti-competitive agreements – e.g. data could be shared among a small number of companies to fix prices in a particular market
- abuse of dominant market position – e.g. imposing unfair trading terms, such as exclusivity

Sensitive personal data can include information related to: ·
- racial or ethnic origin
- political opinions
- religious or other similar beliefs
- membership of trade unions
- physical or mental health condition
- sexual life
- convictions, proceedings and criminal acts.

Sensitive personal data is generally subject to much stricter regulation than ordinary personal data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Big Data

A

Big data can be characterised by:
- very large data sets
- data brought together from different sources
- data which can be analysed very quickly – such as in real time

Anonymisation can potentially aid big data analytics, as it means that the information being analysed is no longer considered personal data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Data Governance

A

Data governance is the term used to describe the overall management of the availability, usability, integrity and security of data employed in an organisation

A data governance policy will set out guidelines with regards to:
- the specific roles and responsibilities of individuals in the organisation with regards to data
- how an organisation will capture, analyse and process data
- issues with respect to data security and privacy
- the controls that will be put in place to ensure that the required data standards are applied
- how the adequacy of the controls will be monitored on an ongoing basis with respect to data usability, accessibility, integrity and security.

The data governance policy will also provide a mechanism for ensuring that the relevant legal and regulatory requirements in relation to data management are met by the organisation.

Organisations that do not have adequate data governance procedures can be exposed to risks relating to:
- legal and regulatory non-compliance
- inability to rely on data for decision making
- reputational issues
- incurring additional costs (for example, fines and legal costs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Risks associated with the use of data

A
  • available data might contain errors or omissions, which could lead to erroneous results or conclusions.
  • insufficient historical data available to estimate credibly the extent of a risk, and the likelihood of the occurrence of that risk in future.
  • Even where there is sufficient data to estimate credibly future experience in normal conditions, there may be insufficient data available to provide a credible estimate of a risk in very adverse circumstances, which may be necessary for some purposes (e.g. estimating the tails of a distribution).
  • Where there is insufficient data it may be possible to use data from other sources (e.g. industry data, other countries, competitors), but there is a risk that data from other sources may not be a sufficiently good proxy for the risk being assessed.
  • Historical data may not be a good reflection of future experience due to:
    • past abnormal events
    • significant random fluctuations
    • future trends not being reflected sufficiently in past data
    • changes in the way in which past data was recorded
    • changes in the balance of any homogeneous groups
      underlying the data
    • heterogeneity with the group to which the
      assumptions are to relate
    • the past data may not be sufficiently up to date
    • other changes – e.g. medical changes, social changes, economic changes, etc.
  • There are risks where an actuary attempts to group data into broadly homogenous groups such as:
    • individual data groups may be too small for a credible analysis
    • if data groups are merged so there is sufficient data in each group to be credible, the combined data set may not be sufficiently homogeneous.
  • available data may not be in a form that is appropriate for the purpose required.
  • available data may have been collected for a purpose, which means that it is not appropriate for a different purpose.
  • A lack of confidence in the available data will reduce the confidence in an actuary’s conclusions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Algorithmic Trading

A

Algorithmic trading is a form of automated trading that involves buying or selling financial securities electronically to capitalise on price discrepancies for the same stock or asset in different markets

The benefits of algorithmic trading

  • potentially quicker, more consistent and fairer decisions being made This has the potential to be good for consumers, businesses and society.
  • larger amounts of data can now be collected, stored and analysed much more quickly than in the past. These advances require new tools to analyse and make decisions. Increasingly algorithmic tools are being used in decision making processes across many sectors.
  • Advances in computer power, communication technology and programming capability have offered new tools for investment decisions, trading execution and risk management

Electronic trading has the advantages of increased speed and efficiency of trading, and can result in lower dealing costs on trades. In addition, automated trading can potentially facilitate the execution of complex trading strategies that would not have previously been possible

Risks
- consciously or unconsciously to decisions for some individuals that were unfairly biased
- algo error or data used to parameterise the model could be wrong, leading to potential losses on each trade, rather than the expected profits.This is an issue when a large number of trades could be completed very quickly.
- algo may not operate properly in adverse conditions.
- In very turbulent conditions, trading in individual stocks, or even entire markets, may be suspended before an algorithmic trade can be completed.
- The main risk of algorithmic trading is the possible impact on the financial system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Uses and Sources of Data

A

Sources:
- Publicly Available Data
- published company accounts
- regulatory returns
- industry data
- national data
- international data

  • Internal Company Data
    Product providers need data relating to the individual risks that they provide cover for
  • External Sources
    • reinsurer data
    • industry wide data collection schemes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Industry Wide Data

A

Possible heterogeneity when using industry-wide data
Data supplied by different organisations may not be precisely comparable because:
- policies sold by different companies are not identical
- sales methods are not identical
- companies will have different practices, e.g. underwriting or claim settlement standards
- nature of the data stored by different companies will not always be the same
- the coding used for the risk factors may vary from organisation to organisation
- companies operate in different geographical or socio-economic sections of the market

Other issues include:
- data will usually be less detailed, or less flexible, than those available internally
- external data are often much more out of date than internal data
- data quality will depend on the quality of the data systems of all of its contributors
- not all organisations contribute, and the organisations that do contribute are not representative of the market as a whole.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Checks on Data

A
  • Check data validity through data recons
  • Check accounting records to verify data ( eg. verify loss ratio data against claims costs in expense statement )
  • Assertions on the data :
    • liability or asset exists on a given date
    • liability is held or an asset is owned on a given date
    • when an event is recorded, the time of the event and the associated income or expenditure are allocated to the correct accounting period
    • that data is complete, i.e. there are no unrecorded liabilities, assets or events It can be possible to overlook certain groups of members
  • appropriate value of an asset or liability has been recorded.

Other checks include:
- Checks should be made for any unusual values, such as impossible dates of birth, retirement ages or start dates
- Reconciliation of the total number of members / policies and changes in membership / policies, using previous data and movement data
- Random spot checks on data for individual members / policies or assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly