Growing Risk Tech Capabilities Places a Stronger Emphasis on Robust Data Governance

By Reid Colson, Chief Data & Analytics Officer, Markel

Reid Colson, Chief Data & Analytics Officer, Markel

The amount of data available today for managing risk is expanding exponentially, while at the same time, the regulatory and ethical bar on using data continues to rise. Nearly every conference on data or analytics has a speaker that quotes the fact that 90 percent of the data in the world was created in the last two years. At the same time, the cost to store and process the data has dramatically decreased. As these costs decrease, our ability to process the data, find patterns, and apply sophisticated techniques like machine learning advances at an ever-increasing pace.

These converging trends give companies the ability to know more about their customers, competitors, and employees than ever before. Data is creating so much value that it is being considered by many as “the new oil.” A number of the top-valued public firms derive a significant portion of their revenue and market cap from the ways they monetize the data they collect. As a result, companies are focusing significant time, effort, and creativity to improve how they collect and monetize data.

We’re beginning to see examples where the increasingly creative use of personal data is going beyond what might be considered reasonable. A highly publicized example is Cambridge Analytica, who harvested the personal data of roughly 87 million individuals to build a system to profile and target individual US voters with personalized content. In other cases, the misuse is not intentional. Artificial intelligence systems “learn” based on the data at hand. A case in point is the example where AI is being trained to parse resumes using your existing employee base as cases of good outcomes. If your employee base is biased in any way, your AI system will pick up on this bias and perpetuate it.

This rise in data misuse places increasing emphasis on strong data governance, but our teams are overwhelmed, and the tools to solve these challenges have not evolved as fast as our ability to create, store, and analyze data. We need help from the entire organization manage these risks and not just rely on our IT, legal, security, data governance, and data science teams to do it.

A good place to start is to minimize the possibility of projects going beyond a reasonable use of data. To do this, a company should develop a set of principles around privacy and ethics that applies to each data and analytics use case. A simple model would be to ask if the outcome of the project would be 1) better for the customer, 2) better for employees and other company stakeholders, 3) something the company would be proud of being publicly known. If any of these is a no, you probably want to take a harder look at the case and the data in use.

Eliminating unintentional bias in your risk models may be a bit more challenging. By the very nature of managing risk, you may be creating biased data sets. Consider the case of a bank screening a credit card applicant. They have the potential for bias in their data from many parts of that process. First, they may not market their product to every part of the population equally. It may lead to some bias in their applicants. Secondarily, they likely do not approve of every applicant. Many applicants need to demonstrate the financial means to repay their debts. Each step of the process that serves to filter out risk has the potential to create individual bias.

Many groups are now starting to look at the potential for bias in AI systems, and they openly share resources that companies can use to minimize the potential for bias in their models. Examples include a process review of the flow of your data. Look for places where the data you capture is segmented, filtered, or targeted. Investigate whether these steps create an unintentional bias in the data you capture. Profile your data and check to see if the data excludes portions of the general population, and see if there are ways to make it more inclusive. The goal is to ensure that your models use a representative data set for the problem you are modeling.

A best practice is to monitor the performance of your risk models using real world data to check for simple biases. Develop a list of simple questions you can research in the model output to check for potential bias that might impair either the equality of opportunity or the equality of outcome. These are hard, but you can use questions such as, “Do your models predict that people with longer names are more likely to default?” If the model does, you should determine why as it may be an indication of bias.

A final step is to join and follow organizations forming around AI trends, best practices, and emerging ethical frameworks. They are places to stay in touch with the latest thinking on the theoretical and practical implications of AI. Al is here to stay – the challenge is to find ways to deploy it effectively and ethically.

Read Also

Customer-Centric Solutions: The Need of the Hour

Customer-Centric Solutions: The Need of the Hour

Steve Messina, Sr. Vice President Insurance Operations, Bankers Insurance Group
Three Steps to Reducing Cyber Risk in Your Organization

Three Steps to Reducing Cyber Risk in Your Organization

Pete Schwanke, Chief Risk Officer, Westfield Insurance

Weekly Brief