When I read the introductory article on RGA’s website about their new data and analytics ethics framework, it felt like a lot of good boxes were being ticked. They seemed to understood both the rationale behind what they were doing, and the broad issues that needed addressing.
Yet when I clicked the “explore our framework” button to find out more, I felt like I needed to recheck that I’d clicked the right link. There was very little to explore. To say that the framework’s wording felt high level is a huge under-statement. It was made up of eleven broad statements. Sure, they are reasonable commitments to make, but in my opinion, they do not add up to a framework.
Doug Knowling, RGA’s Chief Data and Analytics Officer, does state in his article introducing the framework that what RGA wanted for the framework was a “…set of enterprise-wide guiding principles for data and analytics utilisation”. So yes, RGA got what it wanted, but is it reasonable to call it a framework? I don’t think so. And I won’t be the only one to see the ‘framework’ as a bit hollow.
So how did their framework come into being? RGA talk about “…launching a Data and Analytics Ethics Oversight Board” to develop and implement a framework. Details about the oversight board are not given, nor do they come up in internet searches. I suspect then that it was an internal group, especially given that reference to ‘implementing’. Oversight boards don’t usually get involved in implementation. The two need to be split in order for both to be effective.
Ingredients for a Good Framework
There will be a good number of insurers and reinsurers thinking about creating a data ethics framework of some kind at the moment. Indeed, I’m giving a talk on how to create them at a big UK insurance conference next week. Over the next few months, I’ll put reviews of date ethics frameworks I come across in the News section of the Ethics and Insurance website. It’s always useful when building a framework to have examples to illustrate the options.
Here therefore are five things about building a data ethics framework that those (re)insurers could consider.
1. Use principles to demonstrate commitment, but don’t then call them a framework. The two are quite different. Called it what it is – a statement of principles.
2. Use a framework is show the scope and depth of what you’re doing on data ethics, within the principles set for it. It’s that scope and depth that provides the credibility of your approach.
3. Be relatively open about who was responsible for drawing up the principles and the framework. The mix of opinions that the process draws upon is important.
4. The framework may become quite detailed, so you could consider producing a summarised version for public consumption, and leave that detailed version for internal use. However, that summarised version needs to signal at least three things:
- a realistic picture of the ethical risks encompassed by the framework;
- what the firm’s leadership is doing now and over time to support how the framework is achieving on its objectives;
- how the framework is being monitored and overseen.
5. Be clear about the value that having such a framework brings to the business, and how this has been translated into success criteria for it.
For the RGA framework, I would give them a half tick for points 1 and 5, crosses for 2 and 3, and a question mark for point 4.
If there’s a data ethics framework that you would like me to take a look at, get in touch.