190 likes | 207 Views
Explore how regulators react to insurance companies using big data with AI, predictive tools, and more. Discuss underwriting, privacy, market impact, and consumer protections in this innovative landscape.
E N D
Consumer Protections, Regulator Reactions and Predictive Modeling 2019 ALIC Annual Meeting Mary Jo Hudson Squire Patton Boggs US LLP
Regulators and Big Data Insurance companies are exploring or using big data through technology that includes artificial intelligence, predictive modeling tools and machine learning components Insurance regulators have been exploring this technology use, how it impacts insurance companies and consumers through its Innovation and Technology Working Group Primary focus is on underwriting and privacy, with secondary focus on market impact
Regulators and Big Data Many regulators generally discuss support for insurance company innovation through technology Meeting consumer demand for accessibility though technology Revise underwriting methodology to avoid personal meetings and automate more of process Improve risk analysis for applications, existing business Understand improved capability for fraud detection, improved marketing opportunities and quicker resolution of claims NAIC committee work focuses on many areas of innovation and technology
Regulator Criticisms At the same time, regulators are consistently expressing: Strong criticism of “black box” rate filings and use of “big data” Concern regarding inability of companies to describe contents or operation of insurance scoring by models Concern regarding types of data used in addition to credit scores, and whether consumer data can be corrected Concerns on state ability to review complex predictive models and call from commissioners for NAIC staff review of models for states Concern regarding predictive models and potential for disparate impact based on protected classes
Existing Consumer Protections • Consumer protections – Product Development • State product-related laws • Application form standards and regulator review • Incontestability requirements after two years in absence of fraud – limits introduction of new data that could adversely impact coverage • State mortality tables • Limit categories of risk to consider in mortality determination • Developed by regulators and approved through NAIC • Consumer protections – Data use, Sales and Administration Practices • Fair Credit Reporting Act (FCRA) and related state laws • Applies to third party sources of consumer-specific data • Applies to insurance scores and use of credit reports • Requires notice of adverse action from insurer, opportunity for consumer to review file and provide comments or correcting information • State credit scoring models (based on NCOIL Credit Scoring Model) • Limits use of third party scoring models • May bump third party sourced data against application, but may not substitute
Existing Consumer Protections Credit Score Use Credit score use with traditional underwriting factors found to improve risk analysis in rate models Debates at NAIC concerning efficacy of using credit scores Repeated findings that credit scores had appropriate actuarial correlation to risk NAIC White Paper/Tillinghast (1997), FTC (2007), Federal Reserve (2007, 2010) NAIC debated periodically in late 1990’s, early 2000’s and mid-2000’s Primary focus has been on property and casualty insurance
Existing Consumer Protections NCOIL Credit Score Model Act (2002, 2005, 2009, 2015) - Adopted in numerous states via statute or regulation Applies only to property and casualty insurance Adopted in many states by statute or rule Broad definition of “insurance score” beyond just financial data Limits use of data based on income, gender, address, zip code, ethnicity, religion, marital status or nationality Requires use of other underwriting factors and prohibits reliance solely on credit score Prohibits use of credit score to underwrite in absence of other information Limits adverse action when consumer has experienced hardship such as divorce or job loss
Existing Consumer Protections • Consumer Protections – Application process through claims process • State unfair and deceptive practice laws and regulations • Application and advice process • Agent interaction with consumers • Company actions after policy is delivered through claims process • States monitor and enforce through consumer complaints and analysis of company-filed data • Regulatory enforcement and private rights of action, in some states • Federal and state non-discrimination laws • Definitions of protected classes (e.g., race, gender, religion, national origin, and in some cases, sexual orientation and gender identity) • Remedies for discrimination claims include administrative and judicial • Professional standards for actuaries • Actuaries subject to professional oversight through Actuarial Standards Board of American Academy of Actuaries • Actuarial memorandum for life and annuity products must be certified by actuary, so rates must be actuarially justified
Risk-Based Rate Models and Disparate Impact Concerns being raised by regulators regarding disparate impact in predictive models used for underwriting and rate models Troubling because disparate impact is not part of a risk-based rate analysis Arguments against model opposition of past decade plus regarding use of credit scores Discussions and pronouncements regarding predictive modeling focus on eliminating use of data that does not have a demonstrated causal link will result in move away from risk-based pricing Actuarial analysis relies on correlations and not causation Debate on credit scores clarified repeatedly that extensive correlation testing supported rate predicting effectiveness of credit score use Blurring terms and legal analysis regarding risk group discrimination (historic rate review) and protected class identification (state & federal anti-discrimination), and little discussion regarding actuarial science and testing available for models New York Circular 1 is prime example of regulatory concerns threatening risk-based pricing
NY DFS Circular 1 (2019) Circular 1 includes three primary dictates: Avoid any actual or implicit discrimination based on protected classes. An insurer should not use an external data source, algorithm or predictive model for underwriting or rating purposes unless the insurer can establish that the data source does not use and is not based in any way on race, color, creed, national origin, status as a victim of domestic violence, past lawful travel, or sexual orientation in any manner, or any other protected class. Avoid unfair discrimination. An insurer should also not use an external data source for underwriting or rating purposes unless the use of the external data source is not unfairly discriminatory and complies with all other requirements in the Insurance Law and Insurance Regulations Disclose specific sources of data. Where an insurer is using external data sources or predictive models, the reason or reasons for any declination, limitation, rate differential or other adverse underwriting decision provided to the Insured or potential insured should include details about all information upon which the insurer based such decision, including the specific source of the information upon which the Insurer based its adverse underwriting decision.
NY DFS Circular 1 (2019) Requires insurance company to do statistical analysis plus causality analysis on any internal or external data used in underwriting Calls for demonstration of “causality” beyond well-accepted actuarial practices using correlation studies Seeking a guarantee of no disparate impact, actual or implicit For first time, focus on review at rate model level rather than study of model use in market setting to identify any prohibited discrimination Confuses risk-based rate modeling analysis with market-based consumer protections Never specifically references FCRA protections
Predictive Model Development Actuarial standards inform rate model review through principles of “risk classification” Under current rate-filing guidelines, primary elements of life rate models are certified by actuaries Data science is new element to current predictive models No similar professional body or standards that are comparable to actuarial profession (AAA) Currently, no standard test or certification for disparate impact Can actuaries and data scientists fill void that is causing regulator concerns?
Data Privacy Protections • State and federal laws use different terms to describe personal information • Examples include: • Non-public information • Personally identifiable information • Personal financial information • Personal health information • The data points in the definitions vary tremendously. • Under some laws, some data points need to combined with another before they are considered personal data; however, recent legislation in some states, including California, has expanded the data points considered to be personal information and eliminated the "in combination with" requirement.
Data Privacy – Personal Information Definitions • Almost 80 data points are considered to be “personal information” under many state laws • Common data points include: • Personal and family information • General personal identifying information and numbers • Account-related information and credit scores • Medical information • Employment history • Geolocation • Newer definitions also include: • Biometric data • Website interaction • Browser and internet search history • Inferences forming a consumer preference profile • Voice prints
Data Privacy and Data Security • Variety of federal and state laws create a patchwork of protections • NAIC Models include • Insurance Information and Privacy Model (#670) - AZ, CA, CT, GA, IL, KS, ME, MA, MN, MT, NV, NJ, NC, OH, OR, VA, WI, WY • Privacy of Consumer Financial & Health Information Regulation (#672) - AL, AK, AZ, AR, CA, CO, CT, DE, D.C., FL, GA, HI, ID, IL, IN, IA, KS, KY, LA, ME, MD, MA, MI, MN, MS, MO, MT, NE, NV, NH, NJ (bulletin), NM, NY, NC, ND, OH, OK, OR, PA, RI, SC, SD, TN, TX, UT, VT, VA, WA, WV, WI, WY • Standards for Safeguarding Customer Information Model Regulation (#673) - AL, AK, AZ, AR, CA, CO, CT, DE, DC, FL, ID, IL, IA, KY, ME, MI, MN, MO, MT, NE, NH, NJ, NY, NC, ND, OK, OR, PA, RI, SC, UT, VT, VA, WV, WY • Insurance Data Security Model Law (#668) – OH, MI, MS, SC • New York Cyber Security Regulation - 11 N.Y. Comp. Codes. R. & Regs. tit. 23, Part 500 • California Consumer Privacy Act of 2018 – first comprehensive state law on collection and use of personal information
Centralized Authority via NAIC NAIC is discussing model review and “big data” in general, but not discussing in context of existing protections NAIC currently reviewing state confidentiality laws to determine if model filing information can be shared among states Regulators exploring plan to develop team at NAIC to review predictive model, with review based on standards developed by regulators via multistate committee Looking to develop library of models for reference by states Regulators are not discussing use of IIPRC or additional legislation to accomplish combined reviews
Sources Fair Credit Reporting Act, 15 USCA § 1681, et.seq. National Conference of Insurance Legislators, “Model Act Regarding Use of Credit Information in Personal Insurance”, www.ncoil.org New York DFS, Insurance Circular Letter No. 1 (Jan. 18, 2019) American Academy of Actuaries, “On Risk Classification – A Public Policy Monograph” (Nov. 2011) Actuarial Standards Board, Actuarial Standard of Practice No. 12 (December 2005) Connel, et. al., “Underwriting with New Data and Technology – A Credit Score Example”, CPCU eJournal (May 2012) Gudmundsen, “The history and Philosophy of CBIS”, NAIC CIPR Library Boyd, “Credit-Based Insurance Scores”, NAIC CIPR Library
Sources Federal Reserve Board, Divisions of Research & Statistics and Monetary Affairs, “Does Credit Scoring Produce a Disparate Impact?” (2010) Federal Trade Commission, “Big Data – A Tool for Inclusion or Exclusion? Understanding the Issues” (January 2016) Wu, et.al., “Does Credit Score Really Explain Insurance Losses? Multivariate Analysis from a Data Mining Point of View”, Casualty Actuarial Society Forum Miller, “Disparate Impact and Unfairly Discriminatory Insurance Rates” Casualty Actuarial Society E-Forum, Winter 2009
Questions Mary Jo Hudson Squire Patton Boggs US LLP mj.hudson@squirepb.com 614-365-2732 Sue T. Stead Squire Patton Boggs US LLP sue.stead@squirepb.com 614-365-2708 Elliot Golding Squire Patton Boggs US LLP elliot.golding@squirepb.com 202-457-6407 Keith Bradley Squire Patton Boggs US LLP keith.bradley@squirepb.com 303-894-6156