FCA Says Big Data Use by Insurers Generally Working Fine—Data Protection Concerns Flagged


The UK’s financial services regulator, the Financial Conduct Authority (FCA), has recently published summaries of the responses it received to a Call for Inputs (CfI) on the use of big data in the retail general insurance (GI) sector as well as outlining its responses to the issues raised. Insurance companies, which are increasingly using big data (gleaned from social media, loyalty cards, aggregator sites and other such sources) to determine risk profiles and set premiums, can rest a little easier given that the FCA says that it has decided not to undertake a full market study or make a reference to the Competition and Markets Authority.

However, the European Commission is still expected to press on with a call for information on big data this year, as part of its digital single market consultations, and both the French and German competition authorities are expected to launch investigations of the impacts of big data for competition in the next few months.

To recap, in November last year, the FCA published a CfI intended to help it gain a better understanding of how retail GI firms are using data and analytics, and the potential impact on consumer outcomes and competition in the market, with a focus on private motor and home (buildings and contents) insurance. The FCA received 27 written responses and held meetings with a wide selection of stakeholders, trade bodies and consumer groups. It also analysed data from two price comparison websites and surveyed a selection of brokers which specialise in consumers with non-standard risk.

The FCA is of the view that retail general insurance firms’ use of big data is broadly working well. Accordingly, the FCA is not going to launch an in-depth market study. The FCA found consumers benefits from things such as reduced form filling, more streamlined sales and claims processes and personalisation of products. It also found that the growing use of data is not currently limiting effective competition in the motor and home insurance sectors; however the FCA says that this is something which may change in the future.

The FCA highlights three main concerns however:

  • the impact of big data on data protection;
  • risk segmentation (i.e., withholding insurance from higher-risk customers); and
  • pricing practices. For further reading in this area, the FCA also published as a companion report, an Occasional Paper on price discrimination and cross-subsidy in financial services, which is intended to ensure that insurers and their advisers have a common understanding of the FCA’s approach to these pricing practices.

Whilst social media is increasingly used by insurers to verify whether claims are fraudulent, data protection concerns include firms ensuring that they always obtain an informed consent prior to processing an individual’s data—no one who signs onto Facebook, Instagram or Twitter expects their data (photos, posts or tweets) to be used in this way by insurers. There is also the question as to whether it is fair to use data points that a consumer has no control over, such as the use of genetics in health insurance, in return for lower premiums. Such data can be compared to data which the consumer can control and consent to, such as data regarding their driving behaviours collected via an electronic box which they have agreed to have installed in their car, or via a mobile app which the consumer has enabled.

With this in mind, the FCA and the ICO will co-host a round table with relevant stakeholders to discuss the increased use of data sources and related risks to data protection. The FCA also plans to remind firms of their responsibilities to ensure that their use of data is in line with data protection laws and the ICO’s guidelines.