How Privacy-Compliant Customer Data Management Shapes ESG Ratings: The TWIPLA Interview with Carlos Andrés Gómez Piedrahita

Improving ESG scores is a powerful motivation behind the growing adoption of privacy-first practices. With ESG now essential for insurers, TWIPLA’s Jorge Cuevas sat down with Carlos Andrés Gómez Piedrahita to discuss transparent customer data collection, emerging technologies, and ESG analytics best practices that uphold data rights.

Framing the Conversation

In the insurance industry, customer data plays a vital role in shaping the Environmental, Social, and Governance (ESG) strategies of companies. Historically, insurers have engaged in ESG-related activities, though often in response to external pressures rather than through a comprehensive, strategic approach. Today, ESG criteria are integral to insurers' core functions, especially as they seek to align with global sustainability goals such as the United Nations Millennium Goals. Insurers are key players in economic and social support through risk assumption and capital investment, which makes the integration of ESG principles especially critical for this industry.

As customers increasingly demand sustainable products and expect insurers to address climate change and social responsibility, the need to balance data collection and privacy concerns becomes more pressing. Insurers must not only gather sufficient data to meet ESG reporting requirements, but also ensure that their data practices align with privacy regulations and transparency expectations. The implementation of new standards like IFRS S1 and IFRS S2 (International Financial Reporting Standards) further underscores the importance of properly managing customer data within an ESG framework. This makes it crucial to answer the following questions on how insurers can manage data responsibly while upholding ESG compliance.

Jorge: How can insurers balance the need for customer data with privacy concerns while ensuring transparency in their ESG efforts?

Carlos: The need for customer data in insurance is closely tied to evaluating risk, particularly in areas like climate risk and sustainability-related metrics. With the integration of ESG, insurers must align their data collection practices with regulations while maintaining customer trust. Historically, the insurance sector has worked on ESG initiatives such as diversity and inclusion internally, but data privacy concerns are becoming more prominent as sustainability reporting demands increase.?

According to IFRS S1, insurers must focus on governance and strategy in their risk management systems, ensuring that the data collected is material to sustainability efforts and does not compromise individual privacy.

To achieve this balance, insurers can adopt transparent data practices, clearly communicating how customer data is used in ESG reporting. By complying with regulations such as GDPR (General Data Protection Regulation) or CCPA (California Consumer Privacy Act), insurers can foster a sense of trust while also demonstrating accountability in their ESG disclosures.?

Moreover, the corporate social responsibility pillar of ESG emphasizes the external social impacts, which include transparent communication of how sustainability-related data is collected and used.

Jorge: What technological tools can insurers adopt to enhance the ethical use of customer data in their ESG analytics while ensuring compliance with regulations?

Carlos: The evolution of ESG frameworks has encouraged the adoption of new technological tools that can enhance both ethical data use and compliance with privacy regulations. Technologies like Privacy-Enhancing Technologies (PETs) allow insurers to collect and analyze customer data without compromising personal privacy. For instance, tools such as data anonymization and differential privacy ensure that insurers can aggregate data for ESG reporting, such as climate risks and environmental impacts, without exposing sensitive customer information.

The IFRS S2 standard, which focuses on climate-related risks and opportunities, also emphasizes the need to accurately report on GHG (greenhouse gas) emissions across Scope 1, 2, and 3, necessitating the use of advanced analytics and AI-driven compliance tools. These tools ensure that insurers are both ethically managing customer data and complying with standards like GRI (Global Reporting Initiative). Additionally, blockchain technology can be employed to track how data is used and ensure transparency in how ESG metrics are managed.

Jorge: How can insurers leverage advanced analytics to derive insights from customer data without compromising individual privacy rights?

Carlos: Advanced analytics are a powerful tool for insurers to gain insights from customer data, especially in the context of ESG reporting. By utilizing techniques such as machine learning and artificial intelligence (AI), insurers can derive key insights about environmental risks, customer behavior, and sustainability without exposing personal data. According to IFRS S1, only reasonable and supportable information should be used, ensuring that data collection is limited to what is necessary for assessing sustainability-related risks.

To protect privacy, insurers can implement techniques like federated learning, where data models are trained locally, preventing the need to centralize sensitive information. Another method is the use of synthetic data, which mimics real customer data but protects individual privacy. The governance pillar of ESG further highlights the importance of maintaining strong internal controls and ensuring that all data-related processes are compliant with both privacy laws and ESG standards. By applying these technologies, insurers can remain competitive in ESG reporting while safeguarding customer privacy.

About Carlos Andrés Gómez Piedrahita

Carlos Andrés Gómez Piedrahita is a seasoned insurance professional based in Antioquia, Colombia, currently serving as the Underwriting Manager at SURA Seguros. With a strong background in building high-performance teams, Carlos excels in strategic planning, negotiation, and decision-making, particularly in Risk Management, including reinsurance, insurance, underwriting, and ESG-related risks. His expertise spans commercial, sales, and management roles, with a passion for Insurtech, Data Science, and emerging technologies like Machine Learning and AI.