Annex B (Smart Campaign Digital Credit Standards)


            Draft Indicators on Algorithms & Data-Driven, Automated Decisions
            CPP 2: Prevention of Overindebtedness
            Indicator 2�1�3�0
            If the repayment capacity analysis is automated (e.g., through the use of an algorithm), the effectiveness of the
            system in predicting the client repayment capacity is reviewed by a unit of the organization independent from
            the algorithm development team (e.g. internal audit, senior management, or other department). The review
            provides recommendations to improve the algorithm outcomes that are promptly implemented.
            Indicator 2�1�5�0
            Underwriting data and analysis is refreshed at each loan cycle to identify changes in the client’s situation.
            Indicator 2�1�10�0
            The provider has a rigorous internal control process to verify the uniform application of policies and procedures
            around credit underwriting. This applies both to cases where staff is involved or when the process is automated.
            Indicator 2�1�10�1
            The rationale for an algorithm is documented including the factors/types of variables used and justification
            for relying on those factors. An independent unit within the organization periodically reviews alignment and
            compliance between rationale, the algorithm, and its outputs. There is documented evidence of tests run and
            corrective actions taken.
            CPP 5: Fair and Respectful Treatment
            Indicator 5�2�1�0
            Protected Categories include ethnicity, gender, age, disability, political affiliation, sexual orientation, caste, and
            religion.
            Indicator 5�2�3�0
            Algorithms are designed to reduce the risk of client discrimination based on Protected Categories.
            Indicator 5�2�3�1
            After an initial learning phase provider conducts analysis on connections between non-discriminatory variables
            and discriminatory variables in order to check for unintentional bias in automated credit decisions.
            Indicator 5�2�3�2
            If the provider outsources the algorithm development, the provider must require the same standards of the
            indicator above be met by the third party. The provider has access to the following information from the third
            party: algorithm features and documentation, material of training provided to the team, and documents track-
            ing testing history including date, description, outcome, discrimination items identified, corrective action taken.
            CPP 6: Data Privacy, Security, and Integrity
            Indicator 6�1�1�0
            Policies and processes are in place and kept updated to maintain the confidentiality, security, and accuracy of
            clients' personal, transactional, and financial information. The policies and processes address the gathering, use,
            distribution, and retention of data.
            Indicator 6�1�1�1
            The provider has asessed and documented the personal information it needs from clients in order to deliver the
            service (e.g. identity, transactions etc). The personal data collected, the personal data shared, and the period of
            time during which personal data is stored are minimized and directly justified by operations needed to provide
            the service or by law. The assessment identified data privacy risks to consumers during collection, processing,
            storage, and transfer of personal data.

















                                                             Big data, machine learning, consumer protection and privacy  45