What data is required for compliance?

 

Compliance requires both internal and external data. In the latter case, data is usually sourced from content providers, aggregators and so on, raising the question of whether dataset X is better than dataset Y. After a previous discussion of qualitative aspects, we are taking a closer look at quantitative aspects in this expert article. When making these kinds of judgments, we often fall victim to logical fallacies.

Let’s imagine that those responsible for compliance are primarily using dataset X, drawing on dataset Y for additional queries. Dataset X will usually be imported into an application for standard checks, while Y can be retrieved online if necessary. If the compliance representatives find what they’re looking for in X, they don’t see any reason to search in Y, and won't notice if what they found in X is in fact missing from Y. However, if they don't find anything in X, they will search in Y as well and may end up finding results. To conclude from this that Y is better because more results can be found there is a common logical fallacy. The Venn diagram below shows a first example in which X and Y are equally good and a second example where X is better, even if more results can sometimes be found in Y. The above conclusion is therefore logically incorrect. If the compliance representatives instead used dataset Y for the standard checks and X for online inquiries if nothing was found in Y, they would come to the opposite conclusion.

 

Darstellung KeyMessageSpider

We therefore need to turn to psychology. It has been proven that our capacity for memory is not uniform. Compliance specialists are more likely to remember the first and last search result than all of the results in between. According to Murdock (1962), these tendencies are known as “primacy” and “recency” in psychology. It’s therefore not surprising that a logical process of inquiry comes to different conclusions than an individual’s subjective evaluation.

A second psychological aspect involves the emotions. The more emotional the situation, the better it is remembered. A positive or negative experience in an emotionally charged situation – for example, when a compliance officer makes an inquiry under pressure – makes a stronger impact on the memory than in a normal situation, as evidenced by Murphy & Isaacowitz (2008). We therefore shouldn't draw hasty conclusions while under pressure.

A third phenomenon involves user feedback on applications. It’s well-known that dissatisfied users are more likely to leave feedback than satisfied ones. When user numbers rise, this can lead to false impressions. Let’s assume that most users are very happy and only 4% leave negative comments. If the application is improved and only 2% now complain, things can look very different in absolute numbers. For example, if usage rises tenfold, there will be five times as many complaints. However, it would be incorrect to conclude from this that dissatisfaction has increased – the opposite is in fact that case.

 

Complete Revision of the Federal Data Protection Act

The complete revision's draft of the Federal Data Protection Act is currently in political consultation. Data Protection is to be increased by giving people more control over their private data as well as reinforcing transparancy regarding the handling of confidential data.

Links: draft, report

Eurospider Information Technology AG
Schaffhauserstrasse 18
8006 Zürich