Who we are
We are the Institute and Faculty of Actuaries (IFoA) and our subsidiaries: Continuous Mortality Investigation (CMI) Limited, ICA 98 Limited, and Institute and Faculty Education (IFE) Limited. We are the chartered professional body dedicated to educating, developing and regulating actuaries based both in the United Kingdom and internationally
We are registered as Data Controllers with the Information Commissioners Office (ICO) in the United Kingdom:
The IFoA registration number: Z4899224
The CMI Registration number: ZA121735
Where we are based
We maintain offices in England, Scotland, China, Hong Kong and Singapore.
How you can contact us
For general enquiries, visit the contact us page.
For CMI specific enquiries: firstname.lastname@example.org
For enquiries about this notice or your information rights: our Data Protection Officer can be contacted by:
Telephone: +44 (0) 131 240 1311
Why we need to process your personal data
|Who you are:||Why we process your data:|
A member of the IFoA
|To facilitate your membership of the IFoA and to assist in the fulfilment of our role as a regulator|
|A member of another actuarial association undertaking IFoA examinations or applying for mutual recognition||To administer the setting of assessments or in considering applications for mutual recognition status|
|A prospective member of the IFoA or non-member wishing to sit IFoA examinations that are available to non-members||To process your application to join the IFoA. If you are sitting IFoA assessments independently as a non-member, we need to use your personal data in the course of setting assessments|
|A non-member attendee or speaker at an IFoA event||To administer your attendance at specific events|
|A non-member undertaking voluntary work for the IFoA||To support the administrative and communications activity required to manage volunteers|
|An organisational representative or contact under the IFoA Quality Assurance Scheme (QAS)||In the course of processing your organisation’s application for QAS status and any subsequent administration associated with the QAS|
An organisational representative or contact under the IFoA Designated Professional Body Scheme (DPB)
|In the course of your organisation’s application for DPB status and any subsequent administration associated with DPB|
|A customer or supplier of goods or services to the IFoA||To communicate with you, place or fulfil orders for goods or services and to send and receive payments|
|A job applicant||To assist with the administration of the recruitment and selection process|
|A member of IFoA staff or someone engaged in a paid role||For the day to day administration of your employment or engagement with us|
A user of the IFoA website
|To analyse site performance and, if you are a registered user, to provide account related functionality|
Where we get your personal data
Depending on our reasons for processing your data the sources of this data may be:
- your current and previous employer(s);
- other actuarial organisations;
- educational bodies;
- other regulators;
- employment agencies;
- credit reference agencies;
- your previous customers or suppliers;
- social media and the Internet;
- public records.
The lawful basis for processing your personal data
The IFoA only process personal data where there is a lawful basis for doing so. These are:
- legal obligation;
- vital interest;
- legitimate interest;
- public task.
In line with our role as a regulator we may also process personal data where there is a substantial public interest. This means we may process data without consent in order to protect the public from dishonesty, or in the investigation of malpractice, unlawful acts or improper conduct.
For more information please see our Personal Data Processing Policy
The types of personal data we process
Depending on our reasons for processing your data we may process your:
- contact details (i.e. name, previous name(s), current and previous postal addresses, work address, email addresses, phone number(s));
- marital status;
- education history and exam performance;
- employment history;
- professional interests;
- payments (to and from us);
- financial details;
- correspondence (to and from us);
- professional development;
- attendance at events;
- national insurance number or equivalent;
- passport / identity card number;
- health information;
- location of birth;
- criminal records;
- disciplinary records.
If you browse our website, we may capture and process:
- a unique machine-generated visitor ID;
- the date and time of your first visit, current visit, and total number of visits to the site;
- the number of pages visited;
- when your visit has ended;
- information about the traffic source (where you came from).
How we keep your data secure
Personal data received by the IFoA will be held in accordance with our information security standards. When we share data with third parties we ensure the required technical and organisational controls are in place to keep the data secure. When sharing personal data we use appropriate controls and safeguards. These will be specified in our individual Data Sharing agreements. Examples include only dealing with authorised individuals, adhering to internal policy controls and the use of secure file sharing portals and encryption.
When we share your personal data with third parties
We will share, where appropriate, your personal data with the following organisations:
- payment processors and our bank;
- exam centres holding exams on our behalf;
- organisations assisting with exam logistics such as marking platform providers, scanning services and plagiarism checking;
- the British Council;
- the times newspaper;
- other actuarial organisations;
- the electoral reform society;
- travel and accommodation booking service providers;
- credit reference agencies;
- employment agencies;
- your current and/or previous employer;
- courier delivery services;
- external legal advisors;
- third parties who supply the services that support the delivery of our publications, newsletters and electronic library services;
- if you're representing us in the UK or overseas and we are funding your travel, we may share personal data about you with travel services, hotels and selected third parties only to facilitate your travel and attendance;
- members and lay-members via involvement in our boards, committees, working parties, member interest groups and regional societies;
- members and lay-members acting in roles as principle examiners, exam supervisors, other exam personnel, exam counsellors, independent examiners, subject matter experts, and investigating actuaries;
- tracing services, in relation to compliance and disciplinary matters;
- Competent authorities - i.e. tribunals, courts, police forces, and other regulators such as the Financial Reporting Council (FRC), the Prudential Regulation Authority (PRA), the Pensions Regulator (tPR), or the Financial Conduct Authority (FCA).
Where we share your personal information with other regulators, this is part of our regulatory function, and extends to disclosures relating to disciplinary actions, as well as periodic auditing of our activity by competent authorities. In line with our rules and byelaws, we will not seek your consent for these disclosures.
Illustrative examples of data sharing with third parties:
|Category of third party recipient||Whose data||Examples of data sharing|
|Other IFoA members acting on behalf of the IFoA||IFoA members volunteering or applying for volunteer vacancies||To facilitate communication between working parties, committees or boards|
|Employers of actuaries||IFoA members||
|Other actuarial associations||
Members of other actuarial associations, applicants for the CERA mark
|Universities, colleges and educational providers||Prospective and current student members of the IFoA and other actuarial associations||
|Regulators and competent authorities||IFoA members||
|Organisations and individuals involved in the assessment and delivery of the examinations of the IFoA||Student members of the IFoA, non-member candidates and members of other actuarial organisations sitting IFoA examinations||
|Suppliers of member related services||IFoA members and non-members that have registered their interest in our qualifications or services||
|Publishers and digital content providers||IFoA members and non-member subscribers||
|Employment agencies||Job applicants||
|Members of the public making a complaint about an actuary||IFoA members||
We have separate terms and conditions for our social media channels covering issues around data sharing with channel owners, content and behaviour. You can read these here.
When we might transfer your information across borders
We avoid transferring your personal information to third countries wherever possible. Where it is not possible to avoid transferring, we include Standard Contract Clauses and other controls in our agreements with our suppliers to ensure appropriate safeguards are in place.
We will only routinely store or process personal data:
- within the European Economic Area (EEA); or
- within countries recognised by the European Commission (EC) as providing an adequate level of protection; or
- outside the EEA or countries recognised as adequate by the EC using standard contract clauses or similar contractual controls.
We will only routinely store personal data in the United States of America with service providers who have signed up to ‘Privacy Shield’, using standard contract clauses as additional protection.
As an international body, from time to time, in pursuance of our operational objectives and to facilitate the delivery of examination and member related services we may transfer personal data on a periodic basis across jurisdictions. When we do this we will ensure appropriate technical, organisational and contractual safeguards are in place.
How long we retain your personal data
We only retain personal data for as long as legally required or as long as required by the objects in our Royal Charter.
We securely dispose of personal data when the retention period has expired.
For more information please see our Records Retention and Disposal Policy
Copies of our Records Retention Schedule can be requested via our Data Protection Officer: email@example.com
When the use of your personal data is based on our legitimate interests
If we send you information based on our legitimate interests as a professional body such as professional newsletters, updates on our activity, Continuous Professional Development opportunities and notices of events you are able to opt out of receiving this at any time.
By Royal Charter, we are obliged to act in the public interest. Pursuant to our role as a regulator and the objects of our Charter you cannot opt-out of receiving certain types of regulatory and governance related information.
Your rights as a data subject
You have the right to:
- obtain a copy of any personal data we hold that is about you and not subject to any exemption in data protection law;
- correct any information we hold about you that is inaccurate or out of date;
- ensure we dispose of any personal data we hold about you (once all legal and regulatory record keeping requirements have expired);
- restrict the processing your personal data;
- object to us processing your personal data;
- erase your personal data, where we no longer have a lawful basis or valid operational reason for holding it;
- request we send all or some of the personal data we hold about you to another organisation.
For more information please see our Data Subject Rights Policy
If you wish to exercise any of your rights please contact the Data Protection Officer with your request: firstname.lastname@example.org
If you’re unhappy with how we have used your personal data
In the first instance, please contact our Data Protection Officer so that we can deal with your enquiry. If you are unhappy with how we deal with your concerns you have the right to make a complaint to a Supervisory Authority about how we process your personal data.
In the United Kingdom the Supervisory Authority is the Information Commissioner’s Office
We updated this notice on the 17th April 2019:
- We updated our list of categories of individuals whose data we collect to include representatives under the IFoA Designated Professional Body Scheme (DPB).
- We added more detail to our examples of data sharing with third parties to reflect our partnership with the British Council.
- We added a note to make the lawful bases for sharing disciplinary information about our members with other regulators clearer.
Filter or search events
This year's GIRO has been re-designed as a virtual conference to offer members and non-members the opportunity to get up to date content from leading experts in the general insurance field via online webinars. All sessions will be recorded and made available to purchase and re-watch post-event on the IFoA's GI Online Learning Resource area.
This year's Life Conference has been re-designed as a virtual conference to offer members and non-members the opportunity to get up to date content from leading experts in the life insurance field via online webinars. All sessions will be recorded and made available to purchase and re-watch post-event on the IFoA's website.
This webinar will provide an update on the emerging thinking around future regulation of DB schemes:
The webinar will discuss the challenges and opportunities schemes face in evaluating end game options, choosing a target state and understanding the impact this strategic decision could have on member outcomes long after the “end state” is reached. Adolfo, Kevin and Rhian bring over 60 years of experience in the industry and a variety of perspectives as scheme actuary, covenant adviser, trustee, de-risking adviser and insurer.
Retail banking is going through a period of substantial change as it moves into the digital age. Banks have large amounts of data about their customers and about their risks. Open data application programming interface (APIs) and data science are enabling banks to use their data to offer innovative and sometimes personalised services. Data science is also adding value in risk areas such as fraud detection and cyber security. At the same time, the move to online banking is making it easier for firms including fintechs to enter banking without having to establish branch networks.
Cash-flow driven investing is a game-changer for DB pension funds navigating their end-game. Suitable for sponsors who want to reduce risks on their balance sheets. And for trustees, it shifts the focus to providing greater certainty of returns, managing funding level volatility and ensuring they have enough income to pay cash-flow requirements.
Patrick Kennedy, Partner at Gateley Legal and Founding Director of Entrust (a leading professional pensions trustee company), will be delivering an update on the latest legal developments during the course of 2020. With both a pensions legal perspective and over 25 years of trustee service, Patrick will seek to highlight how the letter of the law has continued to evolve against the backdrop of a difficult and challenging year
The talk will provide an understanding of the priorities and relationships between deficit reduction contributions, in the context of wider scheme funding, and different types of value outflow from the employer based on the working party’s recently published report.
Covid-19 has required an urgent and cross-practice initiative to facilitate the extensive impact this pandemic has across all industries. IFoA members have been keen to contribute in a different way, so we developed the IFoA Covid-19 Action Taskforce [ICAT] to coordinate our effort, with a more efficient governance.
We have over 500 volunteers and countless topics which we have amalgamated into 93 workstreams.