Switching gears for Model Risk Management

Financial firms and regulators are shifting gears in the already well established Model Risk Management (MRM) discipline, and this increased demand is requiring more and more attention and resources of both the supervised banks and their supervisors. Recent examples of this increased demand and focus on MRM include:

• Bank of England 's PS6/23 MRM principles coming into effect in mid May 2024 pushing UK banks to get ready to have their models and MRM processes tested and scrutinized. These principles focus on:

• Principle 1 – Model identification and model risk classification

Firms have an established definition of a model that sets the scope for MRM, a model inventory, and a risk-based tiering approach to categorise models to help identify and manage model risk.

• Principle 2 – Governance

Firms have strong governance oversight with a board that promotes an MRM culture from the top through setting clear model risk appetite. The board approves the MRM policy and appoints an accountable individual to assume the responsibility to implement a sound MRM framework that will ensure effective MRM practices.

• Principle 3 – Model development, implementation and use

Firms have a robust model development process with standards for model design and implementation, model selection, and model performance measurement. Testing of data, model construct, assumptions, and model outcomes are performed regularly in order to identify, monitor, record, and remediate model limitations and weaknesses.

• Principle 4 – Independent model validation

Firms have a validation process that provides ongoing, independent, and effective challenge to model development and use. The individual or body within a firm responsible for the approval of a model ensures that validation recommendations for remediation or redevelopment are actioned so that models are suitable for their intended purpose.

• Principle 5 – Model risk mitigants

Firms have established policies and procedures for the use of model risk mitigants when models are under-performing, and have procedures for the independent review of post-model adjustments.

Furthermore BoE expects firms to establish processed for:

• identifying and managing the risks associated with the use of artificial intelligence (AI) in modelling techniques such as machine learning (ML) to the extent that it applies to the use of models more generally

• European Commission 'a EU AI ACT reacting to the increasing rollout of #AI models and the growing understanding of risks entailed with the improper configuration and usage of this technology. The AI Act is the first-ever legal framework on AI, which addresses the risks of AI and positions Europe to play a leading role globally.

• Hong Kong Monetary Authority (HKMA) reminding Authorized Institutions (AI, not to be confused with AI = Artificial Intelligence) participating in its 2023/24 Climate Risk Stress Testing exercise to be aware of the significant Model Risk potentially stemming from development and usage of new Climate Risk models. As a results, in their results submission the participating banks are required to assess model risk of these new models by assessing and measuring the impact that alternative modelling methodologies and assumptions have on the submitted results.

The examples above give us a clear indications of why leading banks invest in the latest technological capabilities. The latest Chartis Research report below explores the benefits that our best of breed model risk management capabilities at 赛仕软件 can deliver to firms in addressing challenges discussed above.

As firms increasingly upscale their MRM technological capabilities it is of the paramount importance to ensure that proper awareness and understanding of MRM is distributed across their organizations. At PRMIA - Professional Risk Managers' International Association we have been evangelizing the MRM discipline for years and regularly provide popular MRM training opportunities (see below) to financial institutions and regulators across the globe.

However, having the right skills and tools is not an automatic recipe for success. Firms need to make sure that they have also access to the latest MRM chef's expertise that can mix the right ingredients to deliver the optimal effective and efficient framework & processes. Some areas that deserve special attention in this context could include:

• Taking an interconnected approach to models
• Moving to continuous assessment of models.
• Using your MRM data in the right way – and understanding the risk factors.
• Using AI to govern AI.
• Connecting model and data governance systems.

These 5 ways of improving MRM are further explored by my esteemed colleagues Miles Elliott and David Asermely in their article below written for Global Association of Risk Professionals (GARP)

Over the coming years, we will see MRM transforming and entering next phase, we could call it MRM 2.0. For now, it’s clear that those banks having a more pro-active and strategic approach where they invest into building their technical capabilities and upscaling their resources, will have a clear advantage over those more reluctant and focusing on compliance-only approach requiring minimal effort but providing also minimal benefits in exploring the opportunities.