top of page

Registration is now open for our 40th Annual Conference! 

About Us
Data-Driven Solutions
Model Validation & MRM
Asset/Liability Management
  • Writer's pictureMark Haberland

Hot Topics in Model Risk Management & Validation

Now Is the Time to Do Our Homework on Deposits

Now is the time for institutions to focus on optimization.

Elevated financial and operational risks, an abundance of more complex tools and technology, greater difficulty trying to quantify various risks – institutions face a number of significant challenges when it comes to model risk management in the current environment. And the prospect of getting it wrong can bring meaningful consequences.

With all of this in mind, there’s never been a better time to fully understand the evolving focus on model risk management and validation, and to right-size and optimize these areas.

Heightened Regulatory Expectations

Regulators these days expect more from institutions when it comes to model risk management – the culmination of an evolution that can be traced back over the past decade.

2011: Emerging from the Great Recession, the OCC and Fed issue supervisory guidance on model risk management. This was predominantly principles-based and seen as a companion to DFAST/CCAR, focusing on banks over $10 billion.

2017: FDIC adopts supervisory guidance. Applicable to banks at or above $1 billion, as well as “complex” banks below this threshold.

2021 and 2022: The OCC issues the Comptroller’s Handbook on Model Risk Management and the FDIC issues an examiner manual for MRM. These documents provided more clarity on the expectations for banks and what examiners would look for in upcoming exams.

Throughout this timeline, regulators’ various updates and focus shifts were inspired by key drivers in institutional behavior and operations, including:

  • Growing financial and operation risks

  • The proliferation of more complex models and tools

  • An increased dependency on large quantities of internal and external data

  • The emergence and greater use of more advanced technology, such as artificial intelligence (AI) and machine learning (ML)

Institutions, then, need to be sure they address these increased regulatory expectations by:

  • Familiarizing themselves with the revised examiner expectations and updated instructions

  • Performing a formal gap assessment to determine where any deficiencies may lie

  • Educating key stakeholders throughout the organization

  • Developing and communicating a gameplan for moving forward

Right-Sizing the Model Risk Management Function

Ensuring that a model risk management function aligns with the size and complexity of an institution involves assessing the overall framework, managing the inventory of models and tools being used, setting the frequency and rigor of validations, and determining the proper levels of needed resources and skills.

Some of the key factors/components to consider in each of these areas include:

Functional model risk management framework

  • Define specific stakeholder roles

  • Set documentation and validation requirements

  • Address model performance issues and exception handling

Model and tool inventory management

  • Create a “model” versus “tool” identification process

  • Educate business lines and Risk Management partners on model definition

  • Build a model inventory and apply risk ratings based on qualitative or quantitative approach

Validation frequency and rigor

  • Tie schedule and depth to the risk-rating of the model

  • Ensure validation applies “Effective Challenge”

  • Require Ongoing Performance Monitoring and annual touch to ensure model continues to perform as intended

Optimizing a Model Risk Management Program

When it comes to optimizing a model risk management program, the path for each institution depends on a number of different factors, including: size/complexity, level of business risk, known model risk management weaknesses, examiner emphasis, and resource availability/budget.

Taking the above into account, every institution – regardless of size – should formalize its model risk management gameplan. Sometimes this involves changing the cultural mindset of your organization, particularly at the top.

Every institution must view model risk management as a vital piece of its enterprise risk management success and overall strategic performance. A sound MRM framework that is rightsized to your organization can provide tremendous benefits, beyond staying ahead of regulatory expectations.

Benefits of a Sound Model Risk Management Framework

  • Better Process: consistency in development, governance, and controls as well as effective challenge to all key models

  • Better Models: models that are conceptually sound and more reliable to all stakeholders

  • Better Strategic Insight: reliable outputs that increase confidence in results, leading to enhanced strategic discussions and improved performance of your organization

Now is the time to focus on making Model Risk Management a priority. In an ever-changing and extremely challenging environment – and with the impact of “getting it wrong” never being greater – you can’t afford to wait.


For more information about optimizing Model Risk Management at your institution, visit or contact Mark Haberland.



Mark Haberland has over 25 years providing balance sheet and model risk management education and consulting to the community and mid-size banking space. A frequent author and top-rated speaker on a wide array of risk management topics, he facilitates educational programs and workshops for numerous financial institutions, industry and state trade associations, and regulatory agencies. He is also a member of the Financial Managers Society’s Finance Council.

Contact Mark Haberland at to learn more.


© 2022 Darling Consulting Group, Inc.


DCG Insights

Stay up to date on the latest from DCG

bottom of page