Now is the time for institutions to focus on optimization.
Elevated financial and operational risks, an abundance of more complex tools and technology, greater difficulty trying to quantify various risks – institutions face a number of significant challenges when it comes to model risk management in the current environment. And the prospect of getting it wrong can bring meaningful consequences.
With all of this in mind, there’s never been a better time to fully understand the evolving focus on model risk management and validation, and to right-size and optimize these areas.
Heightened Regulatory Expectations
Regulators these days expect more from institutions when it comes to model risk management – the culmination of an evolution that can be traced back over the past decade.
2011: Emerging from the Great Recession, the OCC and Fed issue supervisory guidance on model risk management. This was predominantly principles-based and seen as a companion to DFAST/CCAR, focusing on banks over $10 billion.
2017: FDIC adopts supervisory guidance. Applicable to banks at or above $1 billion, as well as “complex” banks below this threshold.
2021 and 2022: The OCC issues the Comptroller’s Handbook on Model Risk Management and the FDIC issues an examiner manual for MRM. These documents provided more clarity on the expectations for banks and what examiners would look for in upcoming exams.
Throughout this timeline, regulators’ various updates and focus shifts were inspired by key drivers in institutional behavior and operations, including:
Growing financial and operation risks
The proliferation of more complex models and tools
An increased dependency on large quantities of internal and external data
The emergence and greater use of more advanced technology, such as artificial intelligence (AI) and machine learning (ML)
Institutions, then, need to be sure they address these increased regulatory expectations by:
Familiarizing themselves with the revised examiner expectations and updated instructions
Performing a formal gap assessment to determine where any deficiencies may lie
Educating key stakeholders throughout the organization
Developing and communicating a gameplan for moving forward
Right-Sizing the Model Risk Management Function
Ensuring that a model risk management function aligns with the size and complexity of an institution involves assessing the overall framework, managing the inventory of models and tools being used, setting the frequency and rigor of validations, and determining the proper levels of needed resources and skills.
Some of the key factors/components to consider in each of these areas include:
Functional model risk management framework
Define specific stakeholder roles
Set documentation and validation requirements
Address model performance issues and exception handling
Model and tool inventory management
Create a “model” versus “tool” identification process
Educate business lines and Risk Management partners on model definition
Build a model inventory and apply risk ratings based on qualitative or quantitative approach
Validation frequency and rigor
Tie schedule and depth to the risk-rating of the model
Ensure validation applies “Effective Challenge”
Require Ongoing Performance Monitoring and annual touch to ensure model continues to perform as intended
Optimizing a Model Risk Management Program
When it comes to optimizing a model risk management program, the path for each institution depends on a number of different factors, including: size/complexity, level of business risk, known model risk management weaknesses, examiner emphasis, and resource availability/budget.
Taking the above into account, every institution – regardless of size – should formalize its model risk management gameplan. Sometimes this involves changing the cultural mindset of your organization, particularly at the top.
Every institution must view model risk management as a vital piece of its enterprise risk management success and overall strategic performance. A sound MRM framework that is rightsized to your organization can provide tremendous benefits, beyond staying ahead of regulatory expectations.
Benefits of a Sound Model Risk Management Framework
Better Process: consistency in development, governance, and controls as well as effective challenge to all key models
Better Models: models that are conceptually sound and more reliable to all stakeholders
Better Strategic Insight: reliable outputs that increase confidence in results, leading to enhanced strategic discussions and improved performance of your organization
Now is the time to focus on making Model Risk Management a priority. In an ever-changing and extremely challenging environment – and with the impact of “getting it wrong” never being greater – you can’t afford to wait.
ABOUT THE AUTHOR
Mark Haberland has over 25 years providing balance sheet and model risk management education and consulting to the community and mid-size banking space. A frequent author and top-rated speaker on a wide array of risk management topics, he facilitates educational programs and workshops for numerous financial institutions, industry and state trade associations, and regulatory agencies. He is also a member of the Financial Managers Society’s Finance Council.
Contact Mark Haberland at firstname.lastname@example.org to learn more.
© 2022 Darling Consulting Group, Inc.