Financial institutions are ramping up their use of models for decision-making, product development, as well as portfolio management. In response, senior management, regulators and auditors are doubling down on their scrutiny of regulated businesses. The end game for everyone is Model Risk Management (MRM), to secure all the value of using models, while mitigating the risks they can pose.

The change from widespread ‘model validation’ approach, to the far more structured MRM approach means continuing to ensure that model assumptions and data are still accurate, and that the formulae and calculations are also correct for example. MRM extends this to cover areas like attestation and review, regular reporting and full auditability, through to model governance in order to reduce risk.

As with any new developments, confusion abounds. There is little clarity amongst institutions on how they should approach MRM. With auditors and regulators offering no precise guidance on what they actually want to see, institutions are unsure of how they should deal with MRM – what methodology they should adopt? Should they consider adapting existing model management processes? Are new skills required in-house for this function? And perhaps the most worrying of them all, do they need to build an entirely new system!

The reality is that none of these issues really matter. These issues are important, but there no single, prescriptive approach to MRM. Regulators want to see that institutions are taking concerted, proactive steps towards MRM so that risk to their business in minimized. They too recognize the challenges of implementing the vast number of regulations that organizations are having to contend with. Also, as regulations evolve, so will the approach to MRM.

A shift towards a more formalized Model Risk Management framework doesn’t need to be stressful. Often all that is required is an understanding of what models exist, how they are interlinked across the model ecosystem and how they are currently managed. The findings of this analysis can then be the basis for a long-term, easily evolving strategy for MRM.

To this end, utilizing simple templates for risk categorization, model ownership, data sources, review, approval and change management processes helps. It’s not rocket science; it’s merely getting the basics right and the rest will follow.

To learn more about you can approach MRM, read our guide

Prev Next

Related Content:

Get In Touch

Let's talk about how you can control your Shadow IT.