One of the main reasons for the last financial crisis was that some of the analytical models used to estimate risk were incorrectly built and used. Resulting regulations on the US market including the Dodd-Frank Act and the Comprehensive Capital Analysis and Review (CCAR) therefore require the use of an appropriate approach to managing analytical models that support risk management.
As the use of models continues to expand, organisations need a thorough understanding of why each model exists. They need to use models appropriately and regularly monitor their quality. It is essential to limit the potential risk associated with the use of models because this affects business decisions and, therefore, efficiency. Requirements related to independence in the construction, review and validation of models force the use of IT solutions to support the model life cycle, including preparation, cyclical validation and monitoring, and withdrawal from production. This requires something of a change in thinking.
The ubiquity of models
Analytical models support the most important business management decisions in every enterprise, especially in modern banks and financial institutions. Models are a key part of the decision-making process and help organisations to meet both regulatory standards and internal requirements.
In a bank, for example, a number of models support the capital estimating process in line with the Internal Rating Based approach. These include models for estimating indicators in accordance with the Basel requirements, such as probability of default, loss given default, and credit conversion factor models. Advanced Measurement Approach models calculate capital to cover operational risk. Scoring models assess credit risk. We also have anti-fraud models, rating models and debt collection models, as well as models to support marketing campaigns.
Modern high-performance technology has reduced the time required to prepare and implement models to a minimum. Institutions are therefore using more and more models, including to estimate parameters in real time. As bank clients, we do not really see these models, but we actually deal with them surprisingly often. We might, for example, receive a tailored offer of a new banking product when we visit an ATM or online banking portal or be offered a larger credit limit. These offers are based on scoring performed in milliseconds using analytical models.
Changing model management processes
Until now, organisations only meticulously described, documented, periodically validated and monitored the most important analytical models on a regular basis. Information about other models, including the assumptions that underpinned them, and their owners, was usually known only to their creators. The dynamics of today's business environment meant that organisations quickly forgot these details.
This now needs to change. Organisations require comprehensive documentation for all analytical models, along with full support for life cycle information analysis. What’s more, this should be available across all business areas that are using these models and for all those interested both within and beyond the organisation.
Join us at our Risk Management Day in Istanbul on 14th March to explore market best-practices in risk management, hear and deepen your knowledge on the most successful business-cases and enlarge network of risk professionals.
There are also other players involved. We have seen increased vigilance and activity from regulatory institutions since the financial crisis. Emerging new recommendations and regulations have one specific goal: to prevent any future financial crises and particularly their consequences. In 2016, for example, the financial market in Poland was told about the Recommendation W project. Issued by the Polish Supervisory Authority, this guideline concerned good practice for model risk management in banks.
The recommendation clearly showed that model risk management has become crucial and that the Authority will continue to focus on it. It made explicit that model estimates have a huge impact on banks, from the quality of assets to financial results. It also stated that banks used a range of different standards to assess and manage risk, between both banks and organisational units in individual institutions.
The regulator, therefore, made clear that it planned to define clear supervisory expectations on model risk management. In the future, this will require a more comprehensive approach. This is one issue that is not going away.