SUPERVISORY EXPECTATIONS FOR MODEL RISK MANAGEMENT Paul - - PowerPoint PPT Presentation

supervisory expectations for model risk management paul
SMART_READER_LITE
LIVE PREVIEW

SUPERVISORY EXPECTATIONS FOR MODEL RISK MANAGEMENT Paul - - PowerPoint PPT Presentation

Aug 29, 2022 23 likes •129 views

SUPERVISORY EXPECTATIONS FOR MODEL RISK MANAGEMENT Paul Sternhagen, Director, Federal Reserve Bank of San Francisco Moodys Analytics Risk Practitioner Conference October 2013 Purpose/Background 2 In 2011, OCC & Federal Reserve

slide-1
SLIDE 1

SUPERVISORY EXPECTATIONS FOR MODEL RISK MANAGEMENT

Paul Sternhagen, Director, Federal Reserve Bank of San Francisco Moody’s Analytics Risk Practitioner Conference October 2013

slide-2
SLIDE 2

Purpose/Background

2

 In 2011, OCC & Federal Reserve issued Model Risk

Management Guidance (MRMG)

 Focused on all aspects of model risk management

  • Model validation at the core, but underscores that other aspects

are also important

  • Supported by developers/users, controls/compliance

 Rationale and context

  • Principle-based, applies to variety of model uses: Credit, Market,

Compliance

  • Discusses key features/practices supervisors have observed
  • Benefited from review of bank policies & practices
  • Consistent with principles applied during bank examinations
  • Includes industry and supervisory developments (Basel II, stress

testing)

 Guidance outlines a “framework” for banks and supervisors to

evaluate model risk management

slide-3
SLIDE 3

Key Sections of MRMG

3

OCC Bulletin 2011–12 Federal Reserve SR Letter 11-7

I.

Introduction

II.

Purpose and Scope

III.

Overview of Model Risk Management

IV.

Model Development, Implementation, and Use

V.

Model Validation

VI.

Governance, Policies, and Controls

VII.

Conclusion

 Highlights three key areas of responsibility

  • Developers, users, owners
  • Staff conducting validation activities
  • Control groups and internal audit

 FDIC supports content of MRMG and also expects firms to have

sound MRM practices

slide-4
SLIDE 4

Overview – Some Definitions

4

 What do you mean by “model”?

  • Produces quantitative estimate (of an uncertain value)
  • Three components: Input, processing, reporting
  • Inevitably, intentionally simplified representations of the real world

 What do you mean by “model risk”?

  • Potential adverse consequences from decisions based on models that

are incorrect or misused

  • Includes financial loss, poor decisions, damage to reputation

 Sources of model risk?

  • Model flaws: Errors in model components
  • Model misuse: Comes from not understanding model limitations and/or

applying existing model to new products, markets, behaviors

 Role of “independence”?

  • Validation involves a degree of independence from development & use
  • Can be supported by independent reporting lines but other ways to do

this

  • Simply having independence on the org chart does not suffice
slide-5
SLIDE 5

Overview – Some Principles

5

 Apply familiar risk management techniques

  • Identify the source of risk
  • Assess the magnitude of the risk (quantifying where possible)
  • Manage the risk: Mitigate, control, limit, monitor
  • Materiality plays an important role

 Effective challenge

  • Critical analysis by objective, informed parties who can identify model

limitations and assumptions and produce appropriate changes

  • Incentives: Separation from development; also affected by compensation

practices, performance evaluation criteria, corporate culture

  • Competence: Technical knowledge to formulate critique and institutional

knowledge of line of business

  • Influence: Ensure appropriate actions are taken

 Model risk cannot be eliminated so must be managed

  • Limits on model use, monitor model performance and usage
  • Adjust models over time, supplement with other analysis and information
  • Important to manage both individual and aggregate model risk
slide-6
SLIDE 6

Overview – Role of Governance

6

 Strong involvement of board & senior management

  • Having good models is not enough
  • There needs to be proper oversight, including over use of model
  • utput

 Policies and procedures that are comprehensive & current  Roles and responsibilities

  • Ownership
  • Controls
  • Compliance

 Internal audit

  • Assess overall effectiveness of model risk management framework
  • Verify compliance with policy by owners and control staff
  • Model inventory, timely validation work, model limits, systems

 Importance of documentation – required for credible validation

slide-7
SLIDE 7

Observations on MRMG Implementation

7

 Guidance has been in effect for two years

  • Supervisors have been working with firms on guidance

implementation, responding to questions individually and collectively

  • Supervisors recognize that putting in place a sound MRM framework

takes time & effort – looking for progress and improving trends

  • Some identified areas of progress, but also continuing challenges

 General observations

  • Most firms have responded favorably to MRMG, recognizing that it

contributes to overall good risk management

  • Many firms recognize that MRM is not a quick “fix” and that it takes

time, energy & resources to get things right

  • Not just smaller firms that are facing issues with implementing MRM
  • Most firms “have a plan” to reach MRM steady state, but not there yet
slide-8
SLIDE 8

MRM for Stress Tests

 Given the limited empirical data to develop and support

stress testing models, the focus of validation activities is slightly different than what is observed for models calibrated to baseline economic conditions

 Key model validation elements such as conceptual soundness,

sensitivity analysis, and benchmarking become more important considerations to effectively challenge the relative impact of the model outcome and evidence acceptable model performance

 Ongoing monitoring of the model is also key, as economic

conditions evolve to previously unobserved environments for which the models have not been employed

 Backtesting, a key tool in many validations, becomes more

difficult to complete effectively, given the limited relevant data

  • Evaluating the expert judgment employed can assume heightened

importance during effective challenge

8

slide-9
SLIDE 9

MRM Governance for Stress Tests

 The communication of the independent conclusions, including

weaknesses and limitations, uncovered in the validation efforts is a key consideration in the effectiveness of validation for stress tests

 Stress test validation should align with the firm’s existing model

governance processes. These include:

 A comprehensive model validation policy that includes requirements

related to stress testing models

 Identification of models  Consistent application of risk assessment/tiering criterion  A centralized governance and control process  Review and approval by governing body  A process for escalation, tracking, and resolution of issues identified in

the model validation process

 Guidelines for use of stress test model output

 Internal Audit’s assessment of MRM should also cover stress tests

9

slide-10
SLIDE 10

Other Observations on Implementing MRM

10

 Definition of “model” not always clear/consistent – too narrow?

And not all firms gauge materiality of models and the differing consequences

 While most firms have in place policies and main elements of

governance, they are still in the process of evaluating their models

 Some policies do not require validation before a model is put

into production

 The three elements of effective challenge are not always

evident

 Documentation continues to be a challenge, especially for

model development and validation reports

 Have been some observed shortcomings in how model results

are displayed and reported, including model limitations and uncertainties

 Validating vendor models presents certain challenges  Firms should avoid having a “checklist” mentality for MRM