Model Risk Management
Financial institutions like banks and bank holding companies (BHCs) use “models” to simulate a variety of financial situations and market conditions. Financial modeling is similar to stress testing in the sense that the objective is to determine in what conditions a certain investment, portfolio, or even entire business can no longer operate normally.
These models, which are used for budgeting, determining the probabilities of events, analyzing financial statements, and more, are often exceedingly complex. As a result, there is always a chance that such a model will either “break” or generate misleading information. This can occur due to a variety of factors, including inapplicability, poor design, programming errors, or improper usage.
If a model does malfunction and the problem goes undetected, the parent company may make strategic decisions based on misleading data, which can have disastrous consequences. The risk of this happening is referred to as model risk. It is itself understood to be contained under the larger umbrella of operational risk.
Model risk management is the process of mitigating risk associated with the use of financial models. It is a particularly important focus for risk managers who work at financial institutions, because if it’s not effective, the enterprise’s business strategy might be dangerously misaligned with actual conditions.
Who is Vulnerable to Model Risk?
Most financial institutions rely on modelling to some degree, which by nature exposes them to model risk. Banks are the most common users, but other types of organizations like credit unions and insurance companies also use models.
More important than the category of financial organization is the number of assets under its control. The larger the organization, the more likely it is to rely on financial models, meaning its risk management efforts must increase proportionately.
What Are Some Important Considerations Regarding Model Risk Management?
New elements in DFAST 2015, which requires stress testing by both the Federal Reserve and companies themselves, must be approached with relational technology and a risk-based governance.
As part of revamped reporting instructions outlined by the OCC, supervisory expectations have been expanded to include model inventories and integrity control documentation.
The LogicManager Platform Provides:
The system’s Taxonomy is ideally suited to storing and managing your organization’s model inventory as required by Dodd-Frank Act Stress Testing (DFAST). Using LogicManager’s relational mapping, specific Models can be tied directly to the product or financial line item in DFAST-14A schedules.
Default profile fields include:
- Model name
- Output and intended use
- Upcoming validation dates
These fields can be configured to remind key stakeholders of their role in the stress-testing process, while also providing evidence that procedures are being followed.
LogicManager’s IT risk management software also enables the documentation of core applications, which may be used to document significant end-user computer spreadsheets, databases, and desktop applications that support your bank’s financial projections.
DFAST 2015 also requires institutions to submit written documentation outlining internal controls used to ensure the accuracy of DFAST submissions. Much like SOX controls governing financial reporting, Integrity Controls over financial modeling must be tested and reviewed for decencies. LogicManager’s issues and findings tracking links the testing and control processes and centralizes governance of integrity controls for more efficient reporting.
For more information about how LogicManager can help your business manage model risk, download our datasheet.