Financial institutions are increasingly reliant on statistical risk models. The number of models being developed— whether to manage risk, price different instruments, or calculate regulatory capital—has increased rapidly as banks and other institutions automate decision-making processes. By some estimates, the number of models being developed is increasing at a rate of 10–25% annually in larger firms.
Two major factors are driving this trend. The rise of machine learning and artificial intelligence is enabling banks to build more models and automate a widening array of complex decisions. At the same time, financial institutions are deploying models in large numbers to respond to tighter capital requirements and local regulatory stress-testing exercises.
But automation and increased complexity create the danger of heightened model risk. With the fallout from the 2008 financial crisis still firmly top of mind, banks and financial regulators alike are all too aware of the potential consequences should a model be misused or prove defective, ranging from heavy losses to bankruptcy or even liquidation.
Financial regulators around the world have been intensifying their oversight of model risk management in recent years. The aim is to ensure that banks and other institutions are paying greater attention to understanding and mitigating the risks associated with their models by establishing a robust model risk management (MRM) framework.
As the regulatory burden grows, financial institutions face higher costs associated with developing, validating, and reviewing models to ensure that they continue to be fit for purpose. Global banks face risks across a broad spectrum of activities, including their client relationships, the products they offer, and the transactions they undertake, as well as the markets where they operate. To operate effectively, they need to identify risks and then measure, monitor, and manage them so they remain within the organization’s risk appetite and comply with regulatory requirements.
Given the scale and complexity of model risk management, the process can be lengthy and labor intensive. This paper details how institutions are using MATLAB® to improve productivity and reduce costs by accelerating model development and validation and provide full traceability of every step of the model life cycle.
Definition of model risk
In 2011, the Federal Reserve published guidance on model risk management (SR Letter 11-7). In providing a framework for effective model governance, it included an early definition of models and model risk, stating that models “are simplified representations of real-world relationships among observed characteristics, values, and events.” The guidance further states:
“The use of models invariably presents model risk, which is the potential for adverse consequences from decisions based on incorrect or misused model outputs and reports.”
— SR Letter 11-7
Crucially, the guidance outlined that model risk occurs because a model may have fundamental errors that cause inaccurate results, or because it may be used improperly or inappropriately. Because of this, the regulator stipulated that model risk should be managed like other types of risk and that financial institutions should conduct a critical analysis to identify model limitations and assumptions and produce appropriate changes. The guidance also stated that risk cannot be eliminated, so companies should establish limits on model use, monitor model performance, adjust or revise models over time, and supplement model results with other analysis and information.
The lifecycle of a model
To mitigate model risk, financial institutions are developing MRM processes that ensure that models are developed and implemented in a robust and appropriate manner. A typical model life cycle comprises six stages:
- Definition of the model, including the risk classes it measures and its scope
- Model development, where the source data is manipulated and analyzed, and quant specialists and analysts carry out backtesting to describe how the model implements the definition
- Model review, where an independent model validation team verifies that the model is fit for purpose and does what it intends to do
- Pre-implementation validation of the model performance against validation and production data
- Deployment of the model for implementation, for scoring credit applicants, regulatory reporting, or other purposes
- Ongoing monitoring of the model against its purpose, definition, and limitations
A model spends most of its life cycle in the development, review, and validation stages (Figure 1). By the time the model has been approved for use, many months may have passed and the assumptions underpinning the model may be out of date.
MRM is also an ongoing process, which means that implemented models need to be constantly reviewed and monitored to ensure that they continue to work as designed and meet business needs. Given the complexity of the risk model life cycle, this leads to stretched resources, high costs, and slow implementation times.Reducing model time-to-market and refresh by using an agile approach rather than waterfall.