Improving the efficiency and impact of model risk management functions

Improving the efficiency and impact of model risk management functions

By Marc Taymans, Managing Partner and Rahul Agarwal, Senior Manager, Risk Dynamics.

About Marc:

I am a Managing Partner and one of the founder of Risk Dynamics, a wholly owned subsidiary of McKinsey & Company focused on model risk management and independent validation. I have spent 14 years providing model risk management (MRM) and validation services to banks and insurers across North America and Europe. I lead our North America practice and am deeply involved in advance analytics topics such as machine learning and automation and their impact on and application in MRM.

About Rahul:

I am a Senior Manager with Risk Dynamics and have spent the last 10 years helping financial institutions with a wide range of risk topics. I have helped several top U.S. and global banks to set up their MRM functions, validate a range of models, and build in-house capabilities to become sustainable internally. My current projects include identifying opportunities for efficiencies within model risk management and building capabilities for financial institutions to deal with future challenges.

You will be presenting at the forthcoming Risk Americas 2018 to discuss improving the efficiency and impact of model risk management functions. Why is this a key talking point in the industry right now?

After the financial crisis, many banks significantly scaled up their MRM functions in response to heightened regulatory expectations. They invested considerable time and resources on enhancing their validation standards, improving the quality of CCAR/DFAST models, and eventually rolling out the same standards across all model classes.

However, given the nature of the demands at that time, the process was not always set up efficiently. As the MRM functions plan their long-term future, the focus is starting to shift towards streamlining their approaches for more efficiency while looking for opportunities to deliver more value for the wider organization.

Without giving too much away, can you explain the current risk-based approach and how financial institutions can improve their efficiency?

In large part, MRM has followed the regulatory guidance on where to focus their efforts in the past few years. However, as the practices evolve, MRM functions now need to think about model risk holistically and tailor their oversight activities to identify and mitigate the key sources of model risk within various parts of the organization. For example, at some institutions advanced approaches used for customer management and internal/external fraud risk management may be a key source of model risk and have typically been outside the scope of MRM. On the other hand, we sometimes see institutions using the same validation process across all models in their inventory regardless of materiality, which leads to disproportionate focus on some model classes with relatively lesser materiality for the organization.

Risk-based approach to MRM requires strategic identification of key sources of model risk within the institution, and identification of opportunities to maximize the function’s impact in terms of reduction in model risk.

In your opinion, what are the key levers for improving efficiency and effectiveness?

In our client work we implement a wide range of levers that significantly improve MRM functions. We will examine these during our presentation, but here are a few of the most impactful ones:

1.    Efficiency – Standardize and modularize development/validation/monitoring process across the entire model lifecycle, automate steps that are repeatable and predictable (e.g., ongoing monitoring), and manage validation calendar to reduce seasonality

2.    Effectiveness – Ensure that business, modelling, and MRM are working together towards the same goal. Actively manage model landscape and appropriately prioritize development and control activities based on level of model risk. Reduce/delegate oversight activities for non-material models, and implement governance around expert judgment-based estimates.

How would you describe a typical journey and roadmap? What challenges would you expect to face?

MRM transformation is a long journey that starts with mapping out the end-to-end MRM process to identify the key pain points and analyse the cost/benefit of levers used to resolve them. The transformation can only be fully achieved by addressing all aspects of MRM: governance and standards, organization and talent, tools and infrastructure. Based on the individual situation and levers identified, pilots will be conducted on a small scale to prove the approach and eventually rolled out across the entire bank.

A successful MRM transformation, as with most transformations, requires strong senior management support to align all stakeholders. In some cases, the MRM functions do not have sufficient capacity and capabilities to support transformation while managing the business as usual activities. We have successfully supported our clients in overcoming these challenges by introducing a broad range of industry expertise, helping them to build internal capabilities and ensuring appropriate buy-in from all stakeholders to make the transformation lasting and impactful.

Finally, what regulatory changes do you foresee in the future? And do you have any advice for your peers on how best to handle them?

We are currently observing a couple of regulatory trends:

1.    The expectations for the annual CCAR/DFAST exam appear to be evolving. For example, legislations are being considered that makes some of the Dodd-Frank requirements for smaller banks more flexible. Similar efforts are being considered to reduce other federal oversight over banks (e.g., reducing the scope for CFPB)
2.    Conversely, there are specific areas on which regulators are increasing their focus. For example, MRM functions will face enhanced scrutiny around anti-money laundering (AML) and loan provisioning (CECL) in the short term

In parallel to the regulatory focus shift, some banks are deploying large digitization programs. This leads to them being even more reliant on models to support their activities. This increased model risk exposure, typically triggered by new types of (machine learning) models, is well-perceived by some senior leaders in these banks. The MRM functions will have to ensure their frameworks and capabilities can adequately respond to these new demands.

Hear insights like this and more at the Annual Risk Americas Congress…