Disclaimer: Opinions are of Chris Smigielski as an individual, not attributed to any particular organisation.
Chris Smigielski, Model Risk Director, Arvest Bank
How have you seen the scope of model risk evolve?
The model risk practice has evolved substantially since the SR 11-7 model risk management guidance was published over a decade ago. In very general terms, the guidance was written with quantitative models in mind, or qualitative models that had a quantitative output. That definition, of course, related largely to things like financial and credit models because their accuracy and proper use had a direct impact on financial statements, credit underwriting, and management decision-making. Since then, we have seen a wider scope of models added to our model inventory; BSA/AML, fraud monitoring and AI/ML driven approaches to name a few. A more recent evolution of model risk is the governance of AI/ML models and testing for fairness, bias, and disparate impact, which is obviously a broader risk issue than quantitative model accuracy. ‘Explainable AI’ is a phrase repeated quite often because the lack of transparency and explainability can be interpreted as higher risk or higher uncertainty which can indicate higher model risk. In August 2021, the OCC published an MRM booklet (Comptroller’s Handbook) that gave additional context to model risk across the risk appetite. These are examples of how model risk has evolved. Our path going-forward will be towards an ‘Enterprise Model Risk’ that considers these myriad technological approaches and a much broader application of model impact/risk across the risk appetite and financial services.