Model risk management: A practical approach

​The growing need for model risk management

​Model risk management continues to gain momentum as technology, compliance, and stakeholder expectations become more sophisticated. This is especially true in the insurance industry, which has become more reliant on models in recent years for everything from strategic planning to generally accepted accounting principles (GAAP) and statutory valuation.

Driven by innovative product designs, technological advances, regulatory requirements, and other internal and external forces, these models are growing in scope and complexity. As a result, model governance is emerging as a top priority for many organizations. But good model governance requires establishing a holistic framework for model risk management that is customized to meet the unique needs of your organization.

Back to top

​What is model risk?

The Federal Reserve and the Office of the Comptroller of the Currency (OCC) define model risk as the occurrence of fundamental errors in model outputs and the incorrect use of models. These risks can arise in a company’s data, assumptions, methodologies, processes, or model results and how they are used.

Regardless of where it occurs, model risk can have profound financial and reputational implications. For example, errors in hedging models could lead directly to inappropriate purchase or sell decisions, which can result in unintended risk and business losses. Investment in a sound model risk management framework can more than offset the negative impacts of escalating model risk.

Back to top

​Four essential building blocks

An effective risk management framework is built on four essential elements: 

1. Model governance: A model governance program provides the framework, oversight, and controls for conducting modeling activities and managing model risk. It is essential that the model risk framework be supported by stakeholders from a variety of functions within the organization.
2. Modeling standards: Standards for developing, implementing, and using models leverage industry best practices and can reduce risk. Key components of the standards development process include:
   

   Developing model design and coding standards to maintain consistency of structure and use Assessing the completeness, accuracy, and relevance of data Validating the assumptions and interdependencies used within the model Creating and updating documentation for modeling activities and decisions

3. Model validation: Model validation continually challenges a model’s effectiveness to ensure it is suitable for business use. Validation should include both quantitative and qualitative assessments and be performed both prior to model implementation and periodically afterward.
4. A strong risk culture: It is crucial for senior management to instill a strong risk culture supported by a sound model risk management framework. The “three lines of defense” framework—which comprises ownership, controls, and compliance—helps ensure that risk management is part of the overall process and work culture, rather than just an oversight function.

Back to top

​Build the right framework for your organization

​There is no one-size-fits-all model risk management framework that meets every organization’s goals. Organizations must be honest about their risk threshold, model uses, and organizational realities. Most importantly, they shouldn’t try to do too much, too soon. A focus on the basics is key to creating an effective model risk management framework that can be sustained for long-term advantage.

Back to top