This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print page

UCITS IV: Validation of value-at-risk models - Looking inside the black box | Brochure


The liquidity crisis of 2007-2008 was also a failure of risk measurement models. In the context of UCITS IV, CSSF Circular 11/512 significantly tightens the requirements for the use of internal risk models.

The CSSF requires that the internal model is validated by a party independent of the model’s building process. The validation needs to ensure that the model is robust and reliable and captures adequately all material risks.

By setting the limit for the acceptable number of backtesting exceptions to four, the need for resilient internal models is even more emphasized:
“A higher number of ‘overshootings’ indicate an under-estimate of the VaR. If the back testing results reveal a percentage of exceptions that appears to be too high, the UCITS should review its VaR model and make, appropriate adjustments.” 1


Our methodology

Deloitte has developed a model validation approach to ensure that will create confidence in the model’s outputs and help you communicate its value throughout your institution. We make sure that the internal model covers all relevant risk factors and produces consistent output.

We take your internal risk model to the lab

We offer you to validate your internal risk model in order to comply with the new requirements under UCITS IV.

Going beyond the regulatory requirements, our validation approach also aims at adding real value for your day-to-day risk management.

This will increase your confidence in the outputs of your internal risk model.

Our offer consists of two consequent steps:

    - Gap Analysis Report
Comprehensive report detailing and summarizing potential gaps

     - Certification (ISAE 3000)
Consequently, we may offer a formal certification that can be communicated to regulators and stakeholders



Page Last Updated



Stay connected:
Get connected
Share your comments
More on Deloitte Luxembourg
Learn about our site

Recently published