FDIC adopts Supervisory Guidance on Model Risk Management (FIL-22-2017)

Posted on by amarsa60

“Community banks with assets greater than $1 billion have now joined the other larger banks in the regulatory expectations around formal management of model risk”

Considerations for Model Risk Management for Community Banks

With the adoption of Supervisory Guidance on Model Risk Management by the FDIC, (FIL-22-2017) community banks with assets greater than $1 billion have now joined the other larger banks in the regulatory expectations around formal management of model risk.

This is not surprising, considering the ever-increasing reliance on models for decision making and the many high-profile cases of model failure, such as LTCM and the others in the run up to the financial crisis, led to significant losses and reputational damage for financial institutions.

As community banks address this new requirement, below are some points for consideration:

  1. Model Definition – The regulatory guidance defines the term model as “a quantitative method, system, or approach that applies statistical, economic, financial, or mathematical theories, techniques, and assumptions to process input data into quantitative estimates”. Further “the definition of model also covers quantitative approaches whose inputs are partially or wholly qualitative or based on expert judgment, provided that the output is quantitative in nature”.  As this is a broad definition, defining what is a model can be a potential source of many varying views and disagreements.  It will be important for all stakeholders to have a consistent view of what constitutes a model so that all potential models can be identified. Examples of models include, Vendor models such as FICO scores, custom acquisition, account management and recovery scorecards for retail and wholesale, loan pricing, expected loss models (ALLL), Asset Liability Management (ALM) models and unexpected loss models (i.e., economic capital, regulatory capital, stress testing).
  2. What is model risk – Model risk can arise when adverse consequences—such as poor business and strategic decisions, financial losses, regulatory or legal penalties, or damage to a bank’s reputation—result from the use of a model whose data, assumptions, design, underlying theory, output, or control environment are not appropriate.
  3. Key components of a model – the definition of a model can be broken down into essentially the three components. If we look at these components of a model, we can start to assess some of the sources of potential model risk. Errors can occur at any point from design through implementation.  Making assumptions is unavoidable when building models, so the challenge is in making assumptions which do not render the model useless for its intended purposes
  4. Regulatory requirements for managing model risk:Model risk should be managed like other bank risks (e.g., credit and market risk), and managed throughout the model life cycle. It requires broadened responsibilities of various individuals in the bank and stepped-up efforts regarding model governance and model approval, model documentation and testing, ongoing performance monitoring, and proper management of model changes
  5. The key components of a Model Risk Management (MRM) program:These include:
    1. Strong Model Governance, Policies & Procedures
    2. Clear roles and responsibilities,
    3. Process for model initiation & identification and risk tiering,
    4. A comprehensive inventory of models,
    5. Well defined processes and procedure for model development and model validation and appropriate model approvals
    6. Model Testing, and implementation
    7. Model documentation
    8. Independent review resulting in model ratings, and model risk issues management
    9. Ongoing model management,
    10. Model performance monitoring
    11. Model risk assessment and reporting
    12. Use of vendor and other third-party models should be incorporated into the model risk management framework

In establishing and operationalizing an effective model risk management framework, community banks have several choices to make. What is important is to get the right balance between sophistication vs. practicality that is commensurate with the bank’s business model.

The importance of this effort cannot be understated as the model risk management framework will need to stand the test of regulatory scrutiny and safeguard the bank from potential future losses and reputational damage.

To learn more, download the HnC Smart Solutions white paper on Model Risk Management for Community Banks.

Download MRM White Paper