Model risk management (MRM) is the process of identifying, assessing, monitoring and controlling the business risks associated with using mathematical models. Model risk arises when business decisions are reliant on complicated models for purposes such as derivative valuation, market risk assessment, credit scoring and fraud identification.
A typical catalyst to formalise an MRM policy is either an external requirement (such as regulatory compliance) or when management faces reduced insight and input into model selection and usage controls (for example, as an asset management start-up grows to multiple managers and asset classes).
Establishing model risk management begins with formalising model governance, tracking models and their usages in a model inventory. This typically includes methodology documentation such as the purpose of the model, its inputs, outputs, assumptions and limitations, as well as meta-information about governance – development history, validation results and ongoing monitoring activities. Models are quantified for materiality and their methodologies are assessed against mitigating measures. Best practice is for suitability assessments to be undertaken by an individual or body that is independent from the model development and usage. An MRM policy then details control processes, such as what restrictions should be placed on problematic models and timescales for remedial action to be taken.
- When to establish an MRM policy
- Is a separate model validation function necessary?
- Model risk pitfalls
- Protect profitability and reputation
- Third party support for MRM