Journal of Risk Model Validation

Risk.net

Governance and organizational requirements for effective model risk management

Dennis E. Bennett

  • Model validation is a necessary but not sufficient condition for effective model risk management.
  • The Model Risk Management profession must move from “model validation equals model risk control” to a comprehensive view of model risk management.
  • The MRM Group must be politically supported by the Risk Committee of the Board, for without this “tone at the top” MRM will find it difficult to carry out its mandate to independently identify and manage model risk within the organization.

Effective model risk management requires a combination of analytical skills, governance and organizational structure, as well as the ability to negotiate. In early studies of model risk management (MRM), analytics and model validation were the primary points of focus. Various writers led the way in discussing the possibility of model errors and the need for analytic review and skepticism toward models and results. Others addressed the risk of assuming models to accurately represent or measure risk within financial institutions. Losses due to model failure resulted in fresh regulations addressing the risk posed by inaccurate or inappropriate models. Very few writers, however, have addressed comprehensive model risk governance, organization or negotiation structures within MRM. This paper expands on the foundation of model risk analytics to address the governance, organizational and human behavior challenges associated with enterprise MRM. It proposes a comprehensive framework for model risk governance, organizational responsibilities and human behavior covering the Risk Committee of the Board to MRM. It expands the definition of models into decision-support tools (DSTs) so that end-user computing (EUC), big data analytics and machine-learning DSTs may be included in model risk governance, organization, negotiation and control.

To continue reading...

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an indvidual account here: