A forum of industry leaders discusses the challenges facing banks in measuring and mitigating credit risk in the current environment, and strategies to adapt to a more stringent regulatory framework in the future
- Terisa Roberts, Director, and Global Solution Lead for Risk Modelling and Decisioning, SAS
- Lourenco Miranda, Head of Model Risk Americas, Societe Generale
- Stevan Maglic, Head of Risk Analytics, Celsius
What will be the long-term impact of the Covid‑19 pandemic on banks’ credit risk management strategies?
Terisa Roberts, SAS: The global pandemic has accelerated digital transformation in many organisations, including financial services, but it has also highlighted inefficiencies in the credit risk model lifecycle. Given the speed of some of the changes in economic conditions, organisations are looking for more agility to make changes to models and policy rules. As demand for more and better models rises, firms are looking for efficiency benefits by automating parts of the risk model lifecycle. A key lesson from the Covid‑19 pandemic is that organisations that are digitally enabled are much better able to respond to new business and regulatory demands. As the initial wave of digital transformation has become established and we begin to move beyond the limitations and challenges of the pandemic, we are looking at the next technology wave, resulting in further investment in event-driven architectures: two-way communication between core systems and application programming interface-driven modular frameworks. These advances in technology are being complemented with additional investment on the business side. While many of the larger banks have investigated moving to a single vendor for cost/licence efficiency, the current outlook suggests they are returning to more of a best-of-breed modular approach.
Lourenco Miranda, Societe Generale: We observed an immediate impact from Covid‑19 last year and witnessed a change in most of the existing models. We have seen a change across the board – whether it is a model that depends on macroeconomic factors or depends indirectly or directly on the market or the economy. Our models (and this is not for the whole industry) were calibrated for not seeing, not experiencing this change that we saw during the pandemic.
We put a lot of emphasis on ongoing monitoring and the covariant shifts. We observed how different models changed or could have changed under new scenarios. In theory, we had to change and recalibrate these models but instead we could apply modelling techniques to estimate the impact of this shift in the economy and in the exogenous – the external variables such as GDP, unemployment, consumer perception, liquidity and all the elements that might be relevant to a credit risk model. We were able to identify the changes in the market and how this would have impacted the model and its parameters. So we were able to bring this to our model risk and credit risk governance, and apply the existing governance to that. For instance, in some of our stress-testing models, we were able to apply overlays according to existing governance, which is aligned with the regulation, so we could have a credit risk committee for approving or recommending an overlay that would account for the impact of last year’s recession.
In terms of long-term impact, we need to evaluate whether models need to be calibrated. We have to extend the calibration and recalibration window to include this period of recession that we observed and from which we are recovering. This requires developers to reconsider, and that is going to be a big undertaking. As well as understanding how credit risk management strategies would be impacted in the short and medium term, we have to understand the rising number of defaults, how that will affect recovery and how the banks will recover – something that should be accounted for in the new model.
How are banks adapting their approaches to regulatory capital under Basel III?
Lourenco Miranda: The Comprehensive Capital Analysis and Review (CCAR), the Capital Adequacy Pillar 2 and CCAR Pillar 2 are related to the Internal Capital Adequacy Assessment Process (ICAAP). This should be accounted for in Pillar 2 – not necessarily in Pillar 1. So liquidity risk, ICAAP and stress-testing are all part of Pillar 2.
Terisa Roberts: For many financial institutions – especially those that are internationally active – the current environment presents several key challenges. Even when financial institutions perform their economic capital calculations and find they have a capital buffer to manage the risks from their business from an economic perspective, regulatory capital requirements still represent a restriction that needs to be known and managed, and to which institutions cannot risk failing to comply with. The regulatory environment is therefore a critical measure that needs to be considered in every significant decision taken by a financial institution.
Capital requirement regulations are continuously evolving, particularly with the roll-out of the latest set of reforms, collectively called Basel IV. These reforms may also be interpreted differently – at a national or regional level – from the generic Basel guidelines, which significantly increases the cost of compliance. In the current regulatory context, financial institutions are preparing for full compliance with the January 2023 Basel IV deadline – by performing gap analysis and quantitative impact studies that allow them to anticipate the impacts of these changes.
Are banks’ credit risk models fit for purpose in the current environment?
Stevan Maglic, Celsius: Most banks have a limited history of high-quality data with which to build models. The history spans a limited range of economic outcomes and typically does not have enough granular data at the sector/industry level. Inflation risks in the current environment highlight limitations because inflation has not been a driver of losses in recent history, and therefore is not adequately captured in a model trained on that history.
Fortunately, banks have developed rigorous approaches to identifying model limitations, which can in turn motivate adjustments to modelled output. So, although models are not necessarily fit for purpose, the framework – meaning the model and the disciplined thought process around it – is.
Terisa Roberts: Challenges around delivering credit risk models currently include slow time to value for models, limited usage of advanced modelling and extended datasets in the credit decisioning process, and lack of agile deployment to maximise impact. Even if a credit risk model is considered fit for purpose, many banks will need to start incorporating climate risks in all of their decisions on lending, investing and product design, based on analytics. These enhancements in credit risk modelling will need to accommodate climate risk, environmental, social and governance, and other areas that require increased risk quantification of external events and the likelihood they will occur.
Fintechs are also accelerating the cloud adoption pace of financial institutions. This will allow credit risk solutions to meet the need to evolve and adapt more quickly, and support the need for more sophisticated modelling using artificial intelligence (AI) and advanced analytics more extensively, all without sacrificing strong governance and decisioning transparency internally and towards the regulators.
How can banks drive greater value from stress-testing in this area?
Lourenco Miranda: In theory, stress-testing is a more dynamic method of predicting or foreseeing these losses. Stress tests and scenario analysis are part of the Pillar 2 of Basel III and Basel IV – all the Basel concepts: Pillars 1, 2 and 3. Pillar 3 is disclosures, Pillar 1 is the minimal capital for credit market operational risk and Pillar 2 comprises stress-testing and scenario analysis where liquidity plays a big role. This is where you start seeing the benefits of stress-testing and that’s how I think the banks will be adapting the approach of credit risk management to Basel III.
That said, stress-testing models will need to be recalibrated now using the new information we have from the pandemic. This is where statistical analysis and impact assessment of this shift in the economy will need to be applied to the stress-testing model. Instead of managerial overlays, the question would be on how we redesign and recalibrate models.
Terisa Roberts: More advanced banks are investing in building integrated stress-testing platforms, responding to demands for increasingly sophisticated economic stress tests from key regulators. In addition, impact and scenario analysis are gaining acceptance and adoption across the executive suite. This acceptance is beginning to translate into investment in stress-testing solutions with the ability to manage in a more integrated data-driven consistent platform. Banks really want to automate and invest in the models and the technology for doing that.
At the same time, there is a need is to ensure banks are not building something that is not going to be a one-off exercise, and that regulators aren’t going to adopt a significantly different approach in the future. As regulators come to consensus around the sort of stress-testing they want to see (for example, climate), then banks will invest in building more automated platforms to achieve that. The key driver will be the short cycles required to see the results, which in many banks can take up to two weeks to pull everything together and get an answer. However, banks with an integrated stress-testing platform, including data, model and workflow management, will get a consistent set of outputs in 24 hours.
How can banks gain a better understanding of credit risk and its relationship with market, liquidity and operational risks?
Terisa Roberts: Industry trends are pushing banks and insurers towards a more holistic perspective, as well as leveraging data and analytics technology across the variety of risk – and finance – domains to address the upcoming challenges. While banks and insurers face many challenges in addressing these developments, the most basic one is probably their organisational silos. To help break down the existing silos, banks can deploy an integrated risk technology framework with one metadata layer connecting the entire solution from data integration to data quality, to data management that employs a single risk engine with in-memory processing across liquidity, market and credit risks, utilising fully integrated business intelligence, leading to lower total cost of ownership. This approach offers an efficient risk and compliance foundation for establishing a competitive edge in the current macroeconomic situation. Modernisation and integration of the risk and finance applications servicing the key risk types will enable closer co‑operation between the risk and finance functions.
Lourenco Miranda: Liquidity risk and credit risk are interrelated. Financial institutions and corporations go bankrupt because of liquidity issues. On the client side, liquidity has a very direct impact on the default of a firm or client, and when that client defaults on the bank, it creates a capital, profit-and-loss and asset-liability imbalance for the bank, which impacts liquidity risk as well.
To what extent will new technology such as AI and machine learning influence the future credit risk landscape?
Lourenco Miranda: There are two ways machine learning and AI will influence this landscape – the first is through process automation, which involves optimising decision-making processes, data management, quality control of that data, the decision and the documentation. All of this enables credit analysts to make better decisions in a shorter amount of time.
Machine learning and AI also empower cognitive process automation and robotic process automation. All of these elements at our disposal in the AI and machine learning world should be utilised, while keeping in mind that models have to undergo the model validation process. But it is important that we do think about it. In addition, whenever a machine learning or AI-powered model is used to generate prices or estimate risk, one must be mindful that the machine learning model is fully explainable. It must be transparent for clients because of fair lending risks and ethical AI.
When these models are used for business and client decisions that will affect the client directly, one has to think about ethics, protected attributes, biases – all of which are exacerbated in the machine learning and AI realm.
Banks must think about how they will explain to their clients how a credit decision was made. This is important because some of the machine learning/AI models are ‘black boxes’ – they don’t have the transparency that was once available in a traditional statistical model.
Terisa Roberts: Financial institutions that deploy AI models are increasingly looking for efficiency gains by automating aspects of the model lifecycle. Models – traditional and newer approaches – are updated more frequently and have faster model development and deployment cycles, and are said to deliver superior accuracy and relevancy. Automated machine learning and self-learning models are particularly well suited to dynamically recalibrate based on new information. AI systems that are dynamically updated (in effect, continuously learning as new data become available) will generate additional workload for model governance teams to validate the calibration process on a continuous basis. This will require more rigour for ‘responsible AI’ – AI that is governed, transparent, interpretable and ethical. In addition to enhanced controls on data and models, the changes and performance of models will entail continuous monitoring, requiring institutions to have robust model risk management systems, extended for AI and machine learning in place.
To enable firms to introduce AI and machine learning into the credit risk landscape, SAS continues investment in AI and machine learning interpretability. For example, we are developing capabilities to improve the robustness of machine learning models with stress-scenario generation in credit scoring, and are undertaking research with the financial services industry and academia to propose a measure based on counterfactuals to globally evaluate the interpretability of a machine learning credit-scoring technique.
SAS is also delivering out-of-the-box responsible AI capabilities through its cloud-native Viya 4.0, automatically tracking model drift and variable drift, and generating alerts for human supervisors if a model fails to meet organisational key performance indicators. For example, a workflow could be set up to check whether a model uses variables that are listed to contain personally identifiable information or are otherwise not acceptable as input for AI models.
What challenges have emerged in this area?
Lourenco Miranda: The challenges are twofold: one is data quality – but that’s not specific to machine learning. Machine learning is able to use more data, but the problems are still the same. The second challenge is explainability and how you are going to be ethical and transparent if you are using machine learning to make decisions that are going to directly impact the client.
Are credit or model risks in the burgeoning cryptocurrency space well understood? What are the biggest challenges?
Stevan Maglic: It’s probably fair to say that, with all the innovation in crypto, there are a good deal of processes and activities that need to catch up. Along these lines, models are continually being adapted to suit crypto-specific business activities. With many new products being introduced into the market, each needs to be thoroughly understood and modelled properly.
Heightened development activity clearly increases model risk, and added vigilance is needed to ensure material risks are understood. In terms of biggest challenges, to manage risks while experiencing extreme growth, the model and risk infrastructure can’t be built soon enough.
The panellists’ responses to our questionnaire are made in a personal capacity, and the views expressed herein do not necessarily reflect or represent the views of their employing institutions
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email [email protected]
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email [email protected]