Models are increasingly being used in different areas of banks. Risk management models and pricing models for financial instruments come to mind first. However, the scope of modelling and linked processes (such as algorithms and Artificial Intelligence) is fast expanding and should also be considered. This article argues that the increasing reliance on models requires a sound model governance and model risk management framework for business reasons as well as to comply with supervisory requirements such as the ECB TRIM Guide.
When calculating Pillar 1 capital requirements, banks have faced a choice between adopting the standardised approaches defined in Basel capital adequacy rules, and developing more sophisticated `internal' modelling approaches. The wide variety and complexity of Pillar 1 modelling practices gives rise to concerns that internal models have become too opaque, are being applied in areas with limited data, and result in a lack of comparability.
First started in 2016 and still ongoing, the ECB TRIM initiative is designed to harmonise supervisory practices in the SSM with regards to internal models, to verify that such models are compliant with regulatory requirements, and to reduce unwarranted variability in capital requirements.
One part of the TRIM initiative, which banks have recently received feedback letters on, relates to overarching topics of Pillar 1 model governance and model use. These `general topics' have been the subject of dedicated supervisory visits and deep-dive review of policies, documentation and institutional practices.
The scope of general topics is wide-ranging, spanning areas such as governance, validation, Internal Audit, and third party services. We have observed the following items as among the most common in the findings letters:
It should be noted that the ECB findings span a number of areas and degrees of severity; in some cases there may be breaches of the CRR which are dealt with separately to cases where there is misalignment to the TRIM Guide. The most material deficiencies may point to failings of internal governance or risk management and impact on SREP scores - with potentially adverse effects on capital requirements.
It is expected that specific points raised in the ECB letters are discussed with the bank's JST, however banks should not expect specific instructions on what `good' looks like. It is more common to examine peer and industry practice as a benchmark, and to develop actions from these.
Regardless of the type of deficiency, one of the most important activities will be to ensure clear responsibility and accountability actions. This can only be successful if banks understand the underlying rationale of the expectation. An institution which treats these letters as a compliance checklist runs the risk of developing short term solutions with limited strategic benefit and scope.
The initial TRIM Guide was published in February 2017 and is a key step in European supervisory harmonisation. A revised Guide for the general topics is expected to be published for consultation in the coming months, so further changes are expected. We expect TRIM to have consequences in banks beyond 2019, setting a standard that banks will need to continually evaluate themselves against.
European standards for model governance and model risk management is still maturing - in particular when compared to the US Guidance on Model Risk Management1 (SR 11-7). Looking ahead, the rapid expanse of digitalisation and automation of modelling solutions will require ever stronger control frameworks, not only to comply with supervisory requirements but also as a business necessity. To avoid falling behind the curve, banks should start considering model risk as a risk similar to any other, requiring identification, controls, and accountability.
1Supervisory Guidance On Model Risk Management (PDF 293 KB)