- “Model Risk Management Principles”
Mr. Kozo Ishimura, Financial Services Agency
- “Contribution to improving business performance by minimizing the risk of financial operations”
ServiceNow Japan GK Gen Homma
- “Efforts to build a risk appetite framework in FFG”
Fukuoka Financial Group, Ltd./The Bank of Fukuoka, Ltd. Masashi Ishibashi
- “Advanced AML Screening for FATF Compliance”
Lexis Nexus® Risk Solutions Akiyuki Inami
- [Vidéo d’introduction]ServiceNow Japan GK
“Model Risk Management Principles”
- Scheduled speech
- Financial Services Agency
Mr. Kozo Ishimura
A model is one of the examples of the use of technology by the financial industry and has been supported by the development of financial engineering and the improvement in the computing power of computers. In the pricing and market valuation of financial products, models are used to understand the prices of derivatives and securitized products. Risk measurement includes market risk VaR, internal rating model and counterparty credit risk. Models have also been used in the areas of manelon countermeasures and fraud detection. Financial institutions are expanding the use of models in decision-making amid advances in technological innovation and business size and complexity.
Models, on the other hand, inevitably involve many simplifications and assumptions due to their nature. There is no single correct answer for a method, and the result can vary widely depending on the method and choice of assumptions. In some cases, the model contains fundamental errors and produces inaccurate results, or in some cases, the model is used incorrectly. Even a proper model can become obsolete due to changes in the environment, leading to misuse of the model. These are risks that seriously damage profits, financial position, reputation, etc. financial institutions.
The risk of adverse effects resulting from decisions based on model errors or misuse. As a concrete example of model risk discounting, the subprime problem was the first, and the CDO pricing model could not properly take into account default correlation. Before the global financial crisis, VaR did not capture tail risk. Furthermore, there are many cases in which model risk has become apparent in individual cases.
The risks associated with the model have long been recognized in areas such as the regulation of capital requirements. However, model risk management is necessary, whether for regulatory purposes or not. With the widespread use of models, the need for comprehensive model risk management increases.
The global financial crisis of 2007 radically changed the position of the authorities, raising concerns about the lack of transparency and comparison of the models used by financial institutions. The 2010 Basel III accord introduced leverage ratio regulation as a backstop for model risk. However, this does not mean that the use of models has decreased, and the use of models is increasing due to the sophistication of computer performance.
Many models that have been used in recent years incorporate machine learning and artificial intelligence techniques. The question is how far we can seek transparency, reliability, solidity, accountability, etc. The corona shock also reminded us of the importance of model risk management. Many models aim to predict the future based on the past or to estimate what is not observed based on what is observed. The corona shock has reminded us of the fact that patterns seen in the past do not always hold in the future, highlighting the risks inherent in the pattern.
＜Model Risk Management Principles＞
In November 2021, the Financial Services Agency announced the Model Risk Management Principles, calling for the establishment of a model risk management system for financial institutions (G-SIBs/D-SIBs) that are important in the financial system. Its composition consists of three important concepts and eight principles of importance, application, definition and management of model risks. Model in this principle is defined as a quantitative method that processes input data and outputs based on theory and assumptions.
＜Three Key Concepts in Model Risk Management＞
The first of the three key concepts is the three lines of defense, the basic risk management framework of the bases. The first line of defense is the model owner/developer and user, the second line of defense is the model risk management department and the model checker, and the third line of defense is the overall model risk management system. template by the internal audit department. efficiency.
The second concept is the model lifecycle, which is the management throughout the “lifetime” of the model, such as development, use, change, and suspension. It is important to perform an effective restraint at each stage.
The third concept, the risk-based approach, is a management based on the model’s risk assessment. High risk models are checked frequently and low risk models are not checked regularly. However, it is important to capture the low-risk model exactly from the start, and it should not be excluded from the scope itself.
＜8 Model Risk Management Principles＞
Principles 1 and 2 are organized as Governance and Infrastructure, Principles 3-7 are as Managing Individual Models, and Principle 8 is as Assessing Effectiveness. First, Principle 1 Governance requires the board and senior management to implement a comprehensive model risk management system. It is also necessary to set up a department in charge of the model in the first line and to set up a model risk management department in the second line. Principle 2 identifies the model and registers it in the database in order to understand the type of model that the company has. Assign each model a risk score for risk-based management.
Regarding the management of individual models, first of all, the development of the model of Principle 3 requires the appropriate creation of a model description. Describe the method, assumptions, foundations, limitations and weaknesses, and avoid personalization. Principle 4 is model approval and should have an internal model approval process based on the model lifecycle stage. In principle 5 continuous monitoring, the first line will carry out continuous monitoring after the start of use to assess the validity of the model and whether it has become obsolete. In principle 6 model validation, the second line performs validation from an independent point of view, and revalidation is performed even after the model has started to be used. This is an important process to ensure model fit. Principle 7 is the use of models from external suppliers and resources, which requires proper control even when using externally developed models.
Principle 8 is an internal audit and thirdly the overall effectiveness of the model’s risk management system should be assessed. It is expected that retaining an independent perspective will lead to more effective model risk management.
＜Towards the sophistication of model risk management＞
I would like to explain three points regarding the future of model risk management. First, it is important to manage the risks appropriately, to use the advantages of the model and to strive to provide better financial services. Starting from the principle that the use of the model is essential for financial institutions to promote innovation, it is necessary to build a good balance between the “accelerator” of the benefits provided by the model and the “brake” of controlling the model.
It is desirable that financial institutions not covered by the principle voluntarily consider building and upgrading risk management models and systems according to their own characteristics. Indeed, mid-sized financial institutions are currently using the model in one way or another, and it is still a management risk like large financial institutions.
Finally, it is necessary that the different stakeholders (= ecosystem) involved in the model make small changes in the whole. We often hear that it is difficult to gather human resources for model verification, but it is necessary to take measures such as improving the treatment and status of human resources for verification. We have to work on it little by little, thinking about how to overcome the shortcomings of risk management.