Understanding models and model risks in financial risk management
In this context, a model is a quantitative method, system or approach that applies statistical or mathematical theories, techniques and assumptions to transform input data into quantitative results.
Financial institutions such as banks use models for everything from risk assessments to strategic decision-making. This highlights the importance of model risk management, which helps mitigate the risks associated with inaccuracies in models and reduce the likelihood of negative consequences impacting businesses.
Model risk refers to the potential negative outcomes that arise from flawed or misused models. In simpler terms, it’s the risk that a model might lead to incorrect decisions. There are two primary drivers of model risk:
Fundamental flaws. This occurs when a model doesn’t align with the business objectives it was designed to support. These can be related to data quality, methodology or implementation issues.
Misuse or mismanagement. Even a well-built model can be misused, leading to inaccurate results, if it’s not applied or managed correctly.
To address these issues, model risk management needs both qualitative and quantitative approaches as a comprehensive identification and assessment can help mitigate associated risks more effectively. It goes beyond just benchmarking and helps cover the context where a model operates as well as its connection to business objectives.
Qualitative factors which most organisations apply to assess their model risk include:
Model tiering and risk rating to categorise models by risk level
Ongoing monitoring and re-evaluation based on classification
Identification of model weaknesses and action plans for remediation
Application of controls or restrictions to limit model usage when necessary.
Quantitative approaches help establish a more comprehensive and accurate representation of risks and therefore support more informed business decisions. These techniques include:
Integrating model risk into the Internal Capital Adequacy Assessment Process (ICAAP) risk calculations
Developing frameworks to measure data quality, model accuracy and potential add-on for Pillar 2 capital requirements
- Including model risk in operational risk management.
The Role of AI in MRM: Quality assurance for AI models
As AI systems drive efficiency and innovation and become more integrated into business operations, the importance of quality assurance for AI models becomes even more critical. MRM of AI models must focus on validation, performance testing and bias detection to ensure transparency and effectiveness.
Another challenge is that the landscape is becoming more complex as regulations expand to address the unique risks posed by AI models, requiring firms to adapt to maintain compliance and reliability.
Regulatory frameworks, such as the Prudential Regulation Authority’s (PRA) Supervisory Statement SS 1/23, exemplify this growing complexity by introducing comprehensive MRM standards that cover the entire model lifecycle. This directive not only demands enhanced governance, robust model inventory systems and updated validation techniques but also emphasises proportionality in resource allocation, particularly for companies managing a wide range of deterministic quantitative methods (DQMs) and AI models.
The scope of MRM is set to expand further with advancements like the EU AI Act, which will impose additional layers of accountability and oversight on AI models. This legislation underscores the need for a future-proof approach to MRM, where firms must not only meet current standards but also anticipate evolving regulatory requirements. The crossroads of AI innovation, expanded regulatory scope and the unique challenges of managing AI-driven models ensure that the future of MRM will be even more demanding, requiring continuous adaptation and investment in technology, expertise and governance frameworks.
Model risk management of AI models and quality assurance
The EU AI Act and the future of model risk management
With the introduction of the EU AI Act in 2024, the landscape of model risk is set to change dramatically. This regulation, designed with a risk-based approach, will categorise AI systems based on their potential risk to society, from minimal to unacceptable risks.
Key components of the EU AI Act
The regulation aims to boost AI innovation in Europe through harmonised standards while safeguarding EU citizens by making AI system risks transparent and manageable throughout their lifecycle. As a result, the importance of model risk management for financial organisations is growing. This also requires companies to rethink existing practices that can be challenging.
Key challenges financial organisations face in model risk management
Model risk in Internal Capital Adequacy Assessment Process
As banks and other financial institutions are highly regulated entities, they have complex risk management systems, including the Internal Capital Adequacy Assessment Process (ICAAP). ICAAP is a continuous process where financial institutions identify, measure, monitor and manage the risks they face to ensure they hold sufficient capital to cover potential losses.
The integration of AI in banking demands a more robust and dynamic ICAAP because it creates additional risks for potential misuse or misinterpretation of the model output and as a result risks for decision-making. One approach is to integrate model uncertainties into capital adequacy assessments, ensuring that the model risk is accounted for in a meaningful way.
Analysing model risks process
How PwC's Risk and Regulatory Managed Services can help
Managing financial risk requires both expertise and the right tools. At PwC, we understand the complexity of model risk management and are well-equipped to help you address them effectively.
Our Risk and Regulatory Managed Services offer:
Independent model validation
Comprehensive model development support
Expertise in navigating new regulations like the EU AI Act.
We aim to help your organisation be better prepared for the evolving model risk management landscape and support you in identifying new opportunities.
Contact us
Ewa Bienkowska
Dominik Cuber
