3 minute read 27 Sep 2023
Model Risk Management  (MRM)

What are the emerging trends in Model Risk Management (MRM)?

By Subrahmanyam Oruganti

EY India Business Consulting Partner

Subrahmanyam is a partner with the financial services consulting team. With 17 years of experience, he leads capital markets modelling, regulatory transformation, and automation.

3 minute read 27 Sep 2023

Show resources

  • Seizing the opportunity benefits of embracing decarbonization

In a digitally expanding universe, the role of model risk management is undergoing significant change. Firms must identify and act on urgent considerations to unleash the true potential of this dynamic function.

In brief

  • Emerging technologies such as AI and ML are impacting enterprise activities significantly, bringing with them opportunities and challenges.
  • Managing such risks is the responsibility of the firms' Model Risk Management (MRM) function.

Today, financial institutions rely extensively on both qualitative and quantitative models for a wide range of operations, from internal analysis to risk management and capital assessment. This trend is evolving to include complex products and emerging technologies like Artificial Intelligence (AI) and Machine Learning (ML), which can lead to significant risks (e.g., financial or reputation risks) if these models fail. 

The responsibility of mitigating such risks falls under the purview of independent Model Risk Management (MRM) function. Outlined below are some of the prevailing themes within the realm of MRM, accompanied by emerging areas of significance:

1. Identification and validation of AI/ML models

The adoption of AI/ML is becoming increasingly evident, especially in areas like fraud analytics and customer engagement. In MRM, identifying and categorizing AI/ML models has gained prominence. This task, however, poses challenges as these models extend to non-traditional areas like HR, IT and procurement. Additionally, users may not be aware of AI/ML usage in vendor models. It is essential to catalogue these instances and manage associated risks. Furthermore, the validation of AI/ML models requires a shift in focus. This shift goes beyond assessing mere model performance and delves into ensuring alignment with the principles of Trust AI.

2. Leveraging generative AI in MRM

The past year has seen a revolution in Generative AI based applications. Financial institutions are keenly interested in exploring the applicability of Generative AI in MRM practices and have a protracted list of promising use cases. However, initial deployment encounters certain challenges, including regulatory uncertainties, data confidentiality concerns, and accountability considerations.

Addressing these vulnerabilities necessitates a strategic approach. One pivotal solution lies in the adoption of secure Large Language Model APIs — sophisticated algorithms capable of discerning, summarizing, and generating content from extensive datasets. Alternatively, an effective starting point could involve utilizing an offline version of Generative AI.

3. Enhancing financial crime modelling

Fraud detection and financial crime models face notable challenges, with false positive rates and performance metrics being primary concerns. Furthermore, given that numerous banks rely on vendor models for fraud detection, validating these models poses specific hurdles. Insufficient documentation and a lack of transparency in data and methodology present challenges. When vendor model documentation falls short, industry consensus is to put the ownership on users to enhance it for effective management of model risk.

4. Climate risk modelling 

In a contemporary landscape, firms possess an array of climate risk models within their inventories. These encompass transition risk, scenario generation, physical risk, financial emissions and ESG scorecards. However, the validation of climate risk models introduces complexities owing the scarcity of historical data. Consequently, this demands the incorporation of qualitative methodologies and expert judgement. Moreover, these models often rely on external dependencies and data sources.

To ensure the efficacy of these models, a primary emphasis must be placed on sourcing reliable data and employing robust scenario-building techniques. In this pursuit, it is essential for practitioners to possess specialized knowledge and skills in climate risk validation. Additionally, exploring avenues for accessing and disseminating sector-specific expertise should be actively pursued.

5. PRA's revised regulations in MRM

The Prudential Regulatory Authority (PRA) has recently released a Supervisory Statement (SS 1/23) regarding Model Risk Management (MRM). (Source: https://www.bankofengland.co.uk/prudential-regulation/publication/2023/may/model-risk-management-principles-for-banks-ss) This regulation introduces new requirements that banks will need to work towards. Moving forward, this will bring about several changes. One notable impact will be an expansion in banks' overall model inventory. This broadening is a result of the revised model definition, which now encompasses qualitative outputs and significant, intricate deterministic quantitative estimates within the model's scope.

6. How EY can help 

EY has an extensive team of quantitative experts covering various facets of the Model Risk Management cycle. Particularly noteworthy is EY’s development of an advanced Model Risk Management tool powered by Generative AI. This tool offers functionalities such as code documentation, re-platforming, and enhanced model validation efficiency, all while ensuring compliance with governance guidelines.

Yashendra Tayal, EY India Business Consulting Partner has contributed to the article. 

Navigating the latest RBI guidelines on Interest Rate Risk in the Banking Book

IRRBB is a strategic measure to manage balance sheet and profitability.

Know more


For organizations that rely significantly on quantitative models for operations and decision-making, putting in place an effective model risk management framework is a must. Going forward, a few critical considerations will ensure the success of model risk management framework for any enterprise. 

About this article

By Subrahmanyam Oruganti

EY India Business Consulting Partner

Subrahmanyam is a partner with the financial services consulting team. With 17 years of experience, he leads capital markets modelling, regulatory transformation, and automation.