The responsibility of mitigating such risks falls under the purview of independent Model Risk Management (MRM) function. Outlined below are some of the prevailing themes within the realm of MRM, accompanied by emerging areas of significance:
1. Identification and validation of AI/ML models
The adoption of AI/ML is becoming increasingly evident, especially in areas like fraud analytics and customer engagement. In MRM, identifying and categorizing AI/ML models has gained prominence. This task, however, poses challenges as these models extend to non-traditional areas like HR, IT and procurement. Additionally, users may not be aware of AI/ML usage in vendor models. It is essential to catalogue these instances and manage associated risks. Furthermore, the validation of AI/ML models requires a shift in focus. This shift goes beyond assessing mere model performance and delves into ensuring alignment with the principles of Trust AI.
2. Leveraging generative AI in MRM
The past year has seen a revolution in Generative AI based applications. Financial institutions are keenly interested in exploring the applicability of Generative AI in MRM practices and have a protracted list of promising use cases. However, initial deployment encounters certain challenges, including regulatory uncertainties, data confidentiality concerns, and accountability considerations.
Addressing these vulnerabilities necessitates a strategic approach. One pivotal solution lies in the adoption of secure Large Language Model APIs — sophisticated algorithms capable of discerning, summarizing, and generating content from extensive datasets. Alternatively, an effective starting point could involve utilizing an offline version of Generative AI.
3. Enhancing financial crime modelling
Fraud detection and financial crime models face notable challenges, with false positive rates and performance metrics being primary concerns. Furthermore, given that numerous banks rely on vendor models for fraud detection, validating these models poses specific hurdles. Insufficient documentation and a lack of transparency in data and methodology present challenges. When vendor model documentation falls short, industry consensus is to put the ownership on users to enhance it for effective management of model risk.
4. Climate risk modelling
In a contemporary landscape, firms possess an array of climate risk models within their inventories. These encompass transition risk, scenario generation, physical risk, financial emissions and ESG scorecards. However, the validation of climate risk models introduces complexities owing the scarcity of historical data. Consequently, this demands the incorporation of qualitative methodologies and expert judgement. Moreover, these models often rely on external dependencies and data sources.
To ensure the efficacy of these models, a primary emphasis must be placed on sourcing reliable data and employing robust scenario-building techniques. In this pursuit, it is essential for practitioners to possess specialized knowledge and skills in climate risk validation. Additionally, exploring avenues for accessing and disseminating sector-specific expertise should be actively pursued.
5. PRA's revised regulations in MRM
The Prudential Regulatory Authority (PRA) has recently released a Supervisory Statement (SS 1/23) regarding Model Risk Management (MRM). (Source: https://www.bankofengland.co.uk/prudential-regulation/publication/2023/may/model-risk-management-principles-for-banks-ss) This regulation introduces new requirements that banks will need to work towards. Moving forward, this will bring about several changes. One notable impact will be an expansion in banks' overall model inventory. This broadening is a result of the revised model definition, which now encompasses qualitative outputs and significant, intricate deterministic quantitative estimates within the model's scope.
6. How EY can help
EY has an extensive team of quantitative experts covering various facets of the Model Risk Management cycle. Particularly noteworthy is EY’s development of an advanced Model Risk Management tool powered by Generative AI. This tool offers functionalities such as code documentation, re-platforming, and enhanced model validation efficiency, all while ensuring compliance with governance guidelines.
Yashendra Tayal, EY India Business Consulting Partner has contributed to the article.