A case for model validation in financial services processes

As dependency on automated model systems and software is ever increasing and resources must be efficiently utilized, the need for strong system validation and calibration has never been more important. Financial service processes, such as BSA/AML, ALM and CECL, are becoming increasingly reliant on automated models in: detecting suspicious activity (BSA/AML), measuring risk and supporting key business decisions (ALM), and monitoring required allowances (CECL). Over the past year, one of the most commonly cited areas of examiner criticism is centered on the concept of sound model risk management. Model validation has been a significant requirement of regulators over the past several years and the expectation of validation is increasing. Regulatory examination bodies have added model specialists, released supervisory guidance, and increased regulatory enforcement actions related to sound and effective management of model risk. Improving the efficiency of implemented models is an ongoing exercise.

The OCC, FDIC and FRB have developed guidance covering model validations. The OCC and FRB guidance was released in 2011. In 2017, the FDIC adopted the OCC and FRB guidance with technical conforming changes to include a revised definition of ‘banks’ to reflect the FDIC’s supervisory authority and to reflect the FDIC’s expectations that the supervisory guidance generally pertains to FDIC-supervised institutions with $1 billion or more in total assets. The FDIC further expects that this guidance will pertain to FDIC-supervised institutions with under $1 billion in total assets if the institution’s model use is significant, complex, or poses elevated risk to the institution. The recommended frequency of model validations is provided in the guidance. The regulatory agencies state that validation should be conducted ‘periodically’ – defined as at least annually but more frequently if warranted – of each model to determine whether it is working as intended and if the existing validation activities are sufficient.

The use of models invariably presents model risk, which is the potential for adverse consequences from decisions based on incorrect use or misuse of model outputs and reports. Model risk can lead to:

• Financial loss
• Poor business and strategic decision making
• Reputation damage

 Even with skilled modeling and robust validation, model risk cannot be eliminated, so other tools should be used to manage model risk effectively. As is generally the case with other risks, materiality is an important consideration in model risk management. Another essential element is a sound model validation. Effective model validation helps reduce model risk by identifying model errors, corrective actions and appropriate use.