The Office of the Comptroller of the Currency (OCC) issued the new Model Risk Management booklet of the Comptroller's Handbook for banks. The booklet can be used by OCC examiners in the supervision of national banks, federal savings associations, and federal branches and agencies of foreign banking organizations. The booklet presents the concepts, general principles, and sound practices for model risk management and aligns with the principles laid out in supervisory guidance on Model Risk Management. It also provides information needed to plan and coordinate examinations on model risk management, identify deficient practices, and conduct appropriate follow-up.
In this booklet, OCC has defined eight categories of model risks for bank supervision purposes: credit, interest rate, liquidity, price, operational, compliance, strategic, and reputation. The use of models invariably presents model risk, which is the potential for adverse consequences
from decisions based on incorrect or misused model outputs and reports. Model risk can lead to financial loss, poor business and strategic decision making, or damage to a bank’s reputation. The risks associated with model use can occur at any point during a model’s development,
implementation, use, and validation. As per the supervisory guidance on model risk management, banks should identify the sources of risk and assess the magnitude of these risks. The booklet also addresses how banks should manage third-party risks in model development. OCC notes that third-party risk management weaknesses related to a bank’s use of third parties providing models or related products and services could increase operational risk, particularly when management does not fully understand a third-party model’s capabilities, applicability, and limitations. The booklet also covers weaknesses in internal controls and emphasizes that security weaknesses, including poorly constructed application program interfaces (API) and weaknesses in the controls for the access, transmission, and storage of sensitive customer information, could expose a bank to increased operational risk.
Keywords: Americas, US, Banking, Comptroller Handbook, Community Banks, Third-Party Risk, Operational Risk, Governance, Internal Controls, API, Regtech, Guidance, Model Risk, Artificial Intelligence, OCC
Previous ArticleMAS Updates FAQs on Securities and Futures Regulations
The three European Supervisory Authorities (ESAs) issued a letter to inform about delay in the Sustainable Finance Disclosure Regulation (SFDR) mandate, along with a Call for Evidence on greenwashing practices.
The International Sustainability Standards Board (ISSB) of the IFRS Foundations made several announcements at COP27 and with respect to its work on the sustainability standards.
The International Organization for Securities Commissions (IOSCO), at COP27, outlined the regulatory priorities for sustainability disclosures, mitigation of greenwashing, and promotion of integrity in carbon markets.
The European Banking Authority (EBA) issued a statement in the context of COP27, clarified the operationalization of intermediate EU parent undertakings (IPUs) of third-country groups
The Office of the Superintendent of Financial Institutions (OSFI) published an annual report on its activities, a report on forward-looking work.
The Australian Prudential Regulation Authority (APRA) finalized amendments to the capital framework, announced a review of the prudential framework for groups.
The Bank for International Settlements (BIS) Innovation Hubs and several central banks are working together on various central bank digital currency (CBDC) pilots.
The European Central Bank (ECB) published the results of its thematic review, which shows that banks are still far from adequately managing climate and environmental risks.
Among its recent publications, the European Banking Authority (EBA) published the final standards and guidelines on interest rate risk arising from non-trading book activities (IRRBB)
The European Commission (EC) recently adopted regulations with respect to the calculation of own funds requirements for market risk, the prudential treatment of global systemically important institutions (G-SIIs)