PRA Consults on Model Risk Management Principles for Banks
The Prudential Regulation Authority (PRA) launched a consultation (CP6/22) that sets out proposal for a new Supervisory Statement on expectations for management of model risk by banks. The consultation period ends on October 21, 2022, with the final statement intended to be applicable to all regulated UK-incorporated banks, building societies, and PRA-designated investment firms.
The proposed supervisory statement is intended to support firms to strengthen their policies, procedures, and practices to identify, manage, and control risks associated with the use of models, developed in-house or externally, including vendor models, and models used for financial reporting purposes. The proposed statement is structured around five high-level principles designed to cover all elements of the model lifecycle. The principles are designed to complement, not supersede, the existing supervisory expectations that have been published for selected model types. The proposed principles set out what PRA considers to be the core disciplines necessary for a sound model risk management framework to manage model risk effectively across all models and risk types. The principles are intended to complement the existing requirements and supervisory expectations in force on model risk management and include proposals for:
- a proportionate implementation within firms and across firms, in particular for firms that would qualify as a "simpler-regime firm."
- the identification and allocation of responsibility for the overall model risk management framework to the most appropriate Senior Management Function (SMF) holder.
- reporting on the effectiveness of model risk management for financial reporting to the audit committee.
- identifying and managing risks associated with the use of artificial intelligence technology in modeling techniques, such as machine learning, to the extent that it applies to the use of models more generally.
The proposed model risk management principles involve:
- Model identification and model risk classification—Firms have an established definition of a model that sets the scope for model risk management, a model inventory, and a risk-based tiering approach to categorize models to help identify and manage model risk.
- Governance—Firms have strong governance oversight with a board that promotes an model risk management culture, approves the model risk management policy and appoints an accountable individual to assume the responsibility to implement a sound framework that will ensure effective model risk management practices.
- Model development, implementation, and use—Firms have a robust model development process with standards for model design and implementation, model selection, and model performance measurement.
- Independent model validation—Firms have a validation process that provides ongoing, independent, and effective challenge to model development and use.
- Model risk mitigants—Firms have established policies and procedures for the use of model risk mitigants when models are underperforming and have procedures for the independent review of post-model adjustments.
PRA proposed that the implementation date would be set at twelve months, following the publication of the final supervisory statement. The expectation is that, by the implementation date of the policy, all firms applying the proposed principles would have undertaken an initial self-assessment against the proposals and, where necessary, prepared remediation plans to address any identified shortcomings. PRA also proposed that self-assessments should be updated annually thereafter and any remediation plans should be reviewed and updated regularly. Both the findings from the self-assessment and the remediation plans should be documented and shared with firms’ boards in a timely manner.
Related Links
Keywords: Europe, UK, Banking, Model Risk Management, Supervisory Statement, Credit Risk, CP6 22, PRA, Market Risk, Insurance, Modeling Risk, Regtech, Basel, Stress Testing, ECL
Featured Experts
María Cañamero
Skilled market researcher; growth strategist; successful go-to-market campaign developer
Jamie Stark
Risk model validation consultant; product strategist; data intelligence and artificial intelligence scientist and researcher
Laurent Birade
Advises U.S. and Canadian financial institutions on risk and finance integration, CCAR/DFAST stress testing, IFRS9 and CECL credit loss reserving, and credit risk practices.
Previous Article
HKMA Announces Launch of Data Repository on Sustainable FinanceRelated Articles
SEC Finalizes Climate-Related Disclosures Rule
The U.S. Securities and Exchange Commission (SEC) has finalized the long-awaited rule that mandates climate-related disclosures for domestic and foreign publicly listed companies in the U.S.
US Regulators Release Stress Test Scenarios for Banks
The U.S. regulators recently released baseline and severely adverse scenarios, along with other details, for stress testing the banks in 2024. The relevant U.S. banking regulators are the Federal Reserve Bank (FED), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC).
Asian Governments Aim for Interoperability in AI Governance Frameworks
The regulatory landscape for artificial intelligence (AI), including the generative kind, is evolving rapidly, with governments and regulators aiming to address the challenges and opportunities presented by this transformative technology.
EBA Proposes Operational Risk Standards Under Final Basel III Package
The European Union (EU) has been working on the final elements of Basel III standards, with endorsement of the Banking Package and the publication of the European Banking Authority (EBA) roadmap on Basel III implementation in December 2023.
EFRAG Proposes XBRL Taxonomy and Standard for Listed SMEs Under ESRS
The European Financial Reporting Advisory Group (EFRAG), which plays a crucial role in shaping corporate reporting standards in European Union (EU), is seeking comments, until May 21, 2024, on the Exposure Draft ESRS for listed SMEs.
ECB to Expand Climate Change Work in 2024-2025
Banking regulators worldwide are increasingly focusing on addressing, monitoring, and supervising the institutions' exposure to climate and environmental risks.
BIS Bulletin Examines Cognitive Limits of Large Language Models
The use cases of generative AI in the banking sector are evolving fast, with many institutions adopting the technology to enhance customer service and operational efficiency.
ECB is Conducting First Cyber Risk Stress Test for Banks
As part of the increasing regulatory focus on operational resilience, cyber risk stress testing is also becoming a crucial aspect of ensuring bank resilience in the face of cyber threats.
EBA Continues Momentum Toward Strengthening Prudential Rules for Banks
A few years down the road from the last global financial crisis, regulators are still issuing rules and monitoring banks to ensure that they comply with the regulations.
EU and UK Agencies Issue Updates on Final Basel III Rules
The European Commission (EC) recently issued an update informing that the European Council and the Parliament have endorsed the Banking Package implementing the final elements of Basel III standards