Model Risk Governance

The financial institution sought to enhance its model risk governance framework and ensure consistency with industry best practices, regulatory guidelines, and internal policies. The objective of the project was twofold:

1. Gap Assessments & Policy Development: Conduct a comprehensive gap assessment of existing model risk management practices, with a focus on identifying discrepancies in procedures, policies, and controls across the full model life cycle. This included model development, validation, performance monitoring, change management, and retirement processes. The goal was to align practices with both local and global regulatory requirements (e.g., Federal Reserve SR 11-7, OCC 2011-12, and European Banking Authority (EBA) standards) and to improve the overall governance framework for model risk.
2. Collaboration & Stakeholder Alignment: Work closely with stakeholders from various lines of defense (LOD1 and LOD2) to ensure consistency across model governance processes. This involved coordinating with model developers, owners, quantitative analysts, model validators, and risk managers at both the global and US levels, as well as incorporating insights and best practices from peer institutions.

Delivery

Arrayo’s team was tasked with assessing and enhancing the institution’s model risk governance framework by leveraging industry expertise in model development, validation, and governance. Key outputs included:

1. Gap Assessment & Policy Enhancements:
   • A comprehensive gap analysis was performed on the institution’s existing model risk management processes. This identified key areas for improvement, including the need for more robust model validation procedures, clearer model risk indicators (KRIs), and enhanced reporting mechanisms.
   • Developed and enhanced model risk management policies and procedures, ensuring that all documentation was aligned with regulatory expectations, such as Federal Reserve SR 11-7 and OCC 2011-12.
   • Focused on improving processes across the model life-cycle, from development to retirement, ensuring that controls and procedures were consistent and compliant with global standards.
2. Model Risk Framework & Procedure Documentation:
   • Developed or revised nine critical procedures, including Level 1 and Level 2 procedural controls, to ensure that each model’s development, validation, and ongoing performance monitoring were conducted in a standardized, transparent manner.
   • Revised and developed specific policies, including a new policy for vendor models and third-party developed models, to address emerging regulatory concerns and ensure that external models were appropriately managed and validated.
3. Stakeholder Engagement & Cross-Functional Collaboration:
   • Collaborated extensively with senior stakeholders in both first and second lines of defense, including heads of model governance, model validation, and model development across the institution’s global markets and enterprise risk management teams.
   • Delivered insights into model risk management processes and areas for improvement through active participation in Model Oversight Committees and working groups, helping to align internal processes with external industry practices and regulatory guidance.
4. Workshops & Senior Management Presentations:
   • Developed and presented updates on the proposed procedural and policy changes to senior management, internal audit, and relevant stakeholders, including workshops and presentations to communicate the rationale behind the changes and to gain consensus for approval.
   • Syndicated recommended changes with stakeholders across MRM, model governance, and business functions to ensure that new procedures were understood and aligned with organizational goals.

Value Creation

The Model Risk Governance Enhancement project delivered substantial value by improving the institution’s overall governance framework and compliance posture:

• Strengthened Governance Framework: Established a clear and consistent model risk governance structure across all regions, ensuring that the model risk management framework adhered to global standards and regulatory expectations.
• Improved Compliance & Regulatory Alignment: Aligned model governance practices with US and global regulatory guidelines, including Federal Reserve SR 11-7, OCC 2011-12, and EBA/ECB standards, ensuring readiness for regulatory scrutiny and reducing potential compliance risks.
• Optimized Model Risk Controls: Enhanced the bank’s ability to monitor and manage model risk effectively through the introduction of improved KRIs/KPIs and detailed procedural controls. These improvements ensured that all models were subject to rigorous testing and oversight.
• Policy Clarity & Documentation: Provided clear and actionable documentation for model developers, validators, and risk managers, ensuring consistency in the execution of model governance across different regions and teams. The updated policies and procedures were accessible, easily understandable, and auditable.