Modeling risk to meet regulatory requirements is costly and complex. Because of that, some have suggested that financial services institutions (FSIs) move toward a set of standardized models. The argument is that central banks and regulatory authorities could then more easily monitor systemic risk and compare apples to apples.
But are generic models better than institution-specific models, tuned to their own history? Let’s consider some of the guiding principles for the development and implementation of models:
- Correlation risk for any given financial institution, as we learned the hard way in 2008, needs to be analyzed against its portfolio of positions and exposures across markets, industries and geographies. A better understanding of these correlations may be gained by developing models internally and back testing them with the firm’s own historical data. Economic data also needs to be incorporated into empirical models that align with each institution’s geographic footprint as well as its positions and uniquely correlated exposures.
- Real-time and intraday risk must be evaluated by lines of business down to the desk level, along with processes to manage and mitigate intraday risk that are most effective when linked to the firm’s own operational risk controls.
- Model Risk needs to be managed to ensure the firm’s risk and pricing models are continually adjusted to maintain and enhance uplift. Models need to be supported and tuned by analyzing well-managed data from the firm’s own history, and automated using centralized processes for implementation, workflow and governance.
These guiding principles point the way toward an institution-specific approach. So which will get more traction – standardized or institution-specific risk modeling?
I had the opportunity to get an answer that resonated during the March 1-2 GARP Annual Conference in New York City. During the Q&A session for the Keynote Address, I asked the speaker, Sabine Lautenschlager, Member of the Executive Board, European Central Bank (ECB) and Vice-Chair of the Supervisory Board, Single Supervisory Mechanism, if the goal of the ECB was to standardize risk models for regulatory reporting.
Her response was that this would “not be a good idea” and that, in fact, if there was a strong market signal in that environment we would suddenly see all the banks heading in one direction “like lemmings off a cliff.” She suggested that FSIs focus instead on BCBS 239 principles for a solid foundation of data and technology, and be in a position to explain their model methodology in terms of best practices.
Her response echoed the GARP Breakfast Briefing by Erik Leaver, Director, Advanced Analytics in R&D at SAS. In his presentation, Challenges Implementing Complex Systems of Credit Risk Models, Erik presented a preferred approach to estimating credit risk as required by IFRS 9/CECL. Given the requirement to project losses over the life of the firm’s loans, he explained how they should be broken into atomic elements to apply a Monte Carlo state transition model and project values at each payment date. He also explained that models would need to be adjusted using methods specific to each firm, with an example of how modified vs. newly originated loans perform and need to be analyzed differently.
In summary standardized approaches such as generic Basel III stress tests, described as “one-size-fits-all,” are recognized in this quote from the Federal Reserve Bank of Atlanta as “unlikely to make a big contribution in a future crisis.” The ECB also stated that in the next phase of regulatory compliance we will move from a focus on liquidity and reserves to best practices for managing and mitigating risk.
We can only conclude that institution-specific risk models — based on a foundation of best practices — offer a roadmap through the next regulatory and compliance phase. They will be embraced as our preferred approach going forward.