Model Risk Management A Southeast Asia Perspective

Similar documents
Risk Advisory Services Developing your organisation s governance for competitive advantage

Business advisory services Business solutions that bring you forward. Malaysia

Transforming authentication for a digital age

Global Treasury Advisory Services Creating Value with Innovation

Why Is Third Party Risk Management Important?

Managing Tax. Balancing current challenge with future promise Session 5. The Grand Hyatt, Singapore 16 February 2017

Sustainability Services Driving responsible growth

Accounting for revenue under MFRS 15 Achieving a head start

Managing employee mobility in Southeast Asia Global perspective. Local insight.

Asia Pacific Life Sciences Compliance Survey 2018 Executive Summary

Internal Audit of the Future Evolution of Internal Audit Due to Digitisation. Cheryl Khor Asia Pacific Operational Risk Leader Deloitte

DICA Corporate Governance Workshop. Separation between Board and Management: Good Practices and Benefits 12 July 2017

2017 Tax Management Consulting Conference Tax technology. Deloitte, Kuala Lumpur 12 July 2017

MODEL RISK MANAGEMENT

Deloitte Forum 2017: Global and Thailand Economic Outlook and How Disruptive Innovations Affect Your Competitive Landscape

SREP Transformation The Deloitte approach. Deloitte Malta Risk Advisory - Banking

Shared Services Trend Workshop Timothy Ho 20 July 2017

Board Evaluation Is your Board ready for SREP governance reviews? Deloitte Malta Risk Advisory - Banking

Compliance Risk Management Powers Performance

Cultivating a Risk Intelligent Culture A fresh perspective

Excellence in Third Party Risk Management (TPRM)

Anti Money Laundering (AML) Advisory Services Effective solutions for complex issues Deloitte Malta, 2017

Basel Committee on Banking Supervision. Stress testing principles

Global Manufacturing Industry Landscape

MANAGEMENT. STARTUP-ify your HR Infuse your HR and Talent Management with the agile spirit of start-ups! DEPARTMENTS PUSH-START TALENT MANAGEMENT

Implementing Analytics in Internal Audit. Jordan Lloyd Senior Manager Ravindra Singh Manager

Internal Audit Procurement Policies and Controls

Conquering complexity in the customer experience

Non-Financial Risk Management Insights Series Issue # 1 Risk Taxonomy and Risk Identification

The digital fund lifecycle

Model Risk Management (MRM)

Going beyond risk and compliance: Legal functions embracing digital

ECB onsite inspections Helping you to prepare. Deloitte Malta Risk Advisory - Banking

How effectively are you complying with BCBS 239? A guide to assessing your risk data aggregation strategies. Deloitte Malta Risk Advisory - Banking

Aspire with assurance IFRS 9 Financial Instruments. Implementation guide for Corporates. Audit & Assurance

Generating value within the Risk Ecosystem Risk powers performance

Regulatory Reporting: Implementing the proposed MAS Notice 610. Navigating the regulatory reporting and data challenge

EMEA TMC client conference Tax Operating Model defining your tax resourcing, governance and technology approach. The Crystal, London 9-10 June 2015

Guide on AASB 16 Technology solutions AASB 16 Leases

Predictive Planning Finance Transformation 12 June 2018

Innovating with RegTech. Turning regulatory compliance into a competitive advantage

Managing interdependencies in Current Expected Credit Loss (CECL) implementations

Internal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation

Audit quality Independent Audit

Internal audit insights High impact areas of focus

Capgemini s Comprehensive Capital Analysis and Review Services

Time to take action IFRS 16 Leases

Federal Reserve Guidance on Supervisory Assessment of Capital Planning and Positions for Large Financial Institutions.

Looking back Financial Markets Regulatory Outlook Scorecard

Taking labs to the next level with cloud and IoT VELP Scientifica tightens the customer connection

Internal audit insights High impact areas of focus

Human Capital Business led. People driven.

EY s response to Building the UK financial sector s operational resilience a BoE/FCA/PRA Discussion Paper

Reimagine Collections and Disputes Proactively identify and manage issues with machine learning

Tax Risk and Opportunity Manager

Risk frameworks. Driving business strategy with effective risk frameworks

Health care professionals payment transparency in Ontario Prepare for province s version of Sunshine Act

Software Asset Management Reducing costs, mitigating risk, gaining control. Ninety years in the Middle East

Creating a Risk Intelligent Enterprise: Risk governance

Duty of Care: from must to accelerator?

Consultation Paper CP26/17 Model risk management principles for stress testing

Enterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting

Our mission is to promote transparency and integrity in business. We monitor the quality of UK Public Interest Entity audits. We have responsibility f

Mining Solutions Driving innovation in mining

Building an Insight Driven Organisation March 2017

Millennials and the future of financial planning. March 3, 2017

Infrastructure and Capital Projects

RegTech, the future of banking beyond IT. In collaboration with

Internal audit in insurance: market issues and trends

DevSecOps Embedded Security Within the Hyper Agile Speed of DevOps

pwc.co.uk Enterprise Risk Management

Model risk management A practical approach for addressing common issues

The Role of the Board in Strategy & Risk. NACD National Conference Power Breakfast October 15, 2012

Basel Committee on Banking Supervision. Consultative Document. Stress testing principles. Issued for comment by 23 March 2018

Getting fit for TRIM. Impact of the ECB s Targeted Review of Internal Models. September 2017

Evolving expectations of Fitness & Probity to support an Individual Accountability Framework Breakfast Briefing 2018.

Transforming your Digital DNA Timothy Ho, Deloitte Ben Davis, Deloitte Nishith Mohanty, Deloitte

Financial Advisory. Valuation Services. Life Science Industry

A guide to assessing your risk data aggregation strategies. How effectively are you complying with BCBS 239?

Enterprise. Service. Transformation. Deloitte driving your digital service excellence with ServiceNow

Our PRIIPS solution Get prepared for the race

Environmental Reporting Guidance: CSA Staff Notice What does it mean, why does it matter and where do you go from here?

The New Lease Accounting Standard Made Easy With Deloitte and SAP The latest lease accounting standards require new insights and an extension of your

Shine a light on media accountability

Global Workforce Labs Designed to initiate and accelerate change. #GlobalWorkforce

Due for a transformation Accounts payable optimization with machine learning

Final Report. Guidelines. on internal governance under Directive 2013/36/EU EBA/GL/2017/ September 2017

It's your business Take control. Controlling services

Emerging & disruptive technology risks

Beyond compliance. Gaining competitive advantage through risk data excellence

2016 Global Manufacturing Competitiveness Index Report highlights

Link'n Learn Interactive Access to Deloitte Knowledge

H 2 N H. Supply chain management in the chemicals industry Key challenges and how Deloitte can support

Insurance Analytics: Organizing Analytics capabilities to get value from Data Analytics solutions A Deloitte point of view on Data Analytics within

Heightened standards for compliance risk management. Lines of defense compliance s role

H 2 N H. Supply chain management in the chemicals industry Key challenges and how Deloitte can support

Adding insight to audit Transforming Internal Audit through data analytics

CFO Insights Crossing the chasm: From operator to strategist. By Dr Ajit Kambil

Corporate Governance Board Effectiveness Reviews

Global Trade Radar How to leverage what tax authorities and forward-looking companies are doing in customs and global trade. Global Trade Radar

Transcription:

Model Risk Management A Southeast Asia Perspective

Model Risk Management The Current Landscape There is currently no substantive guidance with respect to Model Risk Management in the Southeast Asia region, which creates the opportunity for the market to define and advance industry practices ahead of regulations. Introduction At a basic level, model risk can be defined as the potential for loss as a consequence of decisions based on the output of a financial model. Losses may arise due to: Fundamental Errors a model produces inaccurate results when compared to the design objective and intended use; and Incorrect use use of the model is not aligned with its limitations and assumptions. Various factors such as, but not limited to, input data, model development conditions and model implementation affect the model output, which informs management s decision-making. With the increased use of and dependence on complex models for pricing financial derivatives or regulatory capital calculations, model risk is emerging as a prominent type of risk in its own right. Zero tolerance of model risk akin to operational risk is neither achievable (due to complexity) nor desirable (from cost-efficiency perspective). Rather, model risk appetite needs to be calibrated and the exposure managed to a risk-efficient level similar to market and credit risk. Governance of models throughout their lifecycle and internal risk ratings become key. Model Risk Management (MRM) then takes on responsibility beyond traditional model inventory, validation and controls like periodic reviews. With MRM frameworks designed for the future, organisations can advance their model risk-related activities from a compliance-exercise to proactive assessment and management of model risk. 2

Regulatory Landscape In Southeast Asia, there is currently no substantive guidance with respect to MRM. The Monetary Authority of Singapore (MAS) and other regional regulators have notions 1 within their supervisory guidance with respect to model governance, organisation, testing, validation and acceptance yet lack definitive requirements. Regional regulators and the wider industry have looked to American 2 and European 3 regulators for probable baseline requirements and best practices. This provides certain advantages: Banks in the region can learn, incorporate and enhance industry best practices. Banks can engage with local regulators as they build infrastructure to ensure current and ongoing compliance. OCC 2000-16 First Definition of models and Model Risk 2006 CEBS GL 10 New Validation Requirements BCBS 2010-11 Introduction of a Leverage Ratio as a safeguard against Model Risk CRD IV/CRR 2013 36 Technical criteria concerning the organisation and treatment of risks including Model Risk Bank IT Circular 285/2013 Management Body must understand all of the business risks, management in banks Recommendation on Model Risk TRIM Guide Feb-2017 What about the future regulatory framework? BCBS 1988-06 Introduction of credit risk and asset risk weights. Amendment to incorporate market risks BCBS 2004-06 Valuation adjustments where appropriate, Model Risk Bank of Spain 2008-14 Banks need to consider valuation adjustments for Model Risk OCC-Fed 2011-12 SR -11-7 First Supervisory Guidance on Model Risk Management EBA RTS 2013 on Prudent Valuation Valuation adjustments on Model Risk Quantification EBA SREP CP/2014/14 Integration of Model Risk as part of Pillar II TRIM RTS/2016/03 Structure of 3 lines of defence PRA Stress Test Model Management Principles 3

The Industry Landscape Whilst there is an absence of definitive model risk requirements in Southeast Asia, American and European regulators have increased scrutiny and pressure on financial institutions response to model risk. The industry has ramped up investment in MRM capabilities by increasing headcount in respective areas and establishing robust MRM frameworks. Increased pressure by regulators on model risk, governance, controls and documentation amplified by increasing scope, complexity and dependence on models is a material cost driver. The attempt by industry to curb these costs has led to outsourcing model validation and other related efforts to offshore low-cost locations or third party vendors. The trade-off for lower costs is reduced control and oversight of the process. Banks in Southeast Asia find themselves at the cusp of MRM developments as they are not yet bound by prescriptive regulatory requirements. This is a unique opportunity to look to global industry peers and assess the appropriate approach forward to adapt and incorporate MRM as a risk management tool. Deloitte s Perspective A lot has been done in the name of MRM and respective regulatory compliance, particularly in the US and Europe. We believe this expertise can be leveraged to benefit banks in Southeast Asia to create a customised and balanced MRM framework, which is both complianceeffective and commercially efficient. Further, the current absence of regulatory requirements implies that organisations can maintain a dialogue with local regulators during design and implementation to help establish industry norms and ensure compliance moving forward. Regulatory developments are usually reactive measures resulting in increased compliance costs after periods of losses or reduced profitability due to a catalyst like a market crisis or operational incidents. The growing presence of model risk calls for proactive development of a robust and effective MRM and governance framework that can help organisations manage risk without the need to experience a major and expensive catalyst. Acknowledging and embedding MRM into the organisation as part of the daily operations and management decision-making allows banks to break the perspective of it being limited to a compliance exercise. Advanced use of data and analytics can further aid derivatives of internal risk ratings and self-improvement of models, and have a positive impact on profitability. 4 The unique features of the SEA region and its institutions call for bespoke and custom approaches to MRM. Tested knowledge and expertise from American and European markets can be tailored to best fit the region and the risk profile of the respective bank. Simply mirroring a western model has its limitations; a careful balance between costs and control must be struck to best fit local and regional perspectives and culture.

Evolution of Model Risk Management Model Validation Model Risk Control Model Risk Management Model Validation: The traditional scope for model risk is comprised of model validation and periodic review. In essence, when a new model was created it went through an approval and validation process after which it would be periodically tested for its appropriateness. This is an ineffective control processes, which takes a lagging, reactive and snapshot approach to potential emerging problems: A model failure or weakness may only be spotted upon review or at time of failure, or not at all. Backtesting techniques as detective measures, post-facto and statistical, again may fail to surface the specific or thematic issues of models. Furthermore, model documentation and audit trails are heavily scrutinized by regulators and are a challenge to maintain. Appropriateness and applicability of a model during selection become crucial as the testing of such is limited to the reviews. Model Risk Control: As an advance, activities around model risk are expanded to form a tighter and more timely closed control framework for model risk by introduction of model lifecycle management. As an example, detective processes on operational aspects of model uses were established across an organization such as regular reports of all pricing models used, to ensure they are to the latest versions and are appropriate for the product. A more systematic approach to validation and testing promises more successful capture of model failures, and with reference to the actual use cases such as stress testing. Such systematic testing further informs a more comprehensive understanding of potential P&L impacts on the actual portfolio of financial instruments across a range of models. Model Risk Management: The three lines of defence are fundamental to sound governance and organization, further help to establish clear management transparency and accountability for model risk. Deployment of algorithms for pro-active model improvement suggestions. In this light, model risk controls can be supported and enhanced with technology. For example, model lifecycle management tools ensure consistent and timely approach to process and document most aspects of model risk control. 5

Future of Model Risk Management Besides more effective, timely and proactive controls however, the natural progression of Model Risk Management is to leverage design principles and analytics. MRM as a tool for risk optimiation creates a new opportunity to define and manage risk appetite. The key difference arises from reporting and use of data proactively. The instrumental design change is to fully integrate and embed challenger and benchmark models upstream into production environments. Frequent runs for a variety of models and calibrations creates proactive insights: Generation of analytics to review model performance. Pattern analysis to identify exceptions for review. Deployment of algorithms for pro-active model improvement suggestions. Stress testing and scenario analysis for regulatory requirements. In such a data-driven setup, model review is no longer a periodic assessment, but a more powerful and integral part of production. Use of machine learning and robotics also becomes feasible through the generation of data and exception management, which can enhance self-improvement capabilities and better management of internal model risk ratings. Big data analytics can be upgraded to smart data. Conclusion Deployment of an enhanced MRM framework in the region is arguably simpler as banks can design and implement infrastructure that best suits their needs, structure and capabilities. Using design principles and leveraging analytics, regulatory compliance becomes an afterthought as risk management is embedded in the daily operations and decision-making. 6

Key Contacts Contributors Michael Rey Managing Director Financial & Regulatory Risk Singapore Mobile: +65 9837 4076 Email: mrey@deloitte.com Siddharth Agarwala Associate Regulatory Risk Singapore Key Contacts Benny Koh Partner Regulatory Risk Leader Southeast Asia Mobile: +65 9368 9898 Email: bekoh@deloitte.com Timothy McAndrews Managing Director Regulatory Risk United States Mobile: +1 646 385 6783 Email: tmcandrews@deloitte.com Nadège Grennepois Director Risk Advisory France Mobile: +33 6 80 48 65 78 Email: ngrennepois@deloitte.fr 01. MAS guidance is available primarily in the Risk Management section of the Regulatory and Supervisory Framework. There are no specific sections pertaining to model risk or its management. http://www.mas.gov.sg/regulations-and-financial-stability/regulatory-and-supervisory-framework/risk-management.aspx 02. The US Federal Reserve s (Fed) guidance stems primarily from SR 11-7: Guidance on Model Risk Management. https://www.federalreserve.gov/supervisionreg/srletters/sr1107.htm 03. The Bank of England Prudential Regulation Authority s (PRA) guidance stems primarily from the principles around stress test model management. http://www.bankofengland.co.uk/ pra/documents/about/letter270317.pdf 7

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ( DTTL ), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as Deloitte Global ) does not provide services to clients. Please see www.deloitte.com/sg/about to learn more about our global network of member firms. Deloitte provides audit & assurance, consulting, financial advisory, risk advisory, tax & legal and related services to public and private clients spanning multiple industries. Deloitte serves four out of five Fortune Global 500 companies through a globally connected network of member firms in more than 150 countries and territories bringing world-class capabilities, insights, and high-quality service to address clients most complex business challenges. To learn more about how Deloitte s approximately 264,000 professionals make an impact that matters, please connect with us on Facebook, LinkedIn, or Twitter. About Deloitte Southeast Asia Deloitte Southeast Asia Ltd a member firm of Deloitte Touche Tohmatsu Limited comprising Deloitte practices operating in Brunei, Cambodia, Guam, Indonesia, Lao PDR, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam was established to deliver measurable value to the particular demands of increasingly intra-regional and fast growing companies and enterprises. Comprising approximately 330 partners and 8,000 professionals in 25 office locations, the subsidiaries and affiliates of Deloitte Southeast Asia Ltd combine their technical expertise and deep industry knowledge to deliver consistent high quality services to companies in the region. All services are provided through the individual country practices, their subsidiaries and affiliates which are separate and independent legal entities. About Deloitte Singapore In Singapore, services are provided by Deloitte & Touche LLP and its subsidiaries and affiliates. 2017 Deloitte & Touche Enterprise Risk Services Pte Ltd

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback