On June 7, 2017, the Federal Deposit Insurance Corporation (“FDIC”) announced that it is adopting the Supervisory Guidance on Model Risk Management (the “Guidance”) which provides guidance on effective model risk management and the potential for damage when models play a role in bank decision-making. The Guidance adopts model risk management guidance that was previously issued by the Federal Reserve and the Office of the Comptroller of the Currency in 2011, with some technical conforming changes. The FDIC announcement states the Guidance is “not expected” to apply to banks with under $1 billion in total assets unless the institution’s model use is complex or significant, or poses an elevated risk to the institution.
The FDIC noted that banks routinely use models for a broad range of activities, including underwriting credit; valuing exposures, instruments, and positions; measuring risk; managing and safeguarding client assets; and determining capital and reserve adequacy. Moreover, the FDIC observed that many regulated banks have increasingly become reliant on models for financial decision-making in recent years.
For the purposes of the Guidance, the term “model” means “a quantitative method, system, or approach that applies statistical, economic, financial, or mathematical theories, techniques, and assumptions to process input data into quantitative estimates.” The definition of “model” also covers certain quantitative approaches whose inputs are partially or wholly qualitative or based on expert judgment, provided that the output is quantitative in nature. The Guidance further notes that while certain approaches involving “simple mathematical calculations” used by banking organizations are not considered models, they should still be subject to a rigorous control process.
The FDIC expects the board of directors and senior management of banks to ensure “effective challenge” is performed with the appropriate incentives, competence, and influence, and is validated by internal audit. This generally entails “critical analysis by objective, informed parties who can identify model limitations and assumptions and product appropriate changes.”
The Guidance also addresses the components of an effective validation system and how models provided by third-party vendors should be incorporated into a bank’s overall model risk management framework, and advises banks to examine whether model use might increase consumer compliance or fair lending risk.
The Guidance is available here: https://www.fdic.gov/news/news/financial/2017/fil17022a.pdf.