Menu
CLIENT NAME
Anonymous
CLIENT TYPE
Commercial bank
CLIENT LOCATION
Western Europe
CLIENT SINCE
2013
This Western European financial services firm had obtained Advanced Measurement Approach (AMA) accreditation from its regulator some four years previously. Following a number of regulators in neighbouring countries undertaking AMA reviews of other AMA accredited firms, this client decided to revalidate its own model before its home regulator decided to undertake such a review. As the firm was in the process of establishing its own internal model validation team, it commissioned RiskBusiness to undertake the validation on its behalf.
The client accepted that industry standards had evolved significantly over the past few years during the time it had been firstly developing its AMA model, then after accreditation, operating its AMA model. Risk management wanted to understand the gap between the current model and where industry good practice was focussed, so as to decide whether any onward development of the model was required.
The client had secured a commercial software solution for its operational risk management activities. Included within this solution was a vendor proprietary AMA model which the client had configured in a manner to meets its AMA approach, which included the use of internal loss data, consortium-based external loss data and scenarios.
RiskBusiness deployed a team of three onto the project, a highly experienced senior business resource, a former regulator who had previously accredited AMA models and an experienced quantitative specialist who had built many models themselves.
The first step for the team was to understand the accreditation granted to the firm by its regulator, which included a detailed review of the original AMA waiver application, all supporting documentation and the resultant communications from the regulator. This was followed by a review of the firm’s risk management framework, with specific focus on the internal loss data collection and scenario assessment processes, as well as on how the raw data derived from these processes was co-mingled with external loss data, then used as the input parameters into the AMA model.
The team next interviewed key members of the operational risk management group to understand how the framework actually worked in practice, then moved on to interview management on their views of the AMA model and the results it provided, ending with the “quant” team, with whom the RiskBusiness team investigated the inputs, the configuration, modelling decisions made, results achieved and how the output was used within the firm.
It was quickly apparent that there had been little work on the AMA model since original accreditation. The commercial software solution in use was several versions behind the vendor’s current release, there was no model documentation available, no record of modelling decisions made and, perhaps most critically, the scenario assessments being used as inputs had not been re-assessed since the original accreditation. While the AMA model “used” external loss data, there was no evidence that any such actual data was going into the model.
Not only had the AMA model essentially “stagnated”, industry practices had moved on significantly, while regulatory oversight and requirements would result in the AMA model failing to achieve accreditation if put forward today for re-accreditation in its current state.
The RiskBusiness team worked with the client to establish a remedial plan. The first step was to assist the client upgrade its operational risk system to the latest release, which included a far more advanced and configurable capital model. The team then worked with the client to redesign its relevant data collection processes, including how it identified appropriate scenarios for inclusion into the AMA model and how external data would be used, then designed a revised model, before testing the model.
By this stage, an internal model validation unit had been established and that unit’s first task was the independent validation of the new model. This was accompanied by the review and updating of all relevant policy and procedural documentation. Once the model validation team was comfortable with the new model and the client’s internal audit group had reviewed everything, the client approached its regulator with a request for permission to migrate to the revised model. The regulator expressed some surprise that the firm had, without regulatory instruction, undertaken such a comprehensive validation and remediation process, then reviewed the model before sending the firm a letter approving its use moving forward.
Whether you are an AMA accredited firm, a firm considering adopting the AMA or a firm who has to undertake ICAAP, you should periodically review your risk models for continuing appropriateness. Given that your own internal model validation group may not have either the time or the breadth of industry practice at their disposal, you may wish to consider outsourcing this activity to RiskBusiness.
RiskBusiness is an international Governance, Risk, Audit and Compliance (GRAC) solution provider, with more than 200 financial services firms currently using our SaaS (Software-as-a-Service) solutions globally.