Familiar Wine, Unfamiliar Bottle
In 2011, the Federal Reserve and Office of the Comptroller of Currency (OCC) issued Supervisory Guidance on Model Risk Management (SR 11-07), applicable to all banking organizations supervised by the Federal Reserve. Since the advent of SR 11-07, regulators across the globe have initiated supervisory mechanisms to develop standards for model risk management within banks and financial institutions. The final E-23 guidelines, released in September by The Office of the Superintendent of Financial Institutions (OSFI), add a Canadian chapter to the global model risk management framework. To quote from the final E-23 guidelines:
“E-23 outlines OSFI’s expectations for the establishment of an enterprise-wide model risk management framework at institutions. Taking an enterprise-wide view of risk implies that these principles should be appropriately applied across the entire spectrum of models used by institutions for risk management purposes.”
OSFI expects financial institutions within the scope of E-23 to have a consistent set of policies and procedures across the entire spectrum, which includes regulatory capital models, internal risk management models, valuation/pricing models, business decision-making models for risk management (such as credit adjudication and scoring models) and stress testing models.
Revolving around key elements - model framework, model lifecycle management, and model inventory - these guidelines, in our view, aim to align the model risk management practices in Canada with the globally accepted SR 11-07 standard. However, E-23 guidelines differ from SR 11-07 standards in certain respects, including new definitions of model validation requirements and model risk materiality assessments. In addition to adhering to the guidelines in E-23, OSFI also expects financial institutions to comply with its model risk guidance that is specific to existing Pillar I and Pillar II internal capital models.
Our experience and analysis suggests large institutions will be compliant on most of E-23’s requirements if they adopt SR11-07 and guidelines by the Basel Committee on Banking Supervision (BCBS). However, this paper discusses specific areas on which banks will need to focus to conform their practices to the OSFI guidelines.