July 5, 2024

Navigating SS1/23: A Compliance Guide for Model Risk Management (MRM) Teams

Navigating SS1/23 compliance for model risk management teams.
Share

The SS1/23 is the first Supervisory Statement issued by the United Kingdom’s Prudential Regulation Authority (PRA) in the year 2023​. The objective of this regulation is to broaden the discussion on Model Risk Management (MRM) practices among banks’ senior management and board.

This regulation is especially relevant now, given our heavy reliance on advanced technology, including developments in generative AI (GenAI), artificial intelligence (AI), large language models (LLMs), and machine learning (ML). These advancements make following the SS1/23 framework increasingly challenging for MRM teams.

Model Risk Management Teams Complying with SS1/23

Using models in banking operations naturally comes with risk. Model risks can stem from misapplication, quality of data, and more. SS1/23 emphasizes the need for model risk to be considered on par with credit risk along with other major risks.

To fully grasp and challenge the risks that models pose, leadership must enhance their focus on MRM. Ignoring inaccurate analysis and flawed decision-making can harm a bank both financially and reputationally.

The SS1/23 framework provides a structured approach for MRM teams to minimize risk. This framework includes principles set by the PRA: model governance, model inventory and documentation, model development and validation, and risk assessments. 

Model Governance

As banks increasingly rely on models to assess future risks, strong model governance and MRM teams become crucial for seamless operations. Disregarding these aspects can lead to serious consequences.

Banks should implement governance through their board or senior management to support the MRM team and its operation. This oversight helps in implementing effective MRM practices and sets a standard for the bank.

A well-structured governance framework ensures that models are properly controlled and used in alignment with the bank’s requirements.

Model Inventory and Documentation

Keeping clear model inventory and documentation is important for complying with SS1/23. A detailed inventory helps banks keep track of all the models in use, including their purpose and current status. This allows them to organize models based on their risk levels so they can prioritize high-risk models for validation and monitoring. 

Up-to-date documentation also ensures oversight by senior management, aligning with SS1/23’s requirement on strong governance of the MRM teams. This enhances transparency within the organization, ensuring accountability and effective communication throughout the bank. 

A well-maintained model is key for banks to manage model risk effectively, as outlined in SS1/23.

Watch our latest webinar | The Impact of GenAI in Model Risk Management (MRM)

Model Development and Validation

Proper development and validation are two important components of the SS1/23. Similar to model documentation, these factors guarantee accuracy within the model development process. This supports decision-making in banks, and ensures reliability by validating models and assessing their performance under various conditions. 

Firms must maintain their validation process that effectively tests the development of the model and its usage. Human oversight is also key to maintain smooth operation and to implement all validation recommendations.

By focusing on these factors, banks are able to adapt to the rapid changes in technology, ensuring that the models remain relevant in their dynamic environment/keeping the models reliable for their intended function. 

Risk Assessment

SS1/23 also touches on risk mitigation within these two factors. If models are not correctly developed and validated, they can introduce serious risks for the banks. Risk mitigation allows banks to identify flaws and risks before they impact their operations.

As technology constantly evolves, models must be updated and validated to reflect new data and techniques. Implementing a governing body within the bank is important to maintain robust oversight and control over MRM practices. 

Conclusion

Complying with SS1/23 is crucial for managing the risks associated with advanced modeling in banking. This will deepen their understanding of model risk at both individual and aggregate levels, enabling them to have informed discussions about MRM with their teams, ensuring they provide robust oversight.

By emphasizing strong model governance, maintaining a detailed model inventory, and ensuring thorough model development and validation, banks will be able to mitigate risks effectively.

Company and Industry Updates, Straight to Your Inbox