Securities trading firms establish risk models to calculate the risks in their trading operations. The European Union, UK, US and other jurisdictions have all set rules or guidance concerning the establishment of these risk models and the need to be aware of the lineage of data, instruments and model validations. Therefore, it is essential for firms to understand what model risk management is required in a modeling ecosystem, what all of the relevant regulations say, and how data lineage functions.
Modeling ecosystems can be divided into two types: front-office ecosystems and risk and finance ecosystems. For the most part, three types of data are needed to feed the models: point-in-time position and transaction data, time-series market data, and time-series position and transaction data. The types of calculations produce various measures of profit-and-loss data and valuation data.
Front-Office Modeling Ecosystems
Front-office modeling ecosystems use quantitative models to calculate the value of derivatives and trading positions. These run trades and market data through pricing models to produce mark-to-market validations and risk sensitivities, which in turn feed into front-office quantitative calculations. There are several pricing models, including SABR, Black-Scholes and Hull-White interest rates. These techniques are used to predict the size of cash flows associated with derivatives and other financial instruments in firms’ trading books. For more details on these techniques, please see the whitepaper from GoldenSource, “Model Risk Management for a Trading Firm’s Calculations: A Data Centric View of Model Risk Management.”
Risk and Finance Front-Office Modeling Ecosystems
Risk and finance modeling ecosystems support regulatory compliance and internal controls by producing valuation measurements. Different teams within firms are responsible for each type of model and its calculations, such as VaR (Value at Risk) or Monte Carlo simulation. If the team is tasked with independent price verification (IPV), it is likely to need valuation adjustment methods that can account for changes in credit, funding, capital or margins. Valuations can be calculated in two ways: on a risk-sensitivity basis or a full-revaluation basis. Risk sensitivities can be found using curve shift approaches, while full revaluations apply market data to trades and positions, which can be more accurate but also more expensive to perform.
Model Risk Management Regulation and Guidance
Four pieces of regulation relevant to risk model operations and model risk management are the Basel Committee’s Fundamental Review of the Trading Book (FRTB), the European Central Bank’s guidelines for Targeted Review of Internal Models (TRIM), the UK Prudential Regulation Authority’s (PRA) model risk management principles for stress testing and the US Federal Reserve’s SR 11-7 supervisory guidance for model risk management. All emphasize the importance of data management and data lineage in managing model risk.
While FRTB covers numerous risk requirements, including the use of credit risk in market risk calculations, calibration to stressed market conditions and using expected shortfall as a risk measure, its most important element is the requirement of a choice between internal models and standardized approaches to managing risk. The internal model requires less risk capital, but firms using this model must pass certain VaR and P&L attribution tests.
European TRIM guidelines aim for consistency in the way banks use internal models to calculate risk weights. These guidelines set out best practices for credit risk, market risk, counterparty credit risk and model governance. TRIM recommends an internal ratings-based approach to quantify required capital to cover credit risk. TRIM also includes guidelines for estimating different kinds of default risks, principles for internal market risk model review (including back-testing of VaR), and principles and elements for modeling counterparty credit risk.
The PRA’s risk management principles focus on the materiality of models being used to calculate risk. To determine that materiality, the PRA says firms should look at the number of positions in a portfolio and the exposure of the portfolio. The principles cover model validation policies, processes for identifying risk of models, control processes for stress test models, and daily management of model risks. The principles define four types of models: statistical/economic calculations, parameter transformations, qualitative adjustments and model output transformations.
Lastly, the US Federal Reserve model risk management guidance, issued in 2011, covers a lot of the same ground as TRIM and the PRA’s guidance. It also defines elements of model validation such as conceptual soundness, monitoring and outcome analysis.
Model Risk Management Summary
Model risk management must combine regulatory compliance with processes that produce the most accurate valuations or P&L figures. Data points that are key to managing and measuring trading activities, such as daily P&L and capital charges, depend on the quality of the risk models being used. The lineage of the data that goes into these models is critical to producing data that supports trading. To get the lineage right, one has to be able to trace data inputs back to their sources and show the trails of any transformations that have been applied to that data, such as derivations and calibrations.
As previously described, the type of ecosystem and valuation calculation being applied must be well understood to get high quality risk models and high quality risk management results.