Independent Review of Risk Management Framework

Model RiskRisk & Independent Model Validation

Independent model validation has become increasingly important, as highlighted by the European Banking Authority (EBA) and the Bank of England, due to the rising complexity and integral role of models in financial decision-making. The EBA’s new standards for Initial Margin Model Validation (IMMV) emphasize the need for robust, accurate assessments and independent validation by qualified personnel not involved in model development or use, ensuring models are fit for calculating initial margin requirements in non-cleared derivatives. Similarly, the Bank of England’s Model Risk Management (MRM) principles stress the necessity of sound model governance and independent validation to manage potential risks to financial stability and firm safety. This approach is intended to mitigate risks arising from inadequate or flawed model design, implementation, and use, thereby enhancing the overall integrity and stability of the financial system.

Overview of Topic

Model risk is a significant concern for both the European Union (EU) and the Prudential Regulation Authority (PRA) in the UK due to its potential impact on the stability and integrity of the financial system. Here’s an overview of why model risk is important from the standpoint of these regulatory bodies:

European Union (EU)
Financial Stability and Integrity: The EU’s focus on model risk is primarily driven by the need to ensure the stability and integrity of the financial markets. Flawed or misused models can lead to significant financial losses, mispricing of assets, and mismanagement of risks, potentially leading to systemic risks.

Regulatory Compliance: EU regulations, such as the Capital Requirements Directive (CRD IV) and Regulation (CRR), MiFID II, and the Solvency II Directive for insurance firms, require institutions to manage model risk effectively. These regulations mandate the use of models for capital calculation and risk assessment, making the management of model risk crucial for regulatory compliance.

Risk Management: The EU emphasizes the importance of sound risk management practices, including the management of model risk. This includes ensuring that models are properly validated, regularly reviewed, and updated to reflect changing market conditions.

Transparency and Accountability: The EU promotes transparency in the use of models by financial institutions. This includes the need for clear documentation, understanding the assumptions and limitations of models, and being accountable for the decisions made based on model outputs.

Prudential Regulation Authority (PRA)
Prudential Supervision: As a part of the Bank of England, the PRA’s focus is on the prudential supervision of banks, insurance companies, and major investment firms. It emphasizes the need for these institutions to have robust model risk management frameworks to prevent financial losses and ensure solvency.

Capital Adequacy: The PRA requires firms to use models for capital adequacy calculations under the Basel III framework. The accuracy and reliability of these models are crucial for ensuring that institutions hold sufficient capital to cover their risks.

Risk Assessment and Management: The PRA expects firms to identify, measure, manage, and report risks, including those arising from the use of models. This includes ensuring that model risk is integrated into the overall risk management framework of the institution.

Model Validation and Governance: The PRA emphasizes the importance of independent model validation, effective governance, and control frameworks around model development, implementation, and use.

In summary, both the EU and the PRA consider model risk management critical for ensuring the safety and soundness of financial institutions, protecting the financial system from systemic risks, ensuring regulatory compliance, and safeguarding the interests of consumers and investors.

Significance in Today's Landscape

Significant initiatives have emerged, such as the European Central Bank’s Targeted Review of Internal Models (TRIM) in 2017, the ECB guide to internal models in 2018, and guidance from Prudential Regulation Authority (PRA), CP 6/22 MRM principles to provide better guidance within teh Model Validation space. These initiatives aim to contain model risk through enhanced MRM governance and concepts. 


Model risk management applies broadly within the financial services sector, encompassing a range of institutions and activities. The scope of its application can be understood in terms of the types of institutions affected and the areas of their operations that are impacted:

Asset Managers

How Can We Help?


Model Compliance

All models and Model Risk Management functions need to be compliant with their waivers. An annual self assessment is needed to provide that assurance.


Model Accuracy

All models require independent testing and reviews to ensure assumptions are well captured, limitations are fully understood and adeqautely documented and the relation between input and output is consistent.


Model Tiering

Regulators expect transparency in the classification methodology, the use of limited subjectivity, and clear documentation.



The information presented should be consistent and comprehensive enough to enable efficient reporting and help parties unfamiliar with a model understand how the model operates. The level of detail provided for each model should be proportionate to the complexity and overall level of usage of the model within the FI.


Technological Environment

For an adequate MRM framework with comprehensive documentation and traceability, it is essential to have a centralized management system that provides a holistic view of model risk across the organization. Recent technological advancements have aided the MRM setup quite significantly.


Model Lifecycle

Many financial institutions (FIs) lack appropriate controls and processes to mitigate model risk over the complete model lifecycle, which covers a model’s lifespan from development until decommissioning. All stakeholders need to be aware of model risk that may be generated in each phase of the model lifecycle, even when the model is already in force.

Many FIs underestimate the number and diversity of their models. The number of models within an FI can range from a higher two-digit number to more than 10,000 models in sophisticated and mature FIs. A well-defined and structured model landscape enables FIs to better assess and manage model risk.

Want to hire 

Regulation Expert? 

Book a call with our experts