当前位置:首页 >> 互联网 >>

Model Risk Policy & Guidelines FINAL


Principle: Policy: Geographic Scope: Issuing Department: Issuer:

Financial and Business Risks Model Risk Global Enterprise Risk Management Helen Galt SVP, Company Actuary & Chief Risk Officer

POLICY This policy defines control requirements and responsibilities for managing the risks resulting from the use of modeling to support critical activities. A Model is a tool used to calculate or estimate results based on a series of inputs often used for analysis or quantification. Organizations use a wide variety of models, which can be categorized in three areas: Decision Support, Financial, and Risk Management1. Model Risk is the risk that models are poorly designed, implemented incorrectly, or applied to tasks for which they are inappropriate. Model risk is generally categorized as a form of operational risk. Prudential is exposed to model risk because – as most financial institutions – it relies on models for performing critical activities. Critical activities are those that may have a significant impact on one or more of the following processes: o Actuarial Processes (e.g., reserve or liability calculations, asset adequacy testing, pricing) o Financial Reporting (e.g., asset valuations, impairments, insurance reserves, forecasting) o Risk Management (e.g., economic capital, hedging, stress testing, scenario analysis) o Operations & Systems Management (e.g., capacity planning, business continuation, data aggregation and integrity tools in support of models) o Client Services (e.g., account statements, illustrations, investment advice) o Asset Management (e.g., asset allocation, portfolio construction) o New Products and Initiatives (e.g., mergers and acquisitions, new product feasibility) Models should be evaluated based on the likelihood of a model error having significant one-time or cumulative impact on the results of a business unit or corporate center. Significant Impact is defined quantitatively as the lesser of 5% of normalized annual pre-tax adjusted operating income or $10 million; or .5% of assets of the business unit or corporate center, considering the cumulative impact of the repetitive use of a model. In addition, qualitative criteria must be considered when determining impact: o Impact on Prudential’s reputation o Customer impact o Compliance with laws and regulations o Information shared with regulators, investors, analysts, rating agencies, etc. It is the policy of Prudential Financial that appropriate control procedures must be in place for the use of modeling described above to ensure the following objectives are met: ? ? ? Approval - The purpose and use of a model, and the type of model to support a specific activity, are approved in accordance with existing business unit or corporate center approval practices; Validation - Scenarios, assumptions, methodologies, algorithms and calculations are appropriately tested and re-validated on a regular basis; Data Integrity - Data integrity and appropriateness are maintained throughout the entire process;

1

A Guide to Model Risk and Control, 2006 KPMG International.

1

?

Output Control - Output is shared on a need-to-know basis and only used for its intended purpose.

Although models that are created for ad-hoc, one time use, or models that can be characterized as supporting judgment-based business decisions, do not need to comply with the controls prescribed by the guidelines attached to this policy, the control objectives listed above must be considered by the individuals responsible for ad-hoc and one-time models. Many models are spreadsheet-based or supported by computer programs maintained in an end-user environment. For those models, compliance with the End User Computing Solutions policy and guidelines is a requirement to ensuring compliance with this policy. Models built on distributed or mainframe platforms must follow the Prudential systems development life cycle and comply with applicable technology policies and standards. PURPOSE OF THE POLICY To ensure the integrity and reliability of information generated by models that support critical activities. RESPONSIBILITIES Heads of Business Divisions, Businesses within the Divisions, and Corporate Departments are responsible for establishing and monitoring operating and supervisory procedures to comply with this policy. Supervisory procedures must be consistent with applicable corporate standards such as GAAP and Statutory reporting standards. Model Owners are responsible for developing and maintaining the models under their responsibility, risk assessing the models, and implementing controls in accordance with this policy. Model Coordinators are responsible for coordinating the implementation of this policy, including the development and maintenance of an inventory of models that support critical activities. Risk Officers are responsible for supporting their business or corporate department by providing operational risk management advice and expertise, and by monitoring compliance with risk management policies and operating procedures. Employees are responsible for communicating potential risks and exposures to management.

ADDITIONAL INFORMATION Model Risk Control Requirement Guidelines End User Computing Solution Control Requirement Guidelines RELATED COMPANY POLICIES Actuarial Standards End User Computing Solution Policy Financial, Investment and Insurance Product Risk Management

RELATED MATERIALS Applicable Professional Standards (e.g., AAA Standard of Practice on Data Integrity)

2

Model Risk Control Guidelines
For Models supporting critical activities, business unit and corporate functional management should: 1. Designate one or more individuals to be responsible for coordinating the implementation of this policy. The Model Coordinators should have the appropriate expertise, knowledge and authority. 2. Develop an inventory of Models that support critical activities, including but not limited to actuarial, financial reporting, risk management, operations and systems, client services, asset management, and new products and initiatives. Inventories should be kept by the Model Coordinators and readily available for review upon request. 3. Assign an owner and at least one back-up to each of the Models to mitigate “key person” risk. 4. Assign High, Medium or Low risk ratings (see definitions below) to each model in the inventory and document the rationale for the decision. 5. Identify an appropriate combination of controls for each model based on its risk ratings. 6. Identify gaps between existing and required controls. 7. Implement or upgrade controls to address identified gaps. 8. Review and update the inventory as needed, at least annually or when significant changes are made to critical activities and their supporting Models. 9. Approve additions of new Models. Determine if a new model is needed, or enhancements to an existing model. If applicable determine if an alternative technology solution can be implemented rather than using spreadsheets. 10. Develop a process to validate or “baseline” existing or new Models. Baselining is the process of validating the quality and accuracy of the current model (e.g., scenarios, assumptions, algorithms, methodologies), in order to provide the basis for reviewing future changes or enhancements without the need to re-validate the entire Model. Baselining frequency should be commensurate with the assigned risk rating of each Model. 11. Conduct periodic reviews and updates of Models to ensure they are adequately controlled and monitored. The review should also determine whether Models are still appropriate or need to be updated as a result of external changes (e.g., changes in the economic environment) or internal changes (e.g., new products may need to be added). Risk Ratings – When assigning the risk ratings (Financial/Business and Technical) to each Model, consider the following: potential impact of the output produced by the model, purpose, complexity (input data and algorithms/calculations), size, reliability of data, frequency of use, and frequency and extent of changes. To enhance the management of Model inventories and ensure consistency, it is recommended that the following inherent risk ratings be assigned to each Model: Financial/Business risk rating (H, M, L) High – Models assigned a risk rating of "High" could have a major impact to the Company in the event of significant error, misuse or fraud. The impact may be a financial loss, non-financial (e.g., reputational, legal, regulatory) incident or of a financial reporting nature. Quantitatively, major impact to the Company can be determined by applying the “significant impact” criteria included in the Model Risk Policy to the Company as a whole. Medium – Models assigned a risk rating of "Medium" are essential to the business unit or corporate center, but do not present the same risk or exposure to the Company as a high risk Model. Business impact factors include moderate financial loss, compliance exposure, management and reporting exposure. Quantitatively, moderate impact to the Company can be determined by applying 20% of the “significant impact” criteria included in the Model Risk Policy to the Company as a whole.

3

Low – “Low” risk Models are deemed useful to a business unit or corporate center, but represent lower risk to the Enterprise. Technical risk rating (H, M, L) – based on the complexity of the computer systems or end user solutions that support the model. High – Computer system or highly complex End User Computing Solution (EUCS), generally requiring an expert with advanced knowledge of the software platform used (e.g., Excel) to maintain or modify the underlying functionality. Medium – EUCS using other than basic functions, which may include look-ups, pivot tables, basic macros, data import/exports, and other intermediate functions. Low – Basic EUCS, containing lists, basic calculations, basic functions, and limited use of other functions. Recommended Controls (based on the greater of financial/business or technical risk ratings): It is recommended that each business unit and corporate center develop a set of minimum required controls for each Model Risk rating. Consider the following: Model Validation and Baselining Initial Validation – Every new modeling process needs to be validated before its output is used for the first time. The validation process should include a thorough assessment to determine if the new model meets the requirements of Prudential’s model risk policy and produces results at the desired accuracy level. Validation should be performed by individuals not directly involved in the design and implementation of the model. For High risk models, strong consideration should be given to hiring a third party subject matter expert to conduct the validation process. Periodic Baselining – Every modeling process needs to be re-validated periodically to ensure that it is functioning properly and still adequate for the current environment. Baselining allows for reliance on change management controls and avoids the need to re-test all aspects of a model after a change is made. It is recommended that high risk models be revalidated annually. The revalidation frequency of medium and low risk rated models should be determined by management based on the number and significance of changes. At a minimum, the following model components should be assessed and tested during Initial Validation or Periodic Baselining: input data, assumptions, model architecture, internal algorithms and calculations, reasonableness of output, sensitivity of results to changes in assumptions and input data, and appropriateness of model usage. Input Data is complete, accurate and appropriate for the intended use. Assumptions are relevant, reasonable and consistent with the current environment and all future environments being modeled. Model Architecture (the conceptual framework and design the model is based on), supports business and regulatory requirements. Internal Algorithms and Calculations are properly designed and operating accurately, effectively and efficiently.

4

Output is reasonable and consistent with data, assumptions, architecture, algorithms and sensitivity analysis. Sensitivity Analysis indicates a logical relationship between changes in input data or assumptions, and output. Model Usage – Appropriate for the intended use. Model Controls As many models reside in electronic spreadsheets or other forms of End-User Computing Solution (EUCS), please refer to the EUCS Policy and Control Guidelines for a comprehensive list of control requirements applicable to each Model in the inventory. Models residing on distributed or mainframe production platforms must be subject to the appropriate level of control for a Prudential production system. Following is a list of the most significant controls that should be in place and tested periodically: User Access – Control procedures should be established within your business unit to ensure appropriate access to each Model. Examples include: ? Limiting access based on job responsibilities of individuals by restricting access to the file and location containing the Model. No file-specific access controls may be needed if the Model resides on a password-protected or access-restricted shared drive. Passwords must meet Enterprise standards. Periodic user access recertification of the individuals with access to the shared drive and access levels should be conducted. Assigning appropriate rights based on responsibilities (e.g., Create, Read, Update, Delete) Further protect the contents of the Model such as data, formula, links, and macro commands by using existing security functionality within the solution (e.g., file passwords, cell protection, and table security). In addition to securing the model itself, consideration should be given to how input and output of the modeling tool are secured.

? ? ?

Change Management – A controlled process should be maintained to ensure that changes to each Model are monitored, logged and authorized as appropriate. Examples include: ? ? ? Documenting change requests and approvals Ensuring changes are functioning as intended (include formal signoff from independent individuals if the situation warrants based on risk and complexity). Maintaining an audit trail of changes.

Version Control – A controlled process should be maintained to ensure that only a current and approved version is in use. Examples include: ? ? Defining a methodology for naming Models to make each variation or version unique and easily identifiable. Properly labeling any output generated by a Model.

Testing – Testing must be planned, performed, and consistent with complexity and associated risks. Practices include: ? ? Development and documentation of a testing plan, including validity checks for mathematical functions, appropriate screening of input and output data, and reconciling or validating data to an independent source where appropriate Involvement in testing by someone other than the creator, based on complexity.

5

?

Documentation of test results

Documentation – Sufficient documentation must be maintained to ensure an understanding by an independent person of the Model’s objective, data inputs, algorithms, calculations, assumptions, and outputs. Model Use and Reporting Controls must be established to govern each model’s use and reporting on results obtained. At a minimum, these controls should ensure the achievement of the following objectives: ? ? ? ? ? Report headings should contain name, author, report date, cut-off date or covered period, version number, and information protection level (e.g., Confidential, For Internal Use Only). All relevant information that would be useful to the recipient of the model output should be included so that inputs and methods used, as well as uncertainties and limitations are clearly understood. If applicable, results should be reconciled to prior results and other reasonable benchmarks. Where applicable, model sensitivity to key assumptions should be demonstrated. Reports should be distributed only to authorized individuals and used only for their intended purpose.

Ad-hoc and One-time Models Although only models used frequently, or as part of a regular process, should be captured in the inventories and need to comply with the controls prescribed by these guidelines, the Model Risk policy requirements still need to be considered for ad-hoc and one-time models by the individuals responsible for those models. Third Party Models Models developed by consultants specifically for Prudential should be treated as internal models. External models sold or licensed to Prudential and other companies should be subject to normal vendor and product due diligence reviews. The aspects of the modeling process under Prudential’s control should comply with these guidelines (e.g., approval, data integrity and output control).

6


相关文章:
更多相关标签: