Model Governance and Model Risk Management

  • By Rob Trippe
  • Published: 12/1/2020

Our last article discussed what a “model” is and how the Federal Reserve developed a definition of a financial “model” in response to the effects of the great recession and the risk financial models were exposed to during that time. From this effort came “model governance” for financial decision-making, reporting and capital planning models and processes.

Model governance is a set of activities, policies and procedures which formalize model and model risk management activities for implementation. The Fed’s SR 11-7 model risk management guidance to banks recommends an emphasis be placed on testing and analysis with a key goal of promoting accuracy.

Model risk refers to the chance of unintended consequences resulting from model development, inputs or outputs. In an enterprise risk management framework, model risk is a subset of operational risk, which is broadly defined by the Basel Committee on Banking Supervision as "the risk of a change in value caused by the fact that actual losses, incurred for inadequate or failed internal processes, people and systems, or from external events, differ from the expected losses.”  

FPA Risk

With risk comes opportunity, and model governance offers both. The risk is that poor model management can lead to the evaporation of billions of dollars and company collapse; the opportunity is to improve your practices, increase communication and make an enduring company. A simple way to categorize the benefits is model usefulness and sustainability.

FPA Risk 3

Governance process covers the model lifecycle (below) to provide toll gates for success and completion of models and visually assists us when it comes to separating model roles and responsibilities. FPA Risk 2

I would like to introduce some fundamental model governance and risk management standards and practices used by banking institutions, which can be applied to the broader corporate environment. The synthesized and confident use of model output throughout an organization by decision makers has always posed a challenge in the business world and remains so today. Model governance attempts to address this. Common model governance and risk management activities include:

FPA Table

Model Risk and Documentation

Proper documentation is cumbersome, time-consuming and uncomfortable. People often chafe at losing momentum to write up documentation, explaining their work in detail, and negotiating the value of estimates, prediction and forecast. However, documentation is more than simply a compliance and requirement exercise. It is critical to a model’s overall success by reducing risks and costs and providing the organization with comfort around usefulness and sustainability. As evidence of the benefits, federal agencies reviewing megabanks look favorably upon models which have comprehensive and well-conceived documents to support their models. Tangible benefits include:

  • Reduced key person dependence
  • Mitigated transitional challenges as models pass from user to user and output need to output need as conditions and requirements change
  • A more streamlined validation and audit process
  • Reduction in potential user error
  • Avoidance of potential misuse
  • Effective communication of challenging theoretical concepts – “comfort”


The most common FP&A issue I witness across organizations is poor modeling practice; I encourage you to urge your leaders to pursue knowledge, discipline and organizational cohesion when it comes to how we employ and govern our firm’s important assets. Fed-issued guidance provides a pathway for which we can validate our models and lists numerous methodologies. These methods (sensitivity, scenario, back-test) have become increasingly used vernacular in the FP&A world today.

I am a strong believer that corporate FP&A departments should have a dedicated resource within FP&A to properly manage and govern financial models throughout the organization and abide by industry protocols in model development. Alternatively, it could be written into job descriptions as responsibilities managed within the FP&A group. An additional layer of protection is to make model management a component of existing audit and/or risk resources.

Our financial models are simply too important not to take an active approach to reduce model risk and ensure model effectiveness. Here I have outlined model governance and risk management practices. Our next article will point out a few of the model standardization organizations and the Agile model development approach. 

Rob Trippe is M&A, corporate finance advisor and analyst for Corporate Finance Consulting & Advisory. Read the first two parts of this series here and here.


Copyright © 2024 Association for Financial Professionals, Inc.
All rights reserved.