Model Risk Management (OSFI E-23)

Models (including artificial intelligence / machine learning models) are receiving increased attention. More diverse data sources, complex techniques and a broad range of use cases suggest greater inherent risk, that need to be mitigated.

To be applied on a risk basis, Guideline E-23 comes into effect in May 2027. The Guideline covers the following:

Enterprise-wide model risk management

• Reporting structures and resourcing

• Model risk management framework (aligning with strategic objectives)

• Model use (appropriate for business purpose)

Risk Based Approach to model risk management

• Identify and track all models

• Model risk rating - consider key dimensions

• Risk management intensity - commensurate with the risk

Model Lifecycle management

• Policies, procedures and controls

• Components of the model life cycle - design, rationale, data, development, review, approval, deployment, monitoring, decommission

Ethidex ASSESS can support model risk management, with:

• a library of models (inventory) capturing key data for management and reporting

• libraries of model risks and controls, used in conjunction with the library of models, to perform periodic, distributed Model Risk Assessments

• regulatory compliance alignment of practises across governance and individual models

If you would like to know more, please reach out to discuss.