model validation
What is an AML & Sanctions Model?
Before you can apply OCC 2011-12 Model Risk Management principals and framework to any compliance model, you will need to understand and agree on what constitutes a Model. The definition of a model found in “Supervisory Guidance on Model Risk Management” is “the use of mathematical techniques to provide an output that is quantitative in nature”.
OCC MRM guidance states that a model consists of three components:
An information input component, which may consist of quantitative data, qualitative data, expert judgment and assumptions
A processing component, which applies the mathematical technique to transform the inputs into a quantitative estimate
A reporting component, which translates the quantitative estimate into useful business information that drives decision-making and downstream processes
While this is the broad definition, institutions with established enterprise model risk management programs will have more specific definitions that have been accepted by regulators and are used to drive their model risk management and validation processes and controls
Where models exist within an AML & Sanctions programs may depend on the definition of a “Model” within your institution.
Using the best practice definition of a “Model” and the components of a sound Model Risk Management Program will apply across most areas of an AFC/AML Program including:
KYC/CDD (including Customer Risk Scoring)
AML Transaction Monitoring (this may include Alert Risk Scoring)
OFAC – Sanctions Screening (of transactions and names)
Our Approach to Model Validation
During the proposed Model Validation activities, our objective will be to evaluate the above-noted key Model components including the conceptual Model Design and Development (to determine if the Model(s) contain(s) the necessary data elements and conditions to identify (and score) the in-scope Risk Typologies and their corresponding risk factors. This includes the following:
Model Governance & Model Controls (Policy, Procedures, Management & Oversight)
Model Design
Model Development
Model Data
Model Implementation & Use
Model Performance (Input and Output)