Office of the Comptroller of the Currency (OCC) Supervisory Guidance on Model Risk Management
The Office of the Comptroller of the Currency (OCC) adopted the Supervisory Guidance on Model Risk Management. This guidance, was developed jointly with the Board of Governors of the Federal Reserve System, and articulates the elements of a sound program for effective management of risks that arise when using quantitative models in bank decision making.
Guidance on Model Risk Management from the Board of Governors
Memo from the Board of Governors of the Federal Reserve System to The Officer in Charge of the Supervision at each Federal Reserve Bank, dated April 4, 2011, relating to the issuance of the Supervisory Guidance on Model Risk Management.
Letter from the FDIC
Letter from the FDIC (Federal Deposit Insurance Corporation) issued in June 2017 regarding its adoption of the Supervisory Guidance on Model Risk Management previously issued by the Board of Governors of the Federal Reserve System (“FRB”) (SR 11-7) and the Office of the Comptroller of the Currency (“OCC”) (OCC Bulletin 2011-12), with technical conforming changes, thereby making the guidance applicable to certain FDIC-supervised institutions.
PRA paper on Model Risk Management for Stress Testing
There is no equivalent OCC guidance from the PRA (the Prudential Regulation Authority). The PRA is part of the Bank of England. However, the PRA has released a paper on model risk management for stress testing but not for model risk management in general. Notwithstanding, we understand that it is expected that a more general MRM guidance will be issued in the future, following the principles set out in the stress testing paper.
IIA paper on the Three Lines of Defense Model
The original Three Lines of Defense Model (3LOD) was adopted in 2013 and since has been an invaluable tool for governing bodies and the internal audit profession. Because risk management has and will continue to evolve there have been refinements to the model as reflected in the July 2020 update, that encourage closer collaboration between business functions including internal audit. Accordingly, “The Three Lines Model is a fresh look at the familiar Three Lines of Defense, clarifying and strengthening the underpinning principles, broadening the scope, and explaining how key organizational roles work together to facilitate strong governance and risk management.”