A question was put to Sabine Lautenschlager (Member of the Executive Board ECB and Vice-Chair of the Supervisory Board) as to whether risk models should be standardised, or whether they should be institution specific.
Her answer was pretty cut and dry in that the standardised model would "not be a good idea", but suggested that each institution instead focus on the BCBS 239 principles for a solid foundation of data and technology and be in a position to explain their model methodology in terms of best practices.
So this leaves institutions essentially in control of their own destiny with regard to risk, but with the question of how they are going to enforce this across their various lines of business.
Institutions need a flexible technology stack that will support internal processes but still be agile enough to change alongside the business. Empowering the business to manage certain processes themselves is key to being able to react in a timely manner amidst a fast paced environment.
Modeling risk to meet regulatory requirements is costly and complex. Because of that, some have suggested that financial services institutions (FSIs) move toward a set of standardized models. The argument is that central banks and regulatory authorities could then more easily monitor systemic risk and compare apples to apples. But are generic models better than institution-specific models, tuned to their own history? Let’s consider some of the guiding principles for the development and implementation of models: Correlation risk for any given financial institution, as we learned the hard way in 2008, needs to be analyzed against its portfolio of positions and exposures across markets, industries and geographies. A better understanding of these correlations may be gained by developing models internally and back testing them with the firm’s own historical data. Real-time and intraday risk - Model Risk -