MODEL RISK MANAGEMENT

In a world where models drive critical business decisions, the necessity for robust model risk management cannot be overstated. Whether you're a risk manager, internal auditor, or C-suite executive, the question isn't whether to utilize models—it's how to manage the inherent business, regulatory, and reputational risks that come with them.

Just like the infamous Knight Capital incident, where a glitch in a trading algorithm led to a $440 million loss, or the collapse of Silicon Valley Bank due to unidentified errors in risk models, the stakes are high. Without effective Model Risk Management, you're navigating uncharted territory with a blindfold on.

How CIMCON Helps You Safeguard Your Investments


CIMCON brings over 25 years of experience in Model/EUC Risk Management to the table, offering you a complete, holistic approach to mitigate model risks. Our purpose-built solutions are designed to help you seamlessly integrate risk management into your strategy, letting you focus on leveraging models' capabilities rather than fearing their pitfalls.

MRM Regulatory Landscape

  • SR 11-7:
    This Supervisory Guidance on model risk management was jointly developed by the Federal Reserve System as well as the O.C.C. and has been in effect since 2011.
  • SS 1/23:
    This Supervisory Statement is the most recent one from the PRA that sets out to define what is a model, how to categorize its risk level, and what the standards for proper model validation and controls are. Models that leverage artificial intelligence are specifically called out in this statement.
  • CP 6/22:
    This consultation paper also from the PRA was published on June 21st, 2022 and serves as an earlier outline of the expectations for identifying and addressing model risk within banks.
  • The NIST AI Risk Management Framework: Released by NIST from the U.S. Department for Commerce on January 26, 2023, this framework guides organizations on how to govern, map, and measure risk to the organization.
  • The E.U. AI Act:
    This legislation passed by the E.U. aims to be a global standard for explicitly banning A.I. applications that are deemed to have an unacceptable or high risk such as the use of facial recognition in specific ways. This legislation is less directly related to banks and model risk management, but could be important to keep an eye out for.

CIMCON's Toolkit for Model Risk Management


  • Automated Model Identification:
    CIMCON can identify and risk assess EUCs such as Excel files, Models created in Python or R, and even 3rd party executables.
  • Self Organizing Model Inventory:
    Regularly scheduled scans uncover hidden risks and automatically keep the Model Inventory up to date.
  • Powerful, Yet Flexible Risk Assessment:
    CIMCON’s risk assessment leverages a comprehensive view of risk, allowing firms to create custom Risk Profiles.
  • Interdependency Map:
    Visualize relationships between models and data sources, adjusting risk assessment scores based on interdependencies.
  • Comprehensive Documentation Generation & Management:
    Maintain up-to-date documentation on model development, testing, and risk scores in one place.
  • 3rd Party Risk Management:
    Identify and assess risks associated with third-party models and applications, ensuring they meet your internal standards.
  • Proper Controls and Accountability:
    Restrict and track changes to models with an Audit Trail, maintaining security and accountability.
  • Approval Workflows:
    Create automated approval workflows, tracking model approval status and identifying process improvements.

Are You Ready for a Future Defined by Models?

Model technology promises to redefine what is achievable, offering unprecedented opportunities for innovation and growth. However, this potential is accompanied by significant risks that must be meticulously managed. CIMCON’s Model Risk Management solutions offer you the peace of mind needed to invest in models, safe in the knowledge that you are fully equipped to manage the accompanying risks responsibly.

AI Risk Management Framework

Explore the realm of Artificial Intelligence (AI) with our AI Risk Management Policy. This concise guide covers the spectrum of AI models, including supervised, unsupervised, and deep learning, and emphasizes making AI trustworthy based on the NIST AI Risk Management Framework.

Learn to assess and manage AI Risk, cultivate a culture of risk awareness, and utilize periodic testing with tools like ours. This policy is your essential toolkit for responsible and effective AI utilization in your organization.