AI/GenAI Risk Assessments: Identify and manage model, data, and prompt risks to ensure safe, reliable, and responsible AI deployment in ever
seen from United States

seen from Canada

seen from United States

seen from United States

seen from United States

seen from United States

seen from United States

seen from United States

seen from United States
seen from China
seen from United States

seen from United States
seen from United States
seen from China
seen from United States

seen from United States
seen from United States

seen from United States
seen from United States
seen from United States
AI/GenAI Risk Assessments: Identify and manage model, data, and prompt risks to ensure safe, reliable, and responsible AI deployment in ever
Enterprise Risk Management is a powerful product underpinned by “Business First, Technology Next” approach that helps banks.
BCT Digital is driving digital transformation for banks & financial institutions through its risk management software product suite rt360.
rt360 is an award winning end-to-end risk management product suite to manage the entire risk portfolio of banks and financial institutions. The suite includes products to address enterprise risk management, credit risk, capital allocation, pricing risk, liquidity risk, model risk and operational risk.
Limits to Risk Modeling Criticism
In the Jan 19th Economist’s Buttonwoods Column on display are some common misconceptions about risk modeling. Some obvious untruths survive because it is more convenient to believe (or just to repeat) them than to invest the effort needed to adopt a more insightful and nuanced view of complex issues. This laziness in thinking delays forward movement toward resolving risk management challenges.
The alleged motivation for the column was to explain losses incurred by banks and hedge funds after the Swiss National Bank surprised market participants by removing the floor on the franc versus the euro that they had maintained since 2011.
As is often the case in arguments about risk management’s problems, the article states a false premise that drives the subsequent discussion. If you don’t notice this subtlety and accept the premise as fact then you are trapped within the argument’s confines.
Buttonwoods states, “Banks are also reporting losses on the Swiss franc trade and this must raise further questions about their risk modelling.” It is unsurprising that that some institutions report a loss after a (surprise) market-moving event. It makes no sense to argue that a loss is in itself evidence of questionable risk modeling.
Buttonwoods, if it is to justify the risk modeling discussion that follows, must assert that incurring a loss must be evidence of risk modeling problems.
As it happens, a pegged currency is a very interesting risk modeling and management problem, but not for the reasons that Buttonwoods goes on to give.
Buttonwoods asserts that banks’ VaR models, because they are based on the normal distribution, will not measure the risk properly. Buttonwoods asserts that even the worst one-day historical move in the CHF would underestimate this event. Buttonwoods asserts that the peg, having suppressed exchange rate volatility would make any backward looking measure of risk underestimate the risk.
All these assertions are partial truths.
The normal distribution assumption is not use by every bank. Banks’ risk models, with the possible exception of historical simulation (depending on how it is used) do not limit the risk measurement to be no more severe than in the historical record (arbitrarily bad outcomes are possible, however unlikely). A peg does suppress volatility, but even backward looking risk measures may be modified to address the artificial suppression of volatility.
Buttonwoods ignores a wide range of risk measurement tools used in financial institutions, scenario analysis, stress testing, stressed VaR, reverse stress testing, for example. Perhaps Buttonwoods ignores them because to acknowledge them would deflate Buttonwoods’ argument. All of these tools could be (and likely were) used to get a better handle on the risk associated with the breaking of a currency peg.
The breaking of a currency peg is not a novel risk. The SNB is not the first central bank to adopt and then subsequently drop a peg.
Buttonwoods concludes smugly by labeling the SNB’s action a black swan, thereby leaving traders “caught out by events they don’t anticipate and model for.” However, Buttonwoods has gotten this very wrong. Black swans, by definition, can’t be anticipated. I don’t think the SNB’s action was a black swan, and above I mentioned several ways to model this sort of risk.
If the SNB decision provides an opportunity for an institution to conduct a self-examination, then a more fruitful, if more nuanced, path would be a study of how the information from risk models was used in decision-making within the institution. An institution should ask, whether it paid proper attention (without applying hindsight bias) to the most relevant risk information, or whether evidence from risk models was weighed appropriately against other factors in decisions that affected exposure to CHF.
Risk Modeling - can you have robustness and simplicity
For the second time in just a few months I shared a podium with a couple of great minds that have contributed a lot to risk management thinking. In December it was John Hull and Paul Embrechts. Yesterday it was Aaron Brown and David Li. Both experiences were great fun and stimulated my thinking on risk. I wish the panels had gone on for much longer than one hour (though I don’t know if the audiences shared that sentiment).
Yesterday, at one point the discussion turned to the use of models. Aaron Brown said that unlike pricing models, risk models shouldn’t break, or if they can break, then every contingency should be anticipated beforehand. He didn’t explain how a risk model might be made so robust. I don’t think such robustness is possible.
Risk models may be more flexible than pricing models – which can be fitted very closely to a specific purpose – but they are still models. I don’t believe they purport to represent the world they way it actually works. Risk models are like pricing models, being instruments suited to a specific purpose in a specific context.
Aaron said he doesn’t use complex models. Unfortunately, we didn’t have the opportunity to discuss what he meant by complex. Was he referring to conceptual simplicity or analytical simplicity? A conceptually simple model may be more robust, that is, encompass more specific cases without requiring modification. But an analytically simpler model may be one that has more exceptions.
I can’t reconcile Aaron’s “shouldn’t break” with “doesn’t use complex” statements, unless he means that he uses analytically simple models, e.g., rules of thumb that he finds to be broadly helpful. If that is what he meant, then I am actually in hearty agreement with his approach. But I still have to quibble with his words. Rules of thumb work for us because we have internalized the conditions under which they are useful to us, not because they don’t break when we use them.
Because every risk model is limited in its scope of applicability, it is up to the decision maker to choose when and how to deploy (or employ) a given model in making decisions. Key to that choice is an understanding of the purposes and limitations of the models. Always keep the model’s limitations in mind, but don’t forsake the simple model just because it is simple.