Model risk is the risk that arises when a model fails or does not perform according to expectations.
More concretely, this means that a model simply fails to produce a result or has a reduced performance. However, model risk also materializes when we are unable to explain why the model came to a certain prediction.
Model risk occurs when an insufficiently accurate model is used to make decisions. Models can fail due to technical mistakes, such as lack of mathematical rigor, data issues, implementation bugs, and other issues. More importantly, models can produce incorrect results simply because of the inherent uncertainty of mathematical modeling. This in itself is a characteristic feature of modelling. However a failure to recognize this uncertainty properly constitutes an element of model risk.
Model failure can lead to financial losses, regulatory or legal penalties, or damage to a bank’s reputation, resulting from the use of a model that contains data or assumptions that were not appropriate for the model.
In order to manage model risk, governance policies and frameworks leading to e.g. sufficient testing and independent review should be applied.
Two examples of model risk are the Credit Crisis of 2008 and the London Whale Trading Incident in 2012. In the Credit Crisis, banks were relying on very simple models to estimate mortgage risk. These models were mathematically correct, but were too simple to deal with the highly complex derivatives that were traded at that time. In the London Whale Trading Incident, JPMorgan lost over $6 billion due to a mistake in a credit risk model. In both cases, the root cause was a lack of proper model risk governance that should have detected the flaws in the models that were being used.