Model Governance and Validation

Credit unions should periodically review the accuracy and performance of their IRR measurement systems. The frequency and extent to which a credit union reviews its system will depend on:

  • IRR exposures on the credit union’s balance sheet

  • Interest rate changes

  • Compliance with internal policies for measuring and managing IRR

This review should include assessments of all assumptions, parameters, and methodologies used as part of the IRR measurement system. It should also provide an assessment of the IRR measurement system’s ability to capture all material components of IRR.

The board of directors should review and approve a formal policy process that includes model validation of IRR measurement methods and assessment of corresponding model risk. The policy should specify management roles and designate who is responsible for the development, implementation, and use of models. In addition, the governance processes for model risk management needs to specify and integrate model oversight responsibilities and policies. Responsibilities and policies include:

  • Developing initial and ongoing validation procedures

  • Evaluating results

  • Processes for approval, version control, exception, escalation, modification, and decommissioning

An effective validation framework should include three core elements:

  1. Evaluating conceptual/methodological soundness, including developmental evidence

  2. Monitoring the model, including process verification,

  3. Analyzing outcomes, including back-testing of key internal assumptions (such as deposit modeling, prepayments, pricing of assets)

Credit unions that rely on external service providers should verify that the use of those models is adequately documented, including any specific customization. If vendors provide input for market data, behavioral assumptions or model settings, the credit union should have a process to determine if those inputs are reasonable for the risk characteristics of its portfolio and activities.

This review should be performed by an independent party, which may be an internal or external auditor. Reports should be available to NCUA examiners.

Last updated on December 06, 2024