Between September and December 2024, PwC conducted an in-depth survey centred around Model Risk Management. The respondents consisted primarily of banks and insurance companies contacted via connections from the PwC internal network. We have collected complete answers from 65 respondents from various financial institutions. These institutions are geographically distributed, with a significant presence in South America 18 (28%), followed by Western Europe 11 (17%), Australia 7 (11%), Central & Eastern Europe 6 (9%), Canada 4 (6%) and Middle East 2 (3%). 17 (26%) respondents chose not to disclose their geographical location. These organizations were stratified based on various attributes, such as the number of risk-relevant models, including institutions with few (0-20) models to those with many (501+) models. The survey brings a diversity of collected answers and provides a comprehensive view on MRM areas that were the focus of the analysis.
Over the past year, significant regulatory changes have reshaped the Model Risk Managment (MRM) landscape. The European Central Bank (ECB) has expanded its guidelines on internal model validation and governance, with an increased emphasis on Artificial Intelligence (AI) and machine learning models. The Prudential Regulation Authority (PRA) in the UK has reinforced its stance with the release of SS1/23, outlining new expectations for managing model risk in a digital-first era. Meanwhile, in the United States, the Federal Reserve and the Office of the Comptroller of the Currency are tightening oversight on AI-driven financial models, reflecting growing concerns about explainability and accountability. In this technology-driven era, financial institutions must keep pace with rapid digital transformations while aligning with shifting consumer behaviours and regulatory mandates. AI and machine learning have advanced, becoming widely accessible across financial services. More than the others available, generative AI techniques have not only progressed in quality of outputs and overall performance, but have also become much more accessible and widely used in practice. These innovations enhance efficiency and predictive capabilities but also introduce new risks, such as algorithmic bias, transparency issues, and governance challenges.
To mitigate these risks, regulatory bodies worldwide have started establishing clear expectations for AI-driven models, requiring institutions to incorporate robust validation, explainability, and monitoring mechanisms.
This year, we are focusing on:
At PwC, we believe that you will find valuable insights in this report, which could help you enhance the current MRM practise in your organization. We would like to thank all the respondents for their valuable time and answers.
Rostislav Černý
Partner