Models don’t make decisions, people do

Decision-making remains the responsibility of individuals. Models should give input to set direction and structure a discussion on assumptions and unchallenged judgements

How to use models

One argument emerging from the financial crisis was that banks became too dependent on their own models and those of the rating agencies. Apart from their decisions on how much to leverage their capital, they ignored the underlying credit exposure of assets and the potential systemic shock of the global liquidity freeze. It is not that the models used by banks were inherently flawed. On the contrary, the insurance industry has much to learn from the sophistication of bank models and the availability and granularity of data to model specific risks. Rather, the use of the model as a directional tool that can support decision making was neglected.

“common sense” in risk management

A response to this argument is to rely more on “common sense” in risk management, in other words to only buy, sell or hold risks that that you understand. Rather than managing the safe constrained world of a model, the manager must make good decisions within the complex global financial system. Thus it is critical that any output from the model is reported in a format that the business managers can both understand and use in their decision making. The discipline is to challenge the assumptions of the model and understand its limitations.

Risk governance

Models are no substitute for the collective judgement of the senior management team. Therefore their usage has to be a matter of internal governance, in which the executive management or the Board should become more involved. The governance structure will need to assure that risk models are designed and calibrated independently of the risk-taking function, that they are subject to independent expert review and that the processes are subject to adequate control to ensure the models are applied correctly.

Managing our risks

Risk Management at Swiss Re aims to ensure an appropriate risk-reward balance in all of the Group's risk taking activities. This requires a strong and independent risk management organisation and comprehensive...

Read the whole story

Cyber resilience for the 21st...

The news is increasingly dominated by stories of cyber attacks on large organisations. Recent examples serve as a blunt reminder of the substantial financial and reputational impacts that such events...

Read the whole story