Many view the SEC's 2011-7 regulation as the birth of formalised model risk management. While end-user computing (EUC) governance has had a more gradual awakening, it is increasingly apparent that the two are on a collision course with interesting implications for many organisations, especially those in financial services - namely banks, insurance providers and asset management companies.

At ClusterSeven we have worked with many of the world's most prestigious organisations over the past 15 years, which has provided a somewhat unusual view on the world of end-user computing and its recent convergence with model risk management.

Five or so years ago, we found most banks were building out their model risk management (MRM) and creating their own inventories, review and governance programs. Applications deemed important but not quite a ?Model? were often called ?Tools? or ?Calculators? and typically fell under the definition of an end user developed (EUC) application. These applications developed by employees in esoteric languages such as Python & R, but mostly in Excel, are outside of the scrutiny of IT and are considered a poor relation to the model governance world. Organisations struggled, and many continue to struggle today, to create an accurate inventory of EUCs, which often substantially dwarf the number of Models. 

But times have changed. In the intervening years, banks? modeling teams have increased their MRM programs and in the process have often uncovered more and more Models. These programs have started to consider a specific Model's data sources as well as output reporting. To many people's surprise, the number of Models and their dependent Tools were often far greater than individual banks had realised. As an example, one bank with an original inventory of 300 Models now, five years later, has an inventory of close to 3,000 Models and Tools.

What is the common denominator? 

In almost every case, this ?Model? growth was a result of EUCs and especially Excel workbooks being identified and classified as a Model, or a Tool/Calculator being identified as a key data source for a Model. The two universes of Models and EUCs began to overlap in a classic Venn diagram.

How have banks reacted to this inflection point?

While the number of files in scope has expanded, most modeling teams have not substantially increased their headcount. Their model inventory, systems and processes, many of these manual, were designed for a far smaller universe. Often this means that the process isn't scalable and the Model inventory and categorisation are too cumbersome and inflexible for such a large number of inventory items.

Increasingly we are being invited to explain how our EUC governance technology and processes, designed and optimised for the inventory, assessment and governance of thousands, if not tens of thousands of EUCs, can be applied to the Models and Tools as well. It is feasible to merge model and end user computing inventories with workflow, attestation, data flows, connections, links and reporting and depending on the file's designation different levels of governance, deemed models can benefit from a higher level of scrutiny. A singular inventory allows a file to be promoted to Model status if required, or downgraded to a Tool or less if its importance has declined.

Most, if not all organisations rely on EUCs. Integrating EUC and modeling programs can result in many wins - enhanced awareness across the organisation, and better understanding and monitoring of critical applications whether IT-developed or end-user built. It can also lead to integrated reporting and management oversight, and easier regulatory and audit reporting.