What are Model Governance Best Practices?

Formalized model governance programs are one of the major tools used by regulators to control risk related to carrier use of AI and predictive models.

As regulatory bodies release new requirements, a general consensus of model governance best practices is emerging.

Common elements include:

Overarching Principles:

• Tailored and proportionate to risk

• Addresses the entire model lifecycle

• Applies to both internally developed and externally acquired tools

• Managed either within enterprise risk management function or separately

Governance:

• Overseen by Board

• Appropriate delegation to senior management

• Regular reporting

• Cross-functional management committee

• Policies and procedures reviewed annually

• Clearly defined roles and responsibilities

Risk Management and Internal Controls:

• Independence of decision-makers

• Appropriately engaged audit function

• Competent and qualified personnel

Policies and Procedures:

• Training

• Written documentation

• Customer disclosures

• Risk assessment or rubric

• Inventory of use cases, including description of use, version control, tracking of material changes

• Standards for development, implementation, use, validation, and audit

• Model testing of varying degrees

• Data lifecycle management

Third-Party Vendors:

• Retention of responsibility for third-party vendors by insurers

• Written diligence process

Testing:

• Reliability of model outputs, including model drift

• Errors and biases

• Data actuarial validity

• Unfair discrimination (for specific contexts and use cases)