Why You Should Not Rely on Risk Models

Risk models are essential tools that enable organizations to manage risk effectively by quickly identifying, assessing, and prioritizing potential threats. Through these models, organizations aim to gain a deeper understanding of their risk exposure, allowing them to make quicker and more informed decisions on resource allocation for risk management or acceptance. Recently, artificial intelligence has emerged as a significant aspect of this field. How have risk models performed historically, and what does the future hold for them? Continue reading to discover more!

Risk Models Are Based on Experience

Risk models are in today’s risk management environment an often-used tool. They are designed to assess and manage potential risks based on historical data. With scenario analysis and stress testing, these methodologies help prepare for potential adverse conditions by considering extreme scenarios. Risk models are also important in the context of regulatory compliance. Here, they are essential for meeting regulatory requirements in finance, insurance, and other industries.

Risk models are designed to help organizations manage risk by quickly identifying, evaluating, and prioritizing potential risks to which they may be exposed. Risk models are mathematical or statistical tools based on empirical values for evaluating various risks. By using risk models, organizations hope to gain a better understanding of the risks they face. This with the goal of being able to better and more quickly decide which risks allocating resources to in order to manage them.

The Weaknesses of Risk Models

Risk models can be useful tools for risk management, but it’s important to understand their limitations. Here are some reasons why you should not rely solely on risk models for risk management:

  1. Risk models are based on assumptions and historical data that may not accurately reflect the current situation or future developments.
  2. Risk models may not capture all potential risks, especially those with low probability or high-impact potential.
  3. With risk models, rare and extreme events are inherently difficult to predict due to their rarity and the limitations of historical data.
  4. Risk models often rely on assumptions that may not hold in extreme conditions.
  5. Risk models may not sufficiently take into account the complex interactions between causes and different risks.
  6. Risk models may not take into account the specific characteristics and needs of an organization or project.
  7. Risk models may not be updated regularly and may not take into account changing circumstances or emerging risks.

Therefore, it is important to use risk models as one part of a comprehensive risk management strategy, rather than relying solely on them.

We have never had and would never use any form of quantitative risk control because all quantitative risk control models use historical volatility. It is like driving by looking in the rearview mirror.

Martin Taylor, Hedge Fund Manager

Martin Taylor won’t be the only one not relying on risk models. There is certainly a reason for this. What one of these reasons is, you will read in the next section.

Risk Models and Crises

Statistical pricing and risk-forecasting models played a significant role in the build-up to the Financial crisis of 2007–08. For example, they gave wrong signals, underestimated risk, and mispriced collateralized debt obligations. It is therefore surprising for frequent proposals for increasing the use of such models in post-crisis reforms.

With such risk models, the belief was that one could somehow identify the dynamics of financial markets before or during a crisis by examining data from before a crisis.

It has been clearly shown that this is not the case. The models were and are not up to the task. While statistical risk and pricing models may do a good job when markets are calm, they lay the seeds for their own destruction. It was inevitable that such models would prove to be wrong. All the pre-crisis models were missing was the presence of a crisis in the data sample.

Models, Momentum, and Bubbles

The vast majority of risk models are based on the following assumptions:

  • Take a chunk of historical observations of the data under study.
  • Create a statistical model providing the best forecasts.
  • Validate the model out of the sample, but with historical data known to the data modeler.

This approach to modelling may be quite appropriate in the short run when there are no structural breaks in the data, so we can reasonably assume that data follow the same stochastic process during the entire sample period. Recent examples include the low-volatility periods of 1994-1997 and 2003-2007.

Even in such best-case scenarios, modelling is likely to deliver inferior forecasts. Data mining is rife; modellers tailor the model to the data in sample, resulting in the model performing well in the sample used for model validation but badly with new data.

The main problem, however, is that such modelling affects the behavior of model participants. If market participants perceive risk as being low and returns high because that is what happened in the past, we get a positive feedback-loop between continually increasing prices and decreasing risk.

This process is reinforced because of momentum effects induced by models. This was one of the main factors behind the asset price bubble before the recent crisis. Eventually, this goes spectacularly wrong. This way, the models lay the seeds for their own destruction.

Overestimating Risk After a Crisis: Why the Banks Didn’t Lend

The risk forecast models provided an equally poor signal after the crisis had passed. Presumably, at that time, investment opportunities were ample. However, backward-looking statistical risk forecast models still perceived risk as being high because observations from the crisis remained in the estimation sample for a long time after the crisis had passed.

Crisis will Not Happen Where People Are Looking

The challenge facing policymakers is even worse because they cannot look everywhere and will have to focus their attention on where they think systemic risk is most likely to arise. After a financial crisis, a lot of attention is focused on the causes of the previous crisis, like the liquidity mismatches peculiar to the last decade.

However, the next crisis will not come from where we are looking. Just like last time, where the danger of conduits and special investment vehicles caught everybody by surprise, so will the next crisis come from an area we are not looking at?

Black Swans: Nassim Nicholas Taleb popularized the concept of “Black Swan” events—rare and unpredictable occurrences with severe consequences. Traditional risk models often struggle to account for these unpredictable events, which can have a significant impact on market performance.

The Future With AI and Large language Models

Is artificial intelligence (AI) an alternative to traditional risk models? Probably in the near future, because these models overcome the rigidity of traditional models by applying large language models.

Large language models (LLMs) are deep learning algorithms that can recognize, summarize, translate, predict, and generate content using very large datasets. Large language models largely represent a class of deep learning architectures called transformer networks. A transformer model is a neural network that learns context and meaning by tracking relationships in sequential data, like the words in this sentence.

Artificial intelligence (AI) is highly useful in risk management across various industries. AI technologies have the potential to significantly enhance the effectiveness and efficiency of risk assessment, mitigation, and decision-making processes. Here are some ways in which AI can be used in risk management:

  1. Data Analysis and Prediction: AI can analyze vast amounts of data from various sources in real-time or near-real-time. This capability is crucial for identifying potential risks and predicting future trends. For example, AI can be used to analyze financial data to identify patterns that may indicate market volatility or potential fraud.
  2. Credit Risk Assessment: In the financial sector, AI-powered algorithms can assess the creditworthiness of individuals and businesses more accurately by considering a wide range of factors beyond traditional credit scores. This helps financial institutions make more informed lending decisions.
  3. Fraud Detection: AI is effective in detecting fraudulent activities, such as credit card fraud, insurance fraud, and identity theft. Machine learning models can continuously learn and adapt to new fraud patterns, making them more effective than rule-based systems.
  4. Operational Risk Management: AI can help identify operational risks within organizations by analyzing processes, transactions, and employee behavior. This can lead to improvements in risk mitigation and compliance.
  5. Market Risk Analysis: In the investment and trading industry, AI can analyze market data and news sentiment in real-time to help traders make informed decisions. AI models can also simulate market scenarios to assess potential losses and risks.
  6. Supply Chain Risk Management: AI can be used to monitor and optimize supply chain operations, identifying potential disruptions and helping businesses prepare for and mitigate supply chain risks.
  7. Cybersecurity: AI-powered cyber-security systems can detect and respond to cyber threats more effectively by analyzing network traffic and identifying anomalies. They can also predict potential vulnerabilities and recommend security measures.
  8. Healthcare Risk Management: In healthcare, AI can analyze patient data to identify risks associated with specific medical conditions, treatment plans, and patient outcomes. This information can be used to improve patient care and reduce medical errors.
  9. Environmental Risk Assessment: AI can process environmental data, such as weather patterns, geological data, and sensor readings, to assess and predict natural disasters like hurricanes, earthquakes, and floods. This information is invaluable for disaster preparedness and response.
  10. Compliance and Regulatory Risk: AI can assist organizations in staying compliant with complex and ever-changing regulations by monitoring and analyzing data for potential compliance violations.

Overall, AI can provide valuable insights, automate repetitive tasks, and improve the accuracy of risk assessment and management processes. However, we are still at the beginning of a long and exciting journey. We have to use AI systems carefully, considering data privacy, ethical considerations, and potential biases in AI algorithms, to ensure their effectiveness and fairness in risk management.
Artificial intelligence can provide us only with information based on existing data, but they are very likely better than that provided by traditional models.

What about the creativity to propose events that have never happened before? Also with this topic, we are only at the beginning of this new exciting area with AI and I think there is still a lot of development to come. At the moment, you must never trust the output of a model based on artificial intelligence. It will probably be important for a long time to check the results provided by AI, because they are often still unreliable!

Conclusion

Risk models can be seen as weak in predicting rare and extreme future events. However, they are still essential for managing and mitigating known risks based on historical data and scenarios—also for regulatory reason. Artificial intelligence will be in the future an important tool to support risk modelling and risk management activities.

Here You Can Find More Knowledge

Would you like to learn more about how to make your projects more successful with Project Risk Management? My book Project Risk Management – Practical Guide takes you an important step further!

Do you know somebody who might be interested in this article? Then simply forward it or share it. Thank you!

Project-Risk-Management-Book-Cover
Posted in Risk Management.