The present invention relates generally to risk management and, particularly to a method and system that dynamically composes heterogeneous analytical risk models.
Organizations are increasingly interested in robust systems for assessing and managing risk in general and operational risk in particular. The growing interest in operational risk management has been driven by a variety of factors, including the introduction of regulations requiring businesses to quantify and manage operational risk, such as the New Basel Capital Accord, known as Basel II (see “The New Basel Capital Accord”, Bank for International Settlements, April 2003). In most cases, risk is evaluated based on a risk model that seeks to quantify the variability of the risk measure. Risk models are generally specific to a line of business or a risk type, and classified as data-based or opinion based. Such risk models include models based on historical data (statistical models) and models based on expert opinion (for parameter values). Sometimes models are deterministic (i.e., represented by an analytical formula) but with probabilistic inputs making the output probabilistic as well. The usefulness of the statistical approach is limited by the availability of input data on risk events. The expert-oriented approach is limited by the reliability of the experts answers. Both types of models can be computationally intensive. In addition, individual risk models are often not broad enough to support enterprise wide risk management. One solution is to compose risk models to obtain an enterprise level risk assessment. However, the diversity and complexity of risk models makes this task challenging. In particular, models are often designed with a local objective in mind, and may lack the specification of their input and output parameters along with the context in which they were designed and their computational requirements.
Modern organizations are dynamic communities exposed to risks that change on a constant basis. Current risk models are static and only capable of modeling a portion of an organization's risk at a present point in time, but are of limited use in modeling an organization's future risk exposure. Further, risk models are not centrally managed. Therefore, the outputs of heterogeneous risk models cannot easily be combined, nor are the inputs to each risk model easily updated with the most currently available information. The lack of a modular approach to risk management and a lack of centralized management of risk models limits the reuse of individual models for modeling future risk. In particular, re-using individual models (for instance weather models), as part of a larger model (for instance manufacturing risk which would include a weather model) is challenging and often, risk analysts re-build models from the ground up rather than leveraging the time and expertise which has been invested in existing models.
A system and method that enables risk quantification using dynamic composition of heterogeneous risk models is desirable. It is further desirable that the method and system centrally manages the risk models and updates each risk model with the most currently available information.