Risk modeling

Risk modeling

Risk modeling is a systematic assessment of the probability and magnitude of losses for making decisions: limits, reserves, hedges, automatic policies and prioritization of measures. Below is the end-to-end framework from threat map to model exploitation.

1) Risk Map and KRI

Domains: operational (incidents/SLA), financial (FX, liquidity), product (quality/conversion), behavioral (fraud/RG), regulatory (fines, blocking), partner (affiliates/providers), information security (leaks/hacking), model risk.

KRI (Key Risk Indicators): incident rates, p95/99 delays, share of chargebacks, FPR anti-fraud, share of voice negative, coverage monitoring, "early warning signals" (leading) vs consequences (lagging).
All KRIs with owner, frequency, thresholds, hysteresis and escalation channel.

2) Frequency × Severity: basic loss mathematics

[
N \sim \text{Poisson}(\lambda)\ \text{или}\ \text{NegBin}(r,p),
\quad X_i \sim F_{\text{severity}}(\theta),
\quad L=\sum_{i=1}^{N} X_i
]

Frequency (N): Poisson (rare independent events), NegBin (overdispersion/clustering).
Severity (X): Lognormal (moderate tails), Gamma, Pareto/Log-Pareto (thick tails), mixed models (mixture).
Zero-inflation: at many zeros.
Censorship/deductible: accounting for deductibles/insurance limits.

Loss Distribution Approach (LDA): match (\lambda) and gravity parameters, then Monte Carlo or convolution (FFT) → tail metrics.

3) Tail hairlines and EVT

• Block Maxima → GEV, Peaks-Over-Threshold → GPD, threshold selection (u) + stationarity check.
• Calibrate by tail stability (QQ-plot, Hill estimator).
• The goal is to correctly estimate rare large losses (1/100-1/1000).

4) Dependencies: correlations and copulas

• Gaussian (simple but weak tail grip), Student-t (tail-dependence), Clayton/Gumbel (asymmetric tails).
• First, adjust the marginals (severity/frequencies), then the copula for joint modeling of the risk portfolio and concentration.

5) Risk metrics and economic indicators

VaR (_\alpha): loss quantiles (e.g. 99%).
CVaR/Expected Shortfall (_\alpha): average loss outside VaR - preferred for tails.
EL/UL: Expected/unexpected loss.
RAROC: (\text{Risk-Adjusted Return on Capital}=\frac{\text{Доход} - \text{Ож. losses} {\text {Capital at risk}}).
Capital at risk: coverage level (e.g. CVaR 99. 5%) + buffers.

6) Scenarios and stress testing

Scenario = input shock + correlations + business rules.
Types: historical (2020 covid peaks), hypothetical (regulatory blocking, outage PSP), reverse ("what shocks make a loss ≥ X? »).
Results - loss ranges, not point. Document assumptions and decision channels (limits/caps/pauses).

7) Bayes and updating knowledge

Bayesian frequencies/severity: a priori (Gamma-Poisson, Lognormal with informative hyper-parameters) → online update at data entry.
Useful in small samples/new markets (partial pooling, hierarchical models).

8) Data and quality (Point-in-Time!)

Data contracts: schemas, keys, timezones, event versioning, adjustment flags.
Point-in-Time correctness: no future signals in training (especially for fraud/operational failures).
Policy changes/changes. dimensions: to event calendar.
Stagnation and shifts: Profile drift (PSI/KL) by key features.

9) Simulation procedure (steps)

1. Define the case and horizon: what is the "loss," period, unit (brand × country × channel).
2. Form a dataset: frequencies, weights, covariates (seasonality, promo, FX, providers).
3. Family selection: Poisson/NegBin × Lognormal/Pareto (check QQ rafts/KS/AD tests).
4. Dependencies: copula/factor model for portfolio aggregation.
5. Calibration: MLE/Bayesian; accounting for censorship, deductions, outliers.
6. Validation/backtest: tail coating, parameter stability, stress sensitivity.
7. Monte Carlo: (10 ^ 5) - (10 ^ 6) runs; estimate VaR/CVaR, scenario losses.
8. Solutions: limits, caps, pauses, allocation of reserve, RAROC-prioritization of measures.
9. Documents: model card, script passport, runbook.

10) Policy and automation integration

Triggers: exceeding KRI/VaR/CVaR thresholds → steps (KYC enhancement, 3DS-enforce, limit reduction, payment channel throttling, promo deactivation).

Hysteresis/cooldown: different input/output thresholds to avoid "blinking."

Risk queues: sorted by (\mathbb {E} [EV]) = avoided damage − cost of measures − harm.

11) Example compound model (pseudo-Python)

python import numpy as np

1) frequency (week) and severity (EUR)
lam = 3. 2            # Poisson rate mu, sigma = 6. 0, 1. 1      # Lognormal params (ln-space)
S = 200000           # simulations

N = np. random. poisson (lam, S) # event rate sev = lambda n: np. exp(np. random. normal (mu, sigma, n)) # severity loss = np. array([sev(n). sum() if n>0 else 0. 0 for n in N])

VaR99 = np. quantile(loss, 0. 99)
CVaR99 = loss[loss >= VaR99].mean()
EL   = loss. mean()

Hierarchy/Portfolio: Count for each segment, then aggregate via copula/factor or empirical co-sampling.

12) Limit and capital management

Limits/caps: by channel/country/provider, tied to a valid CVaR.
Reserves: coverage level (e.g. CVaR 99% monthly) + control buffer.
Risk transfers: reinsurance/insurance, FX hedge, diversification of providers.

13) Model risk and governorship

Model Card (template)

Purpose and application area; VaR/CVaR/coverage metrics data and period; assumptions; limitations; sensitivity; fairness/ethics; owners; version; revision date.

MLOps/ModelOps: model register, version control, shadow/canary launch, feature parity online/offline, quality and drift monitoring, auto-alerts, stop crane.

Validation/backtest

Kryzh: tail coating (Kupiec/Christoffersen), parameter stability, stress resistance, alternative specifications.

14) Proda monitoring and runibooks

Metrics

VaR coverage (actual breakthroughs/expected), CVaR calibration, EL/UL dynamics.
Input drift (PSI), share of "new" segments, overload of limits.
Operating: latency calculation, feed delay,% folbacks.

Runbook (an example of a "surge in chargers")

1. Check the freshness of the data and the correctness of the labels.
2. Burst segmentation (country/payment/device/partner).
3. Enable step-up KYC/3DS in affected segments, reduce limits.
4. Run "PSP loss" stress scenario, recalculate CVaR.
5. Communication to channel owners, compensation plan.
6. Retrospective and update of model parameters/rules.

15) Scenario passport (template)

ID/version, date, owner

Narrative: what happened (regulatory ban × FX shock × outage PSP)

Shocks: (\Delta) frequencies, severity/correlation changes, duration

Loss estimate: EL/VaR/CVaR (day/week/month)

Countermeasures: limits/switching providers/communications/insurance

Exit points: conditions for taking measures (hysteresis)

16) KRI passports and limits (brief)

KRI: code, definition, formula, window, thresholds' warn/critical ', hysteresis, owner, alert channel.
Limit: object (channel/country/provider), metric (CVaR99/EL), value, period, priority, exceeding actions, exceptions/time windows.

17) Anti-patterns

Reliance on medium instead of tails; "beautiful RMSE" and poor CVaR.
Correlations "as is" without tail-dependence.

Lack of Point-in-Time → leakage, reassessment of "accuracy."

Ignoring scenarios/stresses; one model "for everything."

Silent parameter edits without the/changelog version.
There is no hysteresis in politics → flapping measures.

18) Pre-Release Checklist for Risk Modeling Loops

• Risk Card and KRI issued, owners assigned
• PIT data, source contracts, event/policy calendar
• Frequency and severity calibrated, tails tested (EVT)
• Dependencies modeled (copula/factor), portfolio aggregated
• VaR/CVaR backtest, coating and parameter stability are normal
• Scripts and stress tests ready, passport and runbook issued
• Integration with limits/caps/policies, hysteresis enabled
• Model Card version, owners, monitoring and alerts configured

Total

Risk modeling is not about "estimating average loss" but managing tails: correct frequency and severity, EVT for extremes, dependencies through copulas, scenarios and stress tests, VaR/CVaR and economic metrics (RAROC), plus ModelOps discipline. Such a circuit turns risks from "black swans" into quantified solutions with limits, reserves and clear actions.