Model Risk Management Meets Generative AI: What SR 11-7 Thinking Teaches AI Governance

Under pressure to approve AI? Learn how SR 11-7 thinking helps you set risk tiers, assign owners, validate use, monitor changes, and brief the board.

Tyson Martin

7/13/20269 min read

What SR 11-7 Thinking Teaches AI Governance
What SR 11-7 Thinking Teaches AI Governance

You are under pressure to approve Generative AI use before the evidence is ready. Teams want speed. Vendors promise safeguards. The board wants to know whether customer, regulatory, and operational risks are understood as you integrate Model Risk Management into your technology roadmap.

Another policy will not fix unclear accountability. Neither will a vendor questionnaire that says the model is safe.

SR 11-7 offers a disciplined starting point for your organization. Although it was originally written for traditional financial models and not for Generative AI, its guidance remains a vital framework for modern Model Risk and AI Governance. This thinking helps you decide what is acceptable, who owns the risk, and what evidence must exist before AI use expands across your enterprise.

TL;DR: The Five Ideas SR 11-7 Brings to AI Governance

For financial institutions navigating the rapid adoption of generative technology, the principles of SR 11-7 offer a proven foundation for oversight. Here are the core concepts to guide your transition:

  • Define the AI use and its decision impact before you choose controls. A tool used for internal drafting is not the same as one influencing customers, money, credit, fraud, or regulatory reporting.

  • Maintain a comprehensive Model Inventory with named owners, risk tiers, approval status, and review dates. You cannot effectively oversee Model Governance if you cannot see the systems operating within your organization.

  • Validate intended use, limitations, data, and outputs. Do not treat vendor claims, model cards, or benchmark scores as proof that the system works safely in your environment.

  • Monitor performance, harmful behavior, model changes, and human overrides after launch. Approval is the start of oversight, not the end.

  • Give the board evidence that management can identify, escalate, and correct AI risk. Reporting should show exposure, decisions, and control status, not technical trivia.

While SR 11-7 is a traditional Model Risk Management framework, it serves as the essential cornerstone for building modern, resilient AI Governance structures. For board questions that turn these ideas into practical oversight, Download the AI Boardroom Question Pack.

What SR 11-7 Thinking Teaches AI Governance

Federal Reserve SR 11-7 Supervisory Guidance set expectations for sound model risk management at banking organizations. In plain English, its message is simple: if a model affects meaningful decisions, you need to know what it does, where it can fail, who challenges it, and how you control it over time.

The discipline rests on three parts:

  1. Risk Assessment: Know what the system does, what decisions it affects, what harm could follow a failure, and how to identify potential Model Misuse.

  2. Independent challenge: Require review by people who did not build, configure, or buy the system.

  3. Ongoing control: Document limits, monitor outcomes, escalate issues, and act when evidence changes.

That means maintaining inventories, ensuring robust Model Documentation, validating systems, setting governance, and keeping controls in place. You can review the original SR 11-7 supervisory guidance for its full scope.

This approach is not a ban on generative AI. It is not a one-time approval. It is not a compliance checklist that disappears into a shared drive.

It is a repeatable way to show why a system is acceptable for a defined purpose, what could go wrong, who owns the risk, and what happens when conditions change. The NIST AI Risk Management Framework implementation guide adds useful structure, especially for broader AI risk practices.

Start with intended use, not the technology label

The same foundation model can create low or high exposure. Drafting internal meeting notes is different from answering customer questions. Supporting an underwriter is different from making a credit decision. Helping analysts find fraud patterns is different from automatically freezing accounts.

Before approval, management should answer:

  • What business purpose does this use support?

  • Who uses it, and who is affected by its output?

  • What data enters the system, including sensitive or regulated data?

  • Does the output inform a decision, recommend an action, or act automatically?

  • What is the level of Explainability regarding how the model reached its conclusion?

  • Can a person detect and correct a bad answer before harm occurs?

  • What happens if the output is wrong, biased, unavailable, or disclosed?

Materiality depends on business impact, customer impact, legal obligations, and the reality of human review. A person who must approve 500 outputs in an hour is not a meaningful control.

Separate model risk from broader AI system risk

Traditional model risk includes faulty assumptions, weak data, poor implementation, and use beyond the model's limits. Generative AI adds more exposure.

Prompts matter. Retrieval data matters. Agentic AI, plugins, agents, access rights, vendor updates, intellectual property, privacy, security, and user behavior all matter. A sound underlying model can still sit inside an unsafe system.

Map the full operating chain, not only the foundation model. The board should see where data enters, where outputs go, who can change prompts or retrieval sources, and where decisions occur. That is the core of AI governance for boards.

Build an AI Model Risk Program That Can Withstand Challenge

Do not force generative AI into an old model risk process without adjustment. Preserve the core pillars of a mature framework: evidence, Effective Challenge, ownership, and escalation.

A useful operating model moves through a simple path: inventory, assess, validate, approve, monitor, and escalate. Senior Management owns daily execution. The Board of Directors oversees material risk, risk appetite, and unresolved decisions.

Create one inventory with owners, tiers, and decision rights

Your Model Inventory should include the business purpose, system owner, provider or model, data sources, users, affected customers, automation level, criticality, regulatory relevance, known limits, approval status, review date, and exit plan.

Tier systems by impact and exposure, not model size or marketing language. A small tool processing sensitive customer data may need more control than a large language model used for public marketing drafts.

Low-impact uses can follow a lighter approval path. Medium and high-impact uses should involve risk, legal, compliance, information security, and independent review. Material uses need clear executive ownership and board visibility.

You also need decision rights. Who can approve a new use? Who can change a prompt, data source, or automation level? Who can pause the system when a control fails? Clear decision rights prevent risk from becoming everyone's concern and no one's responsibility.

Validate usefulness, limits, and failure modes before launch

A vendor benchmark score is weak evidence. It may describe performance in a controlled test, not performance in your business process.

Independent Validation of your systems tests the approved use with realistic inputs, edge cases, and your actual operating conditions. This process must verify the conceptual soundness of the model to ensure it is fit for its intended purpose. Review task quality, unsupported claims, unequal outcomes, prompt sensitivity, privacy leakage, security attacks, refusal behavior, explainability, and the quality of human review.

Test retrieval and fine-tuning data where they are used. Test what happens when the system does not know the answer. Test whether users can override it, and whether they understand when they should.

Independent Validation should prove that the system works for its approved purpose, not that the technology is impressive.

Independent review matters. The person who selected a vendor or built the workflow should not be the only person deciding whether it is safe enough to deploy.

Monitor changes, incidents, and human overrides after deployment

Generative AI changes after approval. Vendors update models. Users alter prompts. Retrieval content shifts. Access expands. A previously safe use can move outside its tested boundary.

Rigorous Model Monitoring is essential to track output quality, error patterns, user complaints, overrides, access changes, vendor releases, data changes, and control failures. Require escalation for repeated harmful outputs, material customer impact, privacy exposure, unexplained performance decline, or use outside the approved purpose.

Every material incident should produce a documented decision, named owner, corrective action, and follow-up review. For the board, report four things: what changed, why it matters, whether risk remains within appetite, and what decision management needs.

Where Traditional Model Risk Practices Must Change

Classic models typically rely on established quantitative methods that produce repeatable outputs based on known inputs. In contrast, generative AI produces variable outputs where behavior depends on context, prompts, retrieval sources, user actions, and vendor-controlled updates. Because the lack of transparency in foundation models can lead to fundamental errors if not properly governed, you cannot rely on a single, stable accuracy score. Furthermore, you likely lack visibility into the training data or internal reasoning of these models, meaning broad access can create risk faster than a traditional model change process can catch it.

The answer is not to abandon validation, but to use layered controls that fit the system and the approved use.

Use layered controls when one score cannot tell the whole story

To manage these systems, adopt an adaptive governance framework that allows for the flexibility required by large language models. Combine pre-launch testing with restricted use cases, approved prompts, retrieval controls, access management, output filters, audit logs, red-team testing, human review, incident response, and periodic reapproval.

Tie each control to a real failure mode. If the concern is sensitive-data exposure, focus on data handling, access, retention, and monitoring. If the concern is incorrect customer guidance, test outputs and require capable human review. A human in the loop only helps when that person has time, authority, training, and enough information to challenge the output.

Treat third-party models as governed dependencies

Ask vendors about training data, confidentiality, data retention, model updates, availability commitments, subcontractors, incident notice, audit rights, processing locations, and customer separation.

While a SOC report or model card can support due diligence, it cannot replace your assessment of the actual use. Your organization remains accountable for how the system affects customers, decisions, and regulated activity.

Give the board evidence instead of technical trivia

A one-page board report should show material AI uses, risk tiers, owners, approved purposes, key limitations, incidents, trends, open decisions, and control status against risk appetite. Most importantly, this reporting should help the board understand the specific model risk exposure the organization faces.

Token counts and tool lists do not answer the board's real questions. What your board packet is missing is often a clearer statement of exposure, ownership, and action.

Directors should ask:

  • Which decisions does AI influence today?

  • What would cause management to pause a material AI use?

  • Where are humans overriding outputs, and why?

  • What vendor or system changes require reapproval?

  • How does management know the system still works as approved?

A Practical 90-Day Plan for SR 11-7-Informed AI Oversight

Start with the systems that affect customers, money, regulated decisions, sensitive data, or critical operations. Do not wait to inventory every informal employee experiment before addressing material exposure. This structured, risk-based approach ensures that your AI governance framework aligns with the expectations of the Federal Reserve regarding the management of model risk.

The first 30 days: find the real exposure

Gather procurement records, application lists, approved tools, contracts, incident records, and existing model inventories. Interview business owners. Ask where generative AI already influences work, even without formal approval.

Produce a short inventory with risk tiers, named owners, and visible unknowns. The outcome is visibility, not perfect documentation.

Days 31 to 60: test the uses that could hurt the business

Test high-impact systems with realistic inputs, edge cases, sensitive data scenarios, harmful outputs, human review, vendor changes, and fallback procedures.

Record limitations. Then decide whether each use should be approved, restricted, remediated, or paused. Preserve the evidence and require independent challenge for material uses.

Days 61 to 90: make oversight repeatable

Set review frequency by risk tier. Define monitoring measures, escalation thresholds, committee responsibilities, and board reporting. Establish approval rules for new uses and material changes.

Your readiness check is straightforward: inventory, ownership, validation, monitoring, incident response, vendor oversight, and board reporting. If one is missing, the program is incomplete. To test whether oversight is active or symbolic, See Where Your Board Actually Stands.

Frequently asked questions about SR 11-7 and generative AI

Does SR 11-7 apply to generative AI?
Applicability depends on the use, materiality, and regulatory context. Its core discipline is useful whenever AI influences meaningful business or customer outcomes. Financial institutions should view SR 11-7 and emerging guidance like SR 26-02 as complementary frameworks for managing the complexities of modern technological risk.

Is every generative AI tool a model under model risk management?
No. Treat risk according to the system's purpose and impact, not the product label. Some tools need light controls. Others need formal review.

What should generative AI validation cover?
Testing should include task performance, unsupported outputs, bias, privacy, security, prompt sensitivity, human review, vendor changes, and use outside approved boundaries. Furthermore, robust Model Documentation and consistent Model Monitoring must be established as ongoing requirements to satisfy audit and regulatory expectations.

Who owns AI model risk?
Business leaders own the use and outcome. Risk, compliance, legal, security, and independent reviewers provide challenge and control. The board oversees material exposure.

How often should generative AI systems be reviewed?
Set the schedule by risk tier. Review high-impact systems more often, and re-review after material changes, incidents, or new evidence.

What should the board ask first?
Ask which decisions AI influences, where the risk sits, what could trigger a pause, and how management knows controls still work.

Related Boardroom Reading

Explore these additional resources to further your understanding of AI governance, model risk management, and the practical oversight needed to scale generative AI securely:

Make AI Governance Defensible Before AI Use Expands

You do not need to treat every generative AI experiment like a high-impact credit model, but you do need disciplined reasoning about purpose, materiality, evidence, ownership, limits, monitoring, and escalation. Establishing a defensible framework for model governance is essential as you scale these technologies across the enterprise. By applying proven model risk management principles, you can ensure your transition to generative AI remains safe and sustainable.

Good AI governance helps you move faster with fewer surprises. It shows which uses are safe to expand, which need stronger controls, and which should stop. When your inventory, validation, or board reporting exposes a serious oversight gap, Get Board-Ready on AI and Cyber Risk.

Tyson Martin is the executive public and pre-IPO companies in financial services, AI/data, SaaS, and cloud hire to make trust a measurable asset, one accountable answer to Is it secure? Is it resilient? Is the AI governed?

© 2026. All rights reserved.

Navigation

Free Resources

Contact

Stay ahead of your next board agenda

Sign up for Reports & Learnings From the Boardroom. Plain-English AI and cyber governance insights, biweekly. No pitch.