SR 11-7 model risk management, run as one program
SR 11-7 sets the supervisory expectations for model risk management at U.S. banks: a firm-wide model inventory, risk-based tiering, independent validation through effective challenge, and ongoing monitoring. VerifyWise turns those expectations into a tracked workflow, so you can show an examiner the whole trail.
Fed SR 11-7 / OCC Bulletin 2011-12 / FDIC FIL-22-2017. Superseded April 17, 2026 by SR 26-2 / OCC Bulletin 2026-13, which carries the same core principles forward.
What is SR 11-7?
SR 11-7 is the U.S. banking regulators' foundational Supervisory Guidance on Model Risk Management, issued jointly by the Federal Reserve (SR 11-7) and the OCC (Bulletin 2011-12) on April 4, 2011, and adopted by the FDIC in 2017. It defines model risk as the potential for adverse consequences from decisions based on models that are incorrect or misused.
It is principles-based supervisory guidance, not a rule, so its intensity scales with a bank's size, complexity and model risk exposure.
Why this matters: these are supervisory expectations examiners hold you to. Weaknesses surface as MRAs and MRIAs, not fines, and unremediated findings can feed lower supervisory ratings.
Issued April 4, 2011
Adopted by FDIC June 7, 2017
Supervisory guidance
Enforced through examination, not statutory fines
Pairs with our work on ISO 42001 and the EU AI Act for AI-specific governance.
Who SR 11-7 applies to
- Banks supervised by the Federal Reserve
- National banks and federal thrifts supervised by the OCC
- FDIC-supervised institutions (generally those over ~$1B in assets, or with significant or complex model use)
- Any institution relying on models for credit, pricing, capital and stress testing, allowance/CECL, BSA/AML, fraud, and trading or valuation
- Non-bank firms adopting SR 11-7 as an industry best-practice framework for model governance
The three core elements of SR 11-7
SR 11-7 builds model risk management on three connected elements. VerifyWise gives each one a home.
Sound model development, implementation and use
Models rest on a defensible basis and stay within their intended purpose.
Independent validation with effective challenge
Validation is independent, informed and empowered to find weaknesses.
Governance, policies and controls
Oversight, written policy and clear roles hold the program together.
What SR 11-7 expects you to do
Eight concrete expectations, from a firm-wide inventory to vendor-model oversight.
Maintain a firm-wide model inventory
Catalog every model in use and recently retired, with owners, purpose, inputs, methodology, limitations and interdependencies. SR 11-7 defines a model broadly as any quantitative method that turns input data into estimates.
Tier models by risk and materiality
Rank by materiality, complexity and potential impact so development, validation and oversight effort is proportional. Higher-risk models get more frequent, intensive review.
Sound development, implementation and use
A sound theoretical and empirical basis, clear purpose, documented assumptions and limitations, developmental testing and controlled implementation.
Independent validation with effective challenge
Validate independently of developers and users, with parties who have the competence, influence and incentive to find weaknesses, before first use and on an ongoing basis.
Three-component validation
Conceptual soundness, ongoing monitoring (process verification and benchmarking), and outcomes analysis (back-testing and benchmarking against alternatives).
Documentation an examiner can follow
Detailed enough that a knowledgeable third party, including an examiner, could understand it, reproduce key work and assess soundness. Maintained even for vendor models.
Governance, policies and controls with clear roles
Board and senior-management oversight, written policies, and a clear separation of model owners, validators and internal audit.
Manage vendor and third-party models to the same standard
Externally developed and vendor models, including low-transparency ones, get the same validation, documentation and monitoring. The bank stays responsible.
Tier your models, then calibrate the rigor
SR 11-7 expects effort to scale with a model's materiality and impact. VerifyWise tiers every model, then sets validation depth, monitoring cadence and attestation expectations per tier.
Most intensive validation, most frequent monitoring, tightest revalidation triggers
Proportionate validation and scheduled monitoring
Lighter-touch validation, periodic review
The same principles apply across every tier, only the intensity changes. This is exactly how examiners expect proportionality to work.
Where most SR 11-7 programs fall short
Many teams meet the guidance on paper but run it on spreadsheets and documents. Here is where those setups break, and what closes each gap.
The inventory lives in a spreadsheet
A shared workbook goes stale between reviews, has no owner per row and cannot show an examiner when a model was last touched.
A single model inventory with owners and metadata per model, kept current through machine-to-machine ingestion tokens rather than manual edits.
Validation reports sit in scattered documents
Word files and email threads make it hard to prove independence, find evidence or show that every required section was covered.
Six-section validation reports with evidence links and findings logged by severity and stage, produced independently of the model's developers.
Monitoring is manual or does not happen
Drift and performance decay are caught late, if at all, and there is no record of what threshold was breached or what was done about it.
Metric thresholds such as PSI and AUC with warn, high and critical severities and defined breach actions, so decay surfaces and is actioned on a schedule.
Revalidation depends on someone remembering
A material change or a breach should reopen validation, but without a trigger it waits for the next annual cycle.
Breach, material change, tier increase and scheduled triggers open validation tasks automatically, each written to an append-only log.
Tiering is inconsistent across teams
Different groups rate the same class of model differently, so validation effort does not track real materiality.
One tiering scheme by materiality drivers that sets validation depth, monitoring cadence and attestation expectations per tier.
Program health is a manual quarterly scramble
Pulling together coverage, overdue validations and open findings for the board or an examiner takes days of spreadsheet work.
A per-tier attestation roll-up (blocked or ok) that reads current coverage, monitoring status and open findings on demand.
How VerifyWise supports SR 11-7 model risk management
The model risk management module covers inventory, tiering, validation, monitoring, revalidation and attestation in one audit-logged workflow.
Model inventory
A single firm-wide inventory of every model with owners, purpose and metadata, kept current with machine-to-machine ingestion tokens.
Risk-based tiering
Manual tiering into three tiers by materiality drivers, so validation and oversight effort stays proportionate to each model's impact.
Independent validation reports
Six-section validation reports (purpose and scope, conceptual soundness, data review, outcomes analysis and more) with evidence links and findings logged by severity and stage.
Ongoing monitoring
Metric thresholds such as PSI and AUC with warn, high and critical breach severities and defined breach actions, to catch drift and performance decay.
Revalidation triggers
Breach, material change, tier increase and scheduled triggers automatically open validation tasks, with an append-only audit log.
Attestation roll-up
Per-tier attestation that rolls up tiering currency, validation coverage, active monitoring and open findings into a blocked or ok status.
Every tiering decision, validation, breach and revalidation is timestamped in an append-only log, the reproducible trail SR 11-7 documentation expectations call for.
SR 11-7 expectations, mapped to VerifyWise capabilities
Each supervisory expectation below is covered by a specific, already-built capability, not a roadmap promise.
| SR 11-7 requirement | VerifyWise MRM capability |
|---|---|
| Maintain a firm-wide model inventory | Model inventory: a single catalog of every model with owners, purpose and metadata, kept current via machine-to-machine metric ingestion tokens. |
| Tier models by risk and materiality | Manual tiering into three tiers by materiality drivers, so validation, monitoring cadence and attestation expectations scale with each model's impact. |
| Independent validation with effective challenge | Six-section validation reports with evidence links, produced independently of the model's developers and users. |
| Three-component validation | Validation reports cover conceptual soundness and outcomes analysis; metric-threshold monitoring (PSI, AUC) provides the ongoing monitoring component. |
| Ongoing monitoring for drift and performance decay | Metric thresholds with warn, high and critical breach severities and defined breach actions (notify, or notify and flag for revalidation). |
| Trigger revalidation on material change or deterioration | Revalidation triggers (breach, material change, tier increase, scheduled) automatically open validation tasks, with an append-only audit log. |
| Reproducible documentation for examiners | Structured validation reports, findings logged by severity and stage, evidence links and an append-only audit log give a reproducible trail. |
| Governance, oversight and reporting on program health | Per-tier attestation roll-up (blocked/ok) covering tiering currency, validation coverage, active monitoring and open findings. |
VerifyWise supports the SR 11-7 framework and the successor SR 26-2 / OCC Bulletin 2026-13 guidance, which carries the same core principles forward with a more proportional, risk-based approach.
SR 11-7 already covers your AI and ML models
Its definition of a model is deliberately broad and technology-neutral, covering scorecards, gradient-boosted trees, neural networks and increasingly LLMs and generative or agentic AI used in banking decisions.
Conceptual soundness and documentation
Opaque black-box models make explainability, feature governance and assumption testing central to validation.
Monitoring and outcomes analysis
You have to catch data drift, performance decay and fairness or bias issues that evolve after deployment.
Effective challenge and third parties
Validators need to be fluent in ML failure modes, and vendor LLMs and foundation models must still be validated and controlled by the bank.
Many banks extend the SR 11-7 inventory-plus-validation framework as the backbone of their broader AI governance program, layering in bias testing, data lineage and human-oversight controls. The successor SR 26-2 guidance explicitly modernizes for advances in modeling, including AI and ML.
How SR 11-7 is enforced
SR 11-7 is supervisory guidance, not law. There are no statutory fines. Enforcement runs through the examination process.
Matters Requiring Attention (MRAs)
Examiners cite deficiencies as supervisory findings that require written remediation plans and timelines. Non-public.
Matters Requiring Immediate Attention (MRIAs)
The more serious findings, often with tight remediation windows, frequently 30 to 90 days. Non-public.
Escalation
Unremediated or severe weaknesses can feed lower supervisory ratings, activity or capital restrictions, and in serious cases formal enforcement.
Because findings hinge on whether you can evidence a working program, an audit-logged, always-current model risk record is the practical defense, which is what VerifyWise maintains.
What examiner-ready looks like
Per-tier attestation rolls four checks into a single status you can show leadership and examiners before a gap is found for you.
Tiering current
Every model tiered and dates fresh
Validation coverage
Required validations complete per tier
Monitoring active
Thresholds live and breaches actioned
Open findings tracked
Findings logged by severity and stage
When all four are green per tier, attestation rolls up to OK. Any gap shows as blocked before an examiner finds it.
Frequently asked questions
Common questions about SR 11-7 and model risk management.
Run your model risk program the way examiners expect
See how VerifyWise handles inventory, tiering, validation, monitoring, revalidation and attestation in one audit-logged workflow.