Supervisory guidance on model risk management

SR 11-7 model risk management, run as one program

SR 11-7 sets the supervisory expectations for model risk management at U.S. banks: a firm-wide model inventory, risk-based tiering, independent validation through effective challenge, and ongoing monitoring. VerifyWise turns those expectations into a tracked workflow, so you can show an examiner the whole trail.

Fed SR 11-7 / OCC Bulletin 2011-12 / FDIC FIL-22-2017. Superseded April 17, 2026 by SR 26-2 / OCC Bulletin 2026-13, which carries the same core principles forward.

Sound model development, implementation and use
Independent validation with effective challenge
Governance, policies and controls

What is SR 11-7?

SR 11-7 is the U.S. banking regulators' foundational Supervisory Guidance on Model Risk Management, issued jointly by the Federal Reserve (SR 11-7) and the OCC (Bulletin 2011-12) on April 4, 2011, and adopted by the FDIC in 2017. It defines model risk as the potential for adverse consequences from decisions based on models that are incorrect or misused.

It is principles-based supervisory guidance, not a rule, so its intensity scales with a bank's size, complexity and model risk exposure.

Why this matters: these are supervisory expectations examiners hold you to. Weaknesses surface as MRAs and MRIAs, not fines, and unremediated findings can feed lower supervisory ratings.

Issued April 4, 2011

Adopted by FDIC June 7, 2017

Supervisory guidance

Enforced through examination, not statutory fines

Pairs with our work on ISO 42001 and the EU AI Act for AI-specific governance.

Who SR 11-7 applies to

  • Banks supervised by the Federal Reserve
  • National banks and federal thrifts supervised by the OCC
  • FDIC-supervised institutions (generally those over ~$1B in assets, or with significant or complex model use)
  • Any institution relying on models for credit, pricing, capital and stress testing, allowance/CECL, BSA/AML, fraud, and trading or valuation
  • Non-bank firms adopting SR 11-7 as an industry best-practice framework for model governance

The three core elements of SR 11-7

SR 11-7 builds model risk management on three connected elements. VerifyWise gives each one a home.

Sound model development, implementation and use

Models rest on a defensible basis and stay within their intended purpose.

Sound theoretical and empirical basis
Clear statement of purpose
Appropriate data and documented assumptions
Developmental testing
Controlled implementation
Use kept within intended scope

Independent validation with effective challenge

Validation is independent, informed and empowered to find weaknesses.

Validation independent of developers and users
Critical, informed effective challenge
Competence, influence and incentive to find weaknesses
Validation before first use and ongoing
Appropriate independence and reporting lines

Governance, policies and controls

Oversight, written policy and clear roles hold the program together.

Board and senior-management oversight
Written policies and procedures
Clear roles for owners, validators and internal audit
Strong control environment

What SR 11-7 expects you to do

Eight concrete expectations, from a firm-wide inventory to vendor-model oversight.

Maintain a firm-wide model inventory

Catalog every model in use and recently retired, with owners, purpose, inputs, methodology, limitations and interdependencies. SR 11-7 defines a model broadly as any quantitative method that turns input data into estimates.

Tier models by risk and materiality

Rank by materiality, complexity and potential impact so development, validation and oversight effort is proportional. Higher-risk models get more frequent, intensive review.

Sound development, implementation and use

A sound theoretical and empirical basis, clear purpose, documented assumptions and limitations, developmental testing and controlled implementation.

Independent validation with effective challenge

Validate independently of developers and users, with parties who have the competence, influence and incentive to find weaknesses, before first use and on an ongoing basis.

Three-component validation

Conceptual soundness, ongoing monitoring (process verification and benchmarking), and outcomes analysis (back-testing and benchmarking against alternatives).

Documentation an examiner can follow

Detailed enough that a knowledgeable third party, including an examiner, could understand it, reproduce key work and assess soundness. Maintained even for vendor models.

Governance, policies and controls with clear roles

Board and senior-management oversight, written policies, and a clear separation of model owners, validators and internal audit.

Manage vendor and third-party models to the same standard

Externally developed and vendor models, including low-transparency ones, get the same validation, documentation and monitoring. The bank stays responsible.

Tier your models, then calibrate the rigor

SR 11-7 expects effort to scale with a model's materiality and impact. VerifyWise tiers every model, then sets validation depth, monitoring cadence and attestation expectations per tier.

Tier 1High materiality

Most intensive validation, most frequent monitoring, tightest revalidation triggers

Tier 2Moderate materiality

Proportionate validation and scheduled monitoring

Tier 3Lower materiality

Lighter-touch validation, periodic review

Tier 1: Continuous monitoringTier 2: Scheduled monitoringTier 3: Periodic review

The same principles apply across every tier, only the intensity changes. This is exactly how examiners expect proportionality to work.

Where most SR 11-7 programs fall short

Many teams meet the guidance on paper but run it on spreadsheets and documents. Here is where those setups break, and what closes each gap.

The inventory lives in a spreadsheet

A shared workbook goes stale between reviews, has no owner per row and cannot show an examiner when a model was last touched.

A single model inventory with owners and metadata per model, kept current through machine-to-machine ingestion tokens rather than manual edits.

Validation reports sit in scattered documents

Word files and email threads make it hard to prove independence, find evidence or show that every required section was covered.

Six-section validation reports with evidence links and findings logged by severity and stage, produced independently of the model's developers.

Monitoring is manual or does not happen

Drift and performance decay are caught late, if at all, and there is no record of what threshold was breached or what was done about it.

Metric thresholds such as PSI and AUC with warn, high and critical severities and defined breach actions, so decay surfaces and is actioned on a schedule.

Revalidation depends on someone remembering

A material change or a breach should reopen validation, but without a trigger it waits for the next annual cycle.

Breach, material change, tier increase and scheduled triggers open validation tasks automatically, each written to an append-only log.

Tiering is inconsistent across teams

Different groups rate the same class of model differently, so validation effort does not track real materiality.

One tiering scheme by materiality drivers that sets validation depth, monitoring cadence and attestation expectations per tier.

Program health is a manual quarterly scramble

Pulling together coverage, overdue validations and open findings for the board or an examiner takes days of spreadsheet work.

A per-tier attestation roll-up (blocked or ok) that reads current coverage, monitoring status and open findings on demand.

How VerifyWise supports SR 11-7 model risk management

The model risk management module covers inventory, tiering, validation, monitoring, revalidation and attestation in one audit-logged workflow.

Model inventory

A single firm-wide inventory of every model with owners, purpose and metadata, kept current with machine-to-machine ingestion tokens.

Risk-based tiering

Manual tiering into three tiers by materiality drivers, so validation and oversight effort stays proportionate to each model's impact.

Independent validation reports

Six-section validation reports (purpose and scope, conceptual soundness, data review, outcomes analysis and more) with evidence links and findings logged by severity and stage.

Ongoing monitoring

Metric thresholds such as PSI and AUC with warn, high and critical breach severities and defined breach actions, to catch drift and performance decay.

Revalidation triggers

Breach, material change, tier increase and scheduled triggers automatically open validation tasks, with an append-only audit log.

Attestation roll-up

Per-tier attestation that rolls up tiering currency, validation coverage, active monitoring and open findings into a blocked or ok status.

Every tiering decision, validation, breach and revalidation is timestamped in an append-only log, the reproducible trail SR 11-7 documentation expectations call for.

SR 11-7 expectations, mapped to VerifyWise capabilities

Each supervisory expectation below is covered by a specific, already-built capability, not a roadmap promise.

SR 11-7 requirementVerifyWise MRM capability
Maintain a firm-wide model inventoryModel inventory: a single catalog of every model with owners, purpose and metadata, kept current via machine-to-machine metric ingestion tokens.
Tier models by risk and materialityManual tiering into three tiers by materiality drivers, so validation, monitoring cadence and attestation expectations scale with each model's impact.
Independent validation with effective challengeSix-section validation reports with evidence links, produced independently of the model's developers and users.
Three-component validationValidation reports cover conceptual soundness and outcomes analysis; metric-threshold monitoring (PSI, AUC) provides the ongoing monitoring component.
Ongoing monitoring for drift and performance decayMetric thresholds with warn, high and critical breach severities and defined breach actions (notify, or notify and flag for revalidation).
Trigger revalidation on material change or deteriorationRevalidation triggers (breach, material change, tier increase, scheduled) automatically open validation tasks, with an append-only audit log.
Reproducible documentation for examinersStructured validation reports, findings logged by severity and stage, evidence links and an append-only audit log give a reproducible trail.
Governance, oversight and reporting on program healthPer-tier attestation roll-up (blocked/ok) covering tiering currency, validation coverage, active monitoring and open findings.

VerifyWise supports the SR 11-7 framework and the successor SR 26-2 / OCC Bulletin 2026-13 guidance, which carries the same core principles forward with a more proportional, risk-based approach.

SR 11-7 already covers your AI and ML models

Its definition of a model is deliberately broad and technology-neutral, covering scorecards, gradient-boosted trees, neural networks and increasingly LLMs and generative or agentic AI used in banking decisions.

Conceptual soundness and documentation

Opaque black-box models make explainability, feature governance and assumption testing central to validation.

Monitoring and outcomes analysis

You have to catch data drift, performance decay and fairness or bias issues that evolve after deployment.

Effective challenge and third parties

Validators need to be fluent in ML failure modes, and vendor LLMs and foundation models must still be validated and controlled by the bank.

Many banks extend the SR 11-7 inventory-plus-validation framework as the backbone of their broader AI governance program, layering in bias testing, data lineage and human-oversight controls. The successor SR 26-2 guidance explicitly modernizes for advances in modeling, including AI and ML.

How SR 11-7 is enforced

SR 11-7 is supervisory guidance, not law. There are no statutory fines. Enforcement runs through the examination process.

Matters Requiring Attention (MRAs)

Examiners cite deficiencies as supervisory findings that require written remediation plans and timelines. Non-public.

Matters Requiring Immediate Attention (MRIAs)

The more serious findings, often with tight remediation windows, frequently 30 to 90 days. Non-public.

Escalation

Unremediated or severe weaknesses can feed lower supervisory ratings, activity or capital restrictions, and in serious cases formal enforcement.

Because findings hinge on whether you can evidence a working program, an audit-logged, always-current model risk record is the practical defense, which is what VerifyWise maintains.

What examiner-ready looks like

Per-tier attestation rolls four checks into a single status you can show leadership and examiners before a gap is found for you.

OK

Tiering current

Every model tiered and dates fresh

OK

Validation coverage

Required validations complete per tier

OK

Monitoring active

Thresholds live and breaches actioned

Blocked

Open findings tracked

Findings logged by severity and stage

When all four are green per tier, attestation rolls up to OK. Any gap shows as blocked before an examiner finds it.

Frequently asked questions

Common questions about SR 11-7 and model risk management.

SR 11-7 is the U.S. banking regulators' Supervisory Guidance on Model Risk Management, issued jointly by the Federal Reserve (SR 11-7) and the OCC (Bulletin 2011-12) on April 4, 2011, and adopted by the FDIC in 2017. It defines model risk as the potential for adverse consequences from decisions based on models that are incorrect or misused, and it builds model risk management on three elements: sound model development and use, independent validation through effective challenge, and governance, policies and controls. It is principles-based supervisory guidance rather than a rule, so its intensity scales with a bank's size, complexity and model risk exposure.
It applies to banking organizations supervised by the Federal Reserve, the OCC and, since 2017, the FDIC. It reaches any depository institution or holding company that relies on quantitative models for decisions such as credit underwriting, pricing, capital and stress testing, allowance/CECL, BSA/AML, fraud and trading or valuation. Expectations are proportional: large, model-intensive banks face the most rigorous programs, while smaller institutions with few, simple models face lighter expectations. It is not directly binding on non-bank firms, though many adopt it as a best-practice framework.
SR 11-7 is supervisory guidance, not law, so it carries no statutory fines on its own. Enforcement runs through examination: examiners cite deficiencies as supervisory findings, most commonly Matters Requiring Attention (MRAs) and the more serious Matters Requiring Immediate Attention (MRIAs), which are non-public and require written remediation plans and timelines (often 30 to 90 days for MRIAs). Unremediated or severe weaknesses can feed lower supervisory ratings, restrictions on activities or capital actions, and in serious safety-and-soundness cases can escalate to formal enforcement under the agencies' independent legal authority.
Yes. SR 11-7 predates mainstream AI/ML, but its definition of a model is deliberately broad and technology-neutral, covering any quantitative method that turns input data into estimates. That includes credit and fraud scorecards, gradient-boosted trees, neural networks and increasingly large language models and generative or agentic AI used in banking decisions. AI/ML raises the stakes on conceptual soundness and documentation, on monitoring and outcomes analysis, and on effective challenge. Vendor LLMs and foundation models must still be validated and controlled by the bank.
On April 17, 2026 the agencies issued the interagency Revised Guidance on Model Risk Management (Fed SR 26-2 / OCC Bulletin 2026-13), which superseded SR 11-7 and the 2021 BSA/AML model-risk statement. SR 26-2 carries forward the same core principles (model inventory, risk-based tiering, independent validation, ongoing monitoring and governance) with a more proportional, risk-based approach and modernization for advances in modeling, including AI/ML. SR 11-7 remains the foundational reference that shaped current practice, and a program built to SR 11-7 maps directly onto the successor guidance. VerifyWise supports both.

Run your model risk program the way examiners expect

See how VerifyWise handles inventory, tiering, validation, monitoring, revalidation and attestation in one audit-logged workflow.

Book a demo
SR 11-7 model risk management software | VerifyWise