As financial institutions begin deploying agentic AI systems capable of autonomous decision-making, long-standing assumptions embedded in the SR 11-7 Guidance on Model Risk Management (MRM) are being tested. At the core of this tension is not regulatory intent, but whether the very definition of “model” assumed by SR 11-7 can still accommodate systems that are dynamic, probabilistic, and increasingly autonomous.
Issued nearly a decade and a half ago, the U.S. bank regulators’ letter established a common supervisory framework grounded in the principle that models are simplified, relatively static representations of real-world relationships. Implicit in this framework were assumptions of bounded scope, stable parameters, and decision paths that could be reconstructed ex post.
For years, these assumptions held across a wide range of use cases – from credit scoring and stress testing to market risk measurement – providing a durable foundation for governance, validation and effective challenge.
Today, advances in AI – particularly the emergence of agentic systems – are testing the practical limits of these assumptions. Financial risks are emerging and propagating at a pace that challenges the core design assumptions of traditional model risk control frameworks, particularly those built around periodic review, stable model form, and clearly bounded use cases. As a result, the challenge for institutions is no longer whether these systems fall within the scope of SR 11-7, but whether the framework’s supervisory tools remain effective for models whose behavior may evolve materially between validation cycles.
Revisiting the Definition
The recurring debate over whether advanced AI systems should be governed as software assets or as models is ultimately a symptom of a deeper issue: the definition of a model itself.
Krishan Sharma: Original assumptions tested.
Traditional software follows deterministic logic, executing predefined instructions that behave consistently across environments. In contrast, many AI systems are probabilistic, adaptive, and sensitive to changes in data, context, and interaction. Treating such systems solely as technology assets risks understating core model risk concerns, including biased outputs, unstable behavior, and decision pathways that cannot be readily interrogated.
At the same time, the traditional SR 11-7 definition of a model – a system that processes input data to produce a quantitative estimate – may be too narrow for agentic systems that continuously learn, adapt, and initiate actions in real time.
SR 11-7 was conceived in an era dominated by static, largely deterministic models with parameters calibrated periodically and deployed unchanged between reviews. By contrast, many modern AI systems are dynamic rather than static, probabilistic rather than deterministic, and in some cases agentic, or capable of pursuing objectives with limited human intervention. While these characteristics may have been difficult to envision even within a principles-based supervisory framework, they now sit squarely within banks’ risk-taking processes.
Importantly, this evolution does not render SR 11-7 obsolete. Its foundational principles – sound governance, independent validation, and effective challenge – remain conceptually robust. What has changed is the nature of the objects to which those principles must be applied.
Regulatory Context Without Distraction
The broader regulatory environment surrounding AI and financial risk is approaching an inflection point. U.S. banking regulators are expected to issue additional guidance addressing governance, accountability, and consumer protection in AI-enabled financial activities, while firms simultaneously navigate diverging global approaches to technology regulation.
Against this backdrop, SR 11-7 remains one of the few stable reference points for model governance, making clarity around its scope and limitations even more critical. Rather than serving as a constraint on innovation, the framework increasingly functions as a baseline against which new risks must be interpreted.
Why Revise, Not Abandon, SR 11-7
Rather than abandoning a framework that has demonstrated durability across multiple risk cycles, supervisors and institutions should consider a measured evolution. Abandonment of SR 11-7 would risk creating a regulatory vacuum at a time when financial institutions are integrating increasingly complex and opaque systems into core decision-making. A more constructive path forward is targeted refinement, focused on areas where agentic AI most directly strains existing supervisory tools.
Three dimensions stand out:
- Dynamic Validation. Validation approaches emphasized in SR 11-7 – such as conceptual soundness assessments, outcomes analysis, and benchmarking – are designed for models whose structure and behavior remain stable between review cycles. For models that recalibrate autonomously or adapt based on ongoing interaction, these tools may lose effectiveness, as material changes in behavior can occur without a formal redevelopment event. This misalignment suggests the need to complement periodic validation with more continuous monitoring and use-based controls.
- Third-Party Concentration. Concentration risk is amplified by the growing reliance on a small number of external AI vendors and foundational model providers, many of which operate outside traditional regulatory perimeters. Unlike traditional model development, concentration in foundational AI capabilities can create correlated risks across institutions, reducing the effectiveness of firm-specific controls and increasing the potential for systemic impact.
- Explainability Standards. SR 11-7 emphasizes transparency sufficient to enable effective challenge, yet provides limited guidance on what constitutes “sufficient explainability” for complex models. As AI systems grow more opaque, clearer supervisory expectations will be needed to ensure that explainability remains meaningful, even when underlying algorithms are not intuitively interpretable.
Governance in a More Fluid Model Lifecycle
SR 11-7 also assumes a relatively clear organizational separation between model development, validation, and use. As AI systems become more embedded within platforms and products, firms are increasingly reassessing where validation responsibility should reside and whether complementary approaches – such as real-time monitoring, risk-tiered governance, or embedded controls – may be more effective than traditional gate-based validation alone.
This evolution does not diminish the importance of independent challenge, but it does suggest that its implementation may need to adapt.
Managing the Mutation
The picture is further complicated by the cyber and operational dimensions of AI. AI-enabled incidents are likely to propagate faster and prove harder to contain than prior generations of technology risk events. Resilience is no longer a technical checkbox, but a board-level concern, requiring institutions to map operational exposures across increasingly interdependent local and global ecosystems.
Institutions that succeed in this next phase will be those that treat AI neither as a panacea nor as an exception, but as a risk-bearing capability subject to disciplined governance. That discipline is unlikely to emerge from waiting for perfect regulatory clarity. Instead, it will require firms to recognize where SR 11-7’s assumptions end – and where new supervisory tools must begin.
Krishan Sharma is a senior vice president and model risk management leader at Citigroup in New York, specializing in enterprise-wide risk oversight, regulatory stress testing, capital planning & adequacy, and the integration of artificial intelligence and machine learning into risk analytics. He leads cross-geographical teams responsible for model validation, predictive analytics and risk governance.
Topics: Model Risk, Modeling, Tools & Techniques