Jul 13, 2026 Financial Services Compliance 15 min read

Model Risk Management for LLMs: Applying SR 11-7 to Generative AI in Financial Services

By Arjun Jaggi  ·  Enterprise AI Strategy

Financial institutions have had a model risk management framework since 2011. The Federal Reserve and the OCC's SR 11-7 / OCC 2011-12 guidance defines how banks must validate, govern, and monitor the quantitative models that drive credit decisions, trading, and risk measurement. Large language models are now making decisions that affect those same domains. SR 11-7 applies to them, and most banks have not yet worked out how.

This is not a speculative problem. Regulators have begun asking financial institutions directly how their AI systems, including generative AI tools, fit within their existing model risk management programs. The OCC's 2023 bank supervision operating plan identified AI and machine learning as a supervisory priority. Banks that cannot demonstrate a coherent MRM approach to their LLM deployments face examination findings that are expensive to remediate and operationally disruptive to fix after the fact.

This post maps SR 11-7's three core components (model development and implementation, model validation, and ongoing monitoring) to the specific challenges that LLMs present, identifies where the existing guidance is silent and requires supervisory interpretation, and gives CROs and technology risk leaders a practical starting framework for their LLM model inventory and validation programs.

SR 11-7
Federal Reserve supervisory guidance on model risk management, issued April 2011, co-issued by OCC as OCC 2011-12. Still the primary MRM standard for U.S. banks.
2023
OCC bank supervision operating plan identified AI and machine learning as an explicit supervisory priority for examinations.
3
SR 11-7 pillars: model development and implementation, model validation, and ongoing monitoring and governance.

What SR 11-7 Actually Says

SR 11-7 defines a model as "a quantitative method, system, or approach that applies statistical, economic, financial, or mathematical theories, techniques, and assumptions to process input data into quantitative estimates." The guidance breaks model risk into two sources: the model producing incorrect outputs when used correctly, and the model being used incorrectly or in inappropriate circumstances.

The three-pillar structure of SR 11-7 requires: first, that model development follows a documented methodology with clear assumptions, limitations, and intended use; second, that model validation is performed by a function independent of model development, covering conceptual soundness, ongoing monitoring, and outcomes analysis; and third, that governance ensures models are used within their intended scope, that changes are controlled, and that senior management and the board receive appropriate reporting on model risk.

The guidance was written before transformer architectures existed, and it shows. SR 11-7 assumes models have explicit, interpretable mathematical formulations, defined input-output mappings, and quantifiable uncertainty. LLMs have none of these properties in the traditional sense. A 70-billion-parameter language model does not have a "conceptual soundness" that can be evaluated by reading a model documentation package. Its outputs emerge from patterns in pretraining data that cannot be exhaustively characterized. This creates genuine gaps between the framework's assumptions and the realities of LLM deployment, gaps that banks must bridge through supervisory judgment and documented interpretation.

"SR 11-7 was written for models you can open and inspect. LLMs are models you can only probe. That changes the validation methodology, not the obligation."

Does SR 11-7 Apply to LLMs?

The short answer is: it depends on what the LLM is doing. SR 11-7's definition of a model is broad enough to capture most substantive LLM applications in financial services, but regulators have been careful not to assert that all generative AI tools are models in the SR 11-7 sense.

An LLM that generates marketing copy for customer communications is probably not a model under SR 11-7, because it is not producing quantitative estimates that drive financial decisions. An LLM that summarizes credit analyst research to support underwriting decisions, assesses the credit quality of loan documentation, generates risk narratives for regulatory capital models, or flags suspicious transaction patterns for BSA/AML review is almost certainly a model under SR 11-7, because its outputs directly influence decisions within the scope of the guidance.

The OCC's 2021 guidance on bank use of artificial intelligence (OCC 2021-78, the interagency statement on AI risk management) explicitly states that AI systems used in credit underwriting, fraud detection, risk management, and customer compliance are subject to existing model risk management supervisory expectations. This includes both traditional ML models and, by clear implication, LLM-based systems performing similar functions.

The practical implication is that every financial institution needs to apply an SR 11-7 materiality assessment to each LLM application in its portfolio. The assessment should document the LLM's role in decision-making, the financial decisions influenced by its outputs, the population of affected customers or transactions, and the potential for consumer harm if the model produces incorrect outputs. High-materiality LLM applications require full SR 11-7 validation. Low-materiality applications require at minimum a documented rationale for why they fall outside the guidance's scope.

The Three Pillars: Where LLMs Break the Framework

Pillar 1: Model Development and Implementation

SR 11-7 requires that model documentation cover the theoretical and conceptual basis of the model, the data used in development, key assumptions and limitations, and the intended use. For a traditional credit scoring model, this documentation is straightforward: the logistic regression coefficients are interpretable, the training data is proprietary and auditable, and the intended use is precisely defined.

For a foundation model like Llama or a GPT-series model, the "theoretical and conceptual basis" is a transformer architecture trained on trillions of tokens of internet text, clinical records, code, and other data that the model developer has documented at varying levels of specificity. Most financial institutions deploying a commercial or open-weight LLM did not build it and cannot fully characterize its pretraining data. This creates a documentation gap: SR 11-7 requires the bank to document what it often cannot know.

The practical approach is to distinguish between the foundation model and the bank's application layer. The foundation model is treated as a third-party model component, subject to the vendor management requirements of SR 11-7 Section III, which requires that the bank conduct appropriate due diligence on external model components and obtain sufficient information to validate the component's fitness for purpose. The bank's application layer, including system prompts, retrieval pipelines, fine-tuning, and output processing, is within the bank's development scope and must be fully documented. This bifurcated documentation approach is not explicitly described in SR 11-7, but it is consistent with the guidance's third-party risk principles and is the approach that validation teams are converging on in practice.

Pillar 2: Model Validation

SR 11-7 requires independent validation covering three elements: evaluation of conceptual soundness, ongoing monitoring, and outcomes analysis. Each element requires significant adaptation for LLMs.

Conceptual soundness evaluation for a traditional model means reviewing the mathematical derivation, checking that the model's assumptions are appropriate for the intended use, and assessing whether the model structure is theoretically justified. For an LLM, conceptual soundness evaluation means something different: assessing whether the model architecture and pretraining data are appropriate for the specific financial task, whether the prompting and retrieval design is sound, and whether the model's known failure modes (hallucination, sycophancy, context window limitations) are adequately mitigated by the application design. This is a task for validation teams that combine financial domain expertise with ML engineering knowledge. Most bank validation teams built for traditional model risk do not yet have this combination.

Ongoing monitoring of LLMs requires establishing quantitative performance metrics for tasks that are not inherently quantitative. A credit narrative generation model does not have a single scalar performance metric analogous to a credit model's Gini coefficient. Banks are developing domain-specific evaluation harnesses that score LLM outputs on accuracy, completeness, consistency, and hallucination rate using a combination of automated scoring (LLM-as-judge approaches, factual consistency checkers) and periodic human review by subject matter experts. The monitoring cadence, thresholds for escalation, and remediation protocols must be defined in the model's validation documentation before the model goes into use.

Outcomes analysis for LLMs in decision-support roles requires comparing the decisions made with LLM assistance against decisions made without it, and tracking whether LLM-influenced decisions produce better or worse outcomes over time. This is methodologically challenging because the counterfactual is hard to observe, and because LLM-influenced decisions are often confounded with analyst quality, deal characteristics, and market conditions. Banks are addressing this through controlled pilot designs that randomize LLM assistance across comparable decision units, enabling pre-post and treatment-control comparisons that produce actionable outcomes data.

Pillar 3: Governance

SR 11-7's governance requirements include a model inventory, tiering of models by materiality, board and senior management reporting, and a policy framework for model change management. Adapting these to LLMs requires several specific decisions.

The model inventory must include every LLM application that meets the materiality threshold, with its intended use, the population it affects, the validation status, and the assigned model owner. The inventory should capture the specific model version in deployment, because LLMs from commercial providers update frequently and version changes may constitute model changes that require re-validation under SR 11-7's change management provisions.

Tiering is the most consequential governance decision. SR 11-7 calls for higher validation rigor for higher-risk models. For LLMs, the relevant risk dimensions are the directness of the model's influence on financial decisions (decision-support vs. autonomous decision-making), the size and vulnerability of the affected population (retail customers vs. internal analysts), the regulatory sensitivity of the domain (credit vs. marketing), and the reversibility of potential errors. An LLM that generates first-draft credit memos for analyst review carries materially lower risk than an LLM whose output directly populates a credit decision system without analyst review. These two use cases should be in different model tiers with correspondingly different validation requirements.

SR 11-7 APPLIED TO LLMs: THREE-PILLAR ADAPTATION PILLAR 1: DEVELOPMENT SR 11-7 requirement: Document theoretical basis, data, assumptions, limits LLM adaptation: Bifurcate: foundation model (vendor due dil.) vs. application layer (bank-owned scope) Ref: SR 11-7 Section III Third-party risk provisions PILLAR 2: VALIDATION SR 11-7 requirement: Conceptual soundness, monitoring, outcomes analysis LLM adaptation: Prompt + retrieval review for soundness; eval harness for monitoring; controlled pilots for outcomes Validation team must have ML + domain expertise PILLAR 3: GOVERNANCE SR 11-7 requirement: Inventory, tiering, board reporting, change mgmt LLM adaptation: Version tracking in inventory Risk-tier by decision role; provider updates trigger change review OCC 2021-78 AI interagency statement applies
SR 11-7 three-pillar framework adapted for LLM deployments in financial services

The Gaps SR 11-7 Does Not Address

SR 11-7 was built for models with stable, documentable behavior. LLMs have three properties that the guidance does not address and that require supervisory interpretation or supplementary bank policy to manage.

Non-Determinism

Traditional models produce the same output for the same input, every time. LLMs do not. The temperature parameter in an LLM inference call introduces stochasticity: the same prompt can produce materially different outputs on successive calls. This breaks SR 11-7's assumption that model outputs are reproducible for validation purposes. Banks are addressing this by setting temperature to zero for all SR 11-7-covered LLM applications, producing deterministic outputs that can be replicated in validation testing. For applications where temperature is set above zero, validation must include testing across a distribution of outputs for a fixed prompt, not just a single output.

Prompt Sensitivity

LLM outputs are highly sensitive to the exact wording, structure, and content of the input prompt. A one-word change in a system prompt can shift model behavior in ways that a traditional model's sensitivity analysis would never reveal. SR 11-7's sensitivity testing requirements, designed for models where inputs are numerical variables with defined ranges, do not map cleanly to prompt sensitivity. Banks must develop prompt sensitivity testing methodologies specific to their LLM applications: systematic variation of prompt phrasing, ordering, and context to characterize how sensitive the model's outputs are to prompt design choices, and to ensure that the validated prompt is the prompt in use in the application.

Model Drift via Provider Updates

When a bank uses a foundation model from a commercial provider, the underlying model can change without the bank's direct action. A model provider may update their model's weights, safety filters, or inference behavior as part of routine operations. Under SR 11-7's change management provisions, a material change to a model requires documented review and, for material changes, re-validation. Banks using cloud-hosted LLMs must negotiate contractual provisions that give them advance notice of model updates and the ability to pin to a specific model version during validation cycles. Without these provisions, the bank cannot maintain the change management audit trail that SR 11-7 requires.

The EU AI Act Intersection

Financial institutions operating in the European Union face an additional layer of AI governance requirements from Regulation (EU) 2024/1689, the EU AI Act. Several LLM applications in financial services qualify as high-risk AI systems under Annex III of the Act, specifically systems used in creditworthiness assessment, credit scoring, and access to financial services. High-risk AI systems under the EU AI Act require conformity assessments, technical documentation, logging of system operation, and registration in the EU database before deployment.

The interaction between SR 11-7 and the EU AI Act creates a complex compliance matrix for internationally active banks. The two frameworks share intent but differ in specifics: SR 11-7's model inventory maps partially to the EU AI Act's technical documentation requirement; SR 11-7's ongoing monitoring maps to the Act's post-market monitoring obligations; but the Act's conformity assessment process has no direct SR 11-7 equivalent and requires separate procedures. Banks operating under both frameworks should build a unified AI governance framework that satisfies both sets of requirements simultaneously rather than running parallel compliance programs.

A Practical Gap Analysis

The table below maps common LLM applications in financial services to SR 11-7 classification and the primary validation gaps to address.

LLM Application SR 11-7 Classification Primary Validation Gap
Credit memo summarization (analyst review required) Model, medium materiality Hallucination rate testing; outcomes tracking vs. final analyst judgment
Loan document completeness check Model, medium-high materiality Recall testing on required document fields; false-negative rate thresholds
BSA/AML narrative generation for SAR filings Model, high materiality Regulatory accuracy; examiner review concordance; full independent validation
Customer Q&A chatbot (no credit decisions) Outside SR 11-7 scope or low materiality Documented materiality assessment; consumer protection compliance review
Trade surveillance alert triage Model, high materiality False-negative rate; escalation protocol; back-testing against closed cases
Earnings call transcript analysis for equity research Low materiality or outside scope Documented rationale for scope exclusion; fact accuracy spot-checks

What to Ask Your Chief Risk Officer

Building an LLM model risk management program?

Translating SR 11-7 to generative AI requires both regulatory knowledge and practical AI architecture experience. I work with financial services technology and risk leaders on AI governance frameworks that satisfy current supervisory expectations and scale as the model portfolio grows.

Book a Working Session

References

  1. Board of Governors of the Federal Reserve System. SR 11-7: Guidance on Model Risk Management. April 4, 2011. federalreserve.gov/supervisionreg/srletters/sr1107.htm
  2. Office of the Comptroller of the Currency. OCC 2011-12: Sound Practices for Model Risk Management. April 2011. occ.gov
  3. Board of Governors of the Federal Reserve System, FDIC, OCC. Interagency Statement on the Use of Artificial Intelligence, including Machine Learning, in Financial Services. November 2021. OCC 2021-78. occ.gov
  4. Office of the Comptroller of the Currency. Bank Supervision Operating Plan Fiscal Year 2024. 2023. occ.gov
  5. European Parliament and Council. Regulation (EU) 2024/1689 on Artificial Intelligence (EU AI Act). July 12, 2024. OJ L 2024/1689. eur-lex.europa.eu
  6. NIST. Artificial Intelligence Risk Management Framework (AI RMF 1.0). NIST AI 100-1. January 2023. doi.org/10.6028/NIST.AI.100-1
  7. Basel Committee on Banking Supervision. Principles for Operational Resilience. March 2021. bis.org/bcbs/publ/d516.htm
  8. Chen, L., Zaharia, M., Zou, J. FrugalGPT: How to Use Large Language Models While Reducing Cost and Improving Performance. arXiv:2310.11409. 2023.