Skill Guide

Regulatory compliance for model risk management (Basel III/IV, SR 11-7, ECOA, fair lending)

Regulatory compliance for model risk management is the systematic process of ensuring that all quantitative models used in financial decision-making adhere to specific, binding regulatory standards to mitigate financial, legal, and reputational risk.

This skill is critical for preventing regulatory fines, which can reach billions of dollars, and for maintaining institutional stability by ensuring models used for capital planning, lending, and stress testing are robust, fair, and auditable. It directly impacts an organization's license to operate and its cost of capital.

1 Careers

1 Categories

8.7 Avg Demand

25% Avg AI Risk

How to Learn Regulatory compliance for model risk management (Basel III/IV, SR 11-7, ECOA, fair lending)

1. Master the core regulatory lexicon: Study the definitions and key requirements of SR 11-7 (Fed), Basel III/IV capital requirements (specifically the Internal Ratings-Based approach), and the Equal Credit Opportunity Act (ECOA) as implemented by Regulation B. 2. Understand the model risk management lifecycle: Learn the three pillars-model development, validation, and governance-as outlined in SR 11-7. 3. Focus on documentation standards: Practice creating a basic model risk assessment template covering model purpose, methodology, limitations, and intended use.

1. Apply frameworks to specific models: Conduct a mock validation of a common model (e.g., a probability of default model for credit risk) against SR 11-7 requirements. Document findings on conceptual soundness, data integrity, and performance testing. 2. Analyze fair lending implications: Take a lending model's output and perform a disparate impact analysis using a protected class (e.g., race, gender) as per ECOA and the Fair Housing Act. Calculate adverse impact ratios. 3. Avoid common mistakes: Do not treat validation as a one-time checklist; understand it is a continuous process. Avoid using overly simplistic fairness metrics without understanding their regulatory context.

1. Architect enterprise model risk frameworks: Design a comprehensive Model Risk Management (MRM) policy that integrates requirements from SR 11-7, Basel's IMA/IRB approaches, and fair lending laws into a single, auditable governance structure. 2. Lead regulatory examinations: Prepare for and manage interactions with regulatory bodies (OCC, Fed, CFPB) by developing a narrative that links model performance, validation findings, and remediation plans. 3. Mentor and set standards: Guide teams on complex issues like the interaction between model risk and climate risk stress testing, and establish internal standards for challenger model development and model tiering based on materiality.

Practice Projects

Beginner

Case Study/Exercise

SR 11-7 Compliance Checklist Audit

Scenario

You are given the documentation for a commercial real estate valuation model. The model is used for loan origination decisions.

How to Execute

1. Obtain the SR 11-7 guidance document. 2. Create a compliance checklist with sections for 'Purpose & Design', 'Data', 'Testing', 'Documentation', and 'Governance'. 3. Review the model documentation against each checklist item. 4. Write a one-page memo listing the top three compliance gaps found and cite the specific SR 11-7 principle for each gap.

Intermediate

Case Study/Exercise

Fair Lending Disparate Impact Analysis

Scenario

You have a dataset of approved/denied mortgage applications with model-generated risk scores. The dataset includes a protected class variable (e.g., 'Race').

How to Execute

1. Define the control group (e.g., White, non-Hispanic applicants) and a protected class group. 2. Calculate the approval rate for each group. 3. Compute the Adverse Impact Ratio (AIR): Approval Rate (Protected Class) / Approval Rate (Control Group). 4. If AIR < 0.8 (the '80% rule'), investigate potential disparate impact. Document the steps to determine if the model's use is a business necessity and if less discriminatory alternatives were considered.

Advanced

Case Study/Exercise

Model Risk Management Program Remediation Plan

Scenario

A regulatory examination has found material weaknesses in your institution's MRM program, specifically in model validation rigor and fair lending testing for AI/ML models.

How to Execute

1. Conduct a gap analysis between current practices and regulatory expectations (SR 11-7, CFPB guidance on AI/ML). 2. Develop a remediation roadmap with specific workstreams: one for enhancing validation methodologies (e.g., incorporating more stringent back-testing), and one for establishing a fair lending testing protocol for black-box models (using techniques like SHAP values for explainability). 3. Define resource requirements, timelines, and key risk indicators (KRIs). 4. Draft a board-level presentation to secure funding and mandate for the program overhaul.

Tools & Frameworks

Regulatory Frameworks & Guidance

FRB SR 11-7 (Supervisory Guidance on Model Risk Management)Basel III/IV Framework (FRTB, IRB Approach)CFPB & OCC Fair Lending Examination ProceduresECOA (Regulation B)

These are the foundational, non-negotiable rule sets. SR 11-7 provides the operational playbook for model risk. Basel dictates capital and risk-weight calculation models. Fair lending laws define the boundaries for equitable outcomes in model-based decisions.

Analytical & Technical Tools

Statistical Programming (Python/R for model replication)Model Documentation Platforms (e.g., Dataiku, Domino)Fair Lending Testing Software (e.g., ComplianceTech's LendingPatterns, SAS Fair Lending)GRC Platforms (e.g., Archer, ServiceNow for tracking model inventory and findings)

Python/R are essential for independent model validation and replicating challenger models. Specialized software automates disparate impact and regression analyses required by regulators. GRC platforms operationalize the governance component of SR 11-7.