← Resources

Governance · 3 min read

Model Risk Management for Agentic AI

US model-risk guidance now excludes agentic AI. How to govern it with NIST, ISO 42001, and Treasury's framework until the rules catch up.

By Evgeny Aleksandrov, Founder, BlackGrid ·

There is a gap at the center of agentic AI governance in US banking, and it opened in 2026. The revised model-risk guidance — OCC Bulletin 2026-13 and SR 26-02, issued jointly by the OCC, Federal Reserve, and FDIC — states that generative and agentic AI are 'novel and rapidly evolving' and 'are not within the scope of this guidance.' The familiar rulebook for governing models in a bank now explicitly excludes the most consequential new class of them. This is the governance reality behind every use case in agentic AI in financial services.

Diagram: revised US bank model-risk guidance excludes generative and agentic AI, so governance shifts to voluntary frameworks — NIST AI RMF, ISO/IEC 42001, the US Treasury FS AI RMF — plus existing law such as CFPB adverse-action and GDPR Article 22.

What model risk management was built for

For over a decade, US banks governed quantitative models under SR 11-7: a model inventory, independent validation, ongoing monitoring, and clear ownership across the model lifecycle. It assumes a definable model — stable inputs, a measurable output (a score, a rating, a forecast) — that an independent team can test and challenge.

Why agentic AI breaks the classic approach

An agent is not that kind of model. It is non-deterministic, it evolves, it calls external tools, and it acts across multiple steps rather than emitting a single score. Validation can no longer ask only "is this output accurate?" — it must ask "across sequences of decisions and actions, does this system behave within policy, and can we prove it did?" That is a different discipline, which is why the agencies carved agentic AI out of the existing guidance and signaled a future request for information.

The framework stack that fills the gap

Until dedicated rules arrive, governance is assembled from voluntary frameworks and existing law:

  • NIST AI Risk Management Framework — the Govern, Map, Measure, Manage core, plus a GenAI Profile that enumerates risk categories (confabulation, prompt injection, data poisoning, and more).
  • ISO/IEC 42001:2023 — the first certifiable AI management system standard, providing an auditable, Plan-Do-Check-Act governance backbone.
  • US Treasury Financial Services AI RMF (February 2026) — a sector-specific adaptation of the NIST framework for financial institutions.
  • Existing law. CFPB Circular 2022-03 requires explainable adverse-action reasons even for complex algorithms; the EU AI Act classifies credit and life/health-insurance pricing as high-risk.

What an agentic model-risk program needs

Mapping those frameworks onto an actual agent comes down to five capabilities, designed in from the start:

  1. Validation of non-deterministic behavior — test over decision sequences and edge cases, not a single held-out set.
  2. A complete audit trail — reasoning, data sources, tool calls, and the human's view at decision time, all reconstructable after the fact.
  3. Human-in-the-loop checkpoints — defined thresholds above which actions route to a person.
  4. Ongoing evaluation — quality measured continuously, because agents and data drift.
  5. Monitoring and rollback — detect degradation and reverse course safely.

These are the same controls behind a defensible audit trail and explainable lending, and that make AML/KYC automation and agentic AI in banking deployable — easier still when retrieval itself is governed, as in agentic RAG.

The frameworks are not a reason to delay. They are the blueprint for deploying agents in a regulated institution you can stand behind. Talk to BlackGrid about building that program.

Frequently asked questions

Does SR 11-7 cover agentic AI?

Not as of 2026. The revised US model-risk guidance (OCC 2026-13 / SR 26-02) states that generative and agentic AI are novel and rapidly evolving and are not within its scope. Institutions must govern these systems using other frameworks and existing law until dedicated rules arrive.

Why doesn't classic model risk management fit AI agents?

Traditional MRM assumes a defined model with stable inputs and outputs that can be independently validated. An agent is non-deterministic, evolves, calls tools, and acts across multiple steps — so validation has to cover sequences of decisions and actions, not a single scored output.

What frameworks fill the gap?

The NIST AI Risk Management Framework (Govern, Map, Measure, Manage) and its GenAI Profile; ISO/IEC 42001, a certifiable AI management system standard; the US Treasury Financial Services AI Risk Management Framework; plus existing law such as CFPB adverse-action rules and GDPR Article 22.

What does an agentic model-risk program need?

Validation of non-deterministic behavior, a complete audit trail of reasoning and actions, defined human-in-the-loop checkpoints, ongoing evaluation over decision sequences, and monitoring for drift. Design these in from the start rather than retrofitting them.

Sources

  1. OCC Bulletin 2026-13 / SR 26-02, Model Risk Management: Revised Guidance (Apr 2026)
  2. Federal Reserve SR 11-7, Guidance on Model Risk Management (Apr 2011)
  3. NIST AI Risk Management Framework (AI RMF 1.0) and GenAI Profile
  4. ISO/IEC 42001:2023 — AI management systems
  5. US Treasury, Financial Services AI Risk Management Framework (Feb 2026)
  6. EU AI Act — Regulation (EU) 2024/1689 (European Commission)
  7. CFPB Circular 2022-03, Adverse-action requirements and complex algorithms (May 2022)
Book a demoMore resources