- Key insight: Joint guidance from the Federal Reserve and Office of the Comptroller of the Currency on managing model risk leaves many concerns about artificial intelligence, and especially agentic AI, for bankers to sort out themselves.
- Supporting data: A Gallagher Re/MIT report found generative AI-related lawsuits in the U.S. grew 978% between 2021 and 2025, yet standard policies leave significant coverage gaps.
- Expert quote: "Generative AI and agentic AI models are novel and rapidly evolving. As such, they are not within the scope of this guidance." —OCC Bulletin 2026-13
On April 17, OCC Bulletin 2026-13, jointly designated SR 26-2 by the Federal Reserve, replaced SR 11-7 with revised model
Before that sentence can be construed as relief, it is worth remembering why SR 11-7 existed.
In the years leading up to the 2008 financial crisis, institutions relied heavily on complex risk and valuation models that underestimated correlations under extreme market stress. When conditions deteriorated, those models did not simply produce wrong results. They confidently produced wrong results. At scale. Without sufficient independent challenge or governance oversight. The losses that followed were not solely a market failure. The lack of model governance played a significant role.
The Federal Reserve and OCC issued SR 11-7 in April 2011 to ensure that could not happen again. For 15 years it has been the governance standard for how institutions develop, validate and oversee models driving consequential decisions — protecting economic stability.
The American Bankers Association welcomed the new guidance as creating room for responsible innovation. However, concerns remain. SR 11-7 was built for a world of deterministic statistical models. Rigidly applying it to large language models creates compliance uncertainty that was slowing thoughtful deployment. Removing that friction is sound regulatory thinking.
But there is a difference between removing a framework that does not fit and removing a framework without replacing it. The OCC was right to do the first. The second is where the risk lives.
A caution on what that freedom means: The GAO concluded that SR 11-7, issued as guidance, was in fact a rule under the Congressional Review Act, carrying full supervisory expectation regardless of its label. SR 26-2 makes the same structural choice: issued as guidance, framed as exclusion, silent on what replaces the expectation. Examiners will still ask: On the basis of safety and soundness, what is your unique monitoring and testing framework for generative and agentic AI? What is your effective challenge? SR 26-2 gives institutions the freedom to answer. It does not give them the freedom to leave those questions unanswered.
This is not the first time the industry has faced the gap between a powerful new capability and the governance structure needed to manage it. Enron had a risk committee. Arthur Andersen had quality controls. WorldCom had internal audit. In each case what existed on paper lacked the design to challenge rather than confirm. AI governance frameworks being built today risk repeating that pattern.
Most institutions have an AI governance committee, a policy prohibiting unsanctioned tools and an approved tools list. These are necessary but insufficient. And in some cases, they create a more dangerous condition by having the appearance of addressing a risk that has not actually been addressed. A policy that says "do not use unsanctioned tools" is instruction. Governance is the auditable evidence that the instruction is being followed and the defined consequence when it is not.
Securities and Exchange Commission Chair Paul Atkins said his agency and the Commodity Futures Trading Commission are working together to usher in a friendlier regulatory environment for technology and crypto firms, a marked departure from the interagency dynamic under President Biden.
The tougher questions: Does your institution have an auditable inventory of every AI tool in use; browser extensions, personal accounts on enterprise devices, consumer-tier tools outside the corporate network? Can it demonstrate that employees are not inputting confidential client information, not just Social Security numbers but the full context of a client relationship? Are prompt logs reviewed by context, not just keywords? Who is accountable if an agent develops decisions forming disparate impact? Can you name the person whose name should be on the examination finding?
The agentic dimension compounds every concern raised here. SR 11-7 governed individual models with named accountability: model owner, independent validator, performance thresholds, monitoring obligations. Agentic AI operates as networks. When multiple agents run within a single business process, the output of one becomes the input of the next. Error boundaries dissolve. Flawed decisions propagate.
The nonprofit Open Worldwide Application Security Project has designated this cascading failure as a distinct agentic risk — faults amplifying across agents and workflows causing systemic impact. Galileo AI found a single compromised agent poisoned 87% of downstream decision-making within four hours. SR 26-2 is silent on who governs those consequences.
One more dimension: The insurance coverage institutions assumed to backstop AI-related liability may no longer exist. Effective Jan. 1, Verisk/ISO issued standardized endorsements allowing carriers to exclude generative AI from commercial general liability policies. A Gallagher Re/MIT report found generative AI-related lawsuits in the U.S. grew 978% between 2021 and 2025, yet standard policies leave significant coverage gaps. Vendor contracts cap liability at 12 months of fees. Courts are placing liability on the deploying organization. Regulatory accountability rests on the institution, vendor indemnification is minimal and insurance exclusions may have taken effect.
These are not arguments against
SR 26-2 leaves open the question of who governs what comes next. The answer is every existing governance domain: records management, procurement, legal, internal audit, risk, and compliance. All must update assumptions for a world where machines act without being asked.
If your regulators ask you tomorrow to provide the name of the individual accountable for the ongoing performance of every AI agent currently running in your institution's critical business processes — not the committee, not the function, the human — could you answer without making a phone call first?
