arrow left facebook twitter linkedin medium menu play circle

Digital Fraud Wiki

SR 11-7 Compliance

SR 11-7 is a regulatory standard set out by the U.S. Federal Reserve Bank that gives guidance on model risk management. The official Supervision and Regulation Letter provides general guidelines to ensure that model development approach is disciplined, knowledge-based, and properly implemented.

What are the steps involved in SR 11-7 Compliance?

According to the U.S. Federal Reserve Bank, the following steps have been outlined: 

Model Development, Implementation, and Use

Model development relies heavily on the experience and judgment of its developers. Model risk management should include disciplined model development and implementation processes consistent with the situation and goals of the model user. These processes should align with the banking organization’s policies.

Model Validation

This is the set of processes and activities intended to verify that models are performing as expected, and in line with their design objectives and business uses. Effective validation helps to ensure that models are sound, identifies potential limitations and assumptions, and assesses their possible impact.

Elements of comprehensive validation include:

  • Evaluation of Conceptual Soundness: This element involves assessing the quality of the model design and construction, and reviewing the documentation and empirical evidence supporting the methods used and variables selected for the model. This step should ensure that judgment exercised in model design and construction is well informed, carefully considered, and consistent with published research and with sound industry practice.
  • Ongoing Monitoring: This step in validation is done to confirm that the model is appropriately implemented and is being used and performing as intended.  It is essential to evaluate whether changes in products, exposures, activities, clients, or market conditions necessitate adjustment, redevelopment, or replacement of the model, and to verify that any extension of the model beyond its original scope is valid. Benchmarking can be used in this step to compare a given model’s inputs and outputs to estimates from alternatives.
  • Outcomes Analysis: This step involves comparing model outputs to corresponding actual outcomes. Backtesting is one form of outcome analysis that involves the comparison of actual outcomes with model forecasts during a sample time period not used in model development and at a frequency that matches the model’s forecast horizon or performance window.

Governance, Policies, and Controls

Development and maintenance of  strong governance over the model risk management framework is critical to its effectiveness as it provides explicit support and structure to risk management functions. 

Why should financial institutions care about SR 11-7 compliance?

Financial institutions have a vested interest in achieving and maintaining SR 11-7 compliance, both at the organizational level, and internally. At the company level, failing to validate models means running an increased risk of regulatory criticism, fines, and penalties. Internally, for your data scientists and risk analysts, it is essential that they not only meet the regulatory expectations outlined in the SR 11-7 guidance but that they’re also empowered to work with confidence, knowing that their results are accurate. Financial institutions need to be aware of the adverse consequences that can result from decisions based on models that are incorrect or misused, and they must be able to address those consequences through active model risk management. 

DataVisor and SR 11-7 Compliance

DataVisor has worked with financial clients for years, guiding them in the development of machine learning models that enable them to serve their customers better while simultaneously enhancing risk management. Armed with information on what to look for while conducting a reliability assessment of a given model, our clients can practice due diligence and be regulatory compliant. Our platform—featuring proprietary unsupervised machine learning algorithms—is fully transparent and offers end-to-end processing with robust documentation.