BankFlowBankFlowAll Posts
AI Governance · Emerging Risk

SR 11-7 in the Age of Agentic AI: Where the Framework Holds – and Where It Strains

RJ Grimshaw·January 28, 2026·8 min read

SR 11-7 was written for a different kind of model.

The Federal Reserve's 2011 guidance assumed a relatively stable architecture: a model is built, validated, deployed, and monitored. Inputs go in. Outputs come out. The relationship between the two is documented, tested, and periodically reviewed.

Agentic AI does not work that way.

What Makes Agentic AI Different

An agentic AI system does not just produce an output. It takes actions. It reasons across multiple steps, calls external tools, retrieves information dynamically, and adjusts its behavior based on context. In a banking environment, that might mean an AI system that reviews a loan file, queries a credit bureau, drafts a decision memo, and routes it for approval - without a human touching any individual step.

The model risk implications of this architecture are fundamentally different from a traditional credit scoring model. The output is not a number. It is a sequence of decisions, each of which may be influenced by context that was not present at validation time.

Where SR 11-7 Still Applies

The core principles of SR 11-7 - conceptual soundness, ongoing monitoring, governance and controls - remain entirely relevant. If anything, they are more important for agentic systems than for traditional models.

Conceptual soundness

Still requires that the bank understand what the system is designed to do, what assumptions it makes, and where it is likely to fail. For an agentic system, this means understanding not just the underlying model but the architecture of the agent: what tools it can access, what decisions it can make autonomously, and what guardrails constrain its behavior.

Ongoing monitoring

Remains essential, but the metrics change. For a traditional model, you monitor output distributions and performance against benchmarks. For an agentic system, you also need to monitor action sequences, tool usage patterns, and the frequency of unexpected or out-of-scope behaviors.

Governance and controls

Apply with equal force. Who approved the deployment of this system? Who can modify its behavior? What is the escalation path if it produces a harmful output? These questions do not become less important because the system is more capable.

Where the Framework Strains

SR 11-7 was designed around the concept of a model as a defined artifact - something that can be documented, validated, and version-controlled. Agentic systems challenge that assumption in three ways.

Validation is harder

A traditional model can be validated against a held-out dataset. An agentic system's behavior depends on the context it encounters at runtime, which may not be fully representable in a validation dataset. The space of possible inputs and action sequences is effectively unbounded.

Explainability is more complex

SR 11-7 expects banks to be able to explain model outputs. For a credit score, that means identifying the factors that drove the decision. For an agentic system that produced a loan recommendation after a multi-step reasoning process, the explanation requires tracing a chain of intermediate decisions - each of which may itself be difficult to interpret.

Vendor accountability is murkier

When a vendor deploys an agentic AI system, the bank's ability to obtain meaningful model documentation is often limited. The vendor may not be able to provide a traditional validation report because the system does not have a traditional validation architecture. This does not reduce the bank's governance obligation - but it does make fulfilling it more difficult.

What Banks Should Do Now

Agentic AI is not yet widespread in community banking, but it is coming. The banks that will handle the next generation of examiner questions are the ones building governance muscle now, before the technology arrives.

  • Expand your model inventory definition. SR 11-7 applies to any quantitative method that produces outputs used in decision-making. Agentic systems that influence credit, fraud, or compliance decisions belong on that inventory, even if they do not look like traditional models.
  • Ask your vendors harder questions. If a vendor is deploying or planning to deploy agentic capabilities, ask them directly: what is the validation architecture? What actions can the system take autonomously? What are the guardrails? A vendor that cannot answer these questions is a vendor that has not thought carefully about model risk.
  • Engage your board. The governance expectations for agentic AI are not yet fully defined by regulators, but the direction is clear. A board that understands the distinction between traditional models and agentic systems is better positioned to ask the right questions and provide meaningful oversight.

The Bottom Line

SR 11-7 is not obsolete. Its principles are durable. But applying them to agentic AI requires more than a checklist - it requires genuine understanding of how these systems work and where the traditional framework does not map cleanly.

That is exactly the kind of work BankFlow was built to do.

Begin the Conversation

Build governance muscle before the technology arrives.

BankFlow delivers examiner-ready AI governance for community banks in 90 days.

Book a Discovery Call

This article is for informational purposes only and does not constitute legal or regulatory advice. BankFlow recommends consulting qualified legal counsel for guidance specific to your institution.

Able Leadership LLC DBA The AI CEO