SR 26-2 Model Risk Management for Fintechs
The Federal Reserve's SR 26-2 guidance extended model risk management requirements to fintechs operating in partnership with supervised banks. If your company uses AI or algorithmic models in credit decisions, underwriting, fraud detection, or any consumer-facing financial decision, your bank sponsor's board is now accountable for how those models are governed. This engagement builds the model risk management framework that satisfies that obligation.
Book a Discovery CallWhat SR 26-2 Requires from Fintech Partners
SR 26-2, issued in January 2026, updated the Federal Reserve's model risk management guidance to explicitly address AI and machine learning models used by third-party fintech partners of supervised banks. The guidance requires that bank sponsors validate, monitor, and maintain governance over models used by their fintech partners that affect consumer financial decisions.
In practice, this means the bank sponsor's model risk management team will review your company's model inventory, validation evidence, performance monitoring documentation, and human-in-the-loop governance procedures. Fintechs that cannot produce this documentation create examination risk for their bank sponsors, which creates partnership risk for themselves.
Framework Components
Model Inventory and Classification
Complete inventory of all models and algorithms affecting consumer decisions: scoring models, underwriting algorithms, fraud detection systems, and AI-assisted decisioning. Classification by risk tier per SR 26-2 methodology.
Model Validation Framework
Pre-deployment validation protocol, ongoing performance monitoring cadence, back-testing methodology, and documentation standards. Structured to produce the evidence a bank examiner would require for each model in production.
Human-in-the-Loop Governance
HITL decision matrix identifying which model outputs require human review before consumer action. Escalation procedures, override documentation, and exception logging to demonstrate meaningful human oversight.
Fair Lending and Disparate Impact Testing
Disparate impact analysis for models affecting credit decisions. ECOA and Fair Housing Act protected class testing. Adverse action reason code defensibility review under CFPB Circular 2022-03 on explainability.
Model Performance Monitoring
Ongoing monitoring protocol: performance metrics, drift detection thresholds, revalidation triggers, and escalation procedures when model performance degrades below established benchmarks.
Bank Partner Documentation Package
Complete MRM documentation package formatted for bank sponsor review. Model cards, validation summaries, HITL attestations, and board-level governance summary for each material model.
Who Needs This Engagement
- BaaS fintechs using AI in credit underwriting or fraud detection whose bank sponsors have received SR 26-2 examination guidance from Federal Reserve examiners
- Fintechs approaching bank partner conversations where the compliance due diligence will include model governance questions
- Companies using third-party AI vendors (LLMs, scoring APIs, alternative data models) in consumer-facing financial decisions who have not yet established model validation documentation for those vendor models
- Fintechs that received CFPB Circular 2022-03 questions from bank partners about explainability of AI-driven adverse action decisions
The Examiner Perspective on AI Model Governance
Bank examiners reviewing SR 26-2 compliance are not primarily evaluating the technical performance of your models. They are evaluating whether the governance framework demonstrates that the bank's board understands the model risk it is accepting, has established appropriate controls, and can demonstrate ongoing oversight.
A fintech that can produce a model inventory with risk tiering, validation evidence, performance monitoring records, and HITL documentation is demonstrating that its bank partner relationship is being managed to examination standard. That documentation is what this engagement produces.