SR 11-7 Just Wrote Itself Out of the GenAI Conversation
The April 17, 2026 interagency MRM rewrite explicitly carves generative and agentic AI out of scope. That's not a retreat — it's an RFI window, and it's the firms with deployed controls that will shape what comes next.
Paul Merrison 
Five days ago the OCC, Federal Reserve and FDIC jointly revised SR 11-7 for the first time in fifteen years. Most of the early commentary has been some variation of “regulators finally modernize MRM,” which is technically true and almost completely beside the point.
The actual news is in the scope section. Buried in the new guidance is this sentence:
Generative AI and agentic AI models are novel and rapidly evolving. As such, they are not within the scope of this guidance… the agencies plan to issue in the near future a request for information that addresses model risk management generally and considers, in particular, banks’ use of AI, including generative AI and agentic AI.
So: the regulators have formally declined to be stretched. SR 11-7 — and OCC 2011-12 — no longer apply to your GenAI systems. They apply to your VaR model, your credit scoring logistic regression, your IRB PD model, all the traditional quantitative apparatus they were written for in 2011. They explicitly do not apply to your loan-underwriting RAG pipeline or your KYC LLM classifier.
The standard reading of SR 11-7 over the past two years has been that it covers GenAI by extension — that any system producing or supporting decisions falls under the same MRM apparatus. The April 17 rewrite says, on the record, that it doesn’t. That changes the regulatory wrapper around the conversation. It does not change the engineering substance — but the framing has to be redone, and so does some of the advice.
Tetrate Agent Router Enterprise provides continuous runtime governance for GenAI systems. Enforce policies, control costs, and maintain compliance at the infrastructure layer — without touching application code.
What the rewrite actually does
A few things, in plain terms.
First, it carves GenAI and agentic AI out of MRM scope, with a promise of an RFI to follow. No timeline given, “in the near future” being the standard regulator phrase that can mean three months or eighteen.
Second, it explicitly rescinds OCC Bulletin 1997-24 (credit scoring) and the 2021 interagency statement on MRM for BSA/AML. Both deserve their own analyses. The 1997 credit scoring rescission is particularly interesting because it removes a piece of US guidance that was being read into adverse-action and fair-lending arguments around algorithmic credit decisions.
Third, and this is the tailoring move that almost no one is flagging: the guidance now states that non-compliance will not result in supervisory criticism and that the standard is “most relevant” to banks above roughly $30bn in assets. Community and regional banks have been given explicit breathing room that SR 11-7 never gave them. This is the deepest tailoring move in US MRM doctrine since Dodd-Frank. If you run a sub-$30bn bank, your MRM program just got materially less prescriptive.
Fourth — and this is the one practitioners need to internalize — the carve-out does not create an unregulated zone. It removes an MRM peg. It does not remove fair lending law, Reg B, the FCRA adverse-action regime, NYDFS Part 500, third-party risk management expectations under FFIEC, the SEC’s anti-fraud authority over AI-related disclosures, or any of the state-level activity (California DFPI, Colorado AI Act) that has been quietly filling regulatory vacuums for two years. Your GenAI loan-decisioning system is not less regulated today than it was last week. It’s regulated by a different set of authorities, and the consolidation that SR 11-7 provided — one frame to defend the model under — is gone for now.
Why this isn’t a retreat
It’s tempting to read this as the federal regulators stepping back from AI. Read in isolation it looks that way. Read alongside the FCA’s AI Live Testing program, the BoE FPC’s April tasking on agentic AI in payments, the ECB SSM’s January pivot to GenAI supervision generally, and the BaFin December guidance on AI under DORA — none of which involved new rules either — a different pattern emerges. Western prudential regulators are converging on a shared posture: no AI-specific rulemaking, intensified AI-specific supervision, and a narrowing of the theory of liability for enforcement. The Atkins SEC is doing the same thing on the capital-markets side.
The April 17 rewrite is the US version of that posture. The agencies are not saying GenAI is fine. They are saying SR 11-7 was the wrong frame, and they would like to consult the industry on what the right frame looks like before they commit. Hence the RFI.
That RFI is the leverage moment. Banks, vendors, governance practitioners and consortiums (FINOS very much included) now have an open window to shape what replaces SR 11-7’s coverage of GenAI. The submissions that will land best are the ones grounded in primary text — the specific failure modes the existing guidance can’t reach, the specific controls that do work in production, and the specific ways the four pillars (development, validation, governance, ongoing monitoring) need to flex for systems that don’t behave like a logistic regression.
If you want a flavor of what the regulators are already worried about, Governor Barr in Singapore last November put four words on the record: GenAI decisions need to be “well controlled, numerically and legally precise, explainable, and replicable.” His view was that current systems struggle with all four. That is the implicit prompt for the RFI.
What the RFI is going to ask you to demonstrate
Submissions to regulator RFIs fall into two categories. The first is the policy submission — three pages explaining your firm’s “responsible AI principles” and “commitment to robust governance.” Regulators read these, file them, and ignore them when writing the actual guidance. The second is the operational submission — here is the agent inventory we maintain, here is how we attribute usage by line of business, here is the per-call telemetry our risk team uses to detect drift, here are the runtime controls that prevent specific failure modes.
The second category shapes the guidance. The first doesn’t.
Operational submissions require the firm to actually have the controls deployed. Not “in the roadmap.” Not “captured in our policy.” Deployed. That is a non-trivial bar, and most firms aren’t there. The firms that are there are the ones who treated AI governance as an infrastructure problem from the beginning — who put enforcement at the network layer, not in 47-page PDFs.
What does that look like in practice? At a minimum, four things:
- An agent and model inventory that is accurate by construction, not maintained by hand. If a developer can call a foundation model without that call appearing in the inventory within minutes, the inventory is fiction. The only durable way to keep an inventory accurate is to make every call route through a known choke point that emits telemetry.
- Usage attribution at the request level. Per business unit, per application, per agent. Without this, you can’t answer the most basic regulator question: who in the firm is using which model for what.
- Real-time guardrails on inputs and outputs. PII filtering, topic restriction, response evaluation, jailbreak detection. Enforced at the request path, not as a developer SDK call that some teams remember to add.
- Budget and rate controls per model and per consumer. Not because the regulators care about your spend, but because operational controls are evidence of operational maturity. A firm that can demonstrate per-team token budgets has a different conversation with examiners than one that can’t.
These aren’t future requirements. They’re the table stakes for an operational submission. Firms that have them will write the next round of guidance. Firms that have policy documents will read it.
The thing nobody is saying out loud
The April 17 rewrite confirms something most practitioners working in this space have suspected for a while: the gap between traditional model risk management and the actual mechanics of generative and agentic AI was too wide to bridge by interpretation. SR 11-7 was written for systems whose conceptual soundness could be expressed in a few equations. It was always an awkward fit for systems whose behavior is shaped by a prompt, a vector index, a tool-use loop and a vendor’s silent weekly model update.
The regulators have, in effect, agreed. That is not a defeat for AI governance. It is a clearer starting position than the one we had a week ago, where everyone was trying to defend GenAI systems under guidance that didn’t quite reach them. The next twelve months will determine what fills the gap. The practitioners and firms that engage with the RFI process — not the ones waiting for the rules to land — will be the ones whose architecture and controls end up reflected in the eventual guidance.
Agent Router Enterprise gives risk and compliance teams the agent inventory, usage attribution, real-time guardrails, and per-request telemetry that operational submissions to the forthcoming RFI will need to demonstrate. Built on the battle-hardened Envoy AI Gateway, it provides this governance at the infrastructure layer through its LLM Gateway for centralized model access, MCP Gateway for governed tool connectivity, and AI Guardrails for continuous supervision — without asking developers to import another governance library. Learn more here ›
Paul Merrison 
