Share This Page

Adoption of Supervisory Guidance on Model Risk Management

June 08, 2017 / Source: FDIC

Financial Institution Letters

June 7, 2017

Printable Format:

FIL-22-2017 - PDF (PDF Help)


The FDIC is adopting the Supervisory Guidance on Model Risk Management previously issued by the Board of Governors of the Federal Reserve System (“FRB”) (SR 11-7) and the Office of the Comptroller of the Currency (“OCC”) (OCC Bulletin 2011-12), with technical conforming changes, thereby making the guidance applicable to certain FDIC-supervised institutions. The guidance addresses supervisory expectations for model risk management, including: model development, implementation, and use; model validation; and governance, policies, and controls. The FDIC is adopting this guidance to facilitate consistent model risk-management expectations across the banking agencies and industry.

Statement of Applicability to Institutions under $1 Billion in Total Assets: It is not expected that this guidance will pertain to FDIC-supervised institutions with under $1 billion in total assets unless the institution's model use is significant, complex, or poses elevated risk to the institution.


  • Some FDIC-supervised institutions have increased their reliance on models for various functions, such as credit management, operational risk, valuation, and stress testing.
  • The FDIC is adopting the Supervisory Guidance on Model Risk Management that was previously issued by the FRB and OCC to provide comprehensive guidance on effective model risk management, with the following technical conforming changes:
    • revised definition of 'banks' to reflect the FDIC's supervisory authority and to reflect the FDIC's expectations that the Supervisory Guidance generally pertains to FDIC-supervised institutions with $1 billion or more in total assets, and
    • revised references to existing guidance to reflect FDIC guidance.
  • Model risk management should be commensurate with each institution's risk exposure, as well as the complexity and extent of its model use.
  • An effective model risk management framework should include:

    • disciplined and knowledgeable development that is well documented and conceptually sound,

    • controls to ensure proper implementation,

    • processes to ensure correct and appropriate use,

    • effective validation processes, and

    • strong governance, policies, and controls.

  • Use of vendor and other third-party models should be incorporated into the model risk management framework.

Continuation of FIL-22-2017


FDIC-Supervised Institutions (Commercial and Savings)

Suggested Routing:

Chief Executive Officer
Chief Financial Officer
Chief Risk Officer

Related Topics:

Risk Management
Model Risk Management


Supervisory Guidance on Model Risk Management


Ryan Sheller, Section Chief, Large Bank Supervision, (202) 412-4861, or Sumaya Muraywid, Senior Examination Specialist, Policy & Program Development, (202) 898-3904


FDIC financial institution letters (FILs) may be accessed from the FDIC's Web site at

To receive FILs electronically, please visit

Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).