Independent model validation
Conceptual soundness, data integrity, outcomes analysis, and ongoing monitoring reviews — at the depth examiners and internal audit expect.
Services — Model Risk Management
Governance that stands up to regulators — and to your own auditors.
Independent validation, inventory, documentation, and effective challenge for model and AI portfolios in regulated industries — delivered by senior MRM practitioners with examiner and second-line backgrounds.
SR 26-2
joint Fed/OCC/FDIC successor to SR 11-7 — our default spine, extended cleanly to AI and GenAI.
EU AI Act
high-risk obligations mapped to validation, monitoring, and post-market surveillance — alongside NIST AI RMF and ISO/IEC 42001.
PRA SS1/23
UK model risk principles for tier-1 banks, plus PRA CP6/24 alignment for AI-specific controls.
What we deliver
A complete second-line capability — on demand.
Whether you need a one-off validation or a program rebuild, we staff with people who have done this in-house before.
Model inventory & tiering
Risk-based tiering frameworks, inventories, and policies that scale from a handful of models to enterprise portfolios — including AI and GenAI assets.
Documentation & effective challenge
Model documentation standards, validation playbooks, and structured challenge sessions that turn governance from theater into substance.
Bias, fairness & explainability
Disparate impact testing, subgroup performance, and explainability reviews aligned with ECOA / Reg B, CFPB Circular 2022-03 on adverse action, the EU AI Act, and HUD fair-lending guidance.
GenAI & LLM risk
Risk frameworks, evaluation, and monitoring for LLM and agentic systems — bridging traditional MRM with NIST AI RMF (incl. the Generative AI Profile) and ISO/IEC 42001 management-system controls.
Regulatory exam preparation
Pre-exam reviews, remediation roadmaps, and on-the-day support for SR 26-2, OCC Bulletin 2026-13, FDIC FIL guidance, PRA SS1/23, and EU AI Act assessments.
How we work
Proportionate, evidence-led, and quietly thorough.
01
Diagnose the program
We benchmark your current MRM program against regulatory expectations and industry practice — identifying the gaps that actually matter.
02
Validate what matters most
Tier-1 models get the depth they require; lower-tier models get proportionate, repeatable reviews. No one-size-fits-all rituals.
03
Operationalize governance
We deliver inventory, documentation templates, monitoring, and challenge processes that fit how your teams actually work.
04
Stand beside you in exams
From dry runs to live exam support, we help your team present a defensible, evidence-backed model risk story.
Facing an exam, a new model, or an MRM program rebuild?
We run a confidential diagnostic and propose a focused engagement — not a multi-year transformation deck.