Yiqing Wang, Yixin Kang, Luyun Lin, Siqi Mao · 2026-07-05
The paper notes that a new U.S. bank supervisory framework (SR 26-2, replacing SR 11-7) modernizes model risk management but leaves generative and agentic AI out of scope. It proposes GAICF, a layered governance framework to control generative AI tools that sit outside formal models yet still shape regulated banking processes like monitoring, policy analysis, and adverse-action drafting.
Why it matters: Compliance, risk, and governance staff at banks and financial institutions may find this useful as a template for aligning generative AI usage with regulatory expectations. It could inform how firms document and defend AI-assisted decisions, which matters for regulatory and operational risk rather than direct trading returns.
⚠ This is a proposed governance framework, not an empirical or tested result, and is relevant mainly to institutional compliance rather than everyday investing.
The release of SR 26-2 marks a significant modernization of U.S. model risk management by replacing SR 11-7 with a more risk-based and materiality-sensitive supervisory framework. However, generative and agentic AI are excluded, creating an important governance challenge for banking organizations and other financial institutions. Although generative AI may not directly estimate credit risk or make underwriting decisions, its outputs can materially affect the surrounding control environment through monitoring interpretation, policy analysis, or adverse-action language drafting. These uses may influence how regulated financial decisions are explained, challenged, documented, and governed. This paper proposes the Generative AI Control Framework (GAICF), an SR 26-2-compatible governance framework for generative AI-enabled financial workflows. The framework translates core model risk management principles into a layered control structure for generative AI applications that operate outside the formal model boundary but remain embedded within regulated banking processes. GAICF provides a practical approach for financial institutions seeking to align emerging generative AI governance practices with the risk-based supervisory expectations reflected in SR 26-2.
Go deeper: a full research-committee breakdown of this paper, its assumptions and failure modes, and how its method would apply to a specific ticker or your watchlist. See StockTools AI →
AI summary generated from the paper’s public abstract via arXiv; it may miss nuance — read the source before relying on it. Thank you to arXiv for its open-access interoperability; StockTools is not affiliated with arXiv, and all rights remain with the authors. Educational only, not financial advice.