By Sector / Banking
Banking AI Vendor Governance
AI-driven credit decisioning, fraud detection, BSA/AML, and transaction monitoring vendors scored against US banking AI governance — FRB SR 11-7, OCC Bulletin 2011-12, FDIC FIL-13-2024, FFIEC, CFPB Circular 2023-03 adverse-action explainability, ECOA/Reg B fair-lending.
Why this sector view
Banking AI sits under the most mature US model risk management framework — SR 11-7 has been the reference packet since 2011. Examiners expect specific validation documentation; fair-lending audits compound the requirement set. The composite weights SR 11-7 readiness at 2× baseline and BAA-equivalent at 1.5× — a banking AI vendor without examiner-grade validation documentation is structurally disqualifying.
Primary frameworks anchored
- FRB SR 11-7 (Model Risk Management)
- OCC Bulletin 2011-12 (parallel guidance)
- FDIC FIL-13-2024 (third-party risk + AI implications)
- FFIEC 2024 interagency AI statement
- CFPB Circular 2023-03 (adverse-action notice explainability)
- ECOA / Regulation B (fair lending)
- FCRA, GLBA, BSA/AML
| # | Vendor | Score | Grade | BAA | Opt-out | US Res | SOC 2 | ISO 42001 | NIST AI | CO AI | §1557 | SR 11-7 | ABA 512 | Subproc | TC |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | FICO Falcon Fraud Manager + FICO Score AI | 80 | B | Yes | Yes | Yes | Yes | No | Partial | Partial | N/A | Yes | N/A | Yes | 4/5 |
| 2 | Zest AI | 74 | B | Yes | Yes | Yes | Yes | No | Partial | Partial | N/A | Yes | N/A | Partial | 3/5 |
| 3 | Upstart | 74 | B | Yes | Yes | Yes | Yes | No | Partial | Partial | N/A | Yes | N/A | Partial | 3/5 |
| 4 | Unit21 | 68 | C | Yes | Yes | Yes | Yes | No | Partial | No | N/A | Partial | N/A | Yes | 4/5 |
| 5 | Hummingbird | 56 | C | Yes | Yes | Yes | Yes | No | No | No | N/A | Partial | N/A | Partial | 3/5 |
Buyer's guide for this sector
For US banks deploying AI, the highest-leverage scoring axes are SR 11-7 readiness (mandatory for examiner defensibility), BAA-equivalent / DPA, US data residency, and trust-center maturity. CFPB Circular 2023-03 adverse-action explainability is the differentiator between vendors that will pass a fair-lending audit and those that won't. Vendors at B or below carry meaningful examiner risk for active credit decisioning workloads.
Operationalize the scoring
SR 11-7 Model Risk Management for Community Banks with AI
The Index tells you which vendors clear the bar. The companion resource tells you how to turn that selection into a deployable governance program with documented evidence.
SR 11-7 Model Risk Management for Community Banks with AI →Scoring as of 2026-05-13 from public information (vendor trust portals, BAAs, SOC report cover pages, model cards, vendor documentation). Posture changes frequently — re-verify with the vendor's trust center before contract. Methodology: read the full methodology.
Turn the scoring into a deployable program
The Index tells you the posture. These engagements turn the posture into operational evidence.