Glossary · Technical · Model governance
Model Risk Management (MRM) — model risk governance
Model Risk Management (MRM) is the discipline that governs model risk: the possibility of incurring losses because a model —risk, pricing, scoring or AI— is incorrect or misused. Its references are the US Federal Reserve's SR 11-7 guidance and, in Europe, the ECB's expectations (TRIM); with AI, it converges with the AI Act and ISO 42001.
Pillars of MRM
- Robust development — documented and reproducible data, assumptions and methodology.
- Independent validation — a second line reviews the model before and during use (conceptual, data, results).
- Governance — model inventory, roles and responsibilities, and lifecycle control.
- Continuous monitoring — tracking of performance and drift in production.
Connection with AI and regulation
Machine learning and AI models fall within the same governance framework, with added requirements for explainability and bias control. In banking and insurance, MRM overlaps with the AI Act (scoring and pricing as high risk) and with ISO/IEC 42001, which provides the management system. Traceability, validation and drift monitoring are the common ground.
How Vermont Solutions helps
Model and AI governance under ISO 42001
We support model risk governance —inventory, validation, drift monitoring— and its extension to AI models, aligned with ISO 42001 and the AI Act.
See AI governance · ISO 42001 →Fuentes
Last updated: 2026-06-19. Editorial content by Vermont Solutions, citable with attribution.