Industry-Wide
The OCC, Federal Reserve Board, and FDIC jointly issued revised interagency guidance on model risk management on April 17, 2026. The guidance covers sound principles for model development, validation, monitoring, and governance, with specific considerations for vendor and third-party products. The agencies explicitly clarified that the guidance does not set forth enforceable standards or prescriptive requirements, and non-compliance will not result in supervisory criticism.
Despite this non-binding nature, the inclusion of vendor and third-party product considerations is relevant to banks operating in the BaaS ecosystem, where reliance on fintech partner models and third-party vendor tools is prevalent. Banks partnering with fintechs should evaluate whether their model risk management frameworks align with the updated guidance.
- BaaS and sponsor banks relying on fintech-developed models should review model risk management frameworks against the revised guidance
- Third-party and vendor model considerations are explicitly addressed, relevant to banks using fintech partner underwriting or risk models
- Non-binding nature reduces immediate compliance pressure but signals supervisory expectations for future examinations