Description

A focused course, tailored for you

Building a Bank AI Use Case Inventory and Risk-Management Programme (NAIC AI + EU AI Act + Fed SR 11-7 + OCC)

Build the bank AI inventory and risk-management programme from scratch in 12 weeks. Inventory + risk classification + model-risk integration + governance + regulator engagement.

Banks are under simultaneous AI regulator pressure: OCC AI guidance, Fed SR 11-7 model risk for ML, EU AI Act high-risk obligations, NYDFS AI guidance, and FFIEC AI booklet draft. Compliance leaders who own the integrated AI inventory and risk-management programme directly own the bank's regulatory posture. Here is the 12-week build.

$199 one-time

Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

Banks face a stacked-up AI regulator landscape: OCC AI guidance (2024 bulletin updates), Fed SR 11-7 model-risk management applied to ML, EU AI Act high-risk obligations (Article 6 + Annex III: credit-scoring and credit-worthiness assessment are high-risk), NYDFS AI guidance, FFIEC IT Examination Handbook AI booklet draft, OCC Heightened Standards integration, and the CFPB UDAAP overlay for consumer-impact AI.

The compliance, risk-management, and model-risk-management functions are running parallel AI workstreams. Without integration, the bank has a fragmented inventory, inconsistent risk-classification, and supervisor-visible gaps. With integration, the bank presents a coherent posture that supervisors trust.

This course teaches the 12-week build of an integrated AI inventory and risk-management programme: charter, AI use case inventory taxonomy, risk-classification methodology, model-risk management integration (Fed SR 11-7 + ECB TRIM alignment), governance framework, regulator engagement protocol, and the operational integration. Twelve modules with deliverables. Plus a hand-built implementation playbook for your specific bank.

What you walk away with

A documented programme charter integrating AI inventory and risk-management.
An AI use case inventory taxonomy.
A risk-classification methodology aligned to multiple regimes.
A model-risk management integration framework (Fed SR 11-7 + ECB TRIM + ML).
A governance framework (board to working-level).
A regulator engagement protocol (OCC + Fed + NYDFS + EU + CFPB).
An operational integration model.
A 12-week build plan.

The 12 modules

Module 1. Bank AI regulator landscape 2026

Detailed walkthrough of bank AI regulator stack: OCC AI guidance updates, Fed SR 11-7 model-risk management applied to ML, Fed SR 22-6 third-party model risk, EU AI Act (Article 6 + Annex III for credit-related high-risk systems), NYDFS AI guidance, FFIEC AI booklet draft, OCC Heightened Standards integration, CFPB UDAAP AI overlay, and the international peer-regulator framework (PRA SS1/23, ECB AI guidance).

Module 2. Programme charter and integration model

Build the integrated programme charter: AI inventory + risk-management + model-risk management + governance under a single integrated structure. Executive sponsorship (CRO + CCO + CDO + MRM Lead + General Counsel). Integration of board AI committee with existing risk committees. Three integrated charter examples from peer banks.

Module 3. AI use case inventory taxonomy

Build the AI use case inventory taxonomy: use-case definition (single-purpose vs platform), categorisation (customer-facing, operations, compliance, internal-tooling), system-attribute capture (purpose, data, model, integration, deployer, vendor), classification gates (Fed model, EU AI Act high-risk, OCC consumer-impact, CFPB UDAAP), and the public-disclosure-fit determination. Three worked taxonomy examples from peer banks.

Module 4. Risk-classification methodology

Build the integrated risk-classification methodology: EU AI Act risk-tier assignment (prohibited, high-risk, limited-risk, minimal-risk), Fed SR 11-7 model-tier assignment (high, medium, low), OCC consumer-impact assessment, CFPB UDAAP consideration, and the integrated risk-tier model. The risk-classification that supervisors recognise as coherent.

Module 5. Fed SR 11-7 and ECB TRIM integration

Build the Fed SR 11-7 and ECB TRIM integration for ML/AI: model-development standards, validation requirements (independent validation, conceptual soundness, ongoing monitoring), model-implementation controls, model-use governance, model-decommissioning, and the documentation standard. How SR 11-7 expectations apply to ML/AI specifically (champion-challenger, drift, explainability).

Module 6. EU AI Act high-risk system obligations

Build the EU AI Act high-risk implementation: Article 9 risk-management system, Article 10 data and data-governance, Article 11 technical documentation, Article 12 record-keeping, Article 13 transparency-and-information, Article 14 human-oversight, Article 15 accuracy-robustness-cybersecurity, Article 16 obligations of providers, Article 17 quality-management system. The EU AI Act layer for credit-scoring and other high-risk bank AI systems.

Module 7. Governance framework

Build the governance framework: board AI committee (or extension to risk committee), Chief AI Officer designation (where required or beneficial), AI Governance Board operating model, working-level AI risk-management committee, MRM operating model integration, and the escalation pathway. Three governance patterns from peer banks.

Module 8. Operational integration model

Build the operational integration model: development-cycle integration (AI risk gate in product development), procurement integration (AI vendor risk assessment), incident-management integration (AI-related incident workflow), business-as-usual monitoring, and the change-management model. The operational integration that beats compliance-as-afterthought.

Module 9. Vendor and third-party AI risk

Build the vendor and third-party AI risk framework: vendor-AI risk assessment (Fed SR 22-6 alignment), foundation-model vendor risk (OpenAI, Anthropic, Google, AWS, Microsoft), AI-system bill of materials, contract-clause library for AI vendors, ongoing-monitoring of vendor model, and the exit strategy for vendor lock-in. Three vendor-AI risk patterns.

Module 10. Regulator engagement protocol

Build the regulator engagement protocol: OCC supervisory engagement (Heightened Standards + AI), Fed supervisory engagement (SR 11-7 + AI), NYDFS engagement (AI + Part 504 + Part 500 cyber), CFPB engagement (UDAAP + AI), EU competent authority engagement (each member state designates one). The integrated engagement protocol.

Module 11. Performance measurement and reporting

Build the performance measurement: AI use case inventory completeness, risk-classification distribution, MRM-validation coverage, regulator-finding closure cadence, AI-incident rate, vendor-AI risk coverage, and the board reporting template. The reporting that signals strong AI risk-management posture.

Module 12. Your 12-week build plan

Week-by-week plan with weekly deliverables. Weeks 1-2: regulator landscape + programme charter + integration model. Weeks 3-4: AI use case inventory taxonomy + risk-classification methodology. Weeks 5-6: Fed SR 11-7 / ECB TRIM integration + EU AI Act high-risk implementation. Weeks 7-8: governance framework + operational integration model. Weeks 9-10: vendor and third-party AI risk + regulator engagement protocol. Weeks 11-12: performance measurement + board-of-directors approval. Deliverable: full programme launch pack.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Module 1 covers the regulator landscape.

Module 2 covers the integrated charter.

Modules 3 to 6 produce inventory, risk classification, Fed SR 11-7 integration, and EU AI Act implementation.

Modules 7 to 9 cover governance, operational integration, and vendor risk.

Modules 10 to 11 cover regulator engagement and performance measurement.

Module 12 covers the 12-week build plan.

What you get with this course

The 12-module course delivered as text plus downloadable templates.
Templates for programme charter, AI use case inventory taxonomy, risk-classification methodology, Fed SR 11-7 integration framework, EU AI Act high-risk implementation, governance framework, operational integration model, vendor and third-party AI risk framework, regulator engagement protocol, performance measurement.
A hand-built implementation playbook generated for your specific bank.
Three worked examples of integrated AI inventory and risk-management programmes at peer banks.
Scripted talking points for the OCC and Fed supervisory engagement.

What you will have in hand by Day 1, Week 1, Month 1

Day 1: Programme charter scaffold drafted.

Week 4: AI use case inventory + risk-classification methodology built.

Week 8: Fed SR 11-7 / ECB TRIM integration + EU AI Act implementation approved.

Week 12: Board-of-directors approval; programme launching.

Before and after

Before

Your bank has AI use cases across multiple business lines but no integrated inventory. Risk-classification is inconsistent. MRM coverage is patchy. Multiple regulator workstreams are running in parallel without coordination.

After

Integrated AI inventory and risk-management programme is running. Inventory taxonomy is complete. Risk-classification is consistent across regimes. MRM integration is documented. Governance framework is operating. Regulator engagement is coordinated.

What happens if you do not address this

OCC, Fed, NYDFS, CFPB, and EU regulator AI expectations are tightening. Supervisors increasingly ask for integrated AI inventories and risk-management posture. Fragmented programmes signal supervisor risk.

Who it is for

For compliance leaders, risk leaders, model-risk-management leaders, AI governance owners, and Chief Data Officers at banks, broker-dealers, and asset managers.

Who this is NOT for. Pure research roles. Firms not subject to banking regulation. Pure technology firms.

How it arrives

Text-based course via LMS, plus downloadable templates and the hand-built implementation playbook.

Time investment. Roughly 22 hours of reading and 200 to 400 hours of team effort across the 12-week build.

Why $199 is the right number

External bank AI risk consultants charge $500K-$3M for programme builds. Big4 risk advisory engagement runs $1M-$5M. Specialist AI-risk consultants charge $200K-$1M. Specialist law firms charge $1000-$1500 per hour. $199 buys the focused playbook plus the implementation document for your specific bank.

FAQ

Will this replace hiring a bank AI risk consultant?

Partially. It teaches you the programme build. You may still want specialist input for high-stakes regulator engagement preparation.

What if my firm is broker-dealer or investment adviser (not depository institution)?

Module 1 covers SEC + FINRA AI considerations.

Does this cover GLBA and consumer privacy overlap?

Module 4 covers consumer privacy overlap with AI risk.

What about international peer regulator overlays (PRA, BaFin, MAS)?

Module 1 covers international regulator alignment.

What is in the implementation playbook for me specifically?

A programme charter scaffold tailored to your bank's business mix; an AI use case inventory matched to your existing AI portfolio; a 12-week build plan.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.