← Back to all briefings

Governance · Credibility 40/100 · · 2 min read

Governance Briefing — July 17, 2024

The UK Prudential Regulation Authority finalised model risk management principles, requiring bank boards to evidence technology risk committees, model inventories, and challenge routines by 2026.

Executive briefing: On 17 July 2024 the Bank of England’s Prudential Regulation Authority (PRA) published Policy Statement 11/24, confirming final model risk management principles for banks and insurers. Boards must set model risk appetite, oversee independent challenge, and ensure technology governance across AI, pricing, and stress-testing models.

Key governance signals

  • Board ownership. Principle 1 assigns boards responsibility for approving model risk appetite statements and ensuring dedicated oversight committees.
  • Lifecycle controls. Firms must maintain comprehensive inventories, validation routines, and issue management for every model class, including AI/ML deployments.
  • Implementation timeline. PRA expects significant firms to meet the principles by 17 May 2026, driving multi-year governance programmes.

Action checklist

  • Refresh board and risk committee charters to incorporate model risk governance, independent challenge responsibilities, and reporting cadences.
  • Establish cross-functional model risk committees covering data, technology, and first-line ownership with defined escalation thresholds.
  • Build remediation trackers for validation findings and model limitations, ensuring directors see progress against PRA timelines.

Sources

Zeph Tech partners with UK boards to build model risk committees, AI governance inventories, and assurance evidence ahead of PRA deadlines.

  • United Kingdom
  • Model risk governance
  • Technology risk committees
  • Bank supervision
Back to curated briefings