An AI risk appetite statement for a US bank defines the level of AI-related risk the institution is willing to accept across model performance, fair lending, third-party dependency, data protection, and operational resilience, paired with measurable thresholds that trigger a governance response when that tolerance is approached or breached. Key risk indicators (KRIs) operationalize that statement by translating qualitative appetite into numbers the board risk committee can monitor quarter over quarter. Banks without a documented AI risk appetite are not operating without risk: they carry an undocumented tolerance that no examiner, auditor, or board member can hold to account.
This gap surfaced with more frequency in board conversations as institutions moved from AI pilots to production-scale deployment in 2025 and 2026. A bank can have a model risk management program, a validation calendar, and a governance committee that meets quarterly, and still be unable to answer the question a director with a technology background will eventually ask: where does it say how much AI risk the institution is willing to take? This guide answers that question with a five-dimension appetite structure, a ten-indicator KRI framework with threshold calibration, and the board reporting cadence that makes the appetite statement more than a binder entry.
What an AI risk appetite statement is, and what it is not
A risk appetite statement is a board-approved expression of the level and type of risk the institution is willing to accept in pursuit of its objectives, stated before controls are applied. An AI risk appetite statement is a specific module of that broader statement that covers AI-related risk as its own category, with its own dimensions, thresholds, and escalation triggers.
Three things an AI risk appetite statement is not. It is not the AI use policy, which governs what employees may do with AI systems and what approvals apply. It is not a model validation report, which assesses individual model risk. And it is not a governance framework alignment statement, which describes which frameworks the institution has adopted. The risk appetite statement defines the acceptable level of aggregate AI risk the institution is willing to carry. The policy enforces that appetite; the validation and KRI programs measure it; the governance framework provides the organizing language. The appetite statement is the starting point that makes all three coherent.
Why the distinction matters: banks that write an AI use policy and treat it as an AI risk appetite statement are conflating the instrument with what it governs. Examiners and boards who ask for an AI risk appetite are asking for the document that says how much is too much, not a list of approved uses.
Why AI needs its own appetite language
General risk appetite language covers credit, market, liquidity, operational, and compliance risk. AI risk is primarily operational in origin, but it has four characteristics that standard operational risk appetite language does not address with enough specificity to govern actual AI decisions.
Non-deterministic outputs, particularly in generative AI, create a model performance risk that traditional operational risk appetite was not built to capture. A generative AI hallucination event in a customer communication has a fundamentally different probability distribution than a batch processing error, and the tolerance threshold needs to reflect what it actually is.
Fair lending exposure from AI creates regulatory risk that belongs alongside operational risk in the appetite statement, because a bias event at scale is not just an operational loss: it is an enforcement exposure under ECOA, Regulation B, and potentially UDAP, and the institution’s tolerance for that exposure needs to be stated explicitly.
Third-party AI dependency introduces concentration risk that standard vendor risk appetite does not capture at the right granularity. An institution whose three most critical AI-dependent processes all run on the same foundation model provider is carrying a concentration that its general third-party risk appetite may not have been designed to flag.
Shadow AI, meaning unsanctioned employee use of AI tools, creates data protection and confidentiality exposure under GLBA that general information security risk appetite does not address at the AI-tool level of specificity.
These four characteristics are why AI needs its own appetite language, not a stretched application of the operational risk bucket.
The five dimensions of an AI risk appetite statement
A sound AI risk appetite statement for a US bank addresses five dimensions. Each dimension carries a qualitative tolerance statement and a quantitative threshold that defines when the institution’s appetite has been reached.
Model performance and decision integrity. The institution has a low tolerance for AI-generated outputs that drive material customer decisions without a current, independent validation on file. Threshold: no Tier 1 or Tier 2 AI system drives a credit, servicing, or high-volume customer decision without an independent validation completed within the system’s required cycle.
Fair lending and consumer protection. The institution has zero tolerance for AI systems used in or proximate to credit decisions that lack a current disparate-impact analysis under ECOA and Regulation B. Threshold: any AI system touching a credit decision carries a current fair-lending testing record, or its use is suspended pending testing.
Third-party AI concentration. The institution has a low tolerance for unreviewed third-party AI exposure and a defined appetite for concentration in a single foundation model provider across critical processes. Threshold: no material AI vendor hosting a Tier 1 or Tier 2 system operates without a current third-party risk review aligned to the June 2023 Interagency Guidance on Third-Party Relationships: Risk Management.
Data protection and confidentiality. The institution has zero tolerance for customer nonpublic personal information (NPI) flowing to an AI vendor whose data-handling terms have not been reviewed and approved under GLBA. Threshold: any confirmed NPI-to-unapproved-vendor event triggers an immediate governance response and a breach-notification assessment.
Operational resilience. The institution has a low-to-moderate tolerance for AI system unavailability affecting core processes. Threshold: downtime of any AI system designated as operationally critical triggers a business-continuity review and fallback protocol within a defined response period.
Institutions with active generative AI deployments in customer-facing contexts may add a sixth dimension: output accuracy and hallucination tolerance, with a defined threshold for the rate of factually incorrect outputs per high-volume channel.
Calibrating thresholds: the AI KRI framework
KRIs translate the appetite statement into measurable indicators. Each KRI has Green (within appetite), Yellow (approaching appetite, heightened monitoring required), and Red (appetite breached, governance response required) zones. The following ten-indicator framework is designed to be computable from data a model risk function already maintains.
| KRI | What It Measures | Green | Yellow | Red | Owner | Cadence |
|---|---|---|---|---|---|---|
| AI inventory completeness | % of production AI systems with complete governance record: named owner, risk tier, documented scope | 95%+ | 85-94% | Below 85% | Head of Model Risk | Quarterly |
| Validation coverage | % of Tier 1 and Tier 2 systems with current validation within required cycle | 100% | 90-99% | Below 90% | Head of Model Risk | Quarterly |
| Monitoring gap | % of Tier 1/2 systems with monitoring producing reviewed outputs on defined schedule | 95%+ | 85-94% | Below 85% | Head of Model Risk | Monthly |
| Open findings aging | Count of Tier 1/2 high-severity findings open beyond 90 days | 0 | 1-2 | 3 or more | Head of Model Risk | Quarterly |
| Fair-lending testing coverage | % of AI systems in or proximate to credit decisions with current disparate-impact analysis | 100% | 90-99% | Below 90% | Compliance | Quarterly |
| Vendor AI risk coverage | % of material AI vendors (Tier 1/2 system hosts) with current third-party risk review | 100% | 85-99% | Below 85% | Third-Party Risk | Quarterly |
| Third-party concentration | Count of critical business processes dependent on a single foundation model provider | 0-2 | 3-4 | 5 or more | CRO | Quarterly |
| Shadow AI detection events | Count of AI tools discovered in use without prior governance review in the reporting period | 0 | 1-2 | 3 or more | Compliance / CISO | Quarterly |
| AI incident rate | Count of AI-related incidents causing customer harm, control failure, or regulatory exposure | 0 | 1 | 2 or more | CRO | Monthly |
| Generative AI data exposure | Confirmed or suspected NPI-to-unapproved-vendor events attributable to generative AI tools | 0 | Immediate response | Immediate response | CISO / Compliance | Continuous |
Threshold numbers in this table are practitioner starting points, not defined regulatory standards. Each institution calibrates them to its portfolio size, risk profile, and the board’s expressed tolerance during the appetite-setting process. The appetite statement sets the Red threshold; Yellow is the management warning that informs a response before the board-level threshold is reached.
The tenth indicator is binary rather than graded: the appetite for confirmed NPI exposure is zero, and the response is immediate rather than deferred to the next quarterly meeting.
Connecting risk appetite to SR 26-2 and NIST AI RMF
SR 26-2 (Revised Guidance on Model Risk Management, April 17, 2026, with parallel OCC Bulletin 2026-13 and an FDIC statement) is the current interagency model risk guidance. It covers traditional models and basic AI applications and is non-binding supervisory guidance; it replaced and rescinded SR 11-7. For the full analysis of what changed, see SR 26-2 vs SR 11-7: what changed for AI model risk management.
The risk appetite statement sits on top of the SR 26-2 program, not inside it. SR 26-2 describes what practices the model risk program should follow. The risk appetite statement describes how much risk the institution is willing to carry while following those practices. The two are complementary and non-overlapping.
For generative AI and agentic AI, which SR 26-2 explicitly excludes from its scope, the risk appetite statement carries additional weight. Until the interagency request for information that the Fed, OCC, and FDIC have signaled produces formal guidance, the risk appetite statement may be the only board-approved document that articulates the institution’s tolerance for those systems. Institutions that organize generative AI governance under NIST AI RMF 1.0 (NIST AI 100-1, the voluntary four-function framework: GOVERN, MAP, MEASURE, MANAGE) are the ones most likely to have an explicit appetite and KRI set for those systems, because the GOVERN function explicitly calls for risk appetite as a required governance artifact. For more on applying NIST AI RMF in a bank context, see NIST AI RMF for financial services.
The appetite statement is a GOVERN-function artifact. It does not substitute for MAP (the inventory), MEASURE (validation and testing), or MANAGE (response and remediation). It defines the acceptable range within which the other three functions should operate.
Board reporting and the annual appetite review
The board risk committee should receive the KRI dashboard quarterly, with each indicator shown against its Green/Yellow/Red threshold and a trend line covering the prior four periods. The narrative should identify any Red indicator, explain the root cause, and state the management response with a resolution timeline. The discipline that makes this reporting valuable is consistency: a committee that sees the same ten indicators each quarter builds pattern recognition about the program’s health that a changing metric set cannot provide.
The appetite statement itself is reviewed and re-approved by the board at least annually, and on an event-driven basis when any of the following occur: a material change in the AI portfolio, a significant AI incident, material new regulatory guidance on AI, or a strategic decision to expand AI into a new product line or customer segment. The calibration that was right for an institution with five AI systems in production is not the right calibration for one with fifty.
An important design principle: the appetite statement is a board document, not a technical document. The five-dimension structure and KRI thresholds should be expressed in language a director without an AI background can understand and challenge. A board that cannot assess whether the institution is operating within its stated appetite cannot exercise meaningful oversight. For the committee structure and RACI that make the appetite operational, see AI governance operating model and committee charter for banks.
FAQ
What is an AI risk appetite statement for a bank?
An AI risk appetite statement is a board-approved document that defines how much AI-related risk a bank is willing to accept across model performance, fair lending, third-party dependency, data protection, and operational resilience. It differs from an AI use policy (which governs employee behavior) and from model validation reports (which assess individual system risk). The appetite statement sets the aggregate tolerance against which the KRI dashboard is measured quarter over quarter.
What KRIs should a bank track for AI risk?
A sound AI KRI framework covers ten indicators: AI inventory completeness, validation coverage for Tier 1 and Tier 2 systems, monitoring program currency, open findings aging at high severity, fair-lending testing coverage, vendor AI risk coverage, third-party concentration in a single foundation model provider, shadow AI detection events, AI incident rate, and generative AI data exposure events. Each indicator maps to Green, Yellow, and Red thresholds calibrated by the board-approved appetite statement.
How does AI risk appetite connect to SR 26-2?
SR 26-2 (April 17, 2026) describes the practices the model risk program should follow for traditional models and basic AI applications. The risk appetite statement describes how much risk the institution is willing to carry while following those practices: the two are complementary and non-overlapping. For generative AI and agentic AI, which SR 26-2 explicitly excludes, the risk appetite statement may be the only board-approved document articulating the institution’s tolerance until interagency AI-specific guidance is finalized.
Who owns the AI risk appetite statement at a bank?
The CRO is accountable for the content and maintenance of the AI risk appetite statement. The model risk management function drafts and maintains the KRI framework that operationalizes it. The board risk committee approves the appetite statement and KRI thresholds. The AI governance committee (or an amended Model Risk or Technology Risk Committee charter that covers AI) monitors the KRI dashboard and escalates Red indicators to the CRO and the board risk committee.
How is AI risk appetite different from standard operational risk appetite?
Standard operational risk appetite was calibrated around systems with stable, inspectable logic and predictable failure modes. AI introduces non-deterministic outputs, fair lending exposure from bias events at scale, third-party concentration in foundation model providers, and data protection exposure from shadow AI, none of which standard operational risk appetite language addresses with sufficient specificity. Writing AI risk appetite separately ensures the institution has stated its tolerance for the failure modes specific to AI.
What this guide is / What it is not
What it is: A practitioner template for writing an AI risk appetite statement and calibrating a KRI framework at a US bank or fintech, aligned to SR 26-2 (April 2026), NIST AI RMF 1.0 (NIST AI 100-1, January 2023), and the June 2023 Interagency Guidance on Third-Party Relationships: Risk Management. What it is not: Legal or regulatory advice, a certification, or a guarantee of any exam or audit outcome. The five dimensions, KRI thresholds, and appetite language above are a practitioner starting point, not a final board document. Threshold calibration should reflect the institution’s actual risk profile, AI portfolio size, and the board’s expressed tolerance. DSE prepares organizations for audit and examination and does not certify. Consult qualified legal counsel on the regulatory interpretation questions the appetite-setting process raises.
The Bottom Line
A board risk committee that cannot answer “how much AI risk are we willing to take?” is not governing AI: it is observing it. The AI risk appetite statement turns a governance structure into a governance instrument by specifying the thresholds the board has approved, the indicators that measure whether the institution is inside those thresholds, and the responses that a breach requires. That structure is not in tension with SR 26-2 or NIST AI RMF alignment: it is what both require of a mature GOVERN function, expressed in the specific terms of the AI portfolio the institution actually runs.
The practical sequence: adopt the five-dimension appetite structure, calibrate Green/Yellow/Red thresholds to your portfolio’s size and risk profile, build the ten-indicator KRI dashboard from data your model risk function already maintains, and bring the appetite statement to the board risk committee for approval. The AI governance checklist is the diagnostic that shows whether the inventory, testing, and evidence a finserv program needs are in place before the appetite thresholds can be credibly set. For institutions that want to see how the appetite and KRI framework fit into the broader governance structure, the AI governance operating model and committee charter for banks covers the committee design, RACI, and operating cadence that make the appetite statement operational.
If your institution needs to establish an AI risk appetite statement and KRI framework before an exam cycle, DSE’s banking AI governance engagement starts with a readiness assessment that maps where your program stands. The AI governance readiness engagement delivers a risk register and audit-ready evidence package at a fixed fee. To discuss your situation, visit /engage.html.
Key facts
- An AI risk appetite statement for a US bank is the board-approved document that defines how much AI-related risk the institution is willing to carry and what triggers a mandatory governance response: banks without one are not risk-free, they are running an undocumented tolerance that no examiner or board member can interrogate (DSE, 2026).
- SR 26-2 (April 17, 2026) explicitly excludes generative AI and agentic AI from model risk guidance scope, which means the AI risk appetite statement may be the only board-approved document expressing the institution's tolerance for those systems until interagency AI-specific guidance is finalized (DSE, 2026).