AI Model Governance in Financial Services: How MaRisk, EBA, and BCBS 239 Pre-Structure AI Act Compliance

Financial institutions sit at a unique intersection when it comes to AI governance. Unlike companies in other sectors scrambling to build governance frameworks from scratch for the EU AI Act, banks, insurers, and asset managers already operate under decades of model risk management regulation — MaRisk, EBA Guidelines on Internal Governance and Model Risk (EGIM), BCBS 239, and OCC SR 11-7. The question is not whether to govern AI, but how to extend existing frameworks to cover it effectively.

This article maps exactly how these existing regulatory structures pre-structure AI Act compliance, identifies the gaps that remain, and provides a practical roadmap for financial institutions to achieve comprehensive AI model governance without duplicating effort.

Why AI Model Governance Matters More in Financial Services

AI systems in financial services carry outsized risk. A biased credit scoring model denies loans to protected groups. An algorithmic trading system amplifies market volatility in milliseconds. A fraud detection model generates thousands of false positives, blocking legitimate customers. An anti-money-laundering model misses suspicious transactions, exposing the institution to regulatory enforcement.

The consequences are not hypothetical. Regulators including the ECB, BaFin, and the FCA have explicitly stated that AI and machine learning models fall under existing model risk management requirements. The EU AI Act adds a second, horizontal layer of regulation on top of sector-specific rules. Financial institutions that fail to govern AI models face compounding regulatory exposure — from sector regulators and from AI-specific enforcement simultaneously.

The Existing Regulatory Governance Stack

Financial institutions already maintain governance infrastructure that maps directly to AI Act requirements. Understanding this mapping is the first step to efficient compliance.

MaRisk AT 4.3.5: Model Validation and Documentation

MaRisk (Mindestanforderungen an das Risikomanagement) requires German financial institutions to validate all models used in risk-relevant decisions. This includes documentation of model methodology, assumptions, limitations, and performance metrics. Independent model validation must occur before deployment and periodically thereafter. MaRisk does not distinguish between statistical models and AI models — the requirements apply equally.

For AI Act compliance, MaRisk model validation maps to the conformity assessment requirement (Article 43). The documentation requirements under MaRisk AT 4.3.5 cover approximately 70% of the technical documentation demanded by AI Act Annex IV. The gap: MaRisk does not explicitly require bias testing, human oversight mechanisms, or transparency toward affected persons — these are AI Act additions.

EBA Guidelines on Internal Governance and Model Risk (EGIM)

The EBA EGIM guidelines, updated in 2024, require financial institutions to maintain a comprehensive model inventory covering all models used across the organization. Each model must have a designated owner, a defined lifecycle (development, validation, deployment, monitoring, retirement), and documented governance responsibilities. The EGIM also mandates that the management body bears ultimate responsibility for model risk.

This maps directly to the AI Act requirement for an AI system register (Article 51) and for human oversight at the organizational level (Article 14). Financial institutions with mature EGIM implementations already have the governance structure the AI Act demands — they need to extend the inventory to include AI systems that may not be classified as models under current definitions, such as NLP-based customer service tools or document processing automation.

BCBS 239: Data Quality for Model Inputs

BCBS 239 (Principles for Effective Risk Data Aggregation and Risk Reporting) establishes six dimensions of data quality: accuracy, completeness, consistency, timeliness, uniqueness, and relevance. For AI models, data quality directly determines model quality — garbage in, garbage out applies with particular force to machine learning systems that learn patterns from training data.

The AI Act data governance requirements (Article 10) demand that training, validation, and testing datasets meet quality criteria including relevance, representativeness, accuracy, and completeness. For financial institutions already compliant with BCBS 239, the incremental effort is extending data quality frameworks from risk data to AI training data. The gap: BCBS 239 does not address bias in training data or representativeness across protected characteristics — these are AI Act additions that require new processes.

OCC SR 11-7: Model Risk Management (US Context)

While primarily a US requirement, OCC SR 11-7 has influenced global model risk management practices. It defines model risk as the potential for adverse consequences from decisions based on incorrect or misused model outputs, and requires a model risk management framework covering model development, implementation, use, and ongoing validation. Many European financial institutions apply SR 11-7 principles alongside MaRisk as best practice.

How the Existing Stack Maps to EU AI Act Requirements

The mapping between existing financial regulation and the AI Act is substantial but not complete:

• Model inventory (EBA EGIM) → AI system register (AI Act Article 51): Direct mapping. Extend the model inventory to include all AI systems, not just risk models.
• Model validation (MaRisk AT 4.3.5) → Conformity assessment (AI Act Annex VII): Strong overlap. Add bias testing and fairness evaluation to the validation process.
• Data quality (BCBS 239) → Data governance (AI Act Article 10): Foundational overlap. Add representativeness and bias testing for training datasets.
• Model documentation (MaRisk) → Technical documentation (AI Act Annex IV): ~70% coverage. Add AI-specific sections on human oversight design, transparency mechanisms, and system architecture.
• Independent review (MaRisk) → Third-party audit (AI Act Article 43): Conceptual alignment. For high-risk AI systems, the review must specifically cover AI Act essential requirements.
• Management responsibility (EGIM) → Human oversight (AI Act Article 14): Structural alignment. Add operational human oversight mechanisms, not just governance committees.

What the AI Act Adds Beyond Existing Frameworks

Despite the substantial overlap, the AI Act introduces requirements that go beyond current model risk management:

1. Explicit Human Oversight Mechanisms

MaRisk and EGIM require governance committees and independent validation. The AI Act demands operational human oversight: the ability to understand a system capabilities and limitations in real time, to monitor its operation, and to override or stop it. For a credit scoring AI, this means not just periodic model review, but real-time dashboards showing decision distributions, drift alerts, and one-click intervention capability. Model approval committees are necessary but not sufficient.

2. Transparency Toward Affected Persons

Existing financial regulation focuses on transparency toward regulators and internal stakeholders. The AI Act adds transparency toward the people affected by AI decisions. When a customer is denied credit by an AI system, they have the right to meaningful information about the decision logic. This requires explainability mechanisms that go beyond model documentation — interpretable outputs, decision factors, and accessible explanations for non-technical audiences.

3. Bias Testing and Fairness Documentation

While discrimination is prohibited under existing law, the AI Act requires proactive bias testing as part of the conformity assessment. Financial institutions must demonstrate that training data is representative across protected characteristics, that model outputs do not systematically disadvantage specific groups, and that fairness metrics are monitored continuously in production. This is a shift from reactive complaint handling to proactive fairness assurance.

4. Continuous Post-Market Monitoring

MaRisk requires periodic model validation. The AI Act requires continuous monitoring of AI system performance, including automated drift detection, performance degradation alerts, and documented incident handling for AI-specific failures. For financial institutions, this means upgrading from annual model review cycles to continuous monitoring infrastructure with real-time alerting.

Building an AI Governance Scorecard

An effective AI governance scorecard for financial institutions covers four dimensions:

Oversight Systems

Is there a designated AI risk owner at C-level? Does the model inventory include all AI systems (not just risk models)? Are governance processes adapted for AI-specific risks (speed of deployment, data dependency, opacity)? Is the management body trained on AI risks and their regulatory obligations under the AI Act?

Model and Data Controls

Are AI models subject to the same validation rigor as traditional risk models? Is training data quality monitored against BCBS 239 dimensions plus AI-specific criteria (representativeness, bias)? Are model outputs explainable to regulators, auditors, and affected persons? Is there a documented process for model retirement when performance degrades?

Legal, Ethical, and Privacy Factors

Are AI systems classified by risk level per the AI Act taxonomy? Is there a DPIA for each AI system processing personal data? Are intellectual property rights for training data documented? Does the ethics review process cover AI-specific concerns such as automation bias, feedback loops, and emergent behavior?

Business and Operational Controls

Are there clear escalation paths when AI systems produce unexpected results? Is there a kill switch for high-risk AI systems in production? Do business controls prevent AI from being used outside its validated scope? Is there a shadow AI detection program to identify unsanctioned AI tools?

Four Types of Controls for AI Governance

An effective AI governance framework combines four types of controls:

1. Business controls: Policies that define permissible AI use cases, acceptable risk thresholds, and escalation triggers. These should enable innovation by providing clear boundaries rather than blocking experimentation. Example: allowing business units to pilot AI in sandboxes without full governance approval, but requiring review before production deployment with real data.
2. Procedural controls: Standardized processes for AI development, testing, validation, and deployment. These must be nimble enough to accommodate rapid AI iteration cycles while maintaining audit trails. Example: a streamlined validation for low-risk AI enhancements versus full conformity assessment for high-risk deployments like credit scoring changes.
3. Manual controls: Human review and intervention mechanisms for high-stakes AI decisions. Example: mandatory human review of AI-generated fraud alerts above a certain confidence threshold, with documented override rationale.
4. Automated controls: Technical guardrails embedded in the AI pipeline — input validation, output monitoring, drift detection, fairness checks, and automatic fallback to deterministic rules when AI confidence drops below thresholds. Example: real-time monitoring that flags when a credit model approval rate for any demographic group deviates more than 5% from baseline.

Vendor AI Risk Management

Financial institutions increasingly consume AI through third-party products — from core banking systems with embedded ML to specialized fintech tools. Under DORA Articles 28–44 and the AI Act, the financial institution remains responsible for AI governance regardless of whether the AI was built in-house or purchased from a vendor.

Vendor AI risk management requires: a complete inventory of all vendor-provided AI components (many institutions discover AI embedded in products they did not know contained it), contractual rights to audit vendor AI models and training data, documented risk assessments for each vendor AI system, and exit strategies in case a vendor AI system fails to meet regulatory requirements.

Implementation Roadmap

1. Months 1–2 — Inventory and gap assessment: Map all AI and ML systems against the existing model inventory. Identify systems not currently classified as models under MaRisk but qualifying as AI under the AI Act. Classify each by risk level. Document the gap between current governance and AI Act requirements.
2. Months 2–4 — Extend governance structures: Update model risk policies to explicitly cover AI. Add AI-specific validation criteria (bias testing, explainability, human oversight). Extend the model lifecycle to cover continuous monitoring. Train the management body on AI-specific regulatory obligations.
3. Months 4–8 — Implement technical controls: Deploy continuous monitoring for AI performance and fairness. Implement explainability tooling for high-risk systems. Build automated drift detection and alerting. Establish human override mechanisms.
4. Months 6–10 — Vendor and shadow AI governance: Audit all third-party products for embedded AI. Negotiate contractual AI governance provisions with key vendors. Implement shadow AI detection.
5. Months 8–12 — Conformity assessment: Complete AI Act conformity assessments for all high-risk systems. Prepare Annex IV technical documentation. Conduct internal audit of the extended framework. Prepare for regulatory review.

Frequently Asked Questions

Do we need a separate AI governance framework or can we extend existing model risk management?

Extend your existing framework. Building a separate AI governance structure creates organizational silos, duplicate processes, and inconsistent standards. The most effective approach is to expand your MaRisk/EGIM model risk management framework with AI-specific modules for bias testing, explainability, human oversight, and continuous monitoring. This preserves institutional knowledge while addressing new requirements.

Which AI systems in banking are classified as high-risk under the AI Act?

Credit scoring and creditworthiness assessment are explicitly listed in AI Act Annex III. Other likely high-risk systems include: automated insurance claim assessment, anti-money laundering decision systems, algorithmic trading systems that directly execute trades, automated recruitment screening, and internal risk rating models that determine capital allocation. Internal analytics, BI dashboards, and customer service chatbots are generally not high-risk unless they directly influence decisions about individuals.

How does the AI Act interact with DORA for financial institutions?

DORA governs ICT risk management broadly, including the operational resilience of AI systems. The AI Act adds specific requirements for AI system design, testing, documentation, and oversight. Financial institutions must comply with both: DORA for operational and resilience aspects of AI infrastructure, and the AI Act for governance, testing, and transparency. AI governance must be integrated into both the ICT risk management framework (DORA) and the model risk management framework (MaRisk/EGIM).

What is the timeline for AI Act compliance for financial institutions?

Prohibited AI practices have been banned since February 2025. High-risk AI system obligations apply from August 2, 2026. However, financial institutions under MaRisk and EGIM are already expected to govern AI models under existing requirements. Start the inventory and gap assessment now, prioritize high-risk systems for August 2026, and use 2027 to mature the framework.

What penalties apply for AI Act non-compliance in financial services?

AI Act penalties reach up to EUR 35 million or 7% of global turnover for prohibited practices, EUR 15 million or 3% for high-risk system violations, and EUR 7.5 million or 1.5% for incorrect information. These apply on top of sector penalties from BaFin or ECB for model risk management failures under MaRisk/EGIM. The compounding effect makes non-compliance in financial services particularly expensive.