Chair’s Opening Remark’s

TPRM BY EXCEPTION: GOVERNING AI-ENABLED THIRD PARTIES IN A REGULATED ENVIRONMENT

Financial institutions are expected to both use AI to strengthen risk management and demonstrate effective governance of AI risk across third- and fourth-party ecosystems

• The growing gap between static TPRM programs and supervisory expectations for ongoing AI and model risk governance
• Moving from point-in-time assessments to continuous oversight of security, compliance, resilience, and AI-driven decisioning
• Designing exception-based governance models that strengthen auditability while preserving accountability and management judgment
• Building operational resilience and regulatory confidence across complex, AI-enabled third- and fourth-party relationships