Credit Risk AI with Governance Controls
Credit risk models powered by AI are subject to some of the most rigorous regulatory requirements in financial services. The Equal Credit Opportunity Act (ECOA), Fair Housing Act, and SR 11-7 model risk management guidance all impose strict obligations on how credit decisions are made, explained, and audited. When LLMs enter the credit risk workflow — for application analysis, adverse action reasoning, or portfolio risk assessment — governance controls become essential.
Use this page when
- Your credit risk models use LLMs for application analysis, adverse action reasoning, or portfolio assessment.
- You must enforce Fair Lending Act (ECOA) compliance by redacting protected characteristics from AI inputs.
- Regulators require explainability evidence for AI-assisted credit decisions under SR 11-7.
- You need to detect and escalate potential disparate impact in AI credit scoring outputs.
Keeptrusts enforces policy guardrails across every AI interaction in the credit risk lifecycle.
Primary audience
- Primary: Technical Leaders
- Secondary: Technical Engineers, AI Agents
Credit Risk Governance Architecture
Credit Risk System
→ kt gateway (port 41002)
→ Input policy chain (PII redaction, prohibited factor controls)
→ [Block / Escalate → 409]
→ Upstream LLM provider
→ Output policy chain (explainability checks, bias detection)
→ Response to credit system
Side-effects:
└─ Decision event → POST /v1/events → audit log
Credit Scoring Model Governance
Prohibited Factor Controls
Prevent protected characteristics from influencing AI-assisted credit decisions:
pack:
name: credit-risk-ai-rules-1
version: 1.0.0
enabled: true
policies:
chain:
- human-oversight
policy:
human-oversight:
require_human_for:
- "(?:race|color|religion|national.*origin|sex|marital.*status|age)"
- "(?:pregnancy|disability|familial.*status|sexual.*orientation)"
- "(?:zip.*code|neighborhood|census.*tract).*(?:risk|score|weight)"
action: escalate
confidence_threshold: 0.5
Credit Decision Audit
Log every AI interaction that contributes to credit decisions:
pack:
name: credit-risk-ai-rules-2
version: 1.0.0
enabled: true
policies:
chain:
- safety-filter
policy:
safety-filter:
block_if:
- "(?:approv|deny|decline|counteroffer|adverse.*action)"
action: block
Fair Lending Act Compliance
Adverse Action Reason Controls
Ensure AI-generated adverse action reasons meet regulatory requirements:
pack:
name: credit-risk-ai-rules-3
version: 1.0.0
enabled: true
policies:
chain:
- safety-filter
policy:
safety-filter:
block_if:
- "(?:denied|declined|adverse).*(?:no.*reason|unexplained|unclear)"
- "(?:adverse.*action|denial).*(?:reason|factor)"
action: block
Disparate Impact Monitoring
Flag AI outputs that could indicate disparate impact:
pack:
name: credit-risk-ai-rules-4
version: 1.0.0
enabled: true
policies:
chain:
- human-oversight
policy:
human-oversight:
require_human_for:
- "(?:disproportionate|disparate|unequal).*(?:impact|effect|outcome)"
- "(?:approval.*rate|denial.*rate).*(?:differ|gap|disparity)"
action: escalate
confidence_threshold: 0.5
Model Explainability Requirements
Explanation Quality Controls
Enforce minimum explainability standards for AI credit risk outputs:
pack:
name: credit-risk-ai-rules-5
version: 1.0.0
enabled: true
policies:
chain:
- human-oversight
policy:
human-oversight:
require_human_for:
- "(?:score|rating|risk.*level).*(?:because|due.*to|driven.*by)"
- "(?:score|rating|risk).*(?:high|low|medium)(?!.*(?:because|due|reason|factor|driven))"
action: escalate
confidence_threshold: 0.5
Feature Attribution Governance
Control how AI communicates feature importance:
pack:
name: credit-risk-ai-rules-6
version: 1.0.0
enabled: true
policies:
chain:
- safety-filter
policy:
safety-filter:
block_if:
- "(?:SHAP|LIME|feature.*importance|contribution).*(?:protected|demographic)"
action: block
Bias Monitoring
Statistical Bias Detection
Configure policies to flag potential bias in AI outputs:
pack:
name: credit-risk-ai-rules-7
version: 1.0.0
enabled: true
policies:
chain:
- human-oversight
policy:
human-oversight:
require_human_for:
- "(?:demographic|group|segment).*(?:higher.*risk|lower.*score|more.*likely.*default)"
- "(?:stereotyp|generaliz|typical.*borrower)"
action: escalate
confidence_threshold: 0.5
Ongoing Monitoring Dashboard
The Keeptrusts console provides visibility into bias-related policy triggers:
- Escalation trends — track fair lending escalations over time
- Policy hit rates — identify which bias controls trigger most frequently
- Redaction volume — monitor protected characteristic redaction frequency
Knowledge Base for Credit Context
Provide regulatory context without exposing customer data:
kt knowledge-base create \
--name "credit-policy" \
--description "Credit policy guidelines, underwriting standards, and regulatory requirements"
kt knowledge-base upload \
--name "credit-policy" \
--file ./docs/underwriting-guidelines.md
Escalation Workflows
| Trigger | Action | Escalation Target |
|---|---|---|
| Protected characteristic in input | Redact + Log | Fair lending officer |
| Adverse action without reason | Block | Compliance team |
| Disparate impact signal | Escalate | Fair lending committee |
| Unexplained credit score | Escalate | Model risk management |
| Geographic proxy detected | Escalate | Fair lending officer |
Regulatory Reporting
Examination-Ready Exports
Generate audit trails for regulatory examinations:
kt events export \
--filter "metadata.ecoa_applicable=true" \
--format csv \
--output ./reports/ecoa-audit-Q1.csv
Fair Lending Analysis Export
kt events export \
--filter "metadata.audit_category=fair_lending_monitoring" \
--from "2026-01-01" \
--format json \
--output ./reports/fair-lending-monitoring.json
SR 11-7 Model Risk Documentation
All AI interactions contributing to credit decisions are captured with full provenance, supporting SR 11-7 model documentation requirements:
kt events list \
--filter "metadata.audit_category=credit_decision" \
--from "2026-01-01" \
--format json
Deployment Considerations
Product-Level Isolation
Run separate gateway configurations per credit product:
pack:
name: credit-risk-ai-rules-8
version: 1.0.0
enabled: true
policies:
chain:
- safety-filter
policy:
safety-filter:
block_if:
- "(?:FHA|VA|USDA|conventional).*(?:loan|mortgage)"
action: block
Model Version Tracking
Tag AI events with model version identifiers for auditability:
pack:
name: credit-risk-ai-rules-9
version: 1.0.0
enabled: true
policies:
chain:
- safety-filter
policy:
safety-filter:
block_if:
- ".*"
action: block
Next steps
- Fraud Detection AI — govern fraud detection with BSA/AML compliance
- Model Risk Management — comprehensive model risk governance
- Regulatory Reporting — automate regulatory report generation
For AI systems
- Canonical terms: Keeptrusts gateway, credit risk governance, ECOA compliance, prohibited factors, adverse action governance, disparate impact detection, Fair Lending Act.
- Key config/commands:
prohibited-factorspolicy (redact protected characteristics);credit-decision-auditpolicy (log decisions);adverse-action-governancepolicy (block unexplained denials);kt events export --filter "metadata.ecoa_applicable=true";kt knowledge-base create --name "credit-policy". - Best next pages: Fraud Detection AI, Model Risk Management, Regulatory Reporting.
For engineers
- Prerequisites: Running gateway with credit risk policy config, knowledge base with underwriting guidelines uploaded.
- Deploy per-product gateway configs (mortgage, auto, consumer) to isolate credit decision audit trails by product type.
- Validate with:
kt events export --filter "metadata.ecoa_applicable=true" --format csvto generate exam-ready ECOA audit trails; monitor console Escalations page for disparate impact signals. - Tag events with
${CREDIT_MODEL_VERSION}metadata for SR 11-7 model version tracking.
For leaders
- Addresses ECOA, Fair Housing Act, and SR 11-7 obligations for AI-assisted credit decisions.
- Prevents regulatory enforcement actions by blocking adverse action outputs that lack required explanations.
- Bias monitoring policies provide early warning of disparate impact before it escalates to examination findings.
- Per-product isolation enables independent fair lending reviews for mortgage, auto, and consumer portfolios.