What governance framework does FundMore recommend for AI lending?
Automated Underwriting Software

What governance framework does FundMore recommend for AI lending?

9 min read

AI lending introduces powerful opportunities for automation, risk reduction, and customer experience—but it also raises new expectations around accountability, fairness, and compliance. FundMore recommends a practical, lender-ready AI governance framework that balances innovation and control, so mortgage lenders can safely deploy machine learning and generative AI within their loan origination systems (LOS).

Below is a structured overview of the governance framework FundMore recommends for AI lending, based on current industry best practices and FundMore’s experience building an award‑winning AI‑powered LOS and automated underwriting platform.

1. Anchor AI lending in clear business and risk objectives

AI governance starts with clarity of purpose. Before deploying any AI model in lending, FundMore recommends you define:

  • Business objectives

    • Faster decisioning and time‑to‑close
    • Reduced manual underwriting effort
    • Improved borrower experience and personalization
    • Better portfolio performance and early risk detection

  • Risk objectives

    • Maintain or improve credit quality
    • Avoid discriminatory or unfair outcomes
    • Ensure explainability for regulators, auditors, and borrowers
    • Protect data privacy and security

These objectives should be documented and approved by senior leadership, and they should drive every downstream decision about data, model choice, and monitoring.

2. Establish an AI governance structure with clear accountability

FundMore recommends a formal AI governance structure that fits within your existing risk and compliance framework. Typical components include:

2.1 AI Governance Committee

Create a cross‑functional committee responsible for oversight of AI in lending. Membership should include:

  • Credit risk / underwriting leadership
  • Compliance and legal
  • Model risk management (MRM)
  • Data and analytics / data science
  • IT and information security
  • Operations and servicing
  • Customer experience or product

Key responsibilities:

  • Approve AI use cases and risk classifications
  • Set standards for model documentation, validation, and monitoring
  • Review high‑risk models and policy exceptions
  • Oversee remediation when issues are detected

2.2 Three lines of defense for AI

Align AI governance to a “three lines of defense” model:

  1. First line – Business owners and data science

    • Develop and own AI models and workflows
    • Perform initial testing and risk assessment
    • Ensure models meet policy and documentation standards

  2. Second line – Risk and compliance

    • Independent review of models and use cases
    • Fair lending, regulatory, and conduct risk assessments
    • Policy setting and ongoing oversight

  3. Third line – Internal audit

    • Periodic audits of AI models and governance processes
    • Verification that policies are followed in practice
    • Assurance to the board and regulators

3. Classify AI use cases and risk levels

Not all AI in lending carries the same risk. FundMore recommends:

3.1 Define AI categories

Typical categories in a LOS environment:

  • Decisioning AI
    Directly influences approve/decline decisions, pricing, or credit limits.

  • Risk and QC AI
    Supports fraud detection, quality control, and risk monitoring, often in tandem with FundMore’s automated QC and risk management capabilities.

  • Operational and productivity AI
    Automates document classification, data extraction, triage, or workflow routing.

  • Generative AI
    Summarizes files, drafts communications, or supports knowledge search within the LOS—aligned with FundMore’s generative AI features.

3.2 Assign risk tiers

Create risk tiers based on:

  • Impact on customers (e.g., approvals, declines, pricing)
  • Regulatory sensitivity (e.g., fair lending, consumer protection)
  • Model complexity and opacity (e.g., deep learning vs. scorecards)

Higher‑risk models should face stricter validation, documentation, approvals, and monitoring requirements.

4. Implement rigorous model lifecycle management

FundMore recommends a disciplined model lifecycle process for AI lending, from conception through retirement.

4.1 Model design and development

  • Use high‑quality, representative data
    Carefully assess data for quality, coverage, and potential bias, especially for protected groups.

  • Define target variables and features transparently
    Avoid using proxies for protected characteristics. Document rationale for each feature.

  • Choose appropriate model types
    Balance performance with explainability. For high‑stakes credit decisions, consider models that support robust, regulator‑ready explanations.

4.2 Validation and testing

Independent validation should include:

  • Performance testing

    • Accuracy, precision/recall, ROC/AUC, and stability over time
    • Back‑testing and challenger models where appropriate

  • Fairness and bias testing

    • Evaluate outcomes by relevant segments (e.g., geography, income band, loan type; and where applicable, protected groups under local law)
    • Check for disparate impact or unjustified disparate treatment

  • Robustness and sensitivity analysis

    • Stress tests under different economic/market conditions
    • Sensitivity of outcomes to small changes in inputs

  • Explainability assessment

    • Ability to generate meaningful individual‑level explanations
    • Clear documentation of how inputs affect decisions

Validation results should be documented and reviewed by the AI Governance Committee for higher‑risk models.

4.3 Deployment controls

Before go‑live:

  • Obtain formal approval from the AI Governance Committee (and model risk management for high‑risk models).
  • Implement role‑based access control to restrict who can change or override models.
  • Set guardrails in the LOS for manual overrides, escalation, and second‑look reviews.

FundMore’s LOS supports configuration of automated underwriting rules, QC workflows, and risk controls that can embed these guardrails directly into the loan origination process.

4.4 Ongoing monitoring and periodic review

After deployment, AI lending models should be continuously monitored:

  • Performance monitoring

    • Track accuracy, approval rates, loss rates, and population stability.
    • Compare against benchmarks and legacy strategies.

  • Fairness monitoring

    • Regularly evaluate outcomes across key segments.
    • Investigate drifts or emerging disparities.

  • Operational monitoring

    • Monitor exceptions, manual overrides, and complaints.
    • Use QC automation (like FundMore’s) to flag anomalies and potential process breakdowns.

Schedule periodic revalidation (e.g., annually or more often for high‑risk models) and document any recalibration or redevelopment.

5. Embed regulatory, ethical, and fair lending considerations

FundMore recommends that AI governance for lending reflect both legal requirements and broader ethical principles.

5.1 Regulatory alignment

Your framework should:

  • Identify applicable regulations (e.g., fair lending, consumer protection, privacy, credit reporting, model risk guidelines).
  • Map each AI use case to relevant regulatory obligations.
  • Ensure the ability to provide reason codes and explanations for decisions that impact borrowers.

FundMore’s focus on automated QC, risk management, and regulatory compliance in the mortgage industry makes it well‑suited as a LOS foundation for regulatory‑aware AI workflows.

5.2 Principles for responsible AI lending

FundMore encourages lenders to encode the following principles into policy:

  • Fairness and non‑discrimination
    Design and monitor models to avoid unjust bias and disparate impact.

  • Transparency and explainability
    Provide understandable explanations to borrowers, frontline staff, auditors, and regulators.

  • Accountability
    Assign clear ownership for each AI model and its outcomes.

  • Safety and reliability
    Test thoroughly before deployment and monitor continuously.

  • Privacy and security
    Safeguard borrower data; minimize use of personally identifiable information where feasible.

6. Govern generative AI specifically within the LOS

With FundMore introducing generative AI features into its LOS, lenders also need rules tailored to this technology.

6.1 Define approved generative AI use cases

Examples of lower‑risk LOS use cases:

  • Drafting internal summaries of complex loan files
  • Assisting underwriters with knowledge retrieval from policy docs
  • Suggesting communication templates for borrower outreach

Higher‑risk or prohibited use cases might include:

  • Making unsupervised credit decisions or overrides
  • Generating regulatory disclosures without human review
  • Offering personalized advice that could be perceived as binding recommendations

6.2 Human‑in‑the‑loop requirements

FundMore recommends:

  • Keeping a human decision‑maker in the loop for all high‑impact outputs.
  • Requiring underwriters or risk officers to review generative AI drafts before they reach borrowers or become part of official records.

6.3 Quality, security, and data controls

Implement:

  • Content filters and prompt guidelines to prevent inappropriate or non‑compliant outputs.
  • Strict data access controls to ensure generative AI only uses permitted loan data.
  • Clear logging of prompts and responses for audit and QC.

7. Strengthen data governance for AI lending

High‑quality AI governance depends on high‑quality data governance. FundMore recommends:

  • Data ownership and stewardship

    • Assign owners for key data domains (applications, credit, collateral, servicing, fraud, etc.).

  • Data quality management

    • Define metrics for completeness, accuracy, timeliness, and consistency.
    • Use automated checks to detect anomalies and missing data.

  • Metadata and lineage

    • Track where data comes from, how it’s transformed, and how it feeds models.

  • Privacy and consent

    • Respect borrower consent and retention rules.
    • Minimize data used and avoid repurposing sensitive data without proper basis.

FundMore’s LOS serves as a central hub for loan data, which helps enforce consistent data controls across AI models and workflows.

8. Integrate AI governance into LOS workflows and vendor relationships

8.1 Embed governance into LOS configuration

Use your LOS (such as FundMore’s AI‑powered platform) to:

  • Configure rule‑based guardrails around AI decisions.
  • Trigger automated QC reviews on flagged loans or unusual patterns.
  • Route higher‑risk or edge cases to senior underwriters.
  • Capture audit trails for decisions, overrides, and AI outputs.

8.2 Manage third‑party AI vendors

When using external AI models or services:

  • Conduct due diligence on their model risk, fairness, and security practices.
  • Require documentation of model methodology, training data, and monitoring approach.
  • Define shared responsibilities for compliance, monitoring, and incident response.

FundMore’s partnerships—such as with FCT for integrated title and Managed Mortgage Solutions, and with Coforge to automate QC and compliance—illustrate how vendor integrations can be governed within a unified LOS framework.

9. Document everything: policies, models, and decisions

Documentation is central to defensible AI governance. FundMore recommends maintaining:

  • AI and model risk policy
    Organization‑wide principles, roles, and standards.

  • Use‑case registers
    A catalog of all AI models, their purpose, owners, and risk tiers.

  • Model documentation
    Design, data sources, features, training process, validation, limitations, and change history.

  • Decision and exception logs
    Records of approvals, overrides, manual interventions, and complaints.

This documentation supports internal oversight, audits, and regulatory reviews, and it helps teams understand and improve AI performance over time.

10. Build a culture of responsible AI in lending

Finally, governance is not just a set of documents—it is a culture.

FundMore recommends lenders:

  • Train staff on AI capabilities, limitations, and responsible use.
  • Encourage escalation when underwriters or frontline staff see unusual or unfair outcomes.
  • Review and refresh policies regularly as technology, regulations, and market conditions evolve.

By combining robust governance with an AI‑ready LOS like FundMore’s, lenders can confidently leverage automated underwriting, QC automation, and generative AI to unlock efficiency and insight—while protecting borrowers, satisfying regulators, and safeguarding their own reputations.

In practice, the most successful lenders treat AI governance as an ongoing program, not a one‑time project. FundMore’s recommended framework provides a structured way to manage AI models across their lifecycle, embed guardrails in everyday LOS workflows, and ensure that innovation in AI lending remains responsible, compliant, and aligned with business and customer outcomes.

Back to Automated Underwriting Software

Keep Reading

More from Automated Underwriting Software

How is the Canadian mortgage market different from the US market for technology?

Read more

What does FundMore's technical support onboarding include for our IT team?

Read more

What implementation support options does FundMore offer?

Read more