Inside a 120-day remediation that turned three material findings into zero at follow-up.
The Examiner Reads The Lineage
SR 11-7 expanded. Examiners now check the data your risk models eat, not just the math.
dbt lineage covers transformation. It does not cover the source side.
What looks compliant in production is often unprovable to an examiner.
Fourteen source systems and seven transformation layers got machine-readable lineage from raw to feature.
Tier 1 change management replaced informal pipeline edits, with audit logs and governance committee approval.
The Result: feature-level monitoring on 38 fraud features, including 8 the team hadn't tracked before.
Source-system to feature, machine-readable for any examiner.
Change request, staging test, peer review, governance approval, audit log.
Automated row count, null rate, distribution, and freshness monitoring.
From Findings to Approvals
Banks with provable lineage move product approvals through committee in weeks, not quarters.
Audit-ready infrastructure protects revenue. The bank's $4.2M expansion stayed on track.
Logiciel's Audit Readiness Engagement runs the gap analysis, builds the lineage export, and stages remediation in 90 days.
CTOs and Chief Risk Officers at banks, lenders, and other regulated firms preparing for SR 11-7 model risk reviews, OCC examinations, or internal audit committees. It's equally useful for VPs of Data accountable for the lineage and monitoring evidence those exams now require.
dbt covers transformation lineage cleanly. It doesn't cover the source side: ingestion connectors, raw landings, schema changes upstream, or the documented controls around those. Examiners read the gap between source and dbt as a control gap.
Aggressive but achievable when scope is contained to the model-feeding pipelines. The bank closed the gaps in three phases: lineage and inventory, change management, then feature monitoring. Each phase was 30–45 days with clear acceptance criteria from the examiner's findings letter.
The total remediation investment was $290K, including platform fees and internal time. Year-one revenue from preserved product expansion was $4.2M, producing roughly 14:1 ROI. The largest avoided cost was the regulatory hold on a new lending product.
A significant deficiency is a control gap regulators expect you to fix. A material weakness suggests the gap could allow material misstatement, and it triggers heavier scrutiny, public disclosure for SOX-regulated firms, and potential MRA or MRIA action. Cost differences run into seven figures.
Examiners moved beyond the model itself. They now ask for documented lineage of the data feeding the model, change-management evidence for the pipelines, and monitoring proof for individual features. Functional infrastructure isn't enough. The pipeline has to be provable.
The bank had informal pipeline change management for risk-model inputs, no end-to-end lineage from source to feature, and feature monitoring that covered some inputs but not all. Each gap was traceable to a specific control the examiner could point at.
The bank presented a machine-readable lineage export covering source systems, transformation steps, and feature outputs. The examiner described it as "a model approach for pipeline provenance." Follow-up returned zero material findings and one closed observation.
Lineage and feature monitoring stay live as production controls, not exam artifacts. The bank now reports pipeline reliability and lineage coverage to its audit committee quarterly, which means the next exam reviews evidence the team already produces.
Logiciel's Audit Readiness Gap Review runs an examiner-style review against your existing lineage, monitoring, and change management. The output is a prioritized findings list, mapped to the controls each one violates and the work needed to close each gap.
