VieauxPoint: May 18, 2026

It’s abundantly clear that artificial intelligence is rapidly reshaping the mortgage industry. What began as isolated automation tools has evolved into AI-enabled systems across document review, borrower communication, fraud detection, quality control, pricing support, servicing operations, marketing, and employee productivity. Increasingly, AI is not something mortgage companies are intentionally “buying,” but rather something that is embedded into the platforms and systems lenders already use every day from their vendors.

The challenge is whether mortgage companies can responsibly govern these systems.

For the industry’s largest financial institutions, building AI governance structures may be achievable through large compliance teams, model risk management groups, legal departments, and technology staffs dedicated to AI oversight. That is not the reality for most mortgage companies, including independent mortgage banks, community lenders, and mortgage brokerages.

Many organizations understand they need AI governance, but they do not know where to begin. That gap is why the Mortgage Bankers Association’s Residential Board of Governors (RESBOG) identified the development of an industry AI Framework as one of its top priorities for 2026.

In partnership with RESBOG, a dedicated group of participants within MISMO’s AI Community of Practice has spent the past several months developing MISMO FRAME (Framework for Responsible AI in Mortgage Ecosystem). The objective is straightforward: create a practical, mortgage-specific AI governance toolkit that organizations of all sizes can implement and utilize.

Importantly, FRAME is not intended to create new regulations or compliance obligations. Existing mortgage laws and regulations already apply to AI systems. ECOA, the Fair Housing Act, FCRA, GLBA, OCC guidance, Reg X, and existing GSE requirements remain fully applicable whether a decision is made by a human being or influenced by an AI-enabled system.

What many organizations lack today is a practical framework for operationalizing governance when AI is involved. That is the problem FRAME is designed to address.

One of the most important realities acknowledged within the framework is that most mortgage companies are not building foundational AI models internally. Instead, they are increasingly relying on AI-enabled capabilities embedded inside: Loan Origination Systems (LOS), Point-of-Sale (POS) platforms, CRM systems, quality control technologies, servicing platforms, fraud detection tools, marketing systems, and productivity applications

This creates a critical operational challenge for lenders. Even if the lender does not own the AI model, the lender still owns the outcome. That means mortgage companies must understand, where AI exists inside their organization, what those systems influence, who owns them internally, how they are monitored, what controls exist, and how the organization would defend the system under examination, litigation, investor review, or regulatory inquiry.

MISMO FRAME is designed to help organizations answer those questions, and incorporates broader standards such as the NIST AI Risk Management Framework, but narrows the focus specifically to the realities of mortgage lending and servicing. Rather than asking lenders to operationalize massive enterprise AI governance structures, FRAME translates those concepts into practical mortgage-specific implementation guidance.

At the center of FRAME are several implementation artifacts designed to help organizations create structure around AI governance.

The first is the AI System Inventory. This serves as the organization’s central record of all AI-enabled systems in use across the company, including internally developed systems and vendor-provided tools. For many lenders, this becomes the starting point of AI governance because organizations often discover they are using more AI-enabled systems than they initially realized.

The second artifact is the Governance Policy. This policy template establishes organizational accountability, risk-tiering, approval structures, vendor oversight expectations, fair lending responsibilities, monitoring requirements, and change management processes. The framework emphasizes that every AI system must have a named business owner and that accountability cannot be delegated to a vendor or generic department.

Another key artifact is the AI System Risk Assessment. This document is completed for each AI system or use case and captures critical information including intended use, model outputs, consumer impact, regulations implicated, data utilized, reliance on outputs, testing performed, explainability considerations, vendor documentation, and monitoring responsibilities.

For many organizations, this becomes the practical working file that demonstrates governance discipline. FRAME also introduces concepts around ongoing monitoring, incident management, fairness testing, and generative AI governance. Special attention is given to risks associated with large language models and generative AI tools, including hallucinations, prompt management, version control, adverse action explainability, and vendor foundation model changes. Vendor oversight is one of the most significant themes throughout the framework.

AI significantly expands vendor due diligence, primarily through cybersecurity, privacy, and operational stability lenses. Mortgage companies increasingly need to understand: how vendor AI systems operate, what data they use, whether borrower data is retained, how outputs are monitored, whether fairness testing exists, what contractual protections are required, and how material model changes are communicated.

FRAME recognizes that this is a major operational burden for lenders, particularly smaller organizations with limited internal resources. That is one reason MISMO is also developing an AI Certification program as part of its growing certification library.

The goal of the certification initiative is to help create greater consistency and transparency across the mortgage ecosystem. Over time, certifications may help lenders more efficiently assess vendor AI governance capabilities and oversight practices.

Importantly, FRAME itself reflects the collaborative structure that makes MISMO uniquely suited to lead this effort. As the mortgage industry’s non-profit standards organization, MISMO operates “For the Industry, By the Industry.” Participants across the ecosystem; lenders, brokers, servicers, technology providers, compliance leaders, investors, GSEs, regulators, and government agencies, collaborate together to build practical standards and frameworks designed to benefit the broader mortgage market.

FRAME is one of the strongest examples of that collaborative process in action. The framework has already been shared with several early adopter organizations for feedback and practical review. It will be discussed extensively during MISMO’s spring summit in Louisville, Ky, June 1–4. Following the Summit, FRAME will continue evolving through industry utilization, feedback, and refinement. Like many MISMO initiatives, FRAME is expected to mature over time alongside industry adoption and regulatory evolution.

Access to FRAME will be available exclusively to MISMO member companies. Organizations that support MISMO through the Innovation Investment Fund (IIF) receive membership access to MISMO resources, standards, work products, and collaborative initiatives, including FRAME.

This framework is becoming an operational toolkit designed to help mortgage companies responsibly navigate one of the most significant technological shifts the industry has experienced in decades.

Anyone interested in learning more about the FRAME initiative, MISMO membership, or the Innovation Investment Fund can contact me directly at bvieaux@mba.org.