RegCore.AIRegCore.AI
Resources

Practitioner notes from the firm.

Reference notes we at RegCore.AI have written against the regulatory ground — OSFI E-23, FIFAI II, FINTRAC, CIRO, SR 11-7, NIST AI RMF, EU AI Act and the operating practice around them. For the current editorial track, see our insights page; for the canonical framework index, see frameworks.

/ai-governance-artifacts

Five AI governance artifacts a regulated deployer has to produce

The artifact set that answers OSFI E-23, SR 11-7, NIST AI RMF and EU AI Act reviewers — model cards, agent cards, HITL architecture, inventory, governance operating model.

Read the note →/fintrac-ciro-ai-2026

FINTRAC 2026 and CIRO consolidation — AI in Canadian financial services

What the 2026 FINTRAC amendments and CIRO consolidation mean for AI-driven transaction monitoring and investment-dealer supervision.

Read the note →/intervenability

The intervenability turn — why monitoring alone stops working

Observability became table stakes. The 2026 maturity step is intervenability — how fast you can stop the system and who is on the gate when you do.

Read the note →/osfi-e23-vendor-cascade

What OSFI E-23 asks of AI vendors selling into Canadian banks

The practical flow-down effect of E-23 on AI vendors, read clause-by-clause against the supervisory perimeter the bank client operates under.

Read the note →/osfi-e23-vendor-playbook

OSFI E-23 vendor questionnaire playbook

The questions Canadian FRFI procurement teams are sending on AI, the artifacts that answer them, and the failure modes that show up repeatedly.

Read the note →/osfi-fifai-agile

What OSFI is signalling through its AI governance workshops

FIFAI is a channel, not a rulebook. How OSFI's supervisory themes cascade through E-23, B-10 and E-21 to shape AI governance programmes in Canadian FRFIs.

Read the note →/platform-vs-consultancy

AI governance — platform, consultancy, or something else

A structured comparison of AI governance platforms and consultancy-led delivery for Canadian and North American FSI. Where each fits, where each breaks.

Read the note →/sr-11-7-e-23-crosswalk

SR 11-7 meets OSFI E-23 — a cross-border model risk crosswalk

The Fed/OCC/FDIC refresh and the OSFI E-23 enforcement date have made the two frameworks asymmetric on GenAI and agentic AI. Here is the crosswalk.

Read the note →/three-governance-gaps

Three AI governance gaps existing tools cannot close

Observability without traceability, policy buried in prompts, and a commit-semantics gap — three structural failures dashboards and GRC tools cannot address alone.

Read the note →

Looking for the current editorial track?

The firm publishes longer-form insights on the regulatory ground that is moving fastest, and compliance playbooks that walk from discovery to artifact. Both are maintained against change.

InsightsPlaybooks