bfsi

Risks And Challenges Of AI Highlighted By RBI

If the opportunity side of AI feels expansive, the risks outlined by the RBI are equally sobering. The report makes it clear that unchecked adoption could destabilise both firms and markets. This is not rhetorical caution; the vulnerabilities are real and already visible.

The first is model risk. AI systems often behave like black boxes, powerful in prediction, opaque in logic. A credit model that misclassifies a borrower, or a fraud system that repeatedly flags genuine payments, is not merely a technical glitch. It can mean reputational damage, regulatory penalties, and erosion of customer confidence. The RBI rightly notes that bias in training data or poorly calibrated algorithms can hard-wire discrimination into financial processes.

Operational risks follow close behind. AI reduces human error in many processes, but it also amplifies the cost of mistakes when they occur at scale. A single point of failure in a real-time payments environment could cascade through millions of transactions. Market stability itself is not immune: history remembers the “flash crash” of 2010, and algorithmic misfires in a more AI-saturated environment could prove even more destabilising.

Third-party dependency adds another layer. Most Indian banks and NBFCs lean heavily on external vendors for AI models, cloud services, and integration layers. That concentration risk leaves institutions exposed to interruptions, contractual blind spots, and even geopolitical vulnerabilities. The report is blunt on this: outsourcing AI without iron-clad governance is an open invitation to risk.

Cybersecurity risks are no less pressing. AI is a double-edged sword here: it strengthens defence, but it also lowers the cost and sophistication threshold for attackers. Deepfake fraud, AI-engineered phishing, and data-poisoning attacks are already hitting financial institutions globally. For a sector built on trust, the reputational consequences of one high-profile breach could be devastating.

And then there is the risk of inertia. The RBI points out that institutions which resist AI adoption may find themselves doubly vulnerable, unable to counter AI-driven fraud and left behind by more agile competitors. In a sector where margins are tightening, standing still is itself a risk strategy.

The FREE-AI Framework Explained

The RBI’s Committee has attempted something unusual in Indian regulatory practice: to codify a philosophy for AI adoption rather than issue narrow compliance checklists. The FREE-AI framework — short for Framework for Responsible and Ethical Enablement of AI — is built around seven “Sutras” and six strategic pillars. Taken together, they are intended to guide how regulated entities design, deploy and govern artificial intelligence.

At the heart of the framework lie the Seven Sutras — principles that set the moral and operational compass:

• Trust is the foundation. AI systems must inspire confidence not only in their outcomes but also in their process.

• People first. Human oversight and consumer interest cannot be sacrificed at the altar of efficiency.

• Innovation over restraint. The regulator signals it does not want to stifle progress, provided safeguards are in place.

• Fairness and equity. Models must avoid systemic bias that could exclude vulnerable groups.

• Accountability. Responsibility must sit with identifiable decision-makers, not be diffused into algorithms.

• Understandable by design. Black-box systems that cannot be explained will not withstand scrutiny.

• Safety, resilience and sustainability. AI must be stress-tested for shocks, cyber threats and long-term viability.

To move these ideals into practice, the report maps them against six strategic pillars. Three are enablers of innovation, infrastructure, policy, and capacity, and three are risk mitigators, governance, protection, and assurance. Under these sit 26 specific recommendations: from the creation of shared infrastructure and financial-sector sandboxes to board-approved AI policies, mandatory audits, and consumer disclosure requirements.

What is notable is the tone of the framework. It does not treat risk controls as an afterthought but places them on equal footing with innovation. A tolerant approach is suggested for low-risk AI use cases, particularly those that advance financial inclusion, but higher-stakes deployments will be subject to tighter scrutiny. 

AI Adoption And Use Cases: What RBI’s Surveys Show

The RBI conducted two surveys in 2025 — one by the Department of Supervision covering 612 regulated entities and another by the FinTech Department covering 76 institutions with 55 CTO/CDO follow-ups. Together, they capture nearly 90% of the sector’s assets, making them a credible reflection of the state of play.

Adoption Levels

• Overall adoption is thin: only 20.80% (127 of 612) entities reported using or building AI solutions.

• Banks: larger commercial banks are more active, but adoption still centres on limited functions.

• NBFCs: 27% of 171 surveyed have live or developing use cases.

• Urban Co-operative Banks (UCBs): Tier-1 UCBs — none; Tier-2 and Tier-3 report usage in single digits.

• ARCs: none reported adoption.

This confirms that AI penetration is still largely confined to bigger balance sheets with stronger tech capabilities.

Complexity Of Models

Most reported applications use rule-based systems or moderate machine learning models. More advanced architectures, deep learning, neural networks, or generative stacks, are rare in production. The comfort zone remains models that can be explained and slotted into legacy IT frameworks without destabilising compliance.

Infrastructure Choices

• 35% of entities using AI host models on public cloud.

• The balance prefers private cloud, hybrid, or on-premise deployments, reflecting ongoing caution around data control, privacy, and outsourcing risks.

Use Cases (583 Applications Reported)

The RBI categorised 583 distinct applications across the surveyed entities:

• Customer support – 15.60%

• Credit underwriting – 13.70%

• Sales and marketing – 11.80%

• Cybersecurity and fraud detection – 10.60%

• Other emerging use cases – internal administration, coding assistants, HR workflows, and compliance automation are rising but not yet mainstream.

This distribution illustrates a preference for low-to-medium risk operational functions rather than core balance-sheet exposures.

Generative AI

Interest in generative AI is widespread but tentative. In the FinTech Department’s sample of 76, 67% of institutions said they were exploring at least one generative use case. Yet these were overwhelmingly internal pilots: knowledge assistants, report drafting, code generation. Customer-facing deployments remain scarce due to unease about data sensitivity, unpredictable outputs, and the absence of clear explainability mechanisms.

Governance And Control Mechanisms

Perhaps the most telling findings relate to safeguards. Adoption often happens without adequate governance:

• Interpretability tools (e.g., SHAP, LIME): only 15% reported use.

• Audit logs: 18%.

• Bias and fairness validation: 35%, and mostly pre-deployment rather than continuous.

• Human-in-the-loop oversight: 28%.

• Bias mitigation protocols: 10%.

• Periodic audits: 14%.

• Model retraining: 37%, but ad hoc in many cases.

• Drift monitoring: 21%.

• Real-time performance monitoring: 14%.

Reading The Numbers

The survey findings point to a sector that is experimenting but not yet institutionalising AI. Adoption is selective, shallow, and uneven across segments. The concentration of activity in larger banks and NBFCs highlights both the opportunity and the risk: systemic players are experimenting at scale without consistent controls, while smaller institutions risk being left behind entirely.

Inclusion, Digital Public Infrastructure And Sector-Specific Models

The report is unequivocal about AI’s role in widening formal finance without diluting prudence. It points to alternate data—utility payments, mobile usage patterns, GST filings and e-commerce behaviour—as credible signals for underwriting thin-file or new-to-credit borrowers, particularly MSMEs and first-time users. This is not an argument for laxity; it is an argument for better signals, especially where bureau history is sparse.

Inclusion, however, is not only about scorecards. The report emphasises multilingual access and low-friction channels that meet users where they are. AI-powered chatbots for guidance and grievance redress, and voice-enabled banking in regional languages for the illiterate or semi-literate, are explicitly flagged as near-term, high-impact levers. The intent is straightforward: reduce the cognitive and linguistic barriers that keep millions from using formal services confidently.

A second plank is the convergence with Digital Public Infrastructure (DPI). India’s rails—Aadhaar, UPI and the Account Aggregator framework—are treated as the substrate on which AI can enable personalisation and real-time decisioning at a population scale. The report is explicit: conversational AI embedded into UPI, KYC strengthened through AI in tandem with Aadhaar, and context-aware service via Account Aggregator are practical upgrades, not distant aspirations. To avoid concentration advantages, the report also moots AI models offered as public goods so that smaller and regional players can participate meaningfully.

On the modelling side, the committee pushes beyond generic LLM enthusiasm and asks a pointed question: Should India develop indigenous, sector-specific foundation models for finance? The rationale is not industrial policy for its own sake; it is risk and fit. A model that does not reflect India’s linguistic and operational diversity risks urban-centric bias and poor performance in real-world Indian contexts. General-purpose models, trained largely on English and Western corpora, will not reliably handle India’s multilingual and domain-specific needs.

Accordingly, the report outlines two practical directions. First, Small Language Models (SLMs): narrow, task-bound models that are faster to train, cheaper to run, and easier to govern, particularly when fine-tuned from open-weight bases for specific financial tasks. Second, “Trinity” models built on Language-Task-Domain combinations—e.g., Marathi + Credit-risk FAQs + MSME finance, or Hindi + Regulatory summarisation + Rural microcredit—to ensure regulatory alignment, multilingual inclusion, and operational relevance while keeping compute budgets realistic. The report notes these systems can be built quickly with moderate resources—a pragmatic route for Indian institutions.

Finally, the report widens the lens to the near-horizon. Autonomous agent patterns (using protocols like MCP and agent-to-agent messaging) could shift finance from task automation to decision automation—for instance, an SME’s agent negotiating with multiple lender-agents for real-time offers and execution. The paper also flags privacy-enhancing technologies and federated learning for collaborative training without raw-data exchange—important for inclusion use cases where data fragmentation and privacy risks otherwise stall progress. 

Barriers And Governance Gaps

The surveys surface a consistent set of impediments that explain why adoption is shallow outside a handful of large institutions. Chief among them are the talent gap, high implementation costs, patchy access to quality training data, limited computing capacity, and legal uncertainty. Smaller players, already stretched on capex and compliance, asked for low-cost, secure environments to experiment before committing to production.

Beyond economics, the risk picture is clear. Institutions flagged data privacy, cybersecurity, governance shortcomings, and reputational exposure as the principal concerns. Many remain wary of pushing advanced models into live workflows because of opacity and unpredictability—and the governance demands that follow. The implication is obvious: the more consequential the decision (credit, fraud, claims), the higher the bar for control and audit.

On internal readiness, the gap is structural. Only about one-third of respondents—mostly large public-sector and private banks—reported any Board-level framework for AI oversight. Only about one-fourth said they have formal processes to mitigate AI-related incidents. In many institutions, AI risks are loosely folded into generic product approval routines rather than being managed through a dedicated risk vertical. Training and staff awareness are thin, limiting the organisation’s ability to handle evolving risks.

Data governance is fragmented. Most entities lack a dedicated policy for training AI models. Key lifecycle functions—data sourcing, preprocessing, bias detection and mitigation, privacy, storage and security—are scattered across IT and cybersecurity policies. Data lineage and traceability systems, essential for accountability and reliable models, are missing in many legacy estates. Access to domain-specific, high-quality structured data remains a persistent pain point.

Even where AI is in use, safeguards are uneven. Of the 127 adopters, only 15% reported using interpretability tools; 18% maintain audit logs; 35% perform bias/fairness validation, mostly at build-time rather than in production. Human-in-the-loop is present in 28%, but bias-mitigation protocols sit at 10%, and regular audits at 14%. Periodic retraining is reported by 37%, drift monitoring by 21%, and real-time performance monitoring by just 14%—figures that underscore why supervisors are pressing for stronger model lifecycle controls.

Capacity building is patchy. A few institutions have launched training programmes, industry partnerships and centres of excellence, but talent remains scarce and efforts are fragmented. Respondents also emphasised the need to raise customer awareness so that AI-enabled services are better understood and trusted at the front line.

Finally, the demand from the industry is explicit: 85% of deep-dive respondents asked for a formal regulatory framework, with guidance on privacy, algorithmic transparency, bias mitigation, use of external LLMs, cross-border data flows, and a proportional, risk-based approach that allows safe innovation while tightening controls where stakes are high. 

Regulatory Trajectory: Proportionality, Outsourcing, Consumer Disclosures

RBI’s stance remains technology-agnostic but expects AI to be governed within the existing lattice of IT, cyber, digital lending and outsourcing rules, with incremental AI-specific clarifications layered on top where needed.

Proportionality (what to expect): the Committee signals a consolidated issuance to stitch AI-specific expectations—disclosures, vendor due diligence on AI risks, and cyber safeguards—into current regulations, rather than creating a separate AI rulebook.

Outsourcing (clarity on scope):

• If an RE embeds a third-party AI model inside its own process, treat it as internal use—the RE’s standard governance and risk controls apply.

• If the RE outsources a service and the vendor uses AI to deliver it, that is outsourcing; contracts should explicitly cover AI-specific governance, risk mitigation, accountability and data confidentiality, including subcontractors.

Consumer protection (minimums): customers should know when they are dealing with AI, have a means to challenge AI-led outcomes, and access robust grievance redress. These expectations flow from existing consumer circulars and are to be read as applicable to AI.

Digital lending (auditability): AI-based credit assessments must be auditable, not black boxes; data collection must be minimal and consent-bound, including for DLAs/LSPs.

Cyber/IT (extend controls to AI): apply access control, audit trails, vulnerability assessment and monitoring to AI stacks, mindful of data poisoning and adversarial attacks.

In short: expect a risk-based consolidation of AI expectations across the existing rule set, explicit outsourcing language for vendor-delivered AI services, plain-English disclosures to customers, and auditable model decisions for high-stakes use cases.

Operational Safeguards: Policy, Monitoring, And Incident Reporting

RBI’s framework expects AI to be governed as a first-class risk. That means formal policy, live monitoring, clear fallbacks, and an incident regime that can withstand supervisory scrutiny.

Board-Approved AI Policy. Institutions should maintain a single, actionable policy that: inventories AI use cases and risk-tiers them; fixes roles and accountability up to Board/committee level; codifies the model lifecycle (design, data sourcing, validation, approval, change control, retirement); sets minimum documentation standards; and defines training for senior management through to frontline teams. The policy should also spell out third-party controls (due diligence, SLAs, subcontractor visibility, right to audit) and the cadence for periodic review.

Data And Documentation. Keep an auditable trail of what went into and came out of each model: data sources and legal basis (consent/minimisation), preprocessing steps, versioned training sets, feature lineage, hyperparameters, and inference-time logs where feasible. Retention should align with existing data and consumer regulations.

Pre-Deployment Testing. High-impact models should face structured validation: representativeness checks on datasets; back-testing and challenger comparisons; fairness/bias testing on protected cohorts; stability tests across segments and time; and adverse scenario tests (including attacks such as prompt injection, data poisoning, adversarial inputs, inversion/distillation where relevant). Approval gates and sign-offs should be recorded.

Production Monitoring. Treat AI as “always in observation”:

• Performance and error-rate tracking with thresholds for alerts and human review.

• Drift detection on data and outcomes; defined triggers for retraining or rollback.

• Continuous fairness checks where decisions affect customer access, pricing, or claims.

• Access controls, audit trails and tamper-evident logs for models and data.

• Change management for any update to data, code, thresholds, or prompts—including roll-back plans.

Human-In-The-Loop And Explainability. For high-stakes calls (credit, claims, fraud flags, adverse onboarding outcomes), ensure a human override path and an explanation that can be shown to customers and auditors. Record when and why overrides occur.

Business Continuity For AI. Define safe-fail modes: a kill-switch, degraded service (e.g., revert to prior approved model or rules), and manual operations where required. Map these to specific processes (payments, lending, onboarding) so continuity steps are executable under time pressure.

Vendor Oversight (When AI Is In The Service Chain). Contracts should name AI-specific obligations: model governance standards, data segregation and confidentiality, geo/sovereignty constraints, transparency on sub-processors, audit rights, security posture, and incident notification timelines with evidence packs. Where a third-party model is embedded inside your own process, apply your internal controls as if it were built in-house.

Customer Safeguards. Provide plain-English disclosure when an interaction or decision is AI-enabled, outline how customers can contest outcomes, and route challenges to trained staff. Keep redress timelines and decision records auditable.

Incident Reporting (Annexure Lens). Prepare to log and report AI incidents using a consistent template. At minimum capture: use case and model details; trigger and time of detection; impacted customers/systems/financials; severity; root cause; immediate containment; longer-term remediation and prevention; and named contacts. Link incident thresholds to your monitoring triggers and BCP so escalation is automatic rather than ad hoc.

Enablers: Innovation Sandbox And Sector Collaboration

The report does not view responsible AI as a compliance burden alone; it proposes concrete enablers to help institutions adopt safely and at speed.

AI Innovation Sandbox. A supervised, time-bound environment where banks, NBFCs and fintech partners can test AI use cases with real-world constraints and clear guardrails. The intent is to de-risk early pilots, surface model and data issues before scale, and document learnings in a format that can be audited and reused.

Shared Infrastructure And Public Goods. Sector access to curated datasets, evaluation suites, and compute on fair terms—especially for smaller and regional players. The emphasis is on domain-relevant benchmarks (credit, fraud, AML, KYC) and lightweight, explainable models that can run economically and be governed by existing risk functions.

Sector-Specific Models And Tooling. Practical focus on small language models and narrow task models tuned to Indian finance (languages, products, processes). Tooling includes bias and drift tests, red-team playbooks for adversarial inputs, and out-of-the-box explainers suitable for customer-facing decisions.

Standard Templates And Policy Kits. Model cards, data lineage registers, change-control logs, and incident report formats that align with supervisory expectations. These reduce time to compliance and create comparable evidence across institutions.

Capacity And Knowledge-Sharing. Board and senior management briefings, communities of practice for CRO/CTO teams, and joint exercises on model failures and recovery. The goal is consistent judgement across firms on when to escalate, when to roll back, and how to evidence decisions.

Vendor And Outsourcing Hygiene. Clearer procurement language for AI components—governance standards, transparency on sub-processors, audit rights, geo/sovereignty constraints, and incident-notification obligations—so external capabilities can be used without importing opaque risks.

Alignment With National AI Safety Efforts. Testing, assurance, and benchmarking to be interoperable with the emerging national safety and standards ecosystem, so results from one setting can inform supervisory reviews across the sector.

How AuthBridge Helps BFSI Align With FREE-AI

RBI’s framework sets clear expectations: evidence, accountability, explainability, and recoverability. AuthBridge’s stack lines up well against that bar, helping institutions shift from pilots to governed production without losing speed.

What The Framework Expects vs What You Can Operationalise With AuthBridge

Conclusion

The RBI’s FREE-AI framework marks a decisive shift in how artificial intelligence will be viewed in Indian finance: not as an optional add-on but as a regulated capability that demands the same rigour as credit, capital or liquidity management. For BFSI institutions, the task is twofold—embrace the efficiency and reach AI enables, while embedding the safeguards that preserve trust and systemic stability. Those that move early will not only stay compliant but will also earn the confidence of customers and regulators alike. With AuthBridge’s AI-driven verification, diligence and compliance solutions, the sector can operationalise these expectations today—turning regulatory alignment into a competitive advantage.