Listen to this post
FIG Paper No 59 – AI in Indian Financial Services: Balancing Innovation with Accountability and Regulation

Summary: As artificial intelligence reshapes the contours of India’s financial landscape, regulated entities find themselves navigating a delicate balance between harnessing transformative innovation and managing its inherent risks spanning algorithmic bias, model opacity, and systemic concentration. The RBI’s establishment of the FREE-AI committee signals a decisive regulatory commitment to responsible AI governance, anchored in principles of accountability, fairness, and explainability. The paper ultimately calls upon regulated entities to embed these imperatives at the very foundation of their AI frameworks, underpinned by robust data governance and a culture of institutional vigilance.

  1. With large-scale adoption of Artificial Intelligence (“AI”) by banks, non-banking financial companies, payment system operators and other regulated entities (collectively “REs”), identification of key risks is important, as also noted by the RBI[1]:
    • Algorithmic Bias and Discriminatory Outcomes: AI models trained to aid credit risk assessment may build biases.
    • Opacity and the Black-Box Problem: AI models typically operate as black boxes, producing outputs without providing intelligible explanations.
    • Data Privacy and Cybersecurity: Obtaining informed and specific consent and maintaining data security, given that the Digital Personal Data Protection Act, 2023 (“DPDP Act”), will be coming into force.
    • Dependence Risk: Ensuring business continuity should an AI application fail in its purpose or be found not in line with regulations.
    • Systemic Risk: Usage of similar models, datasets, or vendors leads to erosion of the systemic diversity that ordinarily serves as a buffer against contagion risk.[2]
  2. To address these through regulatory oversight, the RBI has, (i) in principle, accepted the recommendation of its Working Group on Digital Lending – digital lenders[3] should adopt ethical AI, focused on protecting and serving users, promoting transparency, inclusion, impartiality, responsibility, reliability, security, and privacy ; (ii) announced the establishment of a committee to develop a framework for responsible and ethical enablement of AI (“FREE-AI”) in the financial sector[4] ; (iii) developed MuleHunter.AI, an AI tool to identify mule accounts used by cybercriminals to divert victims’ funds.[5] Additionally, the Securities and Exchange Board of India (“SEBI”) has indicated its intent to issue guidelines governing AI-driven trading systems, aimed at mitigating the heightened cyber risks associated with the deployment of AI.[6]
  3. These concerns are not unique to India as globally regulators have moved to develop structured governance frameworks for AI in financial services. The EU Artificial Intelligence Act, Regulation 2024/1689[7], establishes a risk-based grading of AI applications with layered compliance obligations. The Monetary Authority of Singapore (“MAS”) issued Guidelines on AI Risk Management in November 2025, setting out MAS supervisory expectations on AI governance, risk management systems, lifecycle controls, and organisational capability. It is also intended to apply to generative AI systems and AI agents.[8]
  4. Drawing from both regulatory guidance and institutional best practices, REs developing AI applications should acknowledge the following principles of AI use, ensuring that AI systems being used remain in consonance with both existing and future regulatory requirements:
    • Human Responsibility Must Remain Central: AI may support decision-making, but accountability must remain with humans and institutions. REs should establish internal code of ethics and governance structures specifically for use of AI technology, including supervisory mechanisms, delegation of responsibilities, access restrictions, checks and balances, lifecycle monitoring, and accountability frameworks.
    • Fairness and Explainability Must Be Built in from the Start: As required by applicable regulations, customers whose applications are rejected must be provided with reasons for such rejections. Regulators and institutions must, therefore, mandate that AI systems used in credit, insurance, and investment decisions be capable of generating intelligible explanations for their outputs.
    • Strong Data Governance Is Essential: Institutions must carefully manage the entire lifecycle of data, especially considering existing customer data confidentiality obligations imposed by the RBI and the DPDP Act.
    • Institutional Capacity Must Be Strengthened: Regulated entities must re-train and re-orient operational staff, senior management and the Board, to work with AI-based systems, and re-engineer internal processes so that the benefits of AI are realised safely.

[1] The RBI At the Global FinTech Fest 2025, Mr. T. Rabi Sankar, Deputy Governor, Reserve Bank of India (“RBI”) cautioned that while AI brings immense efficiency, innovation, and financial inclusion, it also carries unprecedented risks if left unchecked.[1] This concern was echoed in April 2026, when Mr. Swaminathan J, Deputy Governor, RBI observed that AI is beginning to reshape how financial institutions serve customers, process documents, assess credit, etc., and that the real question is not whether finance will become more intelligent, but “whether it will remain fair, accountable, inclusive, and humane”. See The Economic Times, ‘AI carries dual narrative… if left unattended, it could pose unprecedented threats, warns RBI Deputy Governor T Rabi Sankar’ (2025), available here and Reserve Bank of India, ‘AI in Finance: What can change, what must never change’ (2026), available here.

[2] Reserve Bank of India, ‘FREE-AI Committee Report’(2025), available here.

[3] Reserve Bank of India, ‘Report of the Working Group on Digital Lending including Lending through Online Platforms and Mobile Apps’ (2021), available here.

[4] The FREE-AI framework is anchored in seven foundational principles referred to as the “7 Sutras” and operationalised through twenty-six targeted recommendations under six strategic pillars, namely Infrastructure, Policy, Capacity, Governance, Protection, and Assurance.

[5] Press Information Bureau, ‘RBI Strengthens Framework on Unauthorised Electronic Banking Transactions’ (2026), available here.

[6] Financial Express, ‘Sebi to issue guidelines for AI-led trading systems’ (2026), available here.

[7] European Parliament and Council of the European Union, ‘Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence (Artificial Intelligence Act)’ (2024), available here.

[8] Monetary Authority of Singapore, ‘MAS Guidelines for Artificial Intelligence Risk Management’ (2025), available here.

Tags: AI, AI governance, Algorithmic bias, cybercriminals, Data Governance, Data Privacy, DPDP Act, Financial sector AI, fintech, innovation, RBI, RBI FREE-AI framework, Regulatory compliance
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Anand Sinha Anand Sinha

Senior Advisor in Project & Project Finance practice at the Mumbai office of Cyril Amarchand Mangaldas. Mr. Sinha focuses on policy issues and also acts in an advisory capacity relating to banking and non-banking financial issues on both regulatory and transactional matters. Some…

Senior Advisor in Project & Project Finance practice at the Mumbai office of Cyril Amarchand Mangaldas. Mr. Sinha focuses on policy issues and also acts in an advisory capacity relating to banking and non-banking financial issues on both regulatory and transactional matters. Some of his core area of expertise includes banking sector M&A, foreign bank licensing regime and foreign bank subsidiarisation, prudential norms, and monetary policy. He can be reached at anand.sinha@cyrilshroff.com

Show more Show less
Photo of Lily Vadera Lily Vadera

Senior regulatory advisor in the  Financing Practice at the Mumbai office of Cyril Amarchand Mangaldas. She is the former Executive Director, Reserve Bank of India (RBI)  has served RBI for more than three decades and headed the crucial department of regulation where she…

Senior regulatory advisor in the  Financing Practice at the Mumbai office of Cyril Amarchand Mangaldas. She is the former Executive Director, Reserve Bank of India (RBI)  has served RBI for more than three decades and headed the crucial department of regulation where she dealt with the regulatory framework for various entities in financial sector, covering all categories of banks and non-banking finance companies. She framed regulations for Fintech players and played significant role in amalgamation of banks in stress. She also played an important role as a member of Insolvency Law Committee set up by Ministry of Corporate Affairs. She can be reached at lily.vadera@cyrilshroff.com

Show more Show less
Photo of Anu Tiwari Anu Tiwari

Partner (Head – Fintech and FSRP) at Cyril Amarchand Mangaldas. Anu represents Indian and multinational banking, broker-dealer, exchange, asset management, speciality finance, fintech and information/ emerging technology companies on transactional, enforcement and regulatory matters. His transactional practice focus is on public & private…

Partner (Head – Fintech and FSRP) at Cyril Amarchand Mangaldas. Anu represents Indian and multinational banking, broker-dealer, exchange, asset management, speciality finance, fintech and information/ emerging technology companies on transactional, enforcement and regulatory matters. His transactional practice focus is on public & private M&A, capital raising, commercial agreements and activism matters. Anu advises financial services clients on matters before the Reserve Bank of India (RBI), Securities and Exchange Board of India (SEBI), Ministry of Finance, Enforcement Directorate and appellate tribunals. He can be reached at anu.tiwari@cyrilshroff.com

Show more Show less
Photo of Kush Wadehra Kush Wadehra

Partner in the Corporate and Financial Regulatory practice at the Mumbai office of Cyril Amarchand Mangaldas. Kush has represented various Indian and multinational fintech, information/ emerging technology companies, on transactional, enforcement and regulatory matters. His transactional practice focus is on public & private…

Partner in the Corporate and Financial Regulatory practice at the Mumbai office of Cyril Amarchand Mangaldas. Kush has represented various Indian and multinational fintech, information/ emerging technology companies, on transactional, enforcement and regulatory matters. His transactional practice focus is on public & private M&A, commercial agreements and regulatory matters. He can be reached at kush.wadehra@cyrilshroff.com

Show more Show less
Photo of Naman Lodha Naman Lodha

Senior Associate in the Financial Services Regulatory Practice at the Mumbai office of Cyril Amarchand Mangaldas. Naman advises clients on regulatory matters with respect to financial services. He can be reached at naman.lodha@cyrilshroff.com

Photo of Abhyuday Jaiswal Abhyuday Jaiswal

Associate in the Financial Services Regulatory Practice at the Mumbai office of Cyril Amarchand Mangaldas. Abhyuday can be reached at abhyuday.jaiswal@cyrilshroff.com

Photo of Lavanya Malani Lavanya Malani

Associate in Financial Services Regulatory Practice (FSRP) at the Mumbai office of Cyril Amarchand Mangaldas. Lavanya can be reached at lavanya.malani@cyrilshroff.com

Related Posts
FIG Paper No 58: RBI Issues Operating Framework for Facilitating Outward Remittance Services by Non-Bank Entities
June 1, 2026
UPI Goes Global: The Regulatory Reckoning Ahead
May 11, 2026
FIG Paper No. 56 : Payments Vision 2028: Way Forward
April 9, 2026