The draft guidelines, released for public consultation, calls for requirement for robust human oversight of all AI-driven decision-making. Banks must establish override, suspension and deactivation mechanisms — including kill-switch arrangements — to ensure that no AI model can operate without the ability to be immediately shut down if it produces harmful or erroneous outputs.
Also read:
The RBI has also flagged the risk of automation bias — the tendency of bank employees to over-rely on AI outputs without applying their own judgment. For customer-facing AI systems, banks must disclose to customers that they are interacting with an AI system and must provide them with the option to switch to a human at any point.
The framework also introduces a risk-based tiering structure that requires regulated entities to classify all models — from simple spreadsheet-based calculators to complex frontier AI systems — by their risk level, and apply proportionate oversight, validation and controls accordingly. The risk tier of a model must be reviewed at least annually.
Live Events
High-risk models require approval from the Risk Management Committee of the Board before deployment — they cannot be cleared by the technology or risk team alone.
Board-Level Accountability
For the first time, the RBI is placing AI and model governance squarely at the board level. Every regulated entity must have a Board-approved Model Risk Management Framework covering all models — whether built internally, sourced from vendors, or a combination. The board is responsible for approving the entity’s risk appetite for model risk, setting policies for , and ensuring these are forward-looking and informed by stress testing and scenario analysis.
Also read:
Third-Party and AI Vendor Models
The draft guidelines take a particularly firm line on third-party models — including AI platforms and models sourced from fintech and technology vendors. A regulated entity remains fully accountable for the outcomes of any model it uses, regardless of whether it built the model itself or bought it from outside.
The RBI has specifically flagged supply chain risk — the risk arising from over-dependence on a limited number of AI model providers — as a concern that banks must actively manage. This is a pointed reference to the growing concentration of AI capabilities in a handful of global technology companies.
Explainability, Bias and Fairness
For AI and ML models, the RBI has introduced a set of specific requirements that go beyond conventional model validation. Banks must define explainability thresholds for all AI models — the ability to explain, in understandable terms, why a model produced a particular output.
as a Reliable and Trusted News Source
(You can now subscribe to our )