Key Details
The draft guidance establishes India’s first comprehensive Model Risk Management framework for financial institutions, recognising the growing use of AI, machine learning and advanced analytics across banking operations.
Theme | Key Proposal | Why It Matters |
|---|---|---|
Governance | Board-approved Model Risk Management framework with clearly assigned responsibilities | Makes model risk a board-level governance issue |
Scope | Covers statistical, analytical, AI and machine learning models | Creates a common framework for traditional and emerging technologies |
Independent Validation | Mandatory validation before deployment and periodic review throughout the model lifecycle | Improves reliability and reduces model failures |
AI & Machine Learning | Additional governance for complex and less interpretable models | Addresses explainability and algorithmic risks |
Third-Party Models | Regulated entities remain accountable for vendor-developed models | Strengthens outsourcing and technology risk management |
Monitoring & Audit | Enterprise-wide model inventory, continuous monitoring and internal audit | Ensures ongoing oversight and accountability |
Summary
RBI Wants AI Models to Meet the Same Governance Standards as Other Financial Risks
The RBI’s draft guidance reflects a major shift in financial regulation as AI, machine learning, and advanced analytical models become central to lending, fraud detection, treasury operations, pricing and customer-facing services. Rather than regulating individual technologies, the framework seeks to ensure that every model influencing important financial decisions is subject to robust governance, independent scrutiny and continuous oversight.
Governance Moves Beyond Technology Teams
The RBI proposes that Model Risk Management (MRM) become an enterprise-wide governance responsibility rather than a technical function managed only by data scientists or business units.
Regulated entities would be expected to:
Maintain a board-approved MRM framework.
Clearly define responsibilities across business, risk and senior management functions.
Maintain an enterprise-wide inventory of material models.
Classify models according to their risk, complexity and potential business impact.
The objective is to ensure that model risk receives the same institutional attention as credit, market and operational risks.
Validation Becomes a Continuous Process
The draft guidance makes independent model validation a core regulatory expectation. Validation is intended to continue throughout the model’s lifecycle rather than ending once a model is deployed.
Institutions would be expected to assess:
Conceptual soundness of the model.
Data quality and underlying assumptions.
Performance under changing economic conditions.
Emerging risks such as model drift and deterioration over time.
This reflects the RBI’s view that models require continuous monitoring as business environments, customer behaviour and economic conditions evolve.
AI and Vendor Models Face Greater Regulatory Scrutiny
Recognising the rapid adoption of AI and machine learning, the RBI proposes stronger governance for models whose decision-making processes may be difficult to interpret or explain. The guidance also makes clear that outsourcing does not transfer responsibility—banks and NBFCs remain accountable for models developed by external vendors or technology providers.
Together, these proposals seek to balance financial innovation with consumer protection, ensuring that increasingly automated financial decisions remain transparent, reliable and subject to effective institutional oversight.
What is Model Risk?
Model risk refers to the possibility that decisions based on statistical, analytical, AI or machine learning models produce inaccurate or unintended outcomes because of flawed assumptions, poor-quality data, implementation errors, coding defects or inadequate monitoring. Effective Model Risk Management ensures that such models remain reliable, transparent and appropriate throughout their lifecycle.
Policy Relevance
Establishes India’s first comprehensive regulatory framework for governing AI, machine learning and analytical models across banks and NBFCs, bringing model risk under formal supervisory oversight.
Strengthens board-level accountability by requiring directors and senior management to oversee the governance, validation and performance of models that influence lending, pricing, capital allocation and risk management.
Raises regulatory standards for AI-enabled credit scoring, algorithmic lending, fraud detection and other automated financial decisions, encouraging greater explainability and fairness.
Reinforces vendor accountability by making regulated entities responsible for risks arising from third-party and outsourced AI models, reducing technology and outsourcing vulnerabilities.
Encourages financial institutions to build dedicated model governance, validation and internal auditcapabilities as AI becomes increasingly embedded in financial services.
Aligns India’s financial regulatory architecture with emerging international approaches to AI governance, responsible finance and digital financial supervision, helping strengthen trust in technology-driven banking.
Follow the Full Draft Guidance Here: Guidance on Regulatory Principles for Model Risk Management, 2026