RBI flags AI-powered cyberattacks as the biggest risk to India’s financial sector

0
36
RBI identifies AI-powered cyber threats as the top financial sector risk
RBI identifies AI-powered cyber threats as the top financial sector risk

Artificial intelligence-driven cyber threats have emerged as the top cybersecurity concern for India’s financial sector over the next 12 months, according to the Reserve Bank of India’s June 2026 Financial Stability Report (FSR). The findings highlight growing concerns over the increasing sophistication and scale of AI-enabled cyberattacks.

The assessment is based on a survey of 33 Scheduled Commercial Banks (SCBs) and 10 Upper Layer Non-Banking Financial Companies (NBFCs). The report identified AI-enabled cyber threats as the most significant near-term risk, followed by third-party dependency and supply chain vulnerabilities.

According to the RBI, rapid advances in AI are making cyberattacks faster, more sophisticated and capable of being executed on a much larger scale. The central bank also noted that emerging frontier AI models could significantly impact the resilience of Information Technology (IT) and Operational Technology (OT) systems across the financial sector.

The report warned that AI-powered attacks could disrupt financial services, cause financial losses, damage institutional reputations, expose sensitive customer data and weaken public trust. It also cautioned that increasing reliance on shared technologies could create systemic risks through common vulnerabilities and technology concentration.

Despite these concerns, financial institutions continue to assess their current cybersecurity position as relatively stable. Nearly 98% of surveyed organisations rated their existing cyber risk levels as very low to moderate, while cyber incidents reported during FY26 caused minimal disruption and were mostly contained within 24 hours.

However, the RBI noted that preparedness against AI-enabled cyber threats is still evolving. Most financial institutions classified themselves at the “Developing” or “Intermediate” stage of readiness, indicating that stronger capabilities are still being built.

The central bank stressed the need for continuous, risk-based improvements in cyber resilience. It recommended strengthening threat monitoring, detection, incident response, employee awareness and overall cybersecurity preparedness.

The report also highlighted growing dependence on external technology providers as another major concern, warning that a significant cyber incident affecting a third-party service provider could quickly spread across multiple financial institutions and pose broader risks to financial stability.

Also read: Viksit Workforce for a Viksit Bharat

Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter

About us:

The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.