As artificial intelligence adoption grows across the financial sector, the Reserve Bank of India (RBI) has started discussions with banks to assess cybersecurity preparedness linked to AI applications and infrastructure.
According to banking executives, the meetings focused on understanding the safeguards currently being used by lenders for AI systems, AI agents, third-party AI models, and related infrastructure. The discussions were aimed at evaluating risk preparedness rather than issuing any immediate compliance directions.
“RBI wanted to understand from a security point of view what measures banks are taking to secure AI applications and AI infrastructure,” an official from a private sector bank said. “Banks have been asked to prepare one or two pagers describing what all they are doing currently from the security point of view.”
Executives said the central bank has not yet asked lenders to submit any formal Action Taken Report (ATR). Around 10-15 banks reportedly participated in the latest round of discussions, while similar meetings with larger Tier-1 banks were held nearly 2 weeks earlier.
The conversations covered AI application security, protection of AI-enabled infrastructure, usage of third-party AI systems, and broader cybersecurity readiness. Officials indicated that RBI was particularly focused on understanding how banks are securing emerging AI-driven systems, including agentic AI models.
“What are the things which you are doing and how you are securing your AI infrastructure and AI applications? Whether it is agentic AI or anything else, or if you are using any third-party model, how much you are working on it,” the executive said.
Bankers also stated that most financial institutions are still using AI in a controlled environment. Current AI deployment is mainly limited to multilingual bots, customer support systems, compliance functions, and automated responses.
“The nature of risk and how it is to be planned, that is what is being discussed,” a senior public sector bank official said. Another executive added, “Banks are currently using AI in a very controlled environment given cybersecurity sensitivities.”
At the same time, insurance regulator IRDAI has directed insurers’ CISOs to immediately review cybersecurity preparedness against frontier AI-led cyber threats. Insurers must submit an ATR by May 22, 2026, detailing preventive, detective, and responsive measures being implemented.
Earlier, Union Finance Minister Nirmala Sitharaman chaired a high-level meeting on April 23 regarding risks linked to Anthropic’s unreleased AI model ‘Mythos’. Officials also said the government is building a joint defence framework involving global technology firms, OEMs, and public sector banks.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.