RBI's latest worry isn't inflation. It's artificial intelligence
Artificial intelligence is no longer just transforming banking—it is emerging as one of the biggest threats to the financial system. In its latest Financial Stability Report, the RBI has warned that AI-powered cyberattacks, dependence on common AI platforms and growing technology risks could pose fresh challenges for banks and financial institutions.

Artificial intelligence (AI) may be helping banks become smarter and faster, but India's central bank believes it is also creating one of the biggest new threats to the country's financial system.
In its June 2026 Financial Stability Report (FSR), the Reserve Bank of India (RBI) has identified AI-enabled cyber threats as the most significant emerging risk facing banks, non-banking financial companies (NBFCs) and other financial institutions.
The report warns that the rapid adoption of AI is increasing operational, cybersecurity and systemic risks, requiring regulators and financial firms to rethink how they prepare for future attacks.
The warning comes at a time when financial institutions across the world are racing to adopt generative AI for customer service, fraud detection, lending decisions and internal operations, even as cybercriminals are increasingly using the same technology to launch more sophisticated attacks.
AI NOW THE BIGGEST CYBER RISK
One of the key findings in the RBI's report comes from its survey of regulated financial entities.
When asked to identify the biggest cyber risks over the next 12 months, respondents ranked AI-enabled cyber threats above ransomware, malware, phishing attacks, third-party supply-chain risks and application vulnerabilities.
The report notes that advances in AI can significantly increase the "sophistication, speed and scale" of cyber incidents.
What makes the finding more significant is that many financial institutions admit they are still catching up.
According to the survey, only a small proportion of respondents described their AI cyber preparedness as "Mature". Most institutions said they remain in the "Developing" or "Intermediate" stages of incorporating AI risks into their cyber risk management frameworks.
BANKS ARE SPENDING MORE TO DEFEND THEMSELVES
Recognising the growing threat, banks and financial institutions have begun increasing investments in cybersecurity.
The RBI said around 67% of surveyed institutions increased their IT and cybersecurity staffing between March 2025 and March 2026. Meanwhile, 71% reported increasing cybersecurity expenditure as a share of their overall IT budgets over the past three financial years.
The central bank said international benchmarks on technology spending could serve as an important yardstick as institutions strengthen their digital defences.
GLOBAL REGULATORS ARE ALSO CHANGING COURSE
The RBI said regulators across the world are no longer treating AI as merely an innovation opportunity.
Instead, supervisory agencies are now developing operational frameworks to manage AI-related risks.
The report highlights that the Financial Stability Board (FSB) has, for the first time, created a dedicated AI workstream in its 2026 programme to develop sound practices for AI adoption by financial institutions.
The International Organization of Securities Commissions (IOSCO) has also released an AI Supervisory Toolkit covering governance, third-party risk management, disclosures and reporting, while the OECD has published guidance on how financial supervisors should oversee AI adoption across banking, insurance and capital markets.
According to the RBI, these developments mark "a definitive shift" from broad AI principles to practical supervisory frameworks.
WHY RBI IS WORRIED
The central bank believes AI introduces risks that go well beyond hacking attempts.
Its report highlights concerns around model validation, poor data governance, excessive dependence on a handful of AI providers and concentration risks arising from common technology platforms.
The RBI warns that if many financial institutions rely on the same AI models or cloud infrastructure, a failure or compromise at one provider could create widespread disruption across the financial system.
The report also notes that frontier AI models could increase operational risks, disrupt financial services, lead to financial losses, expose confidential customer data and reduce public confidence in the banking system. Shared vulnerabilities across institutions could even create systemic risks if multiple entities depend on the same technology providers.
MYTHOS INCIDENT SHOWS WHY AI RISKS MATTER
The RBI's warning comes against the backdrop of a series of cyber incidents affecting the financial sector globally.
Most recently, banks and financial institutions were forced to monitor potential threats arising from the alleged "Mythos" ransomware campaign, which highlighted how increasingly sophisticated cybercriminal groups are targeting critical financial infrastructure using advanced automation and AI-assisted techniques.
While no major disruption to India's banking system was reported, cybersecurity experts have repeatedly warned that AI is making phishing attacks, malware generation, identity theft and financial fraud more convincing and harder to detect.
The RBI's report suggests such incidents are likely to become more frequent as AI capabilities improve.
RBI WANTS STRONGER AI GOVERNANCE
The report concludes that the financial sector must move quickly to establish stronger AI governance, cyber resilience and third-party risk management frameworks.
It says the proposed Financial Sector Cybersecurity Strategy (FSCSS), currently being developed by the Financial Stability and Development Council (FSDC), is expected to play a key role in strengthening India's financial system against AI-driven threats.
Even as banks embrace AI to improve customer experience and operational efficiency, the RBI's message is clear: the same technology that powers the future of finance could also become one of its biggest vulnerabilities if safeguards fail.
Artificial intelligence (AI) may be helping banks become smarter and faster, but India's central bank believes it is also creating one of the biggest new threats to the country's financial system.
In its June 2026 Financial Stability Report (FSR), the Reserve Bank of India (RBI) has identified AI-enabled cyber threats as the most significant emerging risk facing banks, non-banking financial companies (NBFCs) and other financial institutions.
The report warns that the rapid adoption of AI is increasing operational, cybersecurity and systemic risks, requiring regulators and financial firms to rethink how they prepare for future attacks.
The warning comes at a time when financial institutions across the world are racing to adopt generative AI for customer service, fraud detection, lending decisions and internal operations, even as cybercriminals are increasingly using the same technology to launch more sophisticated attacks.
AI NOW THE BIGGEST CYBER RISK
One of the key findings in the RBI's report comes from its survey of regulated financial entities.
When asked to identify the biggest cyber risks over the next 12 months, respondents ranked AI-enabled cyber threats above ransomware, malware, phishing attacks, third-party supply-chain risks and application vulnerabilities.
The report notes that advances in AI can significantly increase the "sophistication, speed and scale" of cyber incidents.
What makes the finding more significant is that many financial institutions admit they are still catching up.
According to the survey, only a small proportion of respondents described their AI cyber preparedness as "Mature". Most institutions said they remain in the "Developing" or "Intermediate" stages of incorporating AI risks into their cyber risk management frameworks.
BANKS ARE SPENDING MORE TO DEFEND THEMSELVES
Recognising the growing threat, banks and financial institutions have begun increasing investments in cybersecurity.
The RBI said around 67% of surveyed institutions increased their IT and cybersecurity staffing between March 2025 and March 2026. Meanwhile, 71% reported increasing cybersecurity expenditure as a share of their overall IT budgets over the past three financial years.
The central bank said international benchmarks on technology spending could serve as an important yardstick as institutions strengthen their digital defences.
GLOBAL REGULATORS ARE ALSO CHANGING COURSE
The RBI said regulators across the world are no longer treating AI as merely an innovation opportunity.
Instead, supervisory agencies are now developing operational frameworks to manage AI-related risks.
The report highlights that the Financial Stability Board (FSB) has, for the first time, created a dedicated AI workstream in its 2026 programme to develop sound practices for AI adoption by financial institutions.
The International Organization of Securities Commissions (IOSCO) has also released an AI Supervisory Toolkit covering governance, third-party risk management, disclosures and reporting, while the OECD has published guidance on how financial supervisors should oversee AI adoption across banking, insurance and capital markets.
According to the RBI, these developments mark "a definitive shift" from broad AI principles to practical supervisory frameworks.
WHY RBI IS WORRIED
The central bank believes AI introduces risks that go well beyond hacking attempts.
Its report highlights concerns around model validation, poor data governance, excessive dependence on a handful of AI providers and concentration risks arising from common technology platforms.
The RBI warns that if many financial institutions rely on the same AI models or cloud infrastructure, a failure or compromise at one provider could create widespread disruption across the financial system.
The report also notes that frontier AI models could increase operational risks, disrupt financial services, lead to financial losses, expose confidential customer data and reduce public confidence in the banking system. Shared vulnerabilities across institutions could even create systemic risks if multiple entities depend on the same technology providers.
MYTHOS INCIDENT SHOWS WHY AI RISKS MATTER
The RBI's warning comes against the backdrop of a series of cyber incidents affecting the financial sector globally.
Most recently, banks and financial institutions were forced to monitor potential threats arising from the alleged "Mythos" ransomware campaign, which highlighted how increasingly sophisticated cybercriminal groups are targeting critical financial infrastructure using advanced automation and AI-assisted techniques.
While no major disruption to India's banking system was reported, cybersecurity experts have repeatedly warned that AI is making phishing attacks, malware generation, identity theft and financial fraud more convincing and harder to detect.
The RBI's report suggests such incidents are likely to become more frequent as AI capabilities improve.
RBI WANTS STRONGER AI GOVERNANCE
The report concludes that the financial sector must move quickly to establish stronger AI governance, cyber resilience and third-party risk management frameworks.
It says the proposed Financial Sector Cybersecurity Strategy (FSCSS), currently being developed by the Financial Stability and Development Council (FSDC), is expected to play a key role in strengthening India's financial system against AI-driven threats.
Even as banks embrace AI to improve customer experience and operational efficiency, the RBI's message is clear: the same technology that powers the future of finance could also become one of its biggest vulnerabilities if safeguards fail.