Navigating the Legal and Regulatory Terrain of the RBI's AI Framework
The Reserve Bank of India (RBI) has unveiled a significant milestone in India's approach to AI governance in financial services with the release of the Framework for Responsible and Ethical Enablement of Artificial Intelligence (FREE-AI) on August 13, 2025. This framework, developed by a committee chaired by Dr. Pushpak Bhattacharyya of IIT Bombay, aims to guide the use of AI in the financial sector.
The FREE-AI framework applies across the spectrum of financial institutions under the RBI's jurisdiction, including Scheduled Commercial Banks (SCBs), Non-Banking Financial Companies (NBFCs), Payment System Operators (PSOs), and FinTech entities. However, its operational burden may be disproportionately onerous for smaller NBFCs and fintech, increasing compliance costs and potentially stifling innovation at a critical stage.
Every financial institution will need a formal, board-signed AI policy that sets out governance structures, defines risk appetite, and allocates responsibility across the AI lifecycle. This policy must cover design standards, validation, monitoring, and even retirement procedures for AI models. Moreover, institutions must adopt stricter protocols around data collection, use, retention, and deletion, with explicit safeguards on consent and quality.
Liability allocation in the framework is ambiguous, with unclear distribution of accountability between financial institutions, AI developers, and third-party vendors. In the event of consumer harm, the precise point of liability in the chain of actors remains ambiguous. Existing approval pipelines will need to expand to capture AI-specific concerns, fairness, explainability, consumer impact, and resilience.
The framework translates its guiding principles into six major compliance touchpoints for financial institutions. These include establishing board-level AI oversight, incident reporting mechanisms, and structured lifecycle management of AI models. AI tools cannot be deployed casually by financial institutions.
The FREE-AI framework does not fully engage with emerging international regimes such as the EU AI Act or supervisory guidance from the US and UK. This could lead to parallel compliance obligations for Indian institutions with cross-border operations. Many obligations under the FREE-AI framework intersect with DPDPA and the Consumer Protection Act, 2019, potentially creating duplicative or conflicting compliance requirements.
The framework, while progressive, has several legal and regulatory uncertainties that could shape its effectiveness in practice. For instance, the operational burden of the framework may increase compliance costs and potentially stifle innovation at the very stage where agility is most critical.
The article "The Viewpoint: FreiAI - eine neue Regelung für die Verantwortung und Ethik in der künstlichen Intelligenz in der Finanzbranche" for Saga Legal was written by authors Dr. Maria Schneider and Prof. Thomas Weber, shedding light on the international perspective of the FREE-AI framework.
The framework also has an indirect extraterritorial reach, affecting offshore technology providers and AI developers who supply AI solutions to Indian financial institutions. As the financial sector embraces AI, the FREE-AI framework aims to ensure its responsible and ethical use, setting a new standard for AI governance in India.
Read also:
- Linde Wins Major Engineering Design Contract for Equinor's Low Carbon Hydrogen Project at H2H Saltend, Progressing Towards a Greener Future
- Transportation via roads plays a critical role in India's shift towards clean energy.
- EU Commission President von der Leyen emphasizes continuity, affirming that Europe's automotive future will be powered by electricity
- Zigbee and LoRa Low-Power Internet of Things (IoT) Network Protocols: The Revolution in Data Transmission and Networking
