RBI Draft Guidance on Model Risk Management 2026: Board-Level MRMF, AI Kill Switches, Kill-Switch Mandates & Third-Party Accountability — Public Comments by July 24

Chapter I — Preliminary

A. Introduction and Background

Regulated Entities (REs) are increasingly deploying models across virtually every dimension of financial services — efficiency gains, business process transformation, customer service enhancement, risk management, and cyber defence. This reliance has accelerated sharply in recent years, driven by the growing scale and complexity of financial activities, digitalisation of services, advances in analytical and computational capabilities, the advent of Artificial Intelligence (AI) and Machine Learning (ML), and the rapid proliferation of third-party model providers.

But every model also carries model risk. If not effectively governed and managed, model risk can lead to inaccurate outcomes, flawed decisions, financial losses, operational disruptions, compliance failures, and other serious adverse consequences — for the RE itself, its consumers, and the broader financial system. RBI's Draft Guidance directly addresses this gap.

This draft follows two predecessor documents: RBI's August 2024 draft on Regulatory Principles for Management of Model Risks specifically in credit, and the August 2025 report of the Committee on Framework for Responsible and Ethical Enablement of Artificial Intelligence (FREE-AI). The 2026 draft significantly expands the scope — from credit models to all models used by REs across all business and decision-making processes, including third-party models and AI/ML models.

The Guidance is proportionality-based: REs are expected to apply these principles in a manner commensurate with the nature, scale, and complexity of their operations, and the materiality and risk of the specific models they use. It is also explicitly noted that further requirements specifically applicable to AI models may be issued later, as indicated in paragraph I.10 of RBI's Utkarsh 2029 strategic document.

B. Applicability and Scope

The draft Guidance applies to the following eleven categories of RBI-regulated entities:

C. Definitions

The draft Guidance provides the following eight key definitions:

Chapter II — Governance

A. Model Risk Management Framework (MRMF)

Every RE must put in place a Board-approved MRMF applicable to all models — including AI/ML models — irrespective of their origin. The MRMF must, at minimum, cover:

• Taxonomy for models
• Governance structure
• Scope of model usage
• Model risk tiering methodology
• Inventory and documentation standards
• Policies covering the entire model lifecycle — model selection and development, validation, approval structure (including exceptions and risk mitigants), deployment and monitoring, change management, business continuity management, and decommissioning

B. Role of the Board

The Board is responsible for oversight of the MRMF. Its specific responsibilities include:

• Approval and periodic review of the MRMF, including delegation to the Risk Management Committee of the Board (RMCB) and any other Committee as required
• Approval of risk appetite and tolerance for model risk, ensuring they are forward-looking and informed by scenario analysis and stress testing
• Approval of policies for model risk management, including model risk tiering

C. Role of the Risk Management Committee of the Board (RMCB)

The RMCB oversees implementation and ongoing compliance of the MRMF. It must:

• Review validation reports of models classified as 'high' risk (or equivalent) under model risk tiering, and approve their deployment
• Review model risk tiering reports periodically as per MRMF, but at least annually
• Oversee monitoring of models approved with exceptions, third-party models, and models involving AI
• Review reports of breaches and other material concerns

D. Role of Senior Management

Senior Management is responsible for operationalisation. It must:

• Establish procedures and processes, and ensure allocation of human and technical resources for operationalisation of and compliance with the MRMF
• Implement the risk-based tiering structure for models
• Maintain and regularly update model inventory and documentation
• Ensure periodic review of policies and procedures under the MRMF and report findings to the RMCB

Chapter III — Model Risk Management

Model risk must be assessed at both individual model level and enterprise-wide level, on an ongoing basis. When assessed risk exceeds the RE's risk appetite, timely corrective action must be initiated — whether enhanced controls, restrictions on use, remediation, or decommissioning — and a report must be placed before the RMCB.

Ongoing performance testing must use both backward-looking and forward-looking approaches, including AI-specific evaluations where applicable, and benchmarking as appropriate.

A. Risk-Based Model Tiering

Every RE must establish and implement a risk-based model tiering structure to classify all models in its inventory. Risk tier must be reviewed at least annually, or earlier — as specified in the MRMF or in response to specific triggers. The risk tier then drives the intensity and nature of all downstream processes:

Tiering criteria (Para 19) must include:

• Materiality — significance to business processes, impact on financial/operational outcomes, and potential implications for consumers
• Complexity — degree of difficulty in understanding and exercising effective oversight, use of unstructured data, explainability challenges
• Other relevant factors — regulatory or supervisory considerations

B. Model Inventory and Documentation

Every RE must maintain an accurate, comprehensive, and up-to-date inventory of all active, inactive (including under-development), and decommissioned models. No model may be used, relied upon, or deployed unless it is part of the inventory. Key requirements:

• The inventory must, at minimum, include: model owners, developers, validators, and approvers; risk tier; intended use; upstream and downstream model dependencies; and key observations from validation, monitoring, and audit.
• Decommissioned models must be retained in the inventory for at least ten years from the date of decommissioning, or the date they cease to serve as backup or benchmark reference — whichever is later — or such longer period as required under applicable law.
• Comprehensive documentation must be maintained for all models, including third-party models. The minimum documentation period must align with the model's inventory retention period.

C. Consumer Protection and Grievance Redressal

An RE must not use any model that harms consumers. Its grievance redressal mechanism must explicitly address grievances arising from consumer-facing models used by the RE. This is a short but significant principle — it establishes that model risk is not purely an internal financial risk concern; it has a direct consumer protection dimension requiring formal redressal infrastructure.

Chapter IV — Model Lifecycle Management

A. Model Selection and Development

Before initiating model development, the RE must define and document:

• The rationale and objectives of using the model
• The scope of application
• The costs and benefits of introducing or replacing existing processes with the model — explicitly including additional risks, likelihood of adverse outcomes, fairness, ethical considerations, and biasness

The development process itself must follow a structured and systematic approach aligned with the model's intended use and output. This must include, at minimum:

• Collection, pre-processing, and transformation of data
• Assessment of assumptions and limitations
• Design of the model
• Evaluation and refinement of model performance

Data used for development — whether empirical or synthetic — must conform to the RE's data governance processes.

B. Model Validation

All models — including third-party models — must be subject to independent validation by the RE itself. Validation must be conducted:

• Prior to deployment
• After deployment
• Following any modification
• On internal or external triggers
• Periodically as specified in the MRMF

Validation must include assessment of:

• Inputs — data, assumptions, and limitations
• Soundness — conceptual and design soundness
• Performance
• Alignment with intended use

C. Model Approval

Every RE must maintain an approval structure covering both normal approvals and exception approvals. This structure must include:

• Defined approval authorities and thresholds
• Additional requirements for models approved with exceptions
• Remediation timelines for exceptions
• Documentation of the decision-making process and the rationale for every approval, including exception approvals

D. Model Deployment and Ongoing Monitoring

Model deployment must be undertaken in coordination with all relevant stakeholders, including the RE's IT and data functions. The RE must ensure that model outputs are replicated and stable in the production environment before going live. Once deployed:

• All deployed models — including third-party models — must be subject to ongoing monitoring to ensure continued alignment with intended outcomes
• Monitoring must include identification of any requirements for model modification, replacement, or extension beyond original scope
• Models approved with exceptions must be subject to enhanced monitoring specifically by the RMCB

E. Change Management

Every RE must have a structured change management process covering:

• Defined roles and responsibilities for carrying out and approving changes
• Controlled implementation at enterprise level, with mechanisms to recover from failed changes or unexpected results
• A documented impact assessment — including continued suitability of the model for its intended use — before any change is implemented
• A comprehensive record/log of changes, versioning, and approvals
• Defined threshold/criteria for what constitutes a "material change" — the breach of which must re-initiate the full process for validation and approval

F. Business Continuity Management and Decommissioning

Model continuity planning must form part of the RE's overall Business Continuity Planning (BCP) policy/document. It must cover:

• Potential disruptions — model unavailability, performance degradation, or failure
• Fallback mechanisms — manual interventions, substitution, or backup arrangements

On decommissioning, all relevant stakeholders must be informed in a timely manner to enable enterprise-wide transition. Decommissioned models must remain in inventory for at least ten years.

Chapter V — Specific Models

A. Third-Party Models

All MRMF provisions apply mutatis mutandis to third-party models. Additionally, third-party models are subject to two special requirements irrespective of their risk tier:

• Independent validation by the RE — notwithstanding any validation, certification, or assurance already provided by the third-party provider
• Enhanced oversight by the RMCB — irrespective of the model's risk tier

Pre-acquisition due diligence (Para 47) must cover:

• Credibility of the service provider
• Methodological soundness of the model and its limitations
• Suitability and quality of data used

Contractual arrangements governing third-party models must include provisions for:

• Access to minimum technical documentation giving reasonable understanding of design, configuration, assumptions, and operation of the model — sufficient to enable the RE to validate it per its MRMF
• Audit rights for the RE and its supervisory authority — directly or through external experts
• Continuity and exit arrangements

B. Models Employing Artificial Intelligence / Machine Learning

Chapter V-B is the most substantively detailed section of the draft Guidance. It is divided into three sub-chapters: Risk Management (B.1), Deployment Controls (B.2), and Human Oversight (B.3).

B.1 Risk Management

The RE must define the scope of AI/ML models — explicitly including foundational AI models and frontier AI models — and put in place additional controls commensurate with potential impact on customers, business operations, and financial outcomes. AI/ML models must be deployed only in use cases where their commensurate risks can be effectively managed. The Guidance then prescribes specific risk controls organised around seven distinct risk dimensions:

Additional requirements for AI/ML models include:

• Risk tiering for AI models (Para 52): In addition to materiality and complexity, the RE must consider the extent of reliance and level of autonomy placed on model outputs for decision-making.
• Supply chain risk for third-party AI (Para 53): For material third-party AI models, consider additional risks from dependence on a limited number of model providers — including supply chain risk, limitations in independent validation, and risks from provider-driven updates that change model behaviour or capabilities without the RE's control.
• Stress and adversarial testing (Para 54): Test model behaviour under atypical or stressed scenarios to ensure vulnerabilities do not arise under edge cases, abnormal inputs, manipulations, and adversarial conditions.
• Red-teaming (Para 55): Implement structured challenge processes, including red-teaming or equivalent testing, particularly for models involving customer interaction or generative capabilities.
• Dynamic/automatic updates (Para 56): Implement enhanced controls for models with dynamic or automatic updates — including defining the clear scope of what can be automatically updated, strict justifications for enabling automatic updates, enhanced data quality checks, and more stringent and frequent monitoring.
• Enhanced documentation (Para 57): Maintain enhanced documentation for AI models considering their complexity, self-adapting nature, and heavy reliance on training data — to enable traceability, reproducibility, and auditability.

B.2 Model Deployment Controls

AI model deployment must not introduce vulnerabilities in the model or the RE's production environment. Safeguards must cover:

• Access controls to prevent unauthorised access, use, or modification
• Safeguards against cyber risks
• Controls for risks arising from external interfaces, APIs, or integration pipelines with third-party components or systems

For models — including generative AI models — that have interface with customers or external users, three additional requirements apply:

B.3 Human Oversight

The Guidance places significant emphasis on robust human oversight for AI models, particularly in use cases involving automated decision-making. Human oversight mechanisms must include:

• Human-in-command arrangements — human-in-the-loop, human-on-the-loop, or other equivalent oversight mechanisms
• Override, suspension, and deactivation mechanisms — including kill-switch arrangements for AI models
• Periodic review of model outputs and model-driven decisions by humans to identify anomalies

The oversight mechanism must also specifically address risks from:

• Automation bias — tendency of humans to over-rely on automated recommendations
• Over-reliance on model outputs
• Decision fatigue — impaired human judgment from reviewing large volumes of AI outputs

Personnel involved in human oversight must possess adequate expertise and understanding of model functioning — they must be able to effectively challenge, override, or escalate issues in model outputs when required. Human oversight arrangements — including decisions, interventions, overrides, incidents, and near misses — must be periodically reviewed and strengthened based on accumulated experience.

Chapter VI — Other Provisions

The final Guidance, once issued following public consultation, will supersede Chapter-3 on Credit Risk Models of the 'Guidance Note on Credit Risk Management' dated October 12, 2002. The earlier chapter will cease to operate as a standalone document and its subject matter will be subsumed within the broader, comprehensive model risk management framework.

How to Submit Comments

CorpLawUpdates Analysis

This draft Guidance is one of the most comprehensive regulatory documents RBI has issued in recent years and marks a fundamental shift in how model risk is conceived in Indian banking regulation. Three aspects stand out.

Scope expansion beyond credit is the foundational change. The 2024 draft was limited to credit models. The 2026 draft covers all models across all business processes — credit, operations, customer interaction, risk management, cyber defence. Every spreadsheet-based calculator that has a material impact on decision-making is now potentially a "model" that needs to be inventoried, tiered, validated, and governed. The illustrative example in the definition is deliberate: RBI is signalling that "we recognise the tool as a model" is not an escape route.

The AI/ML provisions reflect sophisticated regulatory thinking. The seven risk dimensions in Para 54 — explainability, hallucinations, bias, overfitting, spurious correlations, output variability, and data risks — map directly to known failure modes of AI systems in financial services. The explicit mention of foundational models and frontier AI models, supply chain risk from provider-driven updates, kill-switch requirements, and prompt injection controls shows that RBI has engaged seriously with the technical realities of deploying modern AI. The requirement to disclose to customers that they are interacting with AI — and to offer human assistance on request — is particularly important for customer-facing chatbots and automated advisory systems.

The accountability architecture is non-delegable. The repeated emphasis that accountability for third-party model outcomes rests with the RE — not the vendor — will have significant implications for procurement and vendor management. REs will need to renegotiate or amend contractual arrangements with third-party model providers to secure audit rights, minimum technical documentation, and continuity/exit provisions. Model validation cannot be delegated: the RE's own independent validation must be conducted even where the provider has itself certified the model.

For Professionals advising banks, NBFCs, or All-India Financial Institutions, this draft Guidance is essential reading. It will significantly shape Board agenda items (MRMF approval, risk appetite for models, tiering policies), RMCB functions (high-risk model approvals, exception oversight, third-party AI monitoring), and internal audit mandates (third line of defence for model risk). Regulated entities with large AI/ML deployments — particularly those using third-party fintech models or generative AI in customer-facing applications — should begin gap assessments against this framework well before the final circular is issued.