Aligned to RBI’s Draft Guidance on Regulatory Principles for Model Risk Management (June 2026) and the FREE-AI Framework (August 2025)
Background
The adoption of Artificial Intelligence, Machine Learning, and automated decision systems across the Indian financial sector has fundamentally changed how institutions assess credit risk, price products, detect fraud, manage capital, and support strategic decisions. As these models become embedded in critical business and regulatory functions, the risks arising from model errors, biased outputs, opaque decision-making, inadequate governance, and unmanaged vendor dependencies have emerged as urgent supervisory concerns.
In August 2025, the Reserve Bank of India released the Framework for Responsible and Ethical Enablement of Artificial Intelligence (FREE-AI), establishing five governance pillars for regulated entities: Accountability, Transparency, Fairness, Data Privacy, and Reliability.
In June 2026, RBI followed with a draft Guidance on Regulatory Principles for Model Risk Management, open for public comment until 24 July 2026. This draft, for the first time, formally extends model governance expectations to every AI and machine learning model used by a regulated entity, including models built or supplied by third-party vendors.
The draft is applicable to Commercial Banks, Small Finance Banks, Payments Banks, Local Area Banks, Regional Rural Banks, Urban and Rural Co-operative Banks, All India Financial Institutions, Non-Banking Financial Companies, Asset Reconstruction Companies, and Credit Information Companies.
Five specific mandates stand out:
A documented mechanism to override or deactivate any AI model (kill switch). Documented human oversight built into AI-driven decisions. Customer disclosure where AI materially influences a decision. Active governance extended to third-party AI vendors, not only in-house models. Board-level accountability for AI governance, with structured reporting separate from general IT risk.
These are no longer aspirational principles. They are becoming enforceable supervisory expectations. Institutions that build this capability before the final circular is issued will be the ones answering supervisory questions with evidence, not scrambling to produce it after the fact.
Objective
The Risk Management Association of India (RMAI), through its eLearning platform Smart Online Course, is offering a structured, certification-backed program to equip risk, compliance, internal audit, and governance professionals with the frameworks, tools, and practical competencies needed to implement AI model risk management aligned to RBI’s evolving expectations and globally recognised standards.
This program comprises two complementary courses that together cover both the governance framework and the operational risk landscape of AI in financial services.
Program Structure
Course 1: Responsible AI Risk Management using NIST AI Framework Duration: 9 Hours | Mode: Self-paced Online | Access: 120 Days
Modules:
- Introduction to Responsible AI and NIST AI RMF
- Core Structure of NIST AI RMF
- MAP Function: Risk Context and AI Use Understanding
- MEASURE Function: Assessing and Quantifying AI Risk
- MANAGE Function: Mitigating and Responding to AI Risks
- GOVERN Function: Oversight, Policy and Global Standards
- Industry Use Cases of NIST AI RMF
- Toolkits, Glossary and Downloadable Resources
Course 2: Risk Management for Artificial Intelligence Duration: 8 Hours | Mode: Self-paced Online | Access: 120 Days
Modules:
- Understanding AI Risks in Organisations
- Global AI Regulations and Standards
- Bias, Fairness and Explainability
- Data Security, Privacy and Piracy Threats
- Adversarial and Systemic AI Risks
- AI in BFSI and Insurance: Risks and Controls
- AI Governance, Audit and Best Practices
- Future Challenges and Failures in AI
How This Program Maps to RBI’s Requirements
|
What RBI’s Draft Requires |
What This Program Covers |
|
Documented kill switch and override mechanism |
MANAGE Function (NIST AI RMF) + AI Governance, Audit and Best Practices |
|
Documented human oversight in AI decisions |
MAP Function (risk context and human checkpoint design) + Bias, Fairness and Explainability |
|
Customer disclosure where AI influences decisions |
GOVERN Function (transparency, policy, global standards) + AI in BFSI and Insurance: Risks and Controls |
|
Third-party and vendor AI model governance |
MEASURE Function (vendor model risk assessment) + Data Security, Privacy and Piracy Threats |
|
Board-level accountability and structured reporting |
GOVERN Function (oversight, Board-ready frameworks) + AI Governance, Audit and Best Practices |
Certification
All participants receive dual certification upon successful completion:
BFSI Sector Skill Council of India — Issued under the Skill India / NSDC framework. Formally recognises participation in structured governance training under India’s national skills certification framework.
Risk Management Association of India — Recognises structured professional development in AI risk management, issued by RMAI, a professional body with 32+ years of legacy advancing risk governance across banking and financial services.
Participant Profile
This program is designed for:
- Chief Risk Officers and Heads of Risk Management
- Heads of Internal Audit and Chief Internal Auditors
- Heads of Compliance and Chief Compliance Officers
- AI, ML, and Data Science governance leads
- Chief Information Security Officers
- Heads of Model Validation and Model Risk Management
- L&D and Training heads responsible for regulatory capability building
- Board members and Risk Committee members seeking AI governance literacy
- Senior and middle-level officers working in Risk, Compliance, Audit, Credit, Treasury, Analytics, Finance, and Technology departments where AI and automated decision systems are in use
About RMAI and Smart Online Course
The Risk Management Association of India (RMAI) is a professional body dedicated to advancing risk management practices and capability building across sectors. Smart Online Course (smartonlinecourse.co.in) is the eLearning platform and training arm of RMAI, offering 75+ courses and 600+ hours of content across Risk Management, Banking, Insurance, Compliance, Governance, and AI, all accredited by the BFSI Sector Skill Council of India under NSDC.
Related Courses Also Available
Institutions seeking comprehensive coverage across the full model risk ecosystem may also consider:
Third Party and Vendor Risk Management — Covers vendor selection, contract governance, ongoing monitoring, exit planning, and concentration risk. Directly relevant to RBI’s mandate on third-party AI provider governance.
FinTech Risk Management and Governance — Covers regulatory technology, digital lending risks, API ecosystem vulnerabilities, and governance frameworks for technology-driven financial services. Relevant for NBFCs and digital-first institutions deploying AI across lending and payments.
Nominate Your Team for Training
