BankPulse
HomeLatest › Model Risk Management

RBI's Model Risk Management Draft: What Every Banker Needs to Know (Comment by Jul 24)

Verified against official RBI source Educational explainer — not regulatory advice Published 01 Jul 2026, 01:36 IST
⏳ Public comment deadline: 24 Jul 2026 — submit views to RBI before this date.

RBI has issued draft guidance requiring all regulated banks, NBFCs, and financial institutions to put formal Model Risk Management (MRM) frameworks in place — covering every model they use, including AI/ML models. Public comments are open until July 24, 2026.

What changed

On June 24, 2026, RBI released 'Draft Guidance on Regulatory Principles for Model Risk Management.' This is the first comprehensive, entity-wide framework for managing model risk — covering the entire model lifecycle, including third-party models and AI/ML systems. It builds on the Aug 2024 credit-model draft and the FREE-AI committee report (Aug 2025).

Who it applies to

Key points

What is Model Risk?

A 'model' in RBI's framework is any quantitative tool used to estimate outcomes or make decisions — from credit scorecards and pricing engines to fraud-detection algorithms and AI/ML-powered underwriting systems. 'Model risk' is the risk of adverse outcomes when these tools are incorrect, misused, or poorly governed. RBI now requires regulated entities to treat this as a formal, board-owned risk category.

Full Lifecycle Coverage — Including AI/ML

The draft covers every stage: model development, validation, approval, deployment, monitoring, and retirement. Critically, AI/ML models — including those from third-party vendors — are explicitly in scope. This means your bank's credit bureau score, NPA prediction model, or KYC verification tool must all be managed under this framework.

Governance Requirements

RBI expects entities to establish a Model Risk Management Policy (approved at Board level), designate clear ownership for every model, maintain a model inventory, and set up independent model validation. Senior management must have visibility into model performance and model-driven decisions.

Third-Party and Vendor Models

Buying a model from a vendor does not transfer the risk. The draft is explicit: regulated entities remain responsible for the model risk of third-party models they use. Due diligence, ongoing monitoring, and validation apply equally to vendor-supplied AI tools.

Why This Matters for Exam Aspirants

Model Risk Management is now a Board-level regulatory expectation, not just an internal audit item. Expect questions in JAIIB, CAIIB, and bank officer promotion exams on MRM frameworks, model lifecycle, AI/ML governance, and the role of independent validation. The RBI FREE-AI committee's August 2025 recommendations feed directly into this guidance.

Context: The Regulatory Journey

RBI first flagged model risk in credit specifically (Aug 2024 draft). The FREE-AI committee (Aug 2025) expanded the lens to AI governance broadly. Today's draft takes the final step: a single, entity-wide MRM framework covering all models across all business functions — credit, treasury, operations, fraud, and beyond.

What you should do

Risk & Compliance Officers

Exam Aspirants

Source: Reserve Bank of India, Press Release 2026-2027/528 dated Jun 24, 2026. Draft guidance available at rbi.org.in.
Read the official RBI press release →
This is an educational explainer for awareness and exam preparation. It summarises the publicly available RBI draft guidance. It is not legal or regulatory advice. Always refer to the official RBI document for authoritative text.
model-riskai-mlrisk-compliancerbi-draftexam-prep
Independent banking-intelligence platform. Not affiliated with or endorsed by the Reserve Bank of India. Information, not verified facts — confirm against the official RBI source. BankPulse home
Public beta — information, not verified facts; confirm against the official RBI source. · Join our WhatsApp channel ↗