Whalesbook
Data Privacy Mandate
Reserve Bank of India (RBI) official Suvendu Pati stated on Thursday that banks must reassess their data collection practices. This directive stems from the implementation of India’s Digital Personal Data Protection (DPDP) Rules, 2025. Pati, chief general manager of the RBI's fintech department, noted that many banks amass more information than is strictly necessary for their operations.
"Banks are collecting a lot more information than what they actually need... it is time to revisit what is actually required," Pati commented during a panel discussion. The DPDP Act and its associated rules provide the framework for this necessary review, signaling a stricter stance on personal data handling within the financial sector.
AI Innovation Push
Pati also advocated for the responsible integration of artificial intelligence (AI) within the financial services ecosystem. He stressed that the sector should not shy away from innovation due to the potential for isolated errors. Instead, financial institutions should focus on impactful AI applications first.
The government has adopted principles from the RBI's FREE-AI Committee report for AI governance. These principles prioritize trust, user-centricity, fairness, accountability, and sustainability. Pati highlighted AI's capability to analyze diverse data sources for credit modeling, thereby boosting financial inclusion and enhancing customer engagement.
Navigating AI Risks
The RBI’s Committee on the Framework for Responsible and Ethical Enablement of Artificial Intelligence (FREE-AI) has recommended a dual approach: fostering innovation while mitigating risks. While AI offers potential for improved credit assessment, fraud detection, and new supervisory tools, the committee cautioned against risks like algorithmic bias, lack of explainability, and amplification of existing data protection and cybersecurity challenges.