RBI orders banks to audit frontier AI cyber risks by June 30

India’s central bank is effectively treating frontier AI as both a tool and a threat vector for the financial system. By ordering banks to run AI‑assisted gap assessments and adversarial tests, RBI is pushing some of the world’s most conservative IT shops to adopt the same kinds of models they fear, but under rigorous governance. Mythos is named explicitly, which is notable: a single frontier model has progressed from lab curiosity to a financial‑stability concern in under a quarter.

This move prefigures what many countries will have to do: bake frontier‑model risk into core prudential oversight. If models can autonomously search for zero‑days and exploit infrastructure, then regulators need to assume attackers will have these tools and require defenders to match them. RBI’s directive also quietly nudges Indian banks to build internal AI security competence instead of waiting on vendors or foreign partners, which will shape talent demand and architecture choices.

For the race to AGI, the significance is that “AI vs AI” security workflows are starting to become mandatory in critical sectors. That raises the cost of deploying poorly‑aligned systems but also normalises the idea that you need extremely capable models inside your defence stack—further incentivising investment in cutting‑edge capabilities even as regulators warn about them.