RBI Drafts Stricter Data Governance Standards for Regulated Financial Entities
The Reserve Bank of India has proposed a comprehensive Data Governance Framework aimed at strengthening the management, quality, security and reliability of data across regulated financial entities. Public comments and feedback on the draft framework have been invited until August 17, 2026.
The proposed requirements recognise data as a critical institutional asset supporting financial operations, customer services, regulatory compliance, risk management, financial reporting and strategic decision-making. The framework seeks to ensure that regulated entities maintain accurate, consistent, secure and fit-for-purpose data across their systems and business functions.
The draft framework is proposed to apply to commercial banks, small finance banks, payments banks, cooperative banks, regional rural banks, non-banking financial companies, all-India financial institutions, asset reconstruction companies and credit information companies.
Under the proposed norms, every regulated entity will be required to implement a Data Governance Framework covering the complete data lifecycle. The framework must apply to all institutional data and remain aligned with the entity’s overall risk management system.
The draft guidelines specify regulatory expectations in the following areas:
- Data governance structures and institutional oversight
- Clearly defined roles and responsibilities
- Data architecture and system integration
- Metadata management and data lineage
- Data quality measurement and monitoring
- Data security and lifecycle management
- Third-party data access and sharing arrangements
- Management and reporting of data-related risks and breaches
The RBI has proposed board-level supervision of the data governance framework. Each regulated entity would be required either to establish a dedicated Data Governance Committee at the board level or assign these responsibilities to an existing board committee.
The designated committee would approve data governance policies, monitor their implementation, assess material data-related breaches and report significant concerns to the board.
Regulated entities would also be expected to maintain a “single source of truth” for every data element. This requirement is intended to ensure that reports, analytical models, downstream systems and business processes use one verified and authoritative data source.
The RBI has highlighted that deficiencies in data governance may expose regulated entities to financial, operational, regulatory, compliance and reputational risks. The proposed framework is therefore intended to establish consistent accountability and improve the reliability of data used throughout the regulated financial sector. CA Sansaar
Category : RBI | Comments : 0 | Hits : 18
CA Sansaar

Comments