Problem
India’s first serious AI governance test is not arriving as a clean national AI statute.
It is arriving through securities-market cybersecurity.
That sounds narrower. It is not. The securities market is where AI risk becomes operational before it becomes philosophical. Vulnerability discovery moves faster. Attackers automate reconnaissance. Vendors sit inside broker and exchange workflows. APIs connect systems that were never designed for model-speed abuse. A weak participant can become the market’s shared problem.
SEBI’s latest move is explicit. On May 5, 2026, the regulator issued an advisory on emerging advanced AI tools for vulnerability detection, citing circular HO/13/19/12(1)2026-ITD-1_CIMGI/10873/2026. The attached circular says AI-driven vulnerability-identification tools can increase risk exposure by enabling the discovery and possible exploitation of existing weaknesses “using speed and scale.” It also flags data confidentiality, application integrity, and output reliability.
The instrument matters. SEBI is not trying to define sentience, creativity, or the metaphysics of model agency. Good. Markets have enough metaphysics already, usually in quarterly guidance.
Instead, SEBI is asking a practical question: when AI compresses the time between vulnerability discovery and exploitation, what should regulated market entities do differently?
Analysis
The answer is a sectoral control stack.
SEBI has created a task force called cyber-suraksha.ai, with representatives from market infrastructure institutions, qualified registrars and transfer agents, qualified regulated entities, and other stakeholders. Its mandate is to examine cybersecurity risks from AI-based models, devise a uniform mitigation strategy, share threat intelligence and playbooks, report cyber incidents and attack vectors quickly, and review the cyber posture of third-party application service providers, including empaneled vendors.
That tells us what kind of AI oversight this is.
It is not primarily about whether a broker’s model gives an unfair recommendation to a client. It is not primarily about whether an asset manager’s model is explainable. Those questions matter, and SEBI has already worked on them. In June 2025, it published a consultation paper on responsible AI and machine-learning use in Indian securities markets, covering governance, investor protection, disclosure, testing, fairness, bias, privacy, and cybersecurity.
The May 2026 circular is sharper. It is about cyber-defense operations.
The annexure reads like an operations checklist, not a values statement. SEBI tells regulated entities to update operating systems and applications immediately, consider virtual patching where fixes are unavailable, conduct vulnerability assessment using conventional and suitable AI-based tools where possible, engage vendors on timely patching, document and test system changes, maintain API inventories, enforce authentication and least-privilege access, apply rate limiting and throttling, and keep API connections on a whitelist basis.
Then comes the market-specific part. SEBI points to the Market SOC, or M-SOC, established by NSE and BSE, as a centralized platform for 24/7 monitoring and threat detection across digital infrastructure. In view of enhanced AI-driven attack risk, eligible regulated entities that have not onboarded to M-SOC are told to expedite onboarding.
That is the key line. SEBI is not treating AI risk as a compliance PDF that each firm can admire privately. It is routing the problem into shared market infrastructure.
The circular also extends the threat model to vendors. Exchanges and depositories are told to direct empaneled application vendors providing commercial off-the-shelf solutions to members to assess risks from AI-led vulnerability-detection models. Vendors are expected to implement safeguards such as patch updates, vulnerability assessment and penetration testing, continuous monitoring, and hardening.
This is where the market plumbing frame becomes unavoidable. Brokers, exchanges, depositories, clearing corporations, registrars, asset managers, advisers, research analysts, and vendors do not operate as isolated nodes. They run a connected system. AI changes the attacker’s economics because reconnaissance, exploit-chain generation, and alert triage can all become faster. The regulator’s response is to raise the baseline for everyone connected to the machine.
India’s national AI framework explains why SEBI is moving first.
MeitY’s stated position is that India does not need a new horizontal AI law at this stage. A December 19, 2025 PIB release on the India AI Governance Guidelines says the guidelines are risk-based, evidence-led, and proportional, but do not introduce new statutory mechanisms such as independent audits, appeals, or new oversight bodies. It says enforcement and oversight remain with sectoral regulators within their mandates, relying on existing laws including the IT Act, the Digital Personal Data Protection Act, and sector-specific regulations.
That is not regulatory absence. It is a bet on sectoral speed.
The bet has tradeoffs. Horizontal AI law can set common language across sectors, reduce gaps, and give companies a clearer national compliance map. But it is slow, abstract, and vulnerable to fighting yesterday’s model with tomorrow’s bureaucracy. Sector regulators can move faster because they already know the failure modes. SEBI knows what a market outage costs. It knows what vendor concentration means. It knows why SOC alerts, API abuse, patch discipline, and incident sharing are not academic concerns.
MeitY has also added coordination above the sector layer. On April 16, 2026, it announced the AI Governance and Economic Group, a high-level inter-ministerial body chaired by Ashwini Vaishnaw to coordinate AI policy development and responsible AI innovation. That may help prevent the sectoral model from becoming regulatory scatter.
But the enforcement energy is still below the horizontal layer. SEBI’s circular has a date, a named task force, an existing market SOC, vendor obligations, and immediate operational controls. The national framework has principles, coordination, and a deliberate refusal to create a broad AI law for now.
In practice, that means India’s AI governance will be tested first where existing regulators can translate model risk into existing supervisory language.
Implications
The market impact is not that SEBI has solved AI risk. It has not.
The important signal is that AI governance in Indian finance is becoming cyber-resilience governance before it becomes model-conduct governance. That shifts the compliance burden toward CISOs, CTOs, market-infrastructure operators, and vendor-management teams. Legal teams still matter. They just do not get to own the whole machine.
For regulated entities, the message is simple. AI risk is now part of vulnerability management, third-party risk, API governance, SOC operations, and scenario testing. The circular says periodic risk assessment under SEBI’s Cyber Security and Cyber Resilience Framework should include internal and external cyber risks, and the capability of AI-based models may be considered as one risk scenario. It also asks entities to prepare a long-term plan for AI use in detection and autonomous or agentic mitigation.
That last phrase is doing a lot of work. Defensive AI will not stay limited to dashboards. It will move into automated detection, triage, containment, and remediation. Once that happens, governance has to inspect not only whether firms use AI, but whether their AI defenses create new failure modes: false positives that halt legitimate workflows, false negatives that create complacency, automated playbooks that break production systems, or vendors that become single points of model-mediated risk.
For India’s broader AI policy, SEBI is the preview. The country’s horizontal framework says sector regulators should enforce within their mandates. SEBI is now showing what that looks like in a system where the costs of delay are measurable.
The result is less elegant than a single AI law. It is also more realistic.
AI regulation usually sounds cleanest before it touches infrastructure. SEBI’s circular is messy in the useful way: patching, SOC onboarding, API throttling, vendor reviews, incident reporting, software bills of materials, zero-trust access, and continuous vulnerability management.
That is where AI governance starts to count. Not in the slogan. In the operational control that either holds when the market opens, or does not.
Discussion
Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.