Banking supervision: Need to shift from snapshot checks to continuous oversight; says RBI deputy governor

Reserve Bank of India Deputy Governor Swaminathan J on Friday called for a fundamental shift in banking supervision, stressing that oversight must move from periodic, point-in-time assessments to continuous awareness, as digital risks increasingly redefine financial stability, PTI reported. Speaking at the Third Annual Global Conference of the College of Supervisors on ‘Issues and Challenges in Banking Supervision in the Digital Era’, Swaminathan said traditional supervisory tools focused on balance sheets and process inspections are no longer sufficient. A bank may appear healthy on paper, he cautioned, yet remain “one incident away from severe disruption”.“The centre of gravity is shifting from the ‘branch and product’ to the ‘pipes and code’,” he said, underlining that stability today depends as much on operational resilience, data integrity and third-party dependencies as on capital and liquidity.Highlighting consumer protection as an early-warning signal, the deputy governor said weak grievance redressal systems should not be treated as minor irritants. From a supervisory perspective, regulators need to assess not just whether grievance frameworks exist, but how they perform — including timeliness of resolution, identification of root causes, repeat failures and whether boards receive clear dashboards on complaint trends and customer pain points.Swaminathan emphasised that supervision must expand beyond individual institutions to include the broader ecosystem in which they operate. Regulators, he said, should move from merely asking “did you comply?” to examining whether institutions can withstand stress, recover quickly and protect customers when things go wrong.For banks, compliance can no longer be a quarter-end exercise. With faster operational cycles, institutions must maintain stronger operational discipline and data governance throughout the year. “When an anomaly is flagged, the ability to explain it and fix it quickly becomes a marker of control maturity,” he said.He also flagged third-party risk as a critical area, stating that outsourcing services does not mean outsourcing responsibility. Banks, he said, need tighter oversight of partners, clearer accountability for incidents and contracts that support audit, access and resilience.As artificial intelligence and advanced analytics become more embedded in banking operations, Swaminathan warned that institutions should be prepared for more intensive supervisory scrutiny on model risk, explainability and fairness, signalling a more intrusive and continuous regulatory approach in the digital era.