On July 13, the Ministry of Electronics and Information Technology, CERT-In, CSIRT-Fin and the payments-security firm SISA launched the second edition of the Digital Threat Report 2025-26, and led with a scorecard. Six of the seven forward-looking threat predictions made in last year's edition have already reached full-scale realisation, the report says. Among them: frontier AI models are now capable of running cyberattacks against financial institutions with minimal human help, and adversaries already have these tools in hand, ThePrint reported, citing the report. Read as a forecasting exercise, India's cyber-defence establishment called its shots a year in advance and watched them land.

Source: Press Information Bureau, Digital Threat Report 2025-26. Chart: The Signal.
It is worth slowing down on what "landed" actually means. The report identifies AI asymmetry as one of the defining risks facing financial institutions: activities that once required specialist teams, significant resources and weeks of effort can increasingly be performed at machine speed by comparatively low-resource threat actors, placing offensive capabilities on a faster development curve than the defensive and regulatory mechanisms designed to contain them. That is not a forecast anymore. It is a live product category.
A malware kit anyone can rent
The clearest evidence sits outside the report itself, in a piece of Android malware documented the same week. RedWing is sold as a complete product, in subscription tiers with referral discounts, guides and how-to videos, so a buyer needs no malware-writing skill; a Telegram bot builds each buyer a custom app on demand, The Hacker News reported, citing Zimperium's zLabs research on the operation. Once it is installed on a victim's phone, the app can execute a hidden USSD command that redirects all of the victim's incoming calls to an attacker-controlled number, which neutralises voice-based two-factor authentication and lets the attacker bypass a bank's own fraud-prevention phone calls, per Zimperium. RedWing is not the AI-driven attack the report warns about. It is the same underlying pattern in a cheaper wrapper: a capability that once needed a skilled operator now needs a subscription and a phone number.
What the same regulator's own survey calls the bigger risk
The Reserve Bank of India's numbers point the same direction. In its Financial Stability Report survey of scheduled commercial banks and NBFCs, published in June 2026, AI-enabled cyber threats emerged as the single most significant risk expected over the next 12 months, even as 67 percent of respondents reported an increase in cybersecurity staffing between March 2025 and March 2026, and cybersecurity spending as a share of IT spending increased for 71 percent of respondents over the prior three financial years. More money and more staff did not lower the risk banks say worries them most; the two numbers sit side by side in the same survey.

Source: Reserve Bank of India, Financial Stability Report, June 2026. Chart: The Signal.
Third-party and supply-chain dependency ranked as the second most significant cyber risk in the same survey, with 93 percent of respondents partially or substantially dependent on external vendors for cybersecurity functions such as security-operations-centre monitoring, cloud security, incident response, threat intelligence and vulnerability assessment. Between them, the survey's own top two risks are an AI-enabled attack surface and a vendor-dependent security stack, and neither is something an individual bank can fix by writing a bigger cheque for its own IT budget.
The fix that shipped points elsewhere
The regulatory response that actually shipped this year runs in a different direction. RBI's June 2026 Amendment Directions broaden customer-liability protection to more categories of digital-banking fraud, reduce the time banks are allowed to take processing fraud complaints, and introduce a compensation mechanism for small-value fraudulent electronic transactions, effective for transactions from January 1, 2027.
Every provision in RBI's June 2026 Amendment Directions addresses the customer's side of a fraud, not the bank's security stack.
| What changes | What it does |
|---|---|
| Liability protection | Extends the existing limits on a customer's liability to cover more categories of fraudulent electronic banking transactions |
| Complaint handling | Cuts the time banks are allowed to take to process a complaint about a fraudulent transaction |
| Compensation mechanism | Introduces compensation for small-value fraudulent electronic transactions, for transactions from January 1, 2027 |
Source: Reserve Bank of India, press release on the Amendment Directions.
Nothing in that list requires a bank to reduce its dependence on outside vendors, or to demonstrate resilience against an AI-enabled attack. It is a set of rules for what happens after money has already moved.
The honest objection
The strongest case for the Amendment Directions is that consumer protection is not a lesser problem wearing a smaller badge. A depositor whose account is drained through RedWing's call-forwarding trick has no way to renegotiate a bank's vendor contracts or audit an attacker's AI tooling; a shorter complaint window and a guaranteed compensation floor are real, immediate relief, and they take effect on a fixed date regardless of how the harder infrastructure problem is going. The 67 percent of banks that already raised staffing and the 71 percent that already raised the cybersecurity share of their IT budget suggest the infrastructure side is not being ignored either, just handled inside individual banks rather than through a rule from the regulator.
That case holds for the complaint and compensation provisions on their own terms. It does not close the gap in pace. The threat report went from prediction to six of seven fully realised in twelve months; the compensation mechanism for customers takes effect more than six months after its own announcement, and nothing in the Amendment Directions touches the 93 percent vendor-dependency figure the same regulator's own survey ranks as its second-highest risk. Spending more each year inside individual banks is not the same instrument as a rule that changes how the sector's shared vendor dependence is managed.
The Signal
The six-of-seven scorecard is not really a story about MeitY's forecasting skill. It is a measure of how fast offense now moves once a capability turns into a rented product instead of a rare skill, RedWing's Telegram bot and subscription tiers among the clearest evidence of that shift. RBI's answer this year was to make the customer whole faster after money is already gone, not to require the vendor-dependent security stack its own survey flags as the sector's second-highest risk to change. Both responses are real and neither is wrong on its own terms. The mismatch is in the clock: attackers are working off a forecast that keeps arriving on schedule, and the rule written for depositors does not start running until January 1, 2027. Watch whether the next Financial Stability Report shows the AI-enabled and third-party risk rankings easing once that date passes. If they do not, the report will keep calling the offense correctly while the defence keeps answering a different question.
Reporting basis: the Digital Threat Report 2025-26's prediction scorecard and its AI-asymmetry framing are per the Press Information Bureau's release, jointly issued by MeitY, CERT-In, CSIRT-Fin and SISA. The claim that frontier AI models can now attack banks with minimal human help is as told by ThePrint, citing the same launch. The RedWing hidden call-forwarding mechanism is Zimperium zLabs' original research, and its Telegram-based subscription model is as told by The Hacker News, attributing its account to the same zLabs research; this is one research origin relayed by two outlets, not two independent findings. The cybersecurity risk-perception and spending figures and the third-party dependency figure come from the Reserve Bank of India's Financial Stability Report, June 2026. The Amendment Directions' provisions and effective date are from the Reserve Bank of India's own press release. No figure in this piece is a Signal calculation; every number is told directly by its cited source.



