India continues to face a critical debate: Should the country invest in developing its own foundational LLM or focus on building applications on top of those developed by others? Mahesh Ramamoorthy, CIO of Yes Bank, believes there is no right or wrong answer, but a complicated way forward.
At Razorpay FTX’25, Ramamoorthy emphasised the need for a structured approach involving regulatory oversight and public-private partnerships, outlining the complexity of building an LLM.
“At the base of everything is data,” he stated, explaining that financial institutions, for instance, have access only to their own data and operate under stringent compliance regulations. This limited scope makes developing a comprehensive, unbiased AI model difficult.
While technological expertise exists in India, a key challenge lies in training these models effectively. The current regulatory framework further constrains access to data. Banks and financial institutions rely on consent-based mechanisms, such as credit bureaus, which restrict their ability to aggregate diverse datasets.
“As regulated entities, we are aligned to compliance expectations, which means that our ability to seek data beyond what we have or beyond the credit bureaus is essentially consent-based,” Ramamoorthy noted.
Public-Private Data Partnership
To address this challenge, Ramamoorthy proposed a triage approach involving regulators, private financial entities, and technology firms. He focused on the need for a centralised entity that can aggregate data from multiple sources while ensuring privacy and compliance.
“That entity can build a credible database beyond what we see today in the credit bureaus,” he explained, adding that this would allow banks and financial institutions to develop domain-specific AI models without compromising data security.
He further highlighted the importance of making this data a national asset. “As a country, we need to have our own data mart, which can be used as a sovereign property, rather than looking at third parties for it,” he said.
Ramamoorthy stressed that a regulatory framework is crucial to ensure fair and responsible AI development. “Such things require a fair bit of regulatory oversight framework,” he said, advocating for a structured mechanism where data usage is consent-based and well-governed.
He acknowledged that initial steps toward building AI infrastructure are already in motion, but integrating regulators such as the Reserve Bank of India (RBI), the Securities and Exchange Board of India (SEBI), and the Insurance Regulatory and Development Authority of India (IRDAI) will be crucial.
“In the next 12-18 months, I can see some significant call-outs coming here,” he predicted, noting that emerging business models will shape the way AI is developed and deployed in India.
The Road Ahead
Ramamoorthy remains optimistic about India’s AI journey. While challenges exist, the country is well-positioned to build its own foundational models. He pointed to the potential role of credit bureaus in expanding their portfolio to contribute to AI model development.
“Could they be expanding their portfolio? Because they’re also regulated by the RBI in some form. So, can they be used to expanding their business portfolio with different partnerships?” he pondered.
“We’re not going to be far behind on that. But frameworks, regulations, and entities will be key to our success. I don’t think we should rely extensively on outside of India. We should build on that.”
Yes Bank has been optimistic about implementing AI in several of its offerings. It is shifting from traditional robotic process automation (RPA) to a more advanced, AI-powered approach. Yes Robot, launched during the COVID-19 pandemic, continues to be a key customer engagement tool. It supports service requests and enables product cross-selling and upselling.
The bank follows a structured cloud strategy focused on scalability, resilience, and security. By working with multiple cloud service providers, Yes Bank has improved operational efficiency through cost optimisation, elastic computing resources, on-demand scalability, and automated recovery processes.
