Strengthening the Core: How India’s Financial Institutions Are Rewriting Strategic Governance
5 min read
Introduction: Riding the UPI Wave – But at What Cost?
It began as a marvel. Then a movement. Now, it’s a force.
India’s Unified Payments Interface (UPI) hasn’t just redefined convenience-it’s rewritten the very infrastructure of trust in money movement. In May 2025 alone, ₹26 lakh crore zipped through 20.1 billion transactions – surging ahead from January’s already staggering ₹23.5 lakh crore.
But beneath this velocity lies a paradox: while India leads the world in digital payments volume, is its financial ecosystem – banks, fintechs, and yes, their boards – truly strategic, or just reactive? Can our governance frameworks carry the weight of a system that’s moving faster than regulation, training, or even cybersecurity?
1. UPI’s Meteoric Rise – And the Strategic Ripples Beyond Borders
The Numbers Tell One Story. In FY 2024 – 25, UPI clocked 185.8 billion transactions – a 41% year-on-year leap – processing ₹261 lakh crore, up from ₹200 lakh crore the previous year. But these figures only scratch the surface.
The Real Story? Transformation at the Margins.
- In Rajasthan’s deserts and Mizoram’s hills, QR codes now outnumber passbooks.
- In Ghana and Singapore, Indian UPI rails are becoming templates for inclusive digital infrastructure.
- In Germany, a Mumbai exporter is piloting real-time UPI-Euro settlements via PayPal World and Tencent – reducing FX and remittance costs by up to 30%.
Strategic Insight: As Indian digital rails go global, Indian governance cannot remain local. Our regulatory frameworks must start envisioning a “global operating model” – complete with cross-border compliance, consumer protection harmonisation, and geopolitical scenario planning.
And here’s the kicker: NPCI’s pilot with the Asian Development Bank to deploy solar-powered UPI PoS machines in rural Bihar isn’t just eco-conscious – it’s a prototype for digital sustainability. Every transaction now offsets 0.02g of CO₂. India’s payment system could soon double as a climate play.
2. The MDR Debate: Revenue Models vs. Resilience
As usage soars, the infrastructure strains. Annual growth is slowing to 25%. Servers groan. Cyber-threats evolve. Payment Service Providers (PSPs) stare down the barrel of rising capex.
Hence, the MDR (Merchant Discount Rate) debate.
Proposed: A 0.2–0.3% MDR on large-merchant UPI transactions.
Arguments:
- Pro: Funds innovation, cybersecurity, and redundancy. Keeps private players vested.
- Con: May nudge kirana stores back to cash. Risks widening digital inequality.
Strategic Governance Pivot:
India’s CEOs and boards must ask – not just what’s fair, but what’s sustainable. Flat MDR models are blunt instruments. Instead, a calibrated fee architecture – tiered by transaction volume, merchant size, or industry vertical – could balance ecosystems.
Example:
An e-commerce behemoth processing ₹500 crore/month via UPI pays 0.3%.
A village ration shop doing ₹10,000/month? Pays nothing.
This is not just policy finesse. It’s inclusion by design. Strategy by empathy.
3. Risk in a Borderless Era: Cyber, Climate – and the Missing Conversations
It’s no longer just about firewalls.
Risk today is multi-dimensional – cyber, climate, compliance, conduct – and converging fast.
Yet here’s the governance gap:
Boards still treat these as separate conversations. Cyber in one committee. ESG in another. Compliance elsewhere. But the real threats today don’t arrive siloed.
Let’s look at the field:
- SBI’s AI Fraud Shield (Q1 2025): Anomaly detection AI scanned 100 million daily transactions, blocking ₹150 crore in attempted frauds in 3 weeks.
- Bandhan Bank x Fintech in Jharkhand: UPI-based disbursals increased credit access by 22%. But it also exposed new vectors of data leakage and social engineering.
Strategic Risk Takeaway:
Boards must evolve from tick-the-box governance to dynamic foresight mechanisms. That means:
- Unified Risk Taxonomies: Credit, cyber, and climate assessed together.
- Stress Simulations: Not just for Basel stress tests, but for real-world black swans – like Chennai flooding or a rogue AI-led payment rerouting.
- Scenario Playbooks: What if 30% of Indian internet access is disrupted during a geopolitical standoff?
These are no longer hypothetical.
4. The Leadership Blueprint: Governance at the Speed of Innovation
Dr. Aneish Kumar, with 35 years in global banking – including as BNY Mellon’s India Country Head – has guided more than a dozen boards through transformation. His playbook, increasingly adopted by fintechs and NBFCs alike, includes:
- Board Cyber Simulations: “What would your Board do if your core banking system goes dark for 48 hours?”
- Real-Time KPIs: Not just quarterly ROAs, but daily dashboards on fraud detection, suspicious flows, and regulatory escalations.
- Human Capital Risk Reporting: Attrition among cybersecurity analysts now sits beside financials in quarterly packs.
“In a world ruled by code, we still need conscience,” he says. “No innovation is worth it if your people don’t sleep at night, or your customers lose trust by morning.”
A strategic leader doesn’t just chase growth – they shape the guardrails that growth must honour.
5. The Talent-Governance Equation: Your System is Only as Smart as Your People
According to NASSCOM, 75% of Indian banks plan to increase AI spending by 30% in the next 24 months.
Yet only 40% have a structured upskilling roadmap for mid-management. That’s not just an HR issue. It’s a strategic failure.
Here’s the irony:
You might deploy a ₹1,000 crore AI-powered surveillance system. But if your operations manager clicks on a phishing link? Game over.
Dr. Kumar’s Provocation to Boards:
“When tech goes rogue – or fails – who steps in? If your answer isn’t crystal clear, your system isn’t robust. It’s brittle.”
Strategic Priority for CHROs and CIOs:
- Dual-track L&D: Build technical fluency and ethical literacy.
- Board Literacy Mandates: Directors must be AI- and cyber-fluent – not expert coders, but fluent in oversight.
Think about it: If regulators now demand climate and cyber disclosures, shouldn’t boards demand climate and cyber training?
Conclusion: Resilience Is the New Alpha
India’s digital finance journey is spectacular. But speed without scaffolding can collapse under its own weight.
As UPI scales globally and fintechs iterate faster than laws can catch up, CEOs and boards must internalize a new mantra:
“The next disruption won’t wait for your next meeting.”
Strategic governance isn’t just about preventing fraud or ticking ESG boxes. It’s about orchestrating foresight, funding resilience, and fostering trust – all at once.
Our institutions must stop reacting to yesterday’s crisis and start rehearsing for tomorrow’s possibility.
Because when the next shock hits – a cyber-attack, a climate event, a regulatory embargo – your strategy won’t be what you write in the boardroom.
It will be what you rehearsed.
