On 5 November 2025, confronted with the most consequential regulatory question of the decade, the Government of India declined to pass a law. In place of a statute, the Ministry of Electronics and Information Technology released the India AI Governance Guidelines under the IndiaAI Mission ~ a framework built not around prohibitions and penalties but around seven sutras, a term lifted from classical Indian grammarians rather than from Brussels or Washington. The vocabulary was not ornamental. It was the argument. The first thing to grasp is what the Guidelines are not.
They are not legislation. They create no new offence, impose no fine, and confer no fresh statutory power. Their drafting committee said as much in terms: a separate AI-specific legislation, it concluded, “is not required at this stage, as most risks can be addressed through current laws and timely enforcement.” Those current laws are not thin ~ the Information Technology Act of 2000, the Digital Personal Data Protection Act of 2023, the Copyright Act, consumer and criminal statutes ~ and the Guidelines lean on them deliberately, reserving fresh law for the gaps that existing law cannot reach. The document has four moving parts.
Seven guiding principles, styled sutras, sit at the top. Beneath them run recommendations across six pillars of governance; then an action plan mapped to short-, medium- and long-term horizons; and finally practical guidance for developers, deployers and regulators. The seven sutras are worth naming precisely because secondary summaries routinely blur them: Trust is the Foundation; People First; Innovation over Restraint; Fairness and Equity; Accountability; Understandable by Design; and Safety, Resilience and Sustainability.
Note the sixth. It is not “transparency,” the word most commentators reach for, but “Understandable by Design” ~ a subtler and more demanding idea. Transparency asks that a system’s workings be disclosed; understandability asks that they be intelligible to the person the decision falls upon. For a borrower refused credit, or an investor whose order is rejected, that difference is the whole difference. Explainability, in the sutra’s reading, is owed first to the governed, and only then to the auditor. Why refuse a statute at all? Because India has read the alternatives and declined both.
The European Union’s AI Act governs through prohibited categories and graduated penalties reaching seven per cent of global turnover ~ a compliance architecture erected before the technology has settled. The United States has leaned on voluntary commitments and the NIST risk framework, governance by encouragement. India has chosen a third path, stated plainly in the Guidelines: to govern the applications of AI by empowering the sectoral regulators, and not to regulate the underlying technology itself. The Reserve Bank, SEBI, IRDAI and TRAI are each to govern AI within their own domain rather than wait on a single legislature to govern it for all.
This is less a vacuum than a stack. Above the sectoral regulators the Guidelines propose a whole-of-government layer: an AI Governance Group to coordinate, a Technology and Policy Expert Committee to advise, and an AI Safety Institute to test systems and set standards. Responsibility for the financial sector is assigned to the Ministry of Finance and the Reserve Bank. The centre, in other words, sets the principle and the architecture; the regulators supply the enforceable detail, each within the domain they already know best.
The design is deliberately risk-calibrated rather than uniform ~ closer oversight where the stakes are high, lighter self-regulation where they are not ~ the opposite of a single rulebook applied flat across every use. This is where the choice of sutra stops being a flourish and becomes a theory of regulation. A sutra, in the Sanskrit tradition, is a thread ~ the literal meaning of the word ~ spun as tightly as language allows.
Panini’s grammar and the Brahma-sūtra are chains of aphorisms so compressed as to be almost unreadable alone, and none was meant to be read alone: a sutra exists to generate its bhā�ya, the commentary that unfolds what the aphorism folds shut. Read through the Nyāya tradition of Indian logic, the principles acquire an epistemic edge ~ Trust echoing the demand that a source of knowledge be reliable before its output is accepted; Understandable by Design recalling the requirement that a valid inference be one another reasoner can reconstruct; Accountability insisting on a visible agent behind the act.
This is an interpretive lens, not a claim about the drafters’ intent, but it captures the design: the incompleteness is deliberate. To govern AI by seven sutras is to say that the centre supplies the thread and the sectoral regulators supply the commentary. That commentary has already begun, and its first hard edge lies not in the Guidelines but in the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026 ~ notified as G.S.R. 120(E) on 10 February 2026 and in force from 20 February 2026.
The Rules define “synthetically generated information” narrowly, catching deceptive AI-made audio and video while expressly sparing routine editing, and require it to be labelled prominently and marked with permanent metadata or provenance. The largest social-media intermediaries must obtain a user’s declaration that content is synthetic, verify it by technical means, and stand to lose their safe-harbour protection under Section 79 of the IT Act where they knowingly carry unlawful synthetic material; takedown windows contract from thirty-six hours to three, and to two for non-consensual intimate imagery.
It is the sutra of Accountability, and of Safety, made enforceable in a single domain ~ and a template for the rest of the economy: a terse principle at the centre, given binding content sector by sector. Nowhere will that translation matter more, or arrive faster, than in finance, where the regulator has already written its own commentary.
(The writer is a practicing Chartered Accountant and a Vedantic Scholar and can be reached at kannan@cakt.in)