Tweezing out for dormancy: RBI intends to intensify regulatory audits of NBFCs

/0 Comments/in , , /by
  • By CS Anita Baid, Vice President, Vinod Kothari Consultants P. Ltd.

As per reports available on public domain[1], the RBI intends to intensify regulatory audits of non-banking finance companies, to find dormancy, non-compliance, non clarity of business models, or other risks that the regulator may wish to check. The intent seems to be weed out the truant ones out of the crowd of over 9000 NBFCs that exist. It is a fact that in the recent years, the RBI has been granting lesser new registrations, and canceling more of existing registrations, causing the number to come down. It is also important to note that if the number of NBFCs looks overwhelming, it is not because so many companies are into real operation: it is because the regulations currently define a company investing its owned capital into financial investments, with absolutely no access to either public funds or customer interface, as an NBFC, by imputing the public interest that actually does not exist. The number would have been a lot lesser had the regulator had the realisation that if there are no public funds, no customer interface and investment of owned funds being done, there is no reason for the regulator to interfere, as the intent of the country’s Central Bank cannot be to regulate investment activity that one does with one’s own money.

While this issue remains to be advocated for a potential reform, in the meantime, it is important for NBFCs to brace up for the RBI’s inquisitorial interest.

This article is intended to help NBFCs to be better prepared for such regulatory interface.

Backdrop

The Reserve Bank of India (RBI) cancelled the certificate of registration (CoR) of 3,110 NBFCs between FY15 and FY22, with the largest number of cancellations (1,851) being in FY19. As on October 1, 2022, the CoRs of 5,451 NBFCs were cancelled by the central bank. The RBI proposes to carry out regulatory audit of the middle layer NBFCs, which would be about 9500 in number, and the said audit exercise could eventually lead to cancellation of CoRs of more NBFCs in FY24.

The intent of the aforesaid data is not the scare the audience of this writeup, but to caution them about the repercussions due to non-compliance of regulatory provisions.

RBI is the apex body authorised under the RBI Act, 1934[2] to conduct inspection of any  non banking institution, including financial institution. Moreover, section 45NAA of the RBI Act, 1934 (effective from 9th August, 2019) authorises the RBI to conduct inspection of any group company of the NBFC as well. Though the annual inspection is not mandatory for NBFCs, the RBI has reserved powers to itself to undertake need based inspection. Further, the RBI does not disclose the report of the inspections conducted by it in the public domain and so the general public does not have access to such inspection reports.

While regulating the financial sector, the RBI takes a holistic view of the operations and procedures followed by the NBFC and its compliance with the statute. Accordingly, there is a need for having a preparedness by the NBFCs to be able to tackle the regulatory inspection at any point of time. The regulator’s approach to supervision is stability and systemic risk and hence, focus usually is on risk management, specifically the asset side risks, such as NPAs, evergreening, risk of concentricity as well as the liability side risk which includes quality of Net Owned Fund (NOF) and other long term funds, maturity structure of liabilities and ALM issues. Another important concern of the RBI has been the corporate governance risk which involves quality of management, succession plans, IT and systems risk, fraud risk, KYC/AML risk, etc.

Process of RBI Audit or Inspection

The RBI undertakes inspection with a view to ascertain the following:

  • Compliance with the directions issued by the RBI and other regulatory compliances as may be applicable to the NBFC;
  • Soundness in functioning and internal controls of the NBFC;
  • Financial stability of the NBFCs as they play a pivotal role in operations of the economy.
  • Protection of interest of depositors/customers and lenders and protection of interest of public, in general
  • Adequacy of IT systems

To review the aforesaid, RBI usually conducts audits or inspection by following the dual approach- offsite monitoring and onsite inspection[3].

Let us discuss some of the major areas of concerns that the regulator has recently been focusing on:

Dormancy Concerns

Most of the recent cancellations of the CoR by the RBI has been due to the fact that the NBFC is not in operation. The registered office of the NBFC may not be maintained and it may be just a on paper operation- this is a reason for concern and hence, attracts the attention of the regulator.

Fair Lending Practices

The recent guidelines on digital lending was a consequence of the varied innovative practices among the market players lending to the retail customers with the aid of technology. As customers increasingly resorted to digital platforms for quick short-term loans, several such NBFCs violated extant regulations and guidelines on outsourcing and Fair Practices Code (FPC).

Fairness of lending practices would require disclosure of annualised percentage rate, transparency of terms and conditions, sharing of loan agreement and other terms with the borrowers, and compliance with corporate governance practices.

Renting of COR

The RBI has not been easily granting new licences to entities intending to carry out financial activities and operate as an NBFC. However, several such entities are entering into arrangements with existing NBFCs to participate in the risk and rewards arising with the lending business.

The RBI has also been raising concerns that the function of lending like origination of loans, conducting of due diligence, funding, credit risk, disbursement and collection are outsourced by NBFCs to fintechs acting as service providers, which is backed by FLDG Deposits. In return the NBFC receives a reward hurdle rate and rest all the components of the income like interest income beyond the hurdle rate, commission fee etc. is kept by fintech. Such activities are akin to renting of certificate of registration for a fee.

Synthetic lending practices or FLDG structures

Third-party security or third-party guarantee is a common feature in any lending transaction. Any financier would usually seek guarantees from persons who are well aware of the borrower and borrower’s financial position. Such guarantors would not necessarily be financial sector entities, and in fact, are usually individuals and entities having similar status as the borrower. Several NBFCs have been piggybacking on credit support of such other entities.

The loan or credit asset is being recorded in the books of the NBFC, but it is transparently clear that the NBFC is leaning on the funded first loss default guarantee of the service provider. On the face of it the NBFC is doing a credit DD, but really, the NBFC couldn’t care less for the customer’s risk, as neither origination, nor servicing, nor the associated risk is with the NBFC. Once again, it may be argued that the guarantee that the service provider has given is only a part of the total portfolio, say 10% and there is still a 90% exposure on the ultimate borrowers. However, given the expected loss rates, that 10% will effectively cover 6-9% expected losses, and to an extent unexpected losses too. In essence, the servicer has a synthetic exposure in the underlying pool of loans, with the risk as well as rewards on the loans. The NBFC actually has an exposure in the servicer, backed by funded collateral, but the same is not reported anywhere.

Digital lending aspects

In the digital lending sector domain, the RBI has a host of concerns over inappropriate recovery methods and privacy of the customers as the lending applications usually get access to customers’ personal information on the phone. There have been instances wherein the recovery agents use customers’ personal data for loan recovery. The practice of customers’ sharing of KYC documents with unauthorised personnel is also not in line with the regulatory provisions. The lack of transparency over the interest rates charged by the digital lending platforms and exorbitant hidden charges charged by these platforms.

While conducting the audit, RBI specifically reviews the following:

  • Adherence to KYC norms for customers through online platforms;
  • Operating procedure adopted for loan disbursement;
  • Data storage and protection;
  • Development of application and security norms.

With the implementation of the new Digital Lending Guidelines[4], the checks by regulators would now be carried out around the same. Compliance with the privacy policy, flow of funds, disclosure of Key Fact Statement and such other requirements prescribed thereunder must be ensured accordingly.

Restructuring and provisioning

Most of the restructuring practices of NBFCs have been towards evergreening of loans. As per the regulatory provisions, any restructuring leads to a deterioration in the asset classification, but in several instances the terms have been modified but such concession has been implemented without change of classification- such as granting new loans for repayment of earlier loan.

There have also been circumstances wherein restructuring has been done without borrower’s consent – thereby modifying the terms of the loans to retain the asset classification in the books of the lender without any assurance of repayment by the borrower.

Terms of lending, specially demand/call loans

One of the objectives of the regulator is to assess the robustness of the internal credit approval process. Hence, RBI seeks information about the internal ratings assigned to each borrower which comes from the internal scoring model. It is expected that the concerned persons in the credit team of the NBFC must have full understanding of the internal scoring model. The internal score will be relevant for establishing the probability of default from the internal score; determining the relation between the rate of interest charged and the internal score as well as monitoring of changes in internal score and the actions taken by the lender.

Corporate Governance

Details of directors and their attendance in board meetings are also sought while conducting the audit or inspection of an NBFC. If certain directors have not been regular in board meetings, it raises adverse implications. In some cases, observations have been made even on the quality of board minutes, that the minutes are not detailed or speaking minutes. In many cases, basis of approval of related party transactions has also been questioned.

Reporting obligations

Instances are usually found on non-reporting to CICs/CRILC or information utilities. NBFCs should ensure that all such reporting obligations have been taken care of under various directives issued by RBI from time to time.

Implications of non-compliances and penalties

Any non compliances brought in light may not only result in hefty penalties, but it also poses non- financial risks such as:

Closing remarks

The above is just an indicative list of potential but prominent concerns which NBFCs should be mindful of. Any non-compliance and consequent regulatory action would pose risks of costs and penalties, going to the extent of cancellation of regulatory licenses as well as leading to reputational damage. Hence, NBFCs must be well-prepared to avoid/make good any such non-compliances. To ensure this, NBFCs should have well-designed and standardised policies/standard operating procedures in place; appropriate organisational hierarchy of responsibility and authority; a strong system of board and board committee oversight, appropriate review and internal control and monitoring systems, strong internal audit, etc. Besides, NBFCs may consider going for a third party compliance assessment at periodic intervals to capture compliance weaknesses in time and work upon the same for necessary alignment.

Other articles on topics of interest:

FAQs on Digital Lending Regulations

Digital lending: Footnote prescriptions heavier than the headlines

RBI Regulations on Digital Lending:

Modes of Restructuring of Stressed Accounts

Lending without risk and risk without lending:

Structured Default Guarantees

[1] https://www.thehindubusinessline.com/money-and-banking/rbi-to-audit-some-9000-nbfcs-to-weed-out-non-serious-players/article66334017.ece

[2] https://rbidocs.rbi.org.in/rdocs/Publications/PDFs/RBIAM_230609.pdf

[3] The Core Principles of Banking Supervision were promulgated by the BCBS in Sept, 2012- https://www.bis.org/publ/bcbs230.htm

Further, Basel Committee published Frameworks for Early Supervisory Intervention, in March 2018- https://www.bis.org/bcbs/publ/d439.pdf

[4] https://rbidocs.rbi.org.in/rdocs/notification/PDFs/GUIDELINESDIGITALLENDINGD5C35A71D8124A0E92AEB940A7D25BB3.PDF

You might also like
RBI proposes to strengthen governance in Banks
Introduction to Commercial Paper
India securitisation volumes 2024: Has co-lending taken the sheen?
Rationalisation of KYC- Measures for relief or technical advancement?
Inter-lender balance transfer of loans: understanding the nuances
Revised ODI Norms: A step towards greater clarity & liberalization?
Liquidity stress testing for NBFCs
RBI Framework for Green Deposits
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *