Digital Consumer Lending: Need for prudential measures and addressing consumer protection

-Siddarth Goel (finserv@vinodkothari.com)

Introduction

“If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck”

The above phrase is the popular duck test which implies abductive reasoning to identify an unknown subject by observing its habitual characteristics. The idea of using this duck test phraseology is to determine the role and function performed by the digital lending platforms in consumer credit.

Recently the Reserve Bank of India (RBI) has constituted a working group to study how to make access to financial products and services more fair, efficient, and inclusive.[1]  With many news instances lately surrounding the series of unfortunate events on charging of usurious interest rate by certain online lenders and misery surrounding the threats and public shaming of some of the borrowers by these lenders. The RBI issued a caution statement through its press release dated December 23, 2020, against unauthorised digital lending platforms/mobile applications. The RBI reiterated that the legitimate public lending activities can be undertaken by Banks, Non-Banking Financial Companies (NBFCs) registered with RBI, and other entities who are regulated by the State Governments under statutory provisions, such as the money lending acts of the concerned states. The circular further mandates disclosure of banks/NBFCs upfront by the digital lender to customers upfront.

There is no denying the fact that these digital lending platforms have benefits over traditional banks in form of lower transaction costs and credit integration of the unbanked or people not having any recourse to traditional bank lending. Further, there are some self-regulatory initiatives from the digital lending industry itself.[2] However, there is a regulatory tradeoff in the lender’s interest and over-regulation to protect consumers when dealing with large digital lending service providers. A recent judgment by the Bombay High Court ruled that:

“The demand of outstanding loan amount from the person who was in default in payment of loan amount, during the course of employment as a duty, at any stretch of imagination cannot be said to be any intention to aid or to instigate or to abet the deceased to commit the suicide,”[3]

This pronouncement of the court is not under criticism here and is right in its all sense given the facts of the case being dealt with. The fact there needs to be a recovery process in place and fair terms to be followed by banks/NBFCs and especially by the digital lending platforms while dealing with customers. There is a need to achieve a middle ground on prudential regulation of these digital lending platforms and addressing consumer protection issues emanating from such online lending. The regulator’s job is not only to oversee the prudential regulation of the financial products and services being offered to the consumers but has to protect the interest of customers attached to such products and services. It is argued through this paper that there is a need to put in place a better governing system for digital lending platforms to address the systemic as well as consumer protection concerns. Therefore, the onus of consumer protection is on the regulator (RBI) since the current legislative framework or guidelines do not provide adequate consumer protection, especially in digital consumer credit lending.

Global Regulatory Approaches

US

The Office of the Comptroller of the Currency (OCC) has laid a Special Purpose National Bank (SPNV) charters for fintech companies.[4] The OCC charter begins reviewing applications, whereby SPNV are held to the same rigorous standards of safety and soundness, fair access, and fair treatment of customers that apply to all national banks and federal savings associations.

The SPNV that engages in federal consumer financial law, i.e. in provides ‘financial products and services to the consumer’ is regulated by the ‘Consumer Financial Protection Bureau (CFPB)’. The other factors involved in application assessment are business plans that should articulate a clear path and timeline to profitability. While the applicant should have adequate capital and liquidity to support the projected volume. Other relevant considerations considered by OCC are organizers and management with appropriate skills and experience.

The key element of a business plan is the proposed applicant’s risk management framework i.e. the ability of the applicant to identify, measure, monitor, and control risks. The business plan should also describe the bank’s proposed internal system of controls to monitor and mitigate risk, including management information systems. There is a need to provide a risk assessment with the business plan. A realistic understanding of risk and there should be management’s assessment of all risks inherent in the proposed business model needs to be shown.

The charter guides that the ongoing capital levels of the applicant should commensurate with risk and complexity as proposed in the activity. There is minimum leverage that an SPNV can undertake and regulatory capital is required for measuring capital levels relative to the applicant’s assets and off-balance sheet exposures.

The scope and purpose of CFPB are very broad and covers:

“scope of coverage” set forth in subsection (a) includes specified activities (e.g., offering or providing: origination, brokerage, or servicing of consumer mortgage loans; payday loans; or private education loans) as well as a means for the CFPB to expand the coverage through specified actions (e.g., a rulemaking to designate “larger market participants”).[5]

CFPB is established through the enactment of Dood-Frank Wall Street Reform and Consumer Protection Act. The primary function of CFPB is to enforce consumer protection laws and supervise regulated entities that provide consumer financial products and services.

“(5)CONSUMER FINANCIAL PRODUCT OR SERVICES  The term “consumer financial product or service” means any financial product or service that is described in one or more categories under—paragraph (15) and is offered or provided for use by consumers primarily for personal, family, or household purposes; or **

“(15)Financial product or service-

(A)In general The term “financial product or service” means—(i)extending credit and servicing loans, including acquiring, purchasing, selling, brokering, or other extensions of credit (other than solely extending commercial credit to a person who originates consumer credit transactions);”

Thus CFPB is well placed as a separate institution to protect consumer interest and covers a wide range of financial products and services including extending credit, servicing, selling, brokering, and others. The regulatory environment has been put in place by the OCC to check the viability of fintech business models and there are adequate consumer protection laws.

EU

EU’s technologically neutral regulatory and supervisory systems intend to capture not only traditional financial services but also innovative business models. The current dealing with the credit agreements is EU directive 2008/48/EC of on credit agreements for consumers (Consumer Credit Directive – ‘Directive’). While the process of harmonising the legislative framework is under process as the report of the commission to the EU parliament raised some serious concerns.[6] The commission report identified that the directive has been partially effective in ensuring high standards of consumer protection. Despite the directive focussing on disclosure of annual percentage rate of charge to the customers, early payment, and credit databases. The report cited that the primary reason for the directive being impractical is because of the exclusion of the consumer credit market from the scope of the directive.

The report recognised the increase and future of consumer credit through digitisation. Further the rigid prescriptions of formats for information disclosure which is viable in pre-contractual stages, i.e. where a contract is to be subsequently entered in a paper format. There is no consumer benefit in an increasingly digital environment, especially in situations where consumers prefer a fast and smooth credit-granting process. The report highlighted the need to review certain provisions of the directive, particularly on the scope and the credit-granting process (including the pre-contractual information and creditworthiness assessment).

China

China has one of the biggest markets for online mico-lending business. The unique partnership of banks and online lending platforms using innovative technologies has been the prime reason for the surge in the market. However, recently the People’s Bank of China (PBOC) and China Banking and Insurance Regulatory Commission (CBIRC) issued draft rules to regulate online mico-lending business. Under the draft rules, there is a requirement for online underwriting consumer loans fintech platform to have a minimum fund contribution of at least 30 % in a loan originated for banks. Further mico-lenders sourcing customer data from e-commerce have to share information with the central bank.

Australia

The main legislation that governs the consumer credit industry is the National Consumer Credit Protection Act (“National Credit Act”) and the National Credit Code. Australian Securities & Investments Commission (ASIC) is Australia’s integrated authority for corporate, markets, financial services, and consumer credit regulator. ASIC is a consumer credit regulator that administers the National Credit Act and regulates businesses engaging in consumer credit activities including banks, credit unions, finance companies, along with others. The ASIC has issued guidelines to obtain licensing for credit activities such as money lenders and financial intermediaries.[7] Credit licensing is needed for three sorts of entities.

  • engage in credit activities as a credit provider or lessor
  • engage in credit activities other than as a credit provider or lessor (e.g. as a credit representative or broker)
  • engage in all credit activities

The applicants of credit licensing are obligated to have adequate financial resources and have to ensure compliance with other supervisory arrangements to engage in credit activates.

UK

Financial Conduct Authority (FCA) is the regulator for consumer credit firms in the UK. The primary objective of FCA ensues; a secure and appropriate degree of protection for consumers, protect and enhance the integrity of the UK financial system, promote effective competition in the interest of consumers.[8] The consumer credit firms have to obtain authorisation from FCA before carrying on consumer credit activities. The consumer credit activities include a plethora of credit functions including entering into a credit agreement as a lender, credit broking, debt adjusting, debt collection, debt counselling, credit information companies, debt administration, providing credit references, and others. FCA has been successful in laying down detailed rules for the price cap on high-cost short-term credit.[9] The price total cost cap on high-cost short-term credit (HCSTC loans) including payday loans, the borrowers must never have to pay more in fees and interest than 100% of what they borrowed. Further, there are rules on credit broking that provides brokers from charging fees to customers or requesting payment details unless authorised by FCA.[10] The fee charged from customers is to be reported quarterly and all brokers (including online credit broking) need to make clear that they are advertising as a credit broker and not a lender. There are no fixed capital requirements for the credit firms, however, adequate financial resources need to be maintained and there is a need to have a business plan all the time for authorisation purposes.

Digital lending models and concerns in India

Countries across the globe have taken different approaches to regulate consumer lending and digital lending platforms. They have addressed prudential regulation concerns of these credit institutions along with consumer protection being the top priority under their respective framework and legislations. However, these lending platforms need to be looked at through the current governing regulatory framework from an Indian perspective.

The typical credit intermediation could be performed by way of; peer to peer (P2P) lending model, notary model (bank-based) guaranteed return model, balance sheet model, and others. P2P lending platforms are heavily regulated and hence are not of primary concern herein. Online digital lending platforms engaged in consumer lending are of significance as they affect investor’s and borrowers’ interests and series of legal complexions arise owing to their agency lending models.[11] Therefore careful anatomy of these models is important for investors and consumer protection in India.

Should digital lending be regulated?

Under the current system, only banks, NBFCs, and money lenders can undertake lending activities. The regulated banks and NBFCs also undertake online consumer lending either through their website/platforms or through third-party lending platforms. These unregulated third-party digital lending platforms count on their sophisticated credit underwriting analytics software and engage in consumer lending services. Under the simplest version of the bank-based lending model, the fintech lending platform offers loan matching services but the loan is originated in books of a partnering bank or NBFC. Thus the platform serves as an agent that brings lenders (Financial institutions) and borrowers (customers) together. Therefore RBI has mandated fintech platforms has to abide by certain roles and responsibilities of Direct Selling Agent (DSA) as under Fair Practice Code ‘FPC’ and partner banks/NBFCs have to ensure Guidelines on Managing Risks and Code of Conduct in Outsourcing of Financial Service (‘outsourcing code’).[12] In the simplest of bank-based models, the banks bear the credit risk of the borrowers and the platform earns their revenues by way of fees and service charges on the transaction. Since banks and NBFCs are prudentially regulated and have to comply with Basel capital norms, there are not real systemic concerns.

However, the situation alters materially when such a third-party lending platform adopts balance sheet lending or guaranteed return models. In the former, the servicer platform retains part of the credit risk on its book and could also give some sort of loss support in form of a guarantee to its originating partner NBFC or bank.[13] While in the latter case it a pure guarantee where the third-party lending platform contractually promises returns on funds lent through their platforms. There is a devil in detailed scrutiny of these business models. We have earlier highlighted the regulatory issues in detail around fintech practices and app-based lending in our write up titled ‘Lender’s piggybacking: NBFCs lending on Fintech platforms’ gurantees’.

From the prudential regulation perspective in hindsight, banks, and NBFCs originating through these third-party lending platforms are not aware of the overall exposure of the platforms to the banking system. Hence there is a presence of counterparty default risk of the platform itself from the perspective of originating banks and NBFCs. In a real sense, there is a kind of tri-party arrangement where funds flow from ‘originator’ (regulated bank/NBFC) to the ‘platform’ (digital service provider) and ultimately to the ‘borrower'(Customer). The unregulated platform assumes the credit risk of the borrower, and the originating bank (or NBFC) assumes the risk of the unregulated lending platform.

Curbing unregulated lending

In the balance sheet and guaranteed return models, an undercapitalized entity takes credit risk. In the balance sheet model, the lending platform is directly taking the credit risk and may or may not have to get itself registered as NBFC with RBI. The registration requirement as an NBFC emanates if the financial assets and financial income of the platform is more than 50 % of its total asset and income of such business (‘principal business criteria’ see footnote 12). While in the guaranteed return model there is a form of synthetic lending and there is absolutely no legal requirement for the lending platform to get themselves registered as NBFC. The online lending platform in the guaranteed return model serves as a loan facilitator from origination to credit absorption. There is a regulatory arbitrage in this activity. Since technically this activity is not covered under the “financial activity” and the spread earned in not “financial income” therefore there is no requirement for these entities to get registered as NBFCs.[14]

Any sort of guarantee or loss support provided by the third-party lending platform to its partner bank/NBFC is a synthetic exposure. In synthetic lending, the digital lending platform is taking a risk on the underlying borrower without actually taking direct credit risk. Additionally, there are financial reporting issues and conflict of interest or misalignment of incentives, i.e. the entities do not have to abide by IND AS and can show these guarantees as contingent liabilities. On the contrary, they charge heavy interest rates from customers to earn a higher spread. Hence synthetic lending provides all the incentives for these third-party lending platforms to enter into risky lending which leads to the generation of sub-prime assets. The originating banks and NBFCs have to abide by minimum capital requirements and other regulatory norms. Hence the sub-prime generation of consumer credit loans is supplemented by heavy returns offered to the banks. It is argued that the guaranteed returns function as a Credit Default Swap ‘CDS’ which is not regulated as CDS. Thus the online lending platform escapes the regulatory purview and it is shown in the latter part this leads to poor credit discipline in consumer lending and consumer protection is often put on the back burner.

From the prudential regulation perspective restricting banks/NBFCs from undertaking any sort of guaranteed return or loss support protection, can curb the underlying emergence of systemic risk from counterparty default. While a legal stipulation to the effect that NBFCs/Banks lending through the third-party unregulated platform, to strictly lend independently i.e. on a non-risk sharing basis of the credit risk. Counterintuitively, the unregulated online lending platforms have to seek registration as an NBFC if they want to have direct exposure to the underlying borrower, subject to fulfillment of ‘principal business criteria’.[15] Such a governing framework will reduce the incentives for banks and NBFCs to exploit excessive risk-taking through this regulatory arbitrage opportunity.

Ensuring Fairness and Consumer Protection

There are serious concerns of fair dealing and consumer protection aspects that have arisen lately from digital online lending platforms. The loans outsourced by Banks and NBFCs over digital lending platforms have to adhere to the FPC and Outsourcing code.

The fairness in a loan transaction calls for transparent disclosure to the borrower all information about fees/charges payable for processing the loan application, disbursed, pre-payment options and charges, the penalty for delayed repayments, and such other information at the time of disbursal of the loan. Such information should also be displayed on the website of the banks for all categories of loan products. It may be mentioned that levying such charges subsequently without disclosing the same to the borrower is an unfair practice.[16]

Such a legal requirement gives rise to the age-old question of consumer law, yet the most debatable aspect. That mere disclosure to the borrower of the loan terms in an agreement even though the customer did not understand the underlying obligations is a fair contract (?) It is argued that let alone the disclosures of obligations in digital lending transactions, customers are not even aware of their remedies. Under the current RBI regulatory framework, they have the remedy to approach grievance redressal authorities of the originating bank/NBFC or may approach the banking ombudsman. However, things become even more peculiar in cases where loans are being sourced or processed through third-party digital platforms. The customers in the majority of the cases are unaware of the fact that the ultimate originator of the loan is a bank/NBFC. The only remedy for such a customer is to seek refuge under the Consumer Protection Act 2019 by way of proving the loan agreement is the one as ‘unfair contract’.

“2(46) “unfair contract” means a contract between a manufacturer or trader or service provider on one hand, and a consumer on the other, having such terms which cause significant change in the rights of such consumer, including the following, namely:— (i) requiring manifestly excessive security deposits to be given by a consumer for the performance of contractual obligations; or (ii) imposing any penalty on the consumer, for the breach of contract thereof which is wholly disproportionate to the loss occurred due to such breach to the other party to the contract; or (iii) refusing to accept early repayment of debts on payment of applicable penalty; or (iv) entitling a party to the contract to terminate such contract unilaterally, without reasonable cause; or (v) permitting or has the effect of permitting one party to assign the contract to the detriment of the other party who is a consumer, without his consent; or (vi) imposing on the consumer any unreasonable charge, obligation or condition which puts such consumer to disadvantage;

It is pertinent to note that neither the scope of consumer financial agreements is regulated in India, nor are the third-party digital lending platforms required to obtain authorisation from RBI. There are instances of high-interest rates and exorbitant fees charged by the online consumer lending platforms which are unfair and detrimental to customers’ interests. The current legislative framework provides that the NBFCs shall furnish a copy of the loan agreement as understood by the borrower along with a copy of each of all enclosures quoted in the loan agreement to all the borrowers at the time of sanction/disbursement of loans.[17] However, like the persisting problem in the EU 2008/48/EC directive, even FPC is not well placed to govern digital lending agreements and disclosures. Taking a queue from the problems recognised by the EU parliamentary committee report. There is no consumer benefit in an increasingly digital environment, especially in situations where there are fast and smooth credit-granting processes. The pre-contractual information on the disclosure of annualised interest rate and capping of the total cost to a customer in consumer credit loans is central to consumer protection.

The UK legislation has been pro-active in addressing the underlying unfair contractual concerns, by fixation of maximum daily interest rates and maximum default fees with an overall cost cap of 100% that could be charged in short-term high-interest rates loan agreements. It is argued that in this Laissez-faire world the financial services business models which are based on imposing an unreasonable charge, obligations that could put consumers to disadvantage should anyways be curbed. Therefore a legal certainty in this regard would save vulnerable customers to seek the consumer court’s remedy in case of usurious and unfair lending.

The master circular on loan and advances provide for disclosure of the details of recovery agency firms/companies to the borrower by the originating bank/NBFC.[18] Further, there is a requirement for such recovery agent to disclose to the borrower about the antecedents of the bank/NBFC they are recovering for.  However, this condition is barely even followed or adhered to and the vulnerable consumers are exposed to all sorts of threats and forceful tactics. As one could appreciate in jurisdictions of the US, UK, Australia discussed above, consumer lending and ancillary services are under the purview of concerned regulators. From the customer protection perspective, at least some sort of authorization or registration requirement with the RBI to keep the check and balances system in place is important for consumer protection. The loan recovery business is sensitive hence there is a need for a proper guiding framework and/or registration requirement of the agents acting as recovery agents on behalf of banks/NBFCs. The mere registration requirement and revocation of same in case of unprofessional activities will serve as a stick to check their consumer dealing practices.

The financial services intermediaries (other than Banks/NBFCs) providing services like credit broking, debt adjusting, debt collection, debt counselling, credit information, debt administration, credit referencing to be licensed by the regulator. The banks/NBFCs dealing with the licensed market intermediaries would go much farther in the successful implementation of FPC and addressing consumer protection concerns from the current system.

Conclusion

From the perspective of sound financial markets and fair consumer practices, it is always prudent to allow only those entities in credit lending businesses that are best placed to bear the credit risk and losses emanating from them. Thus, there is a dearth of a comprehensive legislative framework in consumer lending from origination to debt collection and its administration including the business of providing credit references through digital lending platforms. There may not be a material foreseeable requirement for regulating digital lending platforms completely. However, there is a need to curb synthetic lending by third-party digital lending platforms. Since a risk-taking entity without adequate capitalization will tend to get into generating risky assets with high returns. The off-balance sheet guarantee commitments of these entities force them to be aggressive towards their customers to sustain their businesses. This write-up has explored various regulatory approaches, where jurisdictions like the US and UK, and Australia being the good comparable in addressing consumer protection concerns emanating from online digital lending platforms. Henceforth, a well-framed consumer protection system especially in financial products and services would go much farther in the development and integration of credit through digital lending platforms in the economy.

 

[1] Reserve Bank of India – Press Releases (rbi.org.in), dated January 13, 2020

[2] Digital lending Association of India, Code of Conduct available at https://www.dlai.in/dlai-code-of-conduct/

[3] Rohit Nalawade Vs. State of Maharashtra High Court of Bombay Criminal Application (APL) NO. 1052 OF 2018 < https://images.assettype.com/barandbench/2021-01/cf03e52e-fedd-4a34-baf6-25dbb55dbf29/Rohit_Nalawade_v__State_of_Maharashtra___Anr.pdf>

[4] https://www.occ.gov/topics/supervision-and-examination/responsible-innovation/comments/pub-special-purpose-nat-bank-charters-fintech.pdf

[5]  12 USC 5514(a); Pay day loans are the short term, high interest bearing loans that are generally due on the consumer’s next payday after the loan is taken.

[6] EU, ‘Report from the Commission to the European Parliament and the Council: on the implementation of Directive 2008/48/EC on credit agreement for consumers’, dated November, 05, 2020, available at < https://ec.europa.eu/transparency/regdoc/rep/1/2020/EN/COM-2020-963-F1-EN-MAIN-PART-1.PDF>

[7] https://asic.gov.au/for-finance-professionals/credit-licensees/applying-for-and-managing-your-credit-licence/faqs-getting-a-credit-licence/

[8] FCA guide to consumer credit firms, available at < https://www.fca.org.uk/publication/finalised-guidance/consumer-credit-being-regulated-guide.pdf>

[9] FCA, ‘Detailed rules for price cap on high-cost short-term credit’, available at < https://www.fca.org.uk/publication/policy/ps14-16.pdf>

[10] FCA, Credit Broking and fees, available at < https://www.fca.org.uk/publication/policy/ps14-18.pdf>

[11] Bank of International Settlements ‘FinTech Credit : Market structure, business models and financial stability implications’, 22 May 2017, FSB Report

[12] See our write up on ‘ Extension of FPC on lending through digital platforms’ , available at < http://vinodkothari.com/2020/06/extension-of-fpc-on-lending-through-digital-platforms/>

[13] Where the unregulated platform assumes the complete credit risk of the borrower there is no interlinkage with the partner bank and NBFC. The only issue that arises is from the registration requirement as NBFC which we have discussed in the next section. Also see our write up titled ‘Question of Definition: What Exactly is an NBFC’ available at http://vinodkothari.com/nbfcs/definition-of-nbfcs-concept-of-principality-of-business/

[14] The qualifying criteria to register as an NBFC has been discussed in our write up titled ‘Question of Definition: What Exactly is an NBFC’ available at http://vinodkothari.com/nbfcs/definition-of-nbfcs-concept-of-principality-of-business/

[15] see our write up titled ‘Question of Definition: What Exactly is an NBFC’ available at http://vinodkothari.com/nbfcs/definition-of-nbfcs-concept-of-principality-of-business/

[16] Para 2.5.2, RBI Guidelines on Fair Practices Code for Lender

[17] Para 29 of the guidelines on Fair Practices Code, Master Direction on systemically/non-systemically important NBFCs.

[18] Para 2.6, Master Circular on ‘Loans and Advances – Statutory and Other Restrictions’ dated July 01, 2015;

 

Our Other Related Write-Ups

Lenders’ piggybacking: NBFCs lending on Fintech platforms’ guarantees – Vinod Kothari Consultants

Extension of FPC on lending through digital platforms – Vinod Kothari Consultants

Fintech Framework: Regulatory responses to financial innovation – Vinod Kothari Consultants

One-stop guide for all Regulatory Sandbox Frameworks – Vinod Kothari Consultants

 

Banking exposure to open the current account by the banks

-Siddarth Goel (finserv@vinodkothari.com)

Background

Declaration from current account customers

The RBI issued a circular dated August 06, 2020, whereby the regulator instructed all scheduled commercial banks and payments banks shall not open a current account for customers who have availed credit facilities in form of cash credit (CC)/overdraft (OD) from the banking system. The motive behind the circular being that all the transactions of borrowers should be routed through the CC/OD account.

The genesis of this circular was in RBI circular dated May 15, 2004, where banks were advised that at the time of opening of current accounts for their customers, they have to insist on a declaration form by the account-holder to the effect that he is not enjoying any credit facility with any other bank or obtain a declaration giving particulars of credit facilities enjoyed by such customer. The move was in essence to secure the overall credit discipline in banking so that there is no diversion of funds by the borrowers to the detriment of the banking system. Post-May 15, 2004, a clarification notification was issued by the regulator dated August 04, 2004, stipulating that in case there is no response obtained concerning NOC after waiting a minimum period of a fortnight, the banks may open current accounts of the customers.

Thus there was an obligation on banks to scrupulously ensure that their branches do not open current accounts of entities that enjoy credit facilities (fund based or non-fund based) from the banking system without specifically obtaining a No-Objection Certificate (NOC) from the lending bank(s). Further, the non-adherence by banks as per the circular is to be perceived as abetting the siphoning of funds and such violations which are either reported to RBI or noticed during the regulator inspection would make the concerned banks liable for penalty under Banking Regulation Act.

Establishment of CRILC

The RBI established a Central Repository of Information on Large Credits (CRILC). The CRILC was established in connection to the RBI framework “Early Recognition of Financial Distress, Prompt Steps for Resolution and Fair Recovery for Lenders: Framework for Revitalising Distressed Assets in the Economy“. As under the framework banks were required to furnish credit information to CRILC on all their borrowers having aggregate fund-based and non-fund based exposure of Rs. 5 Crores and above with them. Besides banks were required to furnish current accounts of their customers with outstanding balance (debit or credit) of Rs 1 Crore and above to the CRILC. The reporting under the extant framework was to determine SMA-0 classification, where the principal or interest payment is not overdue for more than 30 days but account showing signs of stress. An increase in the frequency of overdrafts in current accounts is one of the illustrative methods for determining stress.

Reposting of large credits

Post establishment of CRILC, a subsequent guideline on the opening of current accounts by banks was issued by the RBI via circular dated July 02, 2015, dealing with the same subject. To enhance credit discipline, especially for the reduction in NPA level in banks, banks were asked to use the information available in CRILC and not limit their due diligence to seeking NOC. Banks were to verify from the data available in the CRILC database whether the customer is availing of credit facility from another bank.

The chart below highlights the series and events and relevant circulars.

Credit Discipline- August 06, 2020 Circular

As per the circular dated August 06, 2020, issued by the regulator on Opening of Current Accounts by Banks – Need for Discipline (‘Revised Guidelines’), there are two aspects that need to be considered before opening a CC/OD facility or opening the current account of the customer. The Revised Guidelines provides a clear guiding flowchart for banks to follow when the customer approaches a bank for opening of the current account, the same has been categorised into two scenarios which could be considered by the banks to comply with the revised guideline.

Case 1: Customer wants to avail or is already having a credit facility in form of CC/OD

Case 2: Customer wants to open a current account or have an existing current account with the bank

 

Further, there is a requirement on banks to monitor all CC/OD accounts regularly at least quarterly, especially concerning the exposure of the banking system to the borrower. There has been an ambiguity surrounding what would amount to ‘exposure’ under the Revised Guidelines.

‘Exposure to the banking system’ under Revised Guidelines

The Revised Guidelines provides that exposure shall mean the sum of sanctioned ‘fund based and non-fund based credit facilities’. However, there is a regulatory ambiguity, since neither the term used by the RBI has been specifically defined in the Revised Guideline nor elsewhere under any other regulations. There is no straight jacket exclusive definition for determining as to what exposure banks should include determining funded and non-funded credit facilities. Therefore, based on back-tracing of regulatory regime an inclusive list can be of guidance for banks and borrowers especially large borrowers (like NBFCs and HFCs) and other financial institutions and corporates who rely on banking facilities (current account and CC/OD) extensively for their business.

The CRILC may not be the only source for banks while the collection of borrower’s credit information. Other modes could be information by Credit Information Companies (CICs), National E-Governance Services Ltd. (NeSL), etc., and even by obtaining customers’ declaration, if required. However, since the revised guideline stresses on borrowers having exposure more than 5 crores, therefore, information disseminated by the banks to CRILC is a good point to start with and to comply with under the revised guidelines. The circular dated July 02, 2015, draws reference to the Central Repository of Information on Large Credits (CRILC) to collect, store, and disseminate data on all borrowers’ credit exposures. The guideline further provided banks to verify the data available in the CRILC database whether the customer is availing credit facility from another bank. Further even under the Guidelines on “Early Recognition of Financial Distress, Prompt Steps for Resolution and Fair Recovery for Lenders” dated January 30, 2014, provided that credit information shall include all types of exposures as defined under RBI Circular on Exposure Norms.

The RBI Exposure Norms dated July 01, 2015, defines exposure as;

“Exposure shall include credit exposure (funded and non-funded credit limits) and investment exposure (including underwriting and similar commitments). The sanctioned limits or outstandings, whichever are higher, shall be reckoned for arriving at the exposure limit. However, in the case of fully drawn term loans, where there is no scope for re-drawal of any portion of the sanctioned limit, banks may reckon the outstanding as the exposure.”

The banking exposure norms provide for two exposures; namely credit and investment exposures. Further RBI Exposure Norms defines ‘credit exposure’ and ‘Investment Exposure’ as follows;

“2.1.3.3. Credit Exposure

Credit exposure comprises the following elements:

(a) all types of funded and non-funded credit limits.

(b) facilities extended by way of equipment leasing, hire purchase finance and factoring services.

2.1.3.4 Investment Exposure

  1. a) Investment exposure comprises the following elements:

(i) investments in shares and debentures of companies.

(ii) investment in PSU bonds

(iii) investments in Commercial Papers (CPs).

  1. b) Banks’ / FIs’ investments in debentures/ bonds / security receipts / pass-through certificates (PTCs) issued by an SC / RC as compensation consequent upon sale of financial assets will constitute exposure on the SC / RC. In view of the extraordinary nature of the event, banks / FIs will be allowed, in the initial years, to exceed the prudential exposure ceiling on a case-to-case basis.
  2. c) The investment made by the banks in bonds and debentures of corporates which are guaranteed by a PFI1(as per list given in Annex 1) will be treated as an exposure by the bank on the PFI and not on the corporate.
  3. d) Guarantees issued by the PFI to the bonds of corporates will be treated as an exposure by the PFI to the corporates to the extent of 50 per cent, being a non-fund facility, whereas the exposure of the bank on the PFI guaranteeing the corporate bond will be 100 per cent. The PFI before guaranteeing the bonds/debentures should, however, take into account the overall exposure of the guaranteed unit to the financial system.”

The Revised Guidelines, specifically define exposure in a footnote to the revised guideline stipulating that to arrive at aggregate exposures in the footnote as follows;

“‘Exposure’ for the purpose of these instructions shall mean sum of sanctioned fund based and non-fund based credit facilities”.

Further the RBI in its subsequent FAQs on revised guidelines dated December 14, 2020, guided on what could be included in aggregate exposure.

4. Whether aggregate exposure shall include Day Light Over Draft (DLOD)/ intra-day facilities and irrevocable payment commitments, limits set up for transacting in FX and interest rate derivatives, CPs, etc.

All fund based and non-fund based credit facilities sanctioned by the banks and carried in their Indian books shall be included for the purpose of aggregate exposure.”

Further in FAQ No. 3 in the circular dated December 14, 2020, the RBI clarified that

3. For the purpose of this circular, whether exposure of non-banking financial companies (NBFCs) and other financial institutions like National Housing Bank (NHB) shall be included in computing aggregate exposure of the banking system.

The instructions are applicable to Scheduled Commercial Banks and Payments Banks. Accordingly, the aggregate exposure for the purpose shall include exposures of these banks only”

While the regulator evaded assigning express meaning as to what could be included while determining banking exposure and took an inclusive view. However, from the foregoing, it is amply clear that the credit facilities should include credit exposures (funded and not funded) that have been sanctioned by banks. Therefore, only exposures to banks and payments banks are to be included while calculating exposures, any or all the exposure of a borrower to the other financial institutions like NHB, LIC Housing, SIDBI, NABARD, Mutual funds & other development Banks are neither commercial banks nor payments banks hence are to be excluded. [The list of licensed payments banks by the RBI can be viewed here. ]

CIRLC captures credit information of borrowers having aggregate fund-based and non-fund based exposures of Rs. 5 Crores and above including investment exposures. The banks are required to submit a quarterly return to CIRLC. It is pertinent to note that total investment exposure is to be indicated separately under the head total investment exposure. While there is a need for a detailed breakup on fund-based and non-fund based credit facilities in the CIRLC return. The table below is an indicative list of (funded and non-funded) loans to be submitted from the CIRLC return.

 

Non-Funded credit exposure  Funded credit exposure
Letter of Credit Cash Credit/ Overdraft
Guarantees Working Capital Demand Loan (including CPs)*
Acceptances Inland Bills
Foreign Exchange Contracts Packing Credit
Interest Rate Derivatives (incl FX Interest Rate Derivatives) Export Bills
Term Loan
Credit equivalent of OBS/derivative exposure

*CP to be included in WCDL only if part of working capital sanctioned limit. All other CPs are to be considered as investment exposure.

Therefore, all the investment exposures of banks to the borrower such as investments in corporate bonds, shares, PTCs issued by asset reconstruction companies and securitisation companies, and others are to be excluded while arriving at aggregate fund-based and non-fund based credit facilities as under the Revised Guidelines. Nevertheless, the PTCs issued by NBFCs or HFCs are investment exposure of banks on the underlying loan pools and not on the originator entity. Similarly, exposure of a bank in a co-lending transaction is exposure on the ultimate obligor and not the co-originating partner NBFC.

 

 

Our Other Related Articles

Banking Regulation (Amendment) Ordinance By Vallari Dubey – Vinod Kothari Consultants

RBI guidelines on governance in commercial banks – Vinod Kothari Consultants

RBI proposes to strengthen governance in Banks – Vinod Kothari Consultants

Credit Cards Business- Regulatory nuances from issuance to co-branding

Framework for authorisation of pan-India Umbrella Entity for Retail Payments

-Kanakprabha Jethani (kanak@vinodkothari.com)

Recent Trends in Crypto-Industry: India & Abroad

-Megha Mittal

(mittal@vinodkothari.com)

“Opportunity amidst tragedy” would likely be the most suitable phrase to summarise the journey of cryptos during the Global Pandemic- with disruption taking a toll on people and economies, and physical proximities massively restrictred, cryptos have outshone traditional assets, by virtue of its inherent features- easy liquidity, access and digitalisation.

Further, as countries around the globe attempt to stimulate their economies by opening floodgates of liquid funds, the ‘digital natives’ have and are expected to increasingly venture into adventure-some investments- think, cryptos. And while such adventurous investing may be short-lived, the results may infact have a long-lasting impact- it is this expected impact that has sets the ‘bull’ stage for cryptos in times to come.

In this brief note, we cover the recent highlights and developments in the crypto-industry, also discussing developments in the relatively new concepts of stablecoins, crypto-lending.

Read more

Extension of FPC on lending through digital platforms

A new requirement or reiteration by the RBI?

– Anita Baid (finserv@vinodkothari.com)

Ever since its evolution, the basic need for fintech entities has been the use of electronic platforms for entering into financial transactions. The financial sector has already witnessed a shift from transactions involving huge amount of paper-work to paperless transactions[1]. With the digitalization of transactions, the need for service providers has also seen a rise. There is a need for various kinds of service providers at different stages including sourcing, customer identification, disbursal of loan, servicing and maintenance of customer data. Usually the services are being provided by a single platform entity enabling them to execute the entire transaction digitally on the platform or application, without requiring any physical interaction between the parties to the transaction.

The digital application/platform based lending model in India works as a partnership between a tech platform entity and an NBFC. The technology platform entity or fintech entity manages the working of the application or website through the use of advanced technology to undertake credit appraisals, while the financial entity, such as a bank or NBFC, assumes the credit risk on its balance sheet by lending to the customers who use the digital platform[2].

In recent times many digital platforms have emerged in the financial sector who are being engaged by banks and NBFCs to provide loans to their customers. Most of these platforms are not registered as P2P lending platform since they assist only banks, NBFCs and other regulated AIFIs to identify borrowers[3]. Accordingly, electronic platforms serving as Direct Service Agents (DSA)/ Business Correspondents for banks and/or NBFCs fall outside the purview of the NBFC-P2P Directions. Banks and NBFCs have th following options to lend-

  1. By direct physical interface or
  2. Through their own digital platforms or
  3. Through a digital lending platform under an outsourcing arrangement.

The digitalization of credit intermediation process though is beneficial for both borrowers as well as lenders however, concerns were raised due to non-transparency of transactions and violation of extant guidelines on outsourcing of financial services and Fair Practices Code[4]. The RBI has also been receiving several complaints against the lending platforms which primarily relate to exorbitant interest rates, non-transparent methods to calculate interest, harsh recovery measures, unauthorised use of personal data and bad behavior. The existing outsourcing guidelines issued by RBI for banks and NBFCs clearly state that the outsourcing of any activity by NBFC does not diminish its obligations, and those of its Board and senior management, who have the ultimate responsibility for the outsourced activity. Considering the same, the RBI has again emphasized on the need to comply with the regulatory instructions on outsourcing, FPC and IT services[5].

We have discussed the instructions laid down by RBI and the implications herein below-

Disclosure of platform as agent

The RBI requires banks and NBFCs to disclose the names of digital lending platforms engaged as agents on their respective website. This is to ensure that the customers are aware that the lender may approach them through these lending platforms or the customer may approach the lender through them.

However, there are arrangements wherein the platform is not appointed as an agent as such. This is quite common in case of e-commerce website who provide an option to the borrower at the time of check out to avail funding from the listed banks or NBFCs. This may actually not be regarded as outsourcing per se since once the customer selects the option to avail finance through a particular financial entity, they are redirected to the website or application of the respective lender. The e-commerce platform is not involved in the entire process of the financial transaction between the borrower and the lender. In our view, such an arrangement may not be required to be disclosed as an agent of the lender.

Disclosure of lender’s name

Just like the lender is required to disclose the name of the agent, the agent should also disclose the name of the actual lender. RBI has directed the digital lending platforms engaged as agents to disclose upfront to the customer, the name of the bank or NBFC on whose behalf they are interacting with them.

Several fintech platforms are involved in balance sheet lending. Here, the lending happens from the balance sheet of the lender however, the fintech entity is the one assuming the risk associated with the transaction. Lender’s money is used to lend to customers which shows up as an asset on the balance sheet of the lending entity. However, the borrower may not be aware about who the actual lender is and sees the platform as the interface for providing the facility.

Considering the risk of incomplete disclosure of facts the RBI mandates the disclosure of the lender’s name to the borrower. In this regard, the loan agreement or the GTC must clearly specify the name of the actual lender and in case of multiple lender, the name along with the loan proportion must be specified.

Issuance of sanction letter

Another requirement prescribed by the RBI is that immediately after sanction but before execution of the loan agreement, a sanction letter should be issued to the borrower on the letter head of the bank/ NBFC concerned.

Issue a sanction letter to the borrower on the letterhead of the NBFC may seem illogical since the lending happens on the online platform. The sanction letter may be shared either through email or vide an in-app notification or otherwise. Such sanction letter shall be issued on the platform itself immediately after sanction but before execution of the loan agreement.

Further, the FPC requires lender NBFCs to display annualised interest rates in all their communications with the borrowers. However, most of the NBFCs show monthly interest rates in the name of their ‘marketing strategy’. This practice though have not been highlighted by the RBI must be taken seriously.

Sharing of loan agreement

The FPC laid down by RBI requires that a copy of the loan agreement along with a copy each of all enclosures quoted in the loan agreement must be furnished to all borrowers at the time of sanction/ disbursement of loans. However, in case of lending done over electronic platforms there is no physical loan agreement that is executed.

Given that e-agreements are generally held as valid and enforceable in the courts, there is no such insistence on execution of physical agreements. The electronic execution versions are more feasible in terms of cost and time involved. In fact in most of the cases, the loan agreements are mere General Terms and Conditions (GTC) in the form of click wrap agreements.

Usually, the terms and conditions of the loan or the GTC is displayed on the platform wherein the acceptance of the borrower is recorded. In such a circumstance, necessary arrangements should be made for the borrower to peruse the loan agreement at any time. The loan agreement may also be in the form of a mail containing detailed terms and conditions, along with an option for the borrower to accept the same.

The requirement from compliance perspective is to ensure that the borrower has access to the executed loan agreement and all the terms and conditions pertaining to the loan are captured therein.

Monitoring by the lender

Effective oversight and monitoring should be ensured over the digital lending platforms engaged by the banks/ NBFCs. As RBI does not regulate the platform entities, hence the only way to regulate the transaction is though the lenders behind these platforms.

The outsourcing guidelines require the retention of ultimate control of the outsourced activity with the lender. Further, the platform should not impede or interfere with the ability of the NBFC to effectively oversee and manage its activities nor shall it impede the RBI in carrying out its supervisory functions and objectives. These should be captured in the servicing agreement as well as be implemented practically.

Grievance Redressal Mechanism (GRM)

Much of the new-age lending is enabled by automated lending platforms of fintech companies. The fintech company is the sourcing partner, and the NBFC is the funding partner. However, the grievance of the customer may range from issue with the usage of platform to the non-disclosure of the terms of loan.

A challenge that may arise is to segregate the grievance on the basis of who is responsible for the same- the platform or the lender. There must be proper mechanism to ensure such segregation and adequate efforts shall be made towards creation of awareness about the grievance redressal mechanism.

[1] Read our detailed write up here- http://vinodkothari.com/2020/03/moving-to-contactless-lending/

[2] Read our detailed write up here- http://vinodkothari.com/2020/03/fintech-regulatory-responses-to-finnovation/

[3] RBI’s FAQs on P2P lending platform- https://www.rbi.org.in/Scripts/FAQView.aspx?Id=124

[4] Read our detailed write up here- http://vinodkothari.com/2019/09/the-cult-of-easy-borrowing/

[5] https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11920&Mode=0

 

 

The Rise of Stablecoins amidst Instability

-Megha Mittal

(mittal@vinodkothari.com

The past few years have witnessed an array of technological developments and innovations, especially in Fintech; and while the world focused on Bitcoins and other cryptos, a new entrant ‘Stablecoin’ slowly crept its way into the limelight. With the primary motive of shielding its users from the high volatility associated with cryptos, and promises of boosting cross-border payments and remittance, ‘Stablecoins’ emerged in 2018, and now have become the focal point of discussion of several international bodies including the Financial Standards Board (FSB), G20, Financial Action Task Force (FATF) and International Organization of Securities Commission (IOSCO).

Additionally, the widespread notion that the desperate need of cross-border payments and remittances during the ongoing COVID-crisis may prove to be a defining moment for stablecoins, has drawn all the more attention towards the need of establishing regulations and legal framework pertaining to Stablecoins.

In this article, we shall have an insight as to what Stablecoins, (Global Stable Coinss) are, its modality, its current status of acceptance by the international bodies, and how the ongoing COVID crisis, may act as a catalyst for its rise.

Read more

Moving to contactless lending, in a contact-less world

-Kanakprabha Jethani (kanak@vinodkothari.com)

Background

With the COVID-19 disruption taking a toll on the world, almost two billion people – close to a third of the world’s population being  restricted to their homes, businesses being locked-down and work-from home becoming a need of the hour; “contactless” business is what the world is looking forward to. The new business jargon “contactless” means that the entire transaction is being done digitally, without requiring any of the parties to the transaction interact physically. While it is not possible to completely digitise all business sectors, however, complete digitisation of certain financial services is well achievable.

With continuous innovations being brought up, financial market has already witnessed a shift from transactions involving huge amount of paper-work to paperless transactions. The next steps are headed towards contactless transactions.

The following write-up intends to provide an introduction to how financial market got digitised, what were the by-products of digitisation, impact of digitisation on financial markets, specifically FinTech lending segment and the way forward.

Journey of digitisation

Digitisation is preparing financial market for the future, where every transaction will be contactless. Financial entities and service providers have already taken steps to facilitate the entire transaction without any physical intervention. Needless to say, the benefits of digitisation to the financial market are evident in the form of cost-efficiency, time-saving, expanded outreach and innovation to name a few.

Before delving into how financial entities are turning contactless, let us understand the past and present of the financial entities. The process of digitisation leads to conversion of anything and everything into information i.e. digital signals. The entire process has been a long journey, having its roots way back in 1995, when the Internet was first operated in India followed by the first use of the mobile phones in 2002 and then in 2009 the first smartphones came into being used. It is each of these stages that has evolved into this all-pervasive concept called digitisation.

Milestones in process of digitisation

The process of digitization has seen various phases. The financial market, specifically, the NBFCs have gone through various phases before completely guzzling down digitization. The journey of NBFCs from over the table executions to providing completely contactless services has been shown in the figure below:

From physical to paperless to contactless: the basic difference

Before analysing the impact of digitisation on the financial market, it is important to understand the concept of ‘paperless’ and ‘contactless’ transactions. In layman terms, paperless transactions are those which do not involve execution of any physical documents but physical interaction of the parties for purposes such as identity verification is required. The documents are executed online via electronic or digital signature or through by way of click wrap agreements.

In case of contactless transactions, the documents are executed online and identity verification is also carried out through processes such as video based identification and verification. There is no physical interaction between parties involved in the transaction.

The following table analyses the impact of digitisation on financial transactions by demarcating the steps in a lending process through physical, paperless and contactless modes:

 

Stages Physical process Paperless process Contactless process
Sourcing the customer The officer of NBFC interacts with prospective applicants The website, app or platform (‘Platform’) reaches out to the public to attract customers or the AI based system may target just the prospective customers Same as paperless process
Understanding needs of the customer The authorised representative speaks to the prospects to understand their financial needs The Platform provides the prospects with information relating to various products or the AI system may track and identify the needs Same as paperless process
Suggesting a financial product Based on the needs the officer suggests a suitable product Based on the analysis of customer data, the system suggests suitable product Same as paperless process
Customer on-boarding Customer on-boarding is done upon issue of sanction letter The basic details of customer are obtained for on-boarding on the Platform Same as paperless process
Customer identification The customer details and documents are identified by the officer during initial meetings Customer Identification is done by matching the details provided by customer with the physical copy of documents Digital processes such as Video KYC are used carry out customer identification
Customer due-diligence Background check of customer is done based on the available information and that obtained from the customer and credit information bureaus Information from Credit Information Agencies, social profiles of customer, tracking of communications and other AI methods etc. are used to carry out due diligence Same as paperless process
Customer acceptance On signing of formal agreement By clicking acceptance buttons such as ‘I agree’ on the Platform or execution through digital/electronic signature Same as paperless process
Extending the loan The loan amount is deposited in the customer’s bank account The loan amount is credited to the wallet, bank account or prepaid cards etc., as the case may be Same as paperless process
Servicing the loan The authorised representatives ensures that the loan is serviced Recovery efforts are made through nudges on Platform. Physical interaction is the last resort Same as paperless process. However, physical interaction for recovery may not be desirable.
Customer data maintenance After the relationship is ended, physical files are maintained Cloud-based information systems are the common practice Same as paperless process

The manifold repercussions

The outcome of digitisation of the financial markets in India, was a land of opportunities for those operating in financial market, it has also wiped off those who couldn’t keep pace with technological growth. Survival, in financial market, is driven by the ability to cope with rapid technological advancements. The impact of digitisation on financial market, specifically lending related services, can be analysed in the following phases:

Payments coming to online platforms

With mobile density in India reaching to 88.90% in 2019[1], the adoption of digital payments have accelerated in India, showing a rapid growth at a CAGR of 42% in value of digital payments. The value of digital payments to GDP rose to 862% in the FY 2018-19.

Simultaneously, of the total payments made up to Nov 2018, in India, the value of cash payments stood at a mere 19%. The shift from cash payments to digital payments has opened new avenues for financial service providers.

Need for service providers

With everything coming online, and the demand for digital money rising, the need for service providers has also taken birth. Services for transitioning to digital business models and then for operating them are a basic need for FinTech entities and thus, there is a need for various kinds of service providers at different stages.

Deliberate and automatic generation of demand

When payments system came online, financial service providers looked for newer ways of expanding their business. But the market was already operating in its own comfortable state. To disrupt this market and bring in something new, the FinTech service providers introduced the idea of easy credit to the market. When the market got attracted to this idea, digital lending products were introduced. With time, add-ons such as backing by guarantee, indemnity, FLDG etc. were also introduced to these products.

Consequent to digital commercialization, the need for payment service providers also generated automatically and thus, leading to the demand for digital payment products.

Opportunities for service providers

With digitization of non-banking financial activities, many players have found a place for themselves in financial markets and around. While the NBFCs went digital, the advent of digitization also became the entry gate to other service providers such as:

Platform service providers:

In order to enable NBFCs to provide financial services digitally, platform service providers floated digital platforms wherein all the functions relating to a financial transaction, ranging from sourcing of the customer, obtaining KYC information, collating credit information to servicing of the customer etc.

Software as a Service (SaaS) providers:

Such service providers operate on a business model that offers software solutions over the internet, charging their customers based on the usage of the software. Many of the FinTech based NBFCs have turned to such software providers for operating their business on digital platforms. Such service providers also provide specific software for credit score analysis, loan process automation and fraud detection etc.

Payment service providers:

For facilitating transactions in digital mode, it is important that the flow of money is also digitized. Due to this, the demand for payment services such as payments through cards, UPI, e-cash, wallets, digital cash etc. has risen. This demand has created a new segment of service providers in the financial sector.

NBFCs usually enter into partnerships with platform service providers or purchase software from SaaS providers to digitize their business.

Heads-up from the regulator

The recent years have witnessed unimaginable developments in the FinTech sector. Innovations introduced in the recent times have given birth to newer models of business in India. The ability to undertake paperless and contactless transactions has urged NBFCs to achieve Pan India presence. The government has been keen in bringing about a digital revolution in the country and has been coming up with incentives in forms of various schemes for those who shift their business to digital platforms. Regulators have constantly been involved in recognising digital terminology and concepts legally.

In Indian context, innovation has moved forward hand-in-hand with regulation[2]. The Reserve Bank of India, being the regulator of financial market, has been a key enabler of the digital revolution. The RBI, in its endeavor to support digital transactions has introduced many reforms, the key pillars amongst which are – e-KYC (Know Your Customer), e-Signature, Unified Payment Interface (UPI), Electronic NACH facility and Central KYC Registry.

The regulators have also introduced the concept of Regulatory Sandbox[3] to provide innovative business models an opportunity to operate in real market situations without complying with the regulatory norms in order to establish viability of their innovation.

While these initiatives and providing legal recognition to electronic documents did bring in an era of paperless[4] financial transactions, the banking and non-banking segment of the market still involved physical interaction of the parties to a transaction for the purpose of identity verification. Even the digital KYC process specified by the regulator was also a physical process in disguise[5].

In January 2020, the RBI gave recognition to video KYC, transforming the paperless transactions to complete contactless space[6].

Further, the RBI is also considering a separate regime for regulation of FinTech entities, which would be based on risk-based regulation, ranging from “Disclosure” to “Light-Touch Regulation & Supervision” to a “Tight Regulation and Full-Fledged Supervision”.[7]

Way forward

2019 has seen major revolutions in the FinTech space. Automation of lending process, Video KYC, voice based verification for payments, identity verification using biometrics, social profiling (as a factor of credit check) etc. have been innovations that has entirely transformed the way NBFCs work.

With technological developments becoming a regular thing, the FinTech space is yet to see the best of its innovations. A few innovations that may bring a roundabout change in the FinTech space are in-line and will soon be operable. Some of these are:

  • AI-Driven Predictive Financing, which has the ability to find target customers, keep track on their activities and identify the accurate time for offering the product to the customer.
  • Enabling recognition of Indian languages in the voice recognition feature of verification.
  • Introduction of blockchain based KYC, making KYC data available on a permission based-decentralised platform. This would be a more secure version of data repository with end-to-end encryption of KYC information.
  • Introduction of Chatbots and Robo-advisors for interacting with customers, advising suitable financial products, on-boarding, servicing etc. Robots with vernacular capabilities to deal with rural and semi-urban India would also be a reality soon.

Conclusion

Digital business models have received whole-hearted acceptance from the financial market. Digitisation has also opened gates for different service providers to aid the financial market entities. Technology companies are engaged in constantly developing better tools to support such businesses and at the same time the regulators are providing legal recognition to technology and making contactless transactions an all-round success. This is just the foundation and the financial market is yet to see oodles of innovation.

 

 

[1] https://www.rbi.org.in/Scripts/PublicationsView.aspx?id=19417

[2] https://www.bis.org/publ/bppdf/bispap106.htm

[3] Our write on Regulatory Sandboxes can be referred here- http://vinodkothari.com/2019/04/safe-in-sandbox-india-provides-cocoon-to-fintech-start-ups/

[4] Paperless here means paperless digital financial transactions

[5] Our write-up on digital KYC process may be read here- http://vinodkothari.com/2019/08/introduction-of-digital-kyc/

[6]Our write-up on amendments to KYC Directions may be read here: http://vinodkothari.com/2020/01/kyc-goes-live-rbi-promotes-seamless-real-time-secured-audiovisual-interaction-with-customers/

[7] https://rbidocs.rbi.org.in/rdocs/PublicationReport/Pdfs/WGFR68AA1890D7334D8F8F72CC2399A27F4A.PDF

 

RBI to regulate operation of payment intermediaries

Guidelines on regulation of Payment Aggregators and Payment Gateways issued

-Mridula Tripathi (finserv@vinodkothari.com)

Background

In this era of digitalisation, the role of intermediaries who facilitate the payments in an online transaction has become pivotal. These intermediaries are a connector between the merchants and customers, ensuring the collection and settlement of payment. In the absence of any direct guidelines and adequate governance practices regulating the operations of these intermediaries, there was a need to review the existing instructions issued in this regard by the RBI. Thus, the need of regulating these intermediaries has been considered cardinal by the regulator.

RBI had on September 17, 2019 issued a Discussion Paper on Guidelines for Payment Gateways and Payment Aggregators[1] covering the various facets of activities undertaken by Payment Gateways (PGs) and Payment Aggregators (PAs) (‘Discussion Paper’). The Discussion Paper further explored the avenues of regulating these intermediaries by proposing three options, that is, regulation with the extant instructions, limited regulation or full and direct regulation to supervise the intermediaries.

In this regard, the final guidelines have been issued by the RBI on March 17, 2020 which shall be effective from April 1, 2020[2], for regulating the activities of PAs and providing technology-related recommendations to PGs (‘Guidelines’).

In this article we shall discuss the concept of Payment Aggregator and Payment Gateway. Further, we intend to cover the applicability, eligibility norms, governance practices and reporting requirements provided in the aforesaid guidelines.

Concept of Payment Aggregators and Payment Gateways

In common parlance Payment Gateway can be understood as a software which enables online transactions. Whenever the e-interface is used to make online payments, the role of this software infrastructure comes into picture. Thinking of it as a gateway or channel that opens whenever an online transaction takes place, to traverse money from the payer’s credit cards/debit cards/ e-wallets etc to the intended receiver.

Further, the role of a Payment Aggregator can be understood as a service provider which includes all these Payment Gateways. The significance of the Payment Aggregators lies in the fact that Payment Gateway is a mere technological base which requires a back-end operator and this role is fulfilled by the Payment Aggregator.

A merchant (Seller) providing goods/services to its target customer would require a Merchant Account opened with the bank to accept e-payment. Payment Aggregator can provide the same services to several merchants through one escrow account without the need of opening multiple Merchant Accounts in the bank for each Merchant.

The concept of PA and PG as defined by the RBI is reproduced herein below:

PAYMENT AGGREGATORS (PAs) means the entities which enable e-commerce sites and merchants to meet their payment obligation by facilitating various payment options without creation of a separate payment integration system of their own. These PAs aggregate the funds received as payment from the customers and pass them to the merchants after a certain time period.

PAYMENT GATEWAYS (PGs) are entities that channelize and process an online payment transaction by providing the necessary infrastructure without actual handling of funds.

The Guidelines have also clearly distinguished Payment Gateways as providers of technological infrastructure and Payment Aggregators as the entities facilitating the payment. At present, the existing PAs and PGs have a variety of technological set-up and their infrastructure also keeps changing with time given the business objective for ensuring efficient processing and seamless customer experience. Some of the e-commerce market places have leveraged their market presence and started offering payment aggregation services as well. Though the primary business of an e-commerce marketplace does not come within the regulatory purview of RBI, however, with the introduction of regulatory provisions for PAs, the entities will end up being subjected to dual regulation. Hence, it is required to separate these two activities to enable regulatory supervision over the payment aggregation business.

The extant regulations[3] on opening and operation of accounts and settlement of payments for electronic payment transactions involving intermediarieswe were applicable to intermediaries who collect monies from customers for payment to merchants using any electronic / online payment mode. The Discussion Paper proposed a review of the said regulations and based on the feedback received from market participants, the Guidelines have been issued by RBI.

Coverage of Guidelines

RBI has made its intention clear to directly regulate PAs (Bank & Non-Bank) and it has only provided an indicative baseline technology related recommendation. The Guidelines explicitly exclude Cash on Delivery (CoD) e-commerce model from its purview. Surprisingly, the Discussion Paper issued by RBI in this context intended on regulating both the PAs & PGs, however, since PGs are merely technology providers or outsourcing partners they have been kept out of the regulatory requirements.

The Guidelines come into effect from April 1, 2020, except for requirements for which a specific deadline has been prescribed, such as registration and capital requirements.

Registration requirement

Payment Aggregators are required to fulfil the requirements as provided under the Guidelines within the prescribed timelines. The Guidelines require non-bank entities providing PA services to be incorporated as a company under the Companies Act, 1956/2013 being able of carrying out the activity of operating as a PA, as per its charter documents such as the MoA. Such entities are mandatorily required to register themselves with RBI under the Payment and Settlement Systems Act, 2007 (‘PSSA, 2007’) in Form-A. However, a deadline of June 30, 2021 has been provided for existing non-bank PAs.

Capital requirement

RBI has further benchmarked the capital requirements to be adhered by existing and new PAs. According to which the new PAs at the time of making the application and existing PAs by March 31, 2021 must have a net worth of Rs 15 crore and Rs 25 crore by the end of third financial year i.e. March 31, 2023 and thereafter. Any non-compliance with the capital requirements shall lead to winding up of the business of PA.

As a matter of fact, the Discussion Paper issued by RBI, proposed a capital requirement of Rs 100 crore which seems to have been reduced considering the suggestion received from the market participants.

To supervise the implementation of these Guidelines, there is a certification to be obtained from the statutory auditor, to the effect certifying the compliance of the prescribed capital requirements.

Fit and proper criteria

The promoters of PAs are expected to fulfil fit and proper criteria prescribed by RBI and a declaration is also required to be submitted by the directors of the PAs. However, RBI shall also assess the ‘fit and proper’ status of the applicant entity and the management by obtaining inputs from various regulators.

Policy formulation

The Guidelines further require formulation and adoption of a board approved policy for the following:

  1. merchant on-boarding
  2. disposal of complaints, dispute resolution mechanism, timelines for processing refunds, etc., considering the RBI instructions on Turn Around Time (TAT)
  3. information security policy for the safety and security of the payment systems operated to implement security measures in accordance with this policy to mitigate identified risks
  4. IT policy(as per the Baseline Technology-related Recommendations)

Grievance redressal

The Guidelines have put in place mandatory appointment of a Nodal Officer to handle customer and regulator grievance whose details shall be prominently displayed on the website thus implying good governance in its very spirit. This is similar to the requirement for NBFCs who are required to appoint a Nodal Officer. Also, it is required that the dispute resolution mechanism must contain details on types of disputes, process of dealing with them, Turn Around Time (TAT) for each stage etc.

However, in this context, the Discussion Paper provided for a time period of 7 working days to promptly handle / dispose of complaints received by the customer and the merchant.

Merchant on boarding and KYC compliance

To avoid malicious intent of the merchants, PAs should undertake background and antecedent check of the merchants and are responsible to check Payment Card Industry-Data Security Standard (PCI-DSS) and Payment Application-Data Security Standard (PA-DSS) compliance of the infrastructure of the merchants on-boarded and carry a KYC of the merchants on boarded. It also provides for some mandatory clauses to be incorporated in the agreements to be executed with the merchants.

Risk Management

For the purposes of risk management, apart from adoption of an IS policy, the PAs shall also have a mechanism to monitor, handle and report cyber security incidents and breaches. They are also prohibited to allow online transactions with ATM pin and store customer card credentials on the servers accessed by the merchants and are required to comply with data storage requirements as applicable to Payment System Operators (PSOs).

Reporting Requirements

The Guidelines provide for monthly, quarterly and annual reporting requirement. The annual requirement comprises of certification from a CA and IS audit report and Cyber Security Audit report. The quarterly reporting again provides for certification requirement and the monthly requirement demand a transaction statistic. Also, there shall be reporting requirement in case of any change in management requiring intimation to RBI within 15 days along with ‘Declaration & Undertaking’ by the new directors. Apart from these mainstream reporting requirements there are non-periodic requirements as well.

Additionally, PAs are required to submit the System Audit Report, including cyber security audit conducted by CERTIn empanelled auditors, within two months of the close of their financial year to the respective Regional Office of DPSS, RBI

Escrow Account Mechanism

The Guidelines clearly state that the funds collected from the customers shall be kept in an escrow account opened with any Schedule Commercial Bank by the PAs. And to protect the funds collected from customers the Guidelines state that PA shall be deemed as a ‘Designated Payment System’[4] under section 23A of PSSA, 2007.

Shift from Nodal to Escrow

The Discussion Paper proposed registration, capital requirement, governance, risk management and such other regulations along with the maintenance of a nodal account to manage the funds of the merchants. Further, it acknowledged that in case of nodal accounts, there is no beneficial interest created on the part of the PAs; the fact that they do not form part of the PA’s balance sheet and no interest can be earned on the amount held in these account. The Guidelines are more specific about escrow accounts and do not provide for maintenance of nodal accounts, which seems to indicate a shift from nodal to escrow accounts with the same benefits as nodal accounts and additionally having an interest bearing ‘core portion’. These escrow account arrangements can be with or without a tripartite agreement, giving an option to the merchant to monitor the transactions occurring through the escrow. However, in practice it may not be possible to make each merchant a party to the escrow agreement.

Timelines for settlement to avoid unnecessary delay in payments to Merchants, various timelines have been provided as below:

  1. Amounts deducted from the customer’s account shall be remitted to the escrow account maintaining bank on Tp+0 / Tp+1 basis. (Tp is the date of debit to the customer’s account against good/services purchased)
  2. Final settlement with the merchant
  3. In cases where PA is responsible for delivery of goods / services, the payment to the merchant shall be made on Ts + 1 basis. (Ts is the date of intimation by merchant about shipment of goods)
  4. In cases where merchant is responsible for delivery, the payment to the merchant shall be on Td + 1 basis. (Td is the date of confirmation by the merchant about delivery of goods)
  5. In cases where the agreement with the merchant provides for keeping the amount by the PA till expiry of refund period, the payment to the merchant shall be on Tr + 1 basis. (Tr is the date of expiry of refund period)

Also, refund and reversed transactions must be routed back through the escrow account unless as per contract the refund is directly managed by the merchant and the customer has been made aware of the same. A minimum balance requirement equivalent to the amount already collected from customer as per ‘Tp’ or the amount due to the merchant at the end of the day is required to be maintained in the escrow account at any time of the day.

Permissible debits and credits

Similar to the extant regulations, the Guidelines provide a specific list of debits and credits permissible from the escrow account:

  • Credits that are permitted
  1. Payment from various customers towards purchase of goods / services.
  2. Pre-funding by merchants / PAs.
  3. Transfer representing refunds for failed / disputed / returned / cancelled transactions.
  4. Payment received for onward transfer to merchants under promotional activities, incentives, cashbacks etc.
  • Debits that are permitted
  1. Payment to various merchants / service providers.
  2. Payment to any other account on specific directions from the merchant.
  3. Transfer representing refunds for failed / disputed transactions.
  4. Payment of commission to the intermediaries. This amount shall be at pre-determined rates / frequency.
  5. Payment of amount received under promotional activities, incentives, cash-backs, etc.

The aforesaid list of permitted deposits and withdrawals into an account operated by an intermediary is wider than those allowed under the extant regulations. The facility to pay the amount held in escrow to any other account on the direction of the merchant would now enable cashflow trapping by third party lenders or financier. The merchant will have an option to provide instructions to the PA to directly transfer the funds to its creditors.

The Guidelines expressly state that the settlement of funds with merchants will in no case be co-mingled with other business of the PA, if any and no loans shall be available against such amounts.

No interest shall be payable by the bank on balances maintained in the escrow account, except in cases when the PA enters into an agreement with the bank with whom the escrow account is maintained, to transfer “core portion”[5] of the amount, in the escrow account, to a separate account on which interest is payable. Another certification requirement to be obtained from auditor(s) is for certifying that the PA has been maintaining balance in the escrow account.

Technology-related Recommendations

Several technology related recommendations have been separately provided in the Guidelines and are mandatory for PAs but recommendatory for PGs. These instructions provide for adherence to data security standards and timely reporting of security incidents in the course of operation of a PA. It proposes involvement of Board in formulating policy and a competent pool of staff for better operation along with other governance and security parameters.

Conclusion

With these Guidelines being enforced the online payment facilitated by intermediaries will be regulated and monitored by the RBI henceforth. The prescribed timeline of April 2020 may cause practical difficulties and act as a hurdle for the operations of existing PAs. However, the timelines provided for registration and capital requirements are considerably convenient for achieving the prescribed benchmarks. Since PAs are handling the funds, these Guidelines, which necessitate good governance, security and risk management norms on PAs, are expected to be favourable for the merchants and its customers.

 

[1] https://www.rbi.org.in/scripts/PublicationReportDetails.aspx?ID=943

[2] https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11822&Mode=0

[3] https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=5379&Mode=0

[4] The Reserve Bank may designate a payment system if it considers that designating the system is in the public interest. The designation is to be by notice in writing published in the Gazette, as per Payment System Regulation Act, 1998

[5] This facility shall be permissible to entities who have been in business for 26 fortnights and whose accounts have been duly audited for the full accounting year. For this purpose, the period of 26 fortnights shall be calculated from the actual business operation in the account. ‘Core Portion’ shall be average of the lowest daily outstanding balance (LB) in the escrow account on a fortnightly (FN) basis, for fortnights from the preceding month 26.

 

 

Our other write ups on NBFCs to be referred here http://vinodkothari.com/nbfcs/

Our other similar articles:

http://vinodkothari.com/2017/04/overview-of-regulatory-framework-of-payment-and-settlement-systems-in-india-by-anita-baid/

Cryptotrading’s tryst with destiny- Supreme Court revives cryptotrading, RBI’s circular struck down

-Megha Mittal

(mittal@vinodkothari.com

April 2018, the Reserve Bank of India (RBI) issued a “Statement on Developmental and Regulatory Policies” (‘Circular’) dated 06.04.2018, thereby prohibiting RBI regulated entities from dealing in/ providing any services w.r.t. virtual currencies, with a 3-month ultimatum to those already engaged in such services. Cut to 4th March, 2020- The Supreme Court of India strikes down RBI’s circular and upheld crypto-trading as valid under the Constitution of India.

Amidst apprehensions of crypto-trading being a highly-volatile and risk-concentric venture, the Apex Court, in its order dated 04.03.2020 observed that RBI, an otherwise staunch critic of cryptocurrencies, failed to present any empirical evidence substantiating cryptocurrency’s negative impact on the banking and credit sector in India; and on the basis of this singular fact, the Hon’ble SC stated RBI’s circular to have failed the test of proportionality.

In this article, the author has made a humble attempt to discuss this landmark judgment and its (dis)advantages to the Indian economy.

Read more