2019 – Page 8 – Vinod Kothari Consultants

SEBI’s Buyback Rules For Leverage Limits

September 22, 2019/0 Comments/in Corporate Laws, SEBI /by Vinod Kothari Consultants

Sharing of Credit Information to Fintech Companies: Implications of RBI Bar

September 21, 2019/0 Comments/in Financial Services, Fintech, Fintechs and Payment and Settlement Systems /by Vinod Kothari Consultants

-Financial Services Division | Vinod Kothari Consultants Pvt. Ltd.

(finserv@vinodkothari.com)

The RBI recently wrote a letter, dated 16^th September, 2019, to banks and NBFCs, censuring them over what seems to have been a prevailing practice – sharing of credit information sourced by NBFCs from Credit Information Companies (CICs), to fintech companies. The RBI reiterated that such sharing of information was not permissible, citing several provisions of the law, and expected the banks/NBFCs to affirm steps taken to ensure compliance within 15 days of the RBI’s letter.

This write-up intends to discuss the provisions of the Credit Information Companies (Regulation) Act, 2005 [CICRA], and related provisions, and the confidentiality of credit information of persons, and the implications of the RBI’s letter referred to above.

Fintech companies’ model

Much of the new-age lending is enabled by automated lending platforms of fintech companies. The typical model works with a partnership between a fintech company and an NBFC. The fintech company is the sourcing partner, and the NBFC is the funding partner. A borrower goes to the platform of the fintech company which provides a user-friendly application process, consisting of some basic steps such as providing the aadhaar card or PAN card details, and a photograph. Now, having got the individual’s basic details, the fintech company may either source the credit score of the individual from one of the CICs, or may use its own algorithm. If the fintech company wants to access the data stored with the CICs, it will have to rely on one of its partner NBFCs, since CIC access is currently allowed to financial sector entities only, who have to mandatorily register themselves as members of all four CICs.

It is here that the RBI sees an issue. If the NBFC allows the credit information sourced from the CIC to be transferred to a fintech company, there is an apparent question as to whether such sharing of information is permissible under the law or not.

We discuss below the provisions of the law relating to use of credit information.

Confidentiality of credit information

By virtue of the very relation between the customer and a banker, a banker gets access to the financial information of its customers. Very often, an individual may not even want to share his financial data even with close family members, but the banker any way has access to the same, all the time. If the banker was to share the financial details of a customer, it would be a clear intrusion into the individual’s privacy, and that too, arising out of a fiduciary relationship.

Therefore, the principle, which has since been reiterated by courts in numerous cases, was developed by UK courts in an old ruling in Tournier v National Provincial and Union Bank of England [1924] 1 KB 461. Halsbury’s Laws of England, Vol 1, 2nd edition, says: “It is an implied term of the contract between a banker and his customer that the banker will not divulge to third persons, without the consent of the customer, express or implied, either the state of the customer’s account, or any of his transactions with the bank or any information relating to the customer acquired through the keeping of his account, unless the banker is compelled to do so by order of a Court, or the circumstances give rise to a public duty of disclosure or the protection of the banker’s own interests requires it.”

The above law is followed in India as well.

In Shankarlal Agarwalla v. State Bank of India and Anr. AIR 1987 Cal 29[1], it was held that compulsion to disclose must be confined to the regular exercise by the proper officer to actual legal power to compel disclosure.

In case any information is disclosed without a legal compulsion to disclose, the same is wrongful on the part of the lender.

Credit Information Companies and sharing of information

When an RBI Working Group set up in 1999 under the chairmanship of N. H. Siddiqui recommended the formation of CICs in India, the question of confidentiality of credit information was discussed. It was noted by the Working Group that all over the world, there are regulatory controls on sharing of information by credit bureaus:

The Credit Information Bureaus, all over the world, function under a well defined regulatory framework. Where the Bureaus have been set up as part of the Central Bank, the regulatory framework for collection of information, access to that information, privacy of the data, etc., is provided by the Central Bank. Where Bureaus have been set up in the private sector, existence of separate laws ensure protection to the privacy and access to the data collected by the Bureau. In the U.S.A. where Credit Information Bureaus have been set up in the private sector, collection and sharing of information is governed by the provisions of the Fair Credit Reporting Act, 1971 (as amended by the Consumer Credit Reporting Reform Act of 1996). The Fair Credit Reporting Act is enforced by the Federal Trade Commission, a Federal Agency of the U.S. Govt. In the U.K., Credit Bureaus are licensed by the Office of the Fair Trading under the Consumer Credit Act of 1974. The Bureaus are also registered with the Office of the Data Protection Registrar, appointed under the Data Protection Act, 1984 (replaced by the Data Protection Commissioner under the new Act of 1998). In Australia, neither the Reserve Bank of Australia nor the Australian Prudential Regulation Authority (APRA) plays a role in promoting, developing, licensing or supporting Credit Bureaus. APRA holds annual meetings with the major Bureaus in Australia. The sharing of information relating to customers is regulated in Australia by the Privacy Act. This Act is administered by the Privacy Commissioner, who is vested with the responsibility of framing guidelines for protection of privacy principles and to ensure that Bureaus in Australia conform to these guidelines. In New Zealand, a situation similar to that of Australia exists. In Sri Lanka, the Bureau was formed by an Act of Parliament at the initiative of the Central Bank. A Deputy Governor of the Central Bank is the Chairman of the Bureau in Sri Lanka and the Bank is also represented on the Board of the Bureau by a senior officer. In Hong Kong, the Hong Kong Monetary Authority (HKMA), though not being directly involved in the setting up of a credit referencing agency has issued directions to all the authorised institutions recommending their full participation in the sharing and using of credit information through credit referencing agencies within the limits laid down by the Code of Practice on Consumer Credit Data formulated by the Privacy Commissioner. HKMA also monitors the effectiveness of the credit referencing services in Hong Kong, in terms of the amount of credit information disclosed to such agencies, and the level of participating in sharing credit information by authorised institutions.[2]

The inherent safeguards in the CIC Law

CICRA provides the privacy principles which shall guide the CICs, credit institutions and Specified Users in their operations in relation to collection, processing, collating, recording, preservation, secrecy, sharing and usage of credit information. In this regard, the purpose of obtaining information, guidelines for access to credit information of customers, restriction on use of information, procedures and principles for networking of CICs, credit institutions and specified users, etc. must be clearly defined.

Further, no person other than authorised person is allowed to have access to credit information under CICRA. Persons authorised to access credit information are CICs, credit institutions registered with the CICs and other persons as maybe specified by the RBI through regulations.

The Credit Information Companies Regulations provide that other persons who maybe allowed to access credit information are insurance companies, IRDAI, cellular service providers, rating agencies and brokers registered with SEBI, SEBI itself and trading members registered with Commodity Exchange.

Clearly, fintech companies or technology service providers are not authorised to access credit information. Access of information by such companies is a clear violation of CICRA.

Secrecy of customer information: duty of the lender

Paget on the Law of Banking observed that out of the duties of the banker towards the customer among those duties may be reckoned the duty of secrecy. Such duty is a legal one arising out of the contract, not merely a moral one. Breach of it therefore gives a claim for nominal damages or for substantial damages if injury is resulted from the breach.

Further, in case of Kattabomman Transport Corporation Ltd. V. State Bank of India, the Calcutta High Court held that the banker was under a duty to maintain confidentiality. An appeal[3] was filed against this ruling, the outcome of which was the information maybe disclosed by the banks, only when there is a higher duty than the private duty.

NBFCs providing access to the fintech companies is undoubtedly a private duty and thus, is a breach of duty on the part of the lender.

The case of Fintech Companies and NBFC partnership:

The letter of the RBI under discussion, dated 17^th September, 2019, has been seen as a challenge to the working of the fintech companies. However, to understand in what way does this affect the working of fintech companies, we need to understand several situations.

Before coming to the same, it must be noted that the RBI’s 17^th September circular is not writing a new law. The law on sharing of credit information has always been there, and the inherent protection is very much a part of the CICRA itself. The RBI circular is, at best, a regulatory cognition of an existing issue, and is a note of caution to NBFCs, who, in their enthusiasm to generate business, may not disregard the provisions of the law.

The situations may be as follows:

Fintech company using its own algorithm: In this case, the fintech company is relying upon its own proprietary algorithm. It is not relying on any credit bureau information. Therefore, there is no question of any credit information being shared. In fact, even if the fintech uses the score developed by it, without relying on CIC data, with other entities, it is a proprietary information, which may be shared.
NBFC sharing credit information with Fintech company, which is sourcing partner for the NBFC: If the NBFC is sharing information with a fintech company, with the intent of using the information for its own lending, can it be argued that there is a breach of the provisions of the CICRA? It may be noted that regulation 9 of the CIC Regulations requires CICs to protect credit information from unauthorised access. As already discussed, access by such fintech companies is unauthorised.
NBFC sharing credit information with Fintech company, which is not partnering with the NBFC: In case, the NBFC is not partnering with the NBFC and is still sharing credit information, there seems to be no reason for such sharing other than information trading. Several NBFCs have at many instances, been reported to have engaged in information trading for additional income.
NBFC sharing credit information with another NBFC/bank, which is a co-lender: The NBFC may authorise its co-lender to obtain credit information from CICs and the same shall not be an unauthorised access of information, since the co-lender is also a credit institution and is registered with CICs.
Bank sharing credit information with another NBFC which is a sourcing partner and not a c0-lender: If the sourcing partner is a member of CICs, it may access the credit information directly from the CICs. If the sourcing partner is not a member of CICs, sharing of credit information is violation of customer privacy, and thus, shall not be allowed.

Conclusion

The credit bureau reports are actually being exchanged in the system without much respect to the privacy of the individual’s data. With the explosion of information over the net, it may even be difficult to establish as to where the information is coming from. Privacy and confidentiality of information is at stake. At the same time, the very claim-to-existence of fintech entities is their ability to process a credit application within no time. Whether there is an effective way to protect the sharing of information stored with CICs is a significant question, and the RBI’s attention to this is timely and significant.

[1] https://indiankanoon.org/doc/1300997/

[2] https://www.rbi.org.in/scripts/PublicationReportDetails.aspx?ID=76

[3] https://indiankanoon.org/doc/908914/

FAQs on IEPF

September 18, 2019/0 Comments/in Amendments to the Companies Act 2013, Companies Act 2013, Corporate Laws, MCA /by Vinod Kothari Consultants

Partial Credit Guarantee Scheme

September 18, 2019/0 Comments/in Financial Services, Housing finance, NBFCs, News on Securitization, Securitisation, UPDATES /by Vinod Kothari Consultants

A Business Conclave on “Partial Credit Guarantee Scheme” was organised by Indian Securitisation Foundation jointly with Edelweiss on September 16,2019 in Mumbai.

On this occasion, the presentation used by Mr. Vinod Kothari is being given here:

https://vinodkothari.com/wp-content/uploads/2019/09/partial-credit-enhancement-scheme-.pdf

We have authored few articles on the topic that one might want to give a read. The links to such related articles are provided below:

Modes of Collaboration between Banks & NBFC’s

September 11, 2019/0 Comments/in Financial Services, NBFCs, RBI, Securitisation /by Vinod Kothari Consultants

Samagrata August, 2019

September 7, 2019/0 Comments/in Samagrata /by Vinod Kothari Consultants

The cult of easy borrowing: New age NBFCs ride high on tempting loan offers

September 5, 2019/0 Comments/in Financial Services, Fintechs and Payment and Settlement Systems, NBFCs /by Vinod Kothari Consultants

-Rahul Maharshi and Kanakprabha Jethani

(finserv@vinodkothari.com)

“यावज्जीवेत्सुखं जीवेत् ऋणं कृत्वा घृतं पिबेत् |

भस्मीभूतस्य देहस्य पुनरागमनं कुतः ||”

The ancient couplet from the Charvak Darshan, in Indian mythology is popularly known as the philosophy of life. There are various interpretations of the above, in general, the meaning of the above couplet gives us a saying that “One should live luxuriously, as long as he is alive, and to attain the same, one may even live on credit and in debt. Because once you are dead and cremated, it is foolish to think about afterlife and rebirth.”

It is seen today that the financial services industry is taking the above couplet too seriously and making the borrowers flooded with opportunities and facilities to burden them with debt in one click. Even the person who is unwilling to enter into a debt trap is somewhat lured by the “instant loan” facilities given by numerous NBFCs these days.

Whilst the Indian economy facing a slowdown and banks in India showing significant falls in their lending volumes, the NBFCs engaged in e-lending are displaying an inverse relation to the trend. The NBFCs have been showing extravagant growth in their lending volumes. On one hand banks are tightening the lending norms considering the current state of the economy, NBFCs seem to be doing reckless lending and reporting exceptionally high lending volumes. The financial market seems to be showing a transition from secured lending to unsecured lending, from corporate finance to personal finance, from paperwork to digitisation. This transition is the reason behind such a drastic shift of lending volumes.

CURRENT STATE OF LENDING TRANSACTIONS

NBFCs are crossing milestones, making new records everyday. A leading NBFC reported disbursal of Rs. 550 crores in 3,50,000 loan transactions and has been consistently disbursing loans over Rs. 80 crores every month[1]. Another NBFC reported an existing customer base of 1.1 million. An app-based lender NBFC has 100 million downloads of its app and has disbursed around Rs. 700 crores in FY 19 with an expectation of increasing the amount of disbursals to Rs. 2,000 crores in FY 20[2].

On the contrary, banks are showing a completely opposite picture. Under the 59-minute loan scheme introduced by the Prime Minister for small entities (having turnover upto Rs. 25 crores) to avail loans of amount upto Rs. 5 crores from banks within an hour, only 50,706 loans were given approval in the FY 19. The growth rates in the banking sector are lowering. The growth in retail loans fell down to 15.7% in April 2019 as compared to 19.1% in April 2018. The growth rate in credit card loans has also shown a decline of 8.8%[3].

UNDERSTANDING THEIR BUSINESS MODEL

NBFCs do unsecured lending of small-ticket size loans, usually personal in nature. The market tends to be more inclined towards obtaining finance from such NBFCs. The basic features of loans provided by NBFCs can be understood through following points:

Unsecured: The loans provided by NBFCs doing e-lending are generally unsecure loans. The borrower or the customer is not required to provide any security for obtaining such loans. Thus, even if borrowers have no assets at all, they can still obtain loans.
Instant: These NBFCs process the loans within a very short period (‘superfast processing’ as they call it) and the disbursement is made within a period ranging from 5 minutes to 3 days depending on the size of the loan. There is no requirement of long procedures as required to be followed in case of bank loans.
Digital: Usually, these NBFCs have an app-based or website based platform through which they provide such loans. The KYC process is also carried out through the app or website itself.
High-interest rates: The interest rates on such loans are very high as compared to the interest rates on loans provided by banks. The rates usually range from 15% p.a. to 130% p.a.
Small-ticket size: The loan size is generally small ranging from Rs. 500 to Rs, 50,000
Short-term loans: The term of loan is also short. Repayment is required on weekly, fortnightly or monthly basis.
Credit Score based decisions: The lending decisions made by NBFCS are largely dependent on the credit score of the borrower. A strong network of Credit Information Companies (CICs) stores the credit information of the borrowers and the borrower making default of even a single day would be barred from accessing any other e-lending platform as well. However, for first time borrowers, the only way to check credit standing is their bank statement.
Source of funds: NBFCs get their funds from banks as well as bigger size NFCs and Private Equity investors.
Purpose: These loans are provided mostly for personal purposes like marriage ceremonies, buying a car, medical issues, travel etc.
Innovation: Each of the e-lending platform has a different model. While some involve students in their marketing activities, some have tied-up with sellers and buyers to finance transactions between them and some tying up with different brands to finance their operations.

NBFCs BRUSHING OFF THE REGULATIONS: THEIR OWN SWEET WAYS

The operational structures of such loans are in defiance of many requirements of the RBI Directions. One can see disparity from the RBI Directions in many ways. Following are the areas where most of the NBFCs take their own sweet ways:

KYC process: As per the KYC Master Directions an authorised representative of the lender NBFC to physically visit and originally see and verify the KYC details of the borrower. There are further requirements of maintaining the KYC records and carrying out Customer Due Diligence (CDD) which the NBFCs fail (refuse) to comply with in the hurry of their “superfast processing”.
Fair Practice Code (FPC): The FPC requires lender NBFCs to display annualised interest rates in all their communications with the borrowers. However, most of the NBFCs show monthly interest rates in the name of their “marketing strategy”.
Risk Management: The Directions require the NBFCs to assess the risk before granting loans to borrowers, which is overlooked while providing speedy disbursals.
Recovery Process: NBFCs do not even have properly defined recovery process. They are just making rapid disbursals ignorant of whether these loans will be repaid.
Risk to personal information: Many NBFCs obtain access to the personal information such as text messages and social media profile of the borrower by way of incorporating clauses in this regard in the detailed terms and conditions of the loan agreement.

RISKS TO THE BORROWERS

The borrowers face several risks under such loan transactions, ranging from personal to financial such as:

Many borrowers usually don’t read the entire set of terms and conditions and end up granting the NBFCs access to their personal information. Privacy of the borrower is at stake as information trading is yet another business that the NBFCs may secretly engage into posing a threat to borrowers’ personal information.
The lucrative advertising strategies of these NBFCs might make a borrower take loans for purposes which otherwise would not have been a necessity or priority for the borrower. Hence, the borrower tends to borrow without any actual requirement because a demand has been created by the lender NBFCs.
The interest rates are very high on such loans. In case the amount of loan is high, the borrower is unable to pay the huge amount of interest and thus has to take another loan to repay the first.
The credit score of the borrower may get affected at the slightest delay in repayment, even if the amount of loan is as small as Rs. 500. Thus the credibility of borrower is at a risk of degradation.

THE BUBBLE OF ATTRACTION: PLAYING WITH THE PSYCHOLOGY

Even in existence of such high interest rates, why is a borrower more attracted to loans from NBFCs? The only answer one finds to this is the ease and the fact that they are instant. In an era where everyone wants everything in a jiffy, be it food or health solutions, being attracted to instant loans is a very natural thing.

For example you meet an accident and don’t have money for treatment to be done, take a loan. You are shopping and suddenly realise you forgot your purse, take a loan.

The most crucial thing is that these NBFCs do not monitor the end use of the loan amounts disbursed. So a borrower may specify any purpose for the loan, which he might not actually use the loan for. Moreover, the high interest rates are not noticed by the borrowers as most of the NBFCs show monthly interest rates rather than the yearly rates in their communications on the app or the website.

Many borrowers usually don’t read the entire set of terms and conditions and end up granting these NBFCs access to their personal information. Information trading is yet another business that the NBFCs may secretly engage into posing a threat to borrowers’ information.

The NBFCs are rightly playing the psychology game by becoming a friend in need for the borrowers. No matter how high the interest rates maybe or how risky the transaction maybe, it is a handy help whenever needed.

Furthermore, the advertisements made by these NBFCs are so catchy that they may lure a person who might not really be in need of finance. The catchy phrases like “make your dream wedding come true”, “let the wanderlust in you come alive” create a “need” for the customer to become a borrower. Marriage functions, travel and luxuries things are the Indian way of showing richness and the abovementioned philosophy wraps people in a comfortable blanket of justification to remain under debt-burden.

ALL OUR MONEY INTO THE BLACK HOLE

While lending to businesses results in more capital formation and growth of the economy. Personal lending mostly results in wasteful expenditure. Further, the interest rates being so high, many a times the borrowers obtain another loan to pay the previous loan and gets trapped into the vicious circle of obtaining and repaying loans. The increasing lending volumes are not an indication of overall growth of the economy. Most of the purposes for which such loans are availed are consumption-based and have no value-addition. All the money taken on loan is being used in consumption-based expenditure and not in value-addition activities and thus even after such high lending volumes, the growth of the economy is just disappearing into the black hole.

CONCLUSION

While on one hand, such loans are helping us in need, on the other hand they are luring us to take unnecessary debt burden. The lender NBFCs are under the risk of regulatory action by the regulators since many of them are in non-compliance with regulatory requirements. The borrowers are under the risk of pressing themselves under unnecessary debt burden and huge interest costs. The recovery procedures of these NBFCs are very lenient but due to the high interest costs, the cost of funds is readily recovered by the lender NBFC. Even when banks have tried to provide quick loans under 59-minutes loan scheme, they have failed to do away with the procedural requirements such as document submission and are still regarded as “slow-loans” considering the super-fast loans being provided by NBFCs within 5 minutes.

Though immensely helpful, these loans have a potential to impact the economy in such a manner that it seems to be beneficial while it’s actually not. The borrowers are happily floating in the bubble of “instant loans” which is definitely going to burst in no time.

[1] Source: Economic Times

[2] Source: CNBC

[3] Source: Business Standard

Prosecution of company directors for day-to-day operational issues: SC ruling provides relief

August 27, 2019/1 Comment/in Companies Act 2013, Corporate Laws /by Vinod Kothari Consultants

By Dibisha Mishra (dibisha@vinodkothari.com; corplaw@vinodkothari.com)

Introduction:

While directors are the brain and neural control center of companies, but it is evident that the day to day affairs of companies are not run by the board of directors , or even the executive directors of companies. Under circumstances can directors be prosecuted, merely because they hold board positions, for something as operational as the lack of safety measures in a smoking zone in a hotel? The SC in a recent ruling[1] of Shiv Kumar Jatia vs. State of NCT of Delhi has taken forward its earlier rulings in the case of Maksud Saiyed vs. State of Gujarat & Ors[2] and Sunil Bharti Mittal vs. CBI[3], and has held the doctrine of vicarious liability cannot be applied to offences under the IPC unless specifically provided for.

The concept of a corporate structure is based on the very premise of a business idea brought into by a group of persons [also known as promoters], backed up with funds from shareholders and creditors and set to implementation by directors who are elected by the shareholders. While shareholders continue to hold certain decision making powers, the directors are broadly responsible for the functioning and performance of the company. Having said so, it is also to be understood that a director of a company is not always in charge of everyday affairs. It depends upon the respective role assigned to different officers in a company.

Liability of officers for offences under Companies Act

The Companies Act, 2013 (‘the Act’), has explicitly identified officers who are in default for the purpose of the Act which includes directors and KMP.

Further, Section 149(12)(ii) of the Companies Act 2013 provides that liability of a NEDs arises only with respect to such acts of omission or commission by a company which had occurred with his knowledge, attributable through Board processes, and with his consent or connivance or where he had not acted diligently. Hence, obligation is on the ROC to verify relevant information and records before initiating prosecution against independent or nominee directors.

However, it is to be noted that the above provisions are to be considered only where there has been any contravention with the provisions of the Companies Act while in case of other statutes, respective provisions is to be seen.

Liability for criminal felonies

When a Corporate gets accused of a criminal offence, the individual to be prosecuted for the same remains a matter of consideration. The extent of liability of Non-Executive Directors in case of offences has been discussed in our earlier article[4]. The present article discusses the Supreme Court’s judgment[5] on the case of Shiv Kumar Jatia vs. State of NCT of Delhi which quashed the impugned order of the High Court and freed the Managing Director from the criminal liability imposed on the basis of doctrine of ‘vicarious liability’.

Facts of the case:

Shiv Kumar Jatia is the Managing Director of M/s. Asian Hotels which looks after Hyatt Regency Hotel. He had authorized Mr. PR. Subramanian to apply for lodging license of the hotel.

There was a contravention the condition of the lodging license which led to a hotel guest enter into a semi lit under-construction terrace for smoking. The guest fell from the terrace of 6^th floor to the 4^th floor and got injured. Case was brought before the High Court which ordered for prosecution the Managing director along with the other three accused by relying on the case of Sushil Ansal vs. State through CBI[6].

Shiv Kumar Jatia appealed before the Apex Court against such impugned order of the High Court where the case was decided in his favour vide judgment dated 23^rd August, 2019.

Provisions of law considered:

Alleged offences under Section 336 and 338 of the Indian Penal Code

Section 336:

“Whoever does any act so rashly or negligently as to endanger human life or the personal safety of others, shall be punished with imprisonment of either description for a term which may extend to three months, or with fine which may extend to two hundred and fifty rupees, or with both.”

Section 338:

“Whoever causes grievous hurt to any person by doing any act so rashly or negligently as to endanger human life, or the personal safety of others, shall be punished with imprisonment of either description for a term which may extend to two years, or with fine which may extend to one thousand rupees, or with both.”

Apex court stated that the essential elements to prove an alleged offence under section 336 are:

an act
done rashly or negligently
to endanger human life or personal safety

while for section 338, the condition of grievous hurt is to be met in additional to elements in section 336.

Doctrine of vicarious liability

Under the doctrine of vicarious liability, one person is held responsible for the wrong doing of the other. Such liability arises only when both persons are somehow connected to each other like employee-employer relationship or principal-agent relationship. In case of corporates, the applicability of the said doctrine is to be determined on the basis of provisions of statute dealt with.

There is no vicarious liability unless the statute specifically provides so.

The court referred to the judgment[7] of Maksud Saiyed vs. State of Gujarat & Ors, where the Court held that the Penal Code does not contain any provision of vicarious liability on the part of the Managing Director/ Director of the company where the accused is a company.
Further, the case of Sunil Bharti Mittal vs. CBI[8] was also referred to wherein it was held that:

“a corporate entity is an artificial person which acts through its officers, directors, managing director, chairman etc. If such a company commits an offence involving mens rea, it would normally be the intent and action of that individual who would act on behalf of the company. It would be more so, when the criminal act is that of conspiracy. However, at the same time, it is the cardinal principle of criminal jurisprudence that there is no vicarious liability unless the statute specifically provides so.”

This means where the statutory provision itself does not specifically attract the doctrine of vicarious liability, an individual cannot be implicated under the same.

Existence of Active Role and Criminal Intent

It was stressed that in the absence of any statutory provision incorporating vicarious liability, an individual cannot be made accused, unless there is a sufficient evidence of his ‘active role coupled with criminal intent’. Further such criminal intent must have direct nexus with the accused.

In the given case, the Managing Director was outside the country on the day of the accident. Moreover, mere authorizing an official for obtaining license cannot be construed to his active role with criminal intent. Hence, the same was also failed to be established before the Court.

Judgment

The Apex Court held that there is no specific provision of applicability of doctrine of vicarious liability in the Indian Penal Code. Further, the allegations made on the Managing Director could not establish any active role coupled with criminal intent having direct nexus with the accused.

Concluding the same, the Court passed the judgment that the allegations made on the Managing Director was vague in nature and the criminal proceedings against Shiv Kumar Jatia as passed by the High Court were quashed.

Time and again the court have taken the view that merely because of holding the position as a director/managing director, a person cannot be vicariously held liable for offence committed by Companies. It has to be proved how he was responsible for, or in control of, or negligent in conducting the affairs of the company. In the absence of definite averments, a director cannot be deemed to be liable.

[1] https://sci.gov.in/supremecourt/2018/31728/31728_2018_6_1502_16190_Judgement_23-Aug-2019.pdf

[2] https://indiankanoon.org/doc/159121041/

[3] https://indiankanoon.org/doc/159121041/

[4] https://vinodkothari.com/wp-content/uploads/2017/03/Umesh_K_-Modi_vs_Deputy_Directorate_of_Enforcement.pdf

[5] https://sci.gov.in/supremecourt/2018/31728/31728_2018_6_1502_16190_Judgement_23-Aug-2019.pdf

[6] https://indiankanoon.org/doc/152261427/

[7] https://indiankanoon.org/doc/159121041/

[8] https://indiankanoon.org/doc/159121041/

SEBI empowers Informants to quash any Insider Trading attempts

August 26, 2019/0 Comments/in Corporate Laws, SEBI /by Vinod Kothari Consultants

Introduction of Digital KYC

August 22, 2019/0 Comments/in Financial Services, Fintechs and Payment and Settlement Systems, KYC/PMLA, NBFCs, UPDATES /by Vinod Kothari Consultants

Anita Baid (anita@vinodkothari.com)

The guidelines relating to KYC has been in headlines for quite some time now. Pursuant to the several amendments in the regulations, the KYC process of using Aadhaar through offline modes was resumed for fintech companies. The amendments in the KYC Master Directions[1] allowed verification of customers by offline modes and permitted NBFCs to take Aadhaar for verifying the identity of customers if provided voluntarily by them, after complying with the conditions of privacy to ensure that the interests of the customers are safeguarded.

Several amendments were made in the Prevention of Money laundering (Maintenance of Records) Rules, 2005, vide the notification of Prevention of Money laundering (Maintenance of Records) Amendment Rules, 20191 issued on February 13, 2019^[2] (‘February Notification’) so as to allow use of Aadhaar as a proof of identity, however, in a manner that protected the private and confidential information of the borrowers.

The February Notification recognised proof of possession of Aadhaar number as an ‘officially valid document’. Further, it stated that whoever submits “proof of possession of Aadhaar number” as an officially valid document, has to do it in such a form as are issued by the Authority. However, the concern for most of the fintech companies lending through online mode was that the regulations did not specify acceptance of KYC documents electronically. This has been addressed by the recent notification on Prevention of Money-laundering (Maintenance of Records) Third Amendment Rules, 2019 issued on August 19, 2019[3] (“August Notification”).

Digital KYC Process

The August Notification has defined the term digital KYC as follows:

“digitial KYC” means the capturing live photo of the client and officially valid document or the proof of possession of Aadhaar, where offline verification cannot be carried out, along with the latitude and longitude of the location where such live photo is being taken by an authorised officer of the reporting entity as per the provisions contained in the Act;

Accordingly, fintech companies will be able to carry out the KYC of its customers via digital mode.

The detailed procedure for undertaking the digital KYC has also been laid down. The Digital KYC Process is a facility that will allow the reporting entities to undertake the KYC of customers via an authenticated application, specifically developed for this purpose (‘Application’). The access of the Application shall be controlled by the reporting entities and it should be ensured that the same is used only by authorized persons. To carry out the KYC, either the customer, along with its original OVD, will have to visit the location of the authorized official or vice-versa. Further, live photograph of the client will be taken by the authorized officer and the same photograph will be embedded in the Customer Application Form (CAF).

Further, the system Application shall have to enable the following features:

It shall be able to put a water-mark in readable form having CAF number, GPS coordinates, authorized official’s name, unique employee Code (assigned by Reporting Entities) and Date (DD:MM:YYYY) and time stamp (HH:MM:SS) on the captured live photograph of the client;
It shall have the feature that only live photograph of the client is captured and no printed or video-graphed photograph of the client is captured.

The live photograph of the original OVD or proof of possession of Aadhaar where offline verification cannot be carried out (placed horizontally), shall also be captured vertically from above and water-marking in readable form as mentioned above shall be done.

Further, in those documents where Quick Response (QR) code is available, such details can be auto-populated by scanning the QR code instead of manual filing the details. For example, in case of physical Aadhaar/e-Aadhaar downloaded from UIDAI where QR code is available, the details like name, gender, date of birth and address can be auto-populated by scanning the QR available on Aadhaar/e-Aadhaar.

Upon completion of the process, a One Time Password (OTP) message containing the text that ‘Please verify the details filled in form before sharing OTP’ shall be sent to client’s own mobile number. Upon successful validation of the OTP, it will be treated as client signature on CAF.

For the Digital KYC Process, it will be the responsibility of the authorized officer to check and verify that:-

information available in the picture of document is matching with the information entered by authorized officer in CAF;
live photograph of the client matches with the photo available in the document; and
all of the necessary details in CAF including mandatory field are filled properly.

Electronic Documents

The most interesting amendment in the August Notification is the concept of “equivalent e-document”. This means an electronic equivalent of a document, issued by the issuing authority of such document with its valid digital signature including documents issued to the digital locker account of the client as per rule 9 of the Information Technology (Preservation and Retention of Information by Intermediaries Providing Digital Locker Facilities) Rules, 2016 shall be recognized as a KYC document. Provided that the digital signature will have to be verified by the reporting entity as per the provisions of the Information Technology Act, 2000.

The aforesaid amendment will facilitate a hassle free and convenient option for the customers to submit their KYC documents. The customer will be able to submit its KYC documents in electronic form stored in his/her digital locker account.

Further, pursuant to this amendment, at several places where Permanent Account Number (PAN) was required to be submitted mandatorily has now been replaced with the option to either submit PAN or equivalent e-document.

Submission of Aadhaar

With the substitution in rule 9, an individual will now have the following three option for submission of Aadhaar details:

the Aadhaar number where,
1. he is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 or
2. he decides to submit his Aadhaar number voluntarily
the proof of possession of Aadhaar number where offline verification can be carried out; or
the proof of possession of Aadhaar number where offline verification cannot be carried out or any officially valid document or the equivalent e-document thereof containing the details of his identity and address;

Further, along with any of the aforesaid options the following shall also be submitted:

the Permanent Account Number or the equivalent e-document thereof or Form No. 60 as defined in Income-tax Rules, 1962; and
such other documents including in respect of the nature of business and financial status of the client, or the equivalent e-documents thereof as may be required by the reporting entity

The KYC Master Directions were amended on the basis in the February Notification. As per the amendments proposed at that time, banking companies were allowed to verify the identity of the customers by authentication under the Aadhaar Act or by offline verification or by use of passport or any other officially valid documents. Further distinguishing the access, it permitted only banks to authenticate identities using Aadhaar. Other reporting entities, like NBFCs, were permitted to use the offline tools for verifying the identity of customers provided they comply with the prescribed standards of privacy and security.

The August Notification has now specified the following options:

For a banking company, where the client submits his Aadhaar number, authentication of the client’s Aadhaar number shall be carried out using e-KYC authentication facility provided by the Unique Identification Authority of India;
For all reporting entities,
1. where proof of possession of Aadhaar is submitted and where offline verification can be carried out, the reporting entity shall carry out offline verification;
2. where an equivalent e-document of any officially valid document is submitted, the reporting entity shall verify the digital signature as per the provisions of the IT Act and take a live photo
3. any officially valid document or proof of possession of Aadhaar number is submitted and where offline verification cannot be carried out, the reporting entity shall carry out verification through digital KYC, as per the prescribed Digital KYC Process

It is also expected that the RBI shall notify for a class of reporting entity a period, beyond which instead of carrying out digital KYC, the reporting entity pertaining to such class may obtain a certified copy of the proof of possession of Aadhaar number or the officially valid document and a recent photograph where an equivalent e-document is not submitted.

The August Notification has also laid emphasis on the fact that certified copy of the KYC documents have to be obtained. This means the reporting entity shall have to compare the copy of the proof of possession of Aadhaar number where offline verification cannot be carried out or officially valid document so produced by the client with the original and record the same on the copy by the authorised officer of the reporting entity. Henceforth, this verification can also be carried out by way of Digital KYC Process.

[1] https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=11566#F4

[2] http://egazette.nic.in/WriteReadData/2019/197650.pdf

[3] http://egazette.nic.in/WriteReadData/2019/210818.pdf

Archive for year: 2019