Does Co-lending Make Default a Communicable Disease?

/0 Comments/in , /by

How to ensure uniform asset classification under co-lending

Simrat Singh | finserv@vinodkothari.com

Asset classification under RBI regulations has always been anchored to the borrower, not to individual loan facilities. Once a borrower shows repayment stress in any exposure, it is no longer reasonable to treat the borrower’s other obligations as unaffected; prudence requires that all other facilities to that borrower reflect the same level of stress. Even the insolvency law reinforces this borrower-level approach to default by allowing CIRP to be triggered irrespective of whether the default is owed to the applicant creditor or not (see Explanation to section 7 of the IBC)

This borrower-level approach is not unique to India. Globally, the Basel framework also defines default at the obligor level – the core idea being that credit stress is a condition of the borrower, not of a single loan. In other words, when a borrower sneezes financial distress, all his loans catch a classification cold.

Position under the earlier co-lending framework

Under the earlier 2020 framework for priority sector co-lending between banks and NBFCs, each RE applied its own asset classification norms to its respective share of the co-lent loan (see para 13 of 2020 framework). This allowed situations where the same borrower and same loan could be classified differently in the books of the two co-lenders. While operationally convenient, this approach sat uneasily with the borrower-level logic of RBI’s IRACP norms and diluted the consistency of credit risk recognition in a shared exposure.

Position under the Co-Lending Arrangements Directions, 2025

The 2025 Directions [now subsumed in Para B of the Reserve Bank of India (Non-Banking Financial Companies – Transfer and Distribution of Credit Risk) Directions, 2025] resolve this inconsistency by requiring uniform asset classification across co-lenders at the borrower level (see para 124 reproduced below for reference).

124. NBFCs shall apply a borrower-level asset classification for their respective exposures to a borrower under CLA, implying that if either of the REs classifies its exposure to a borrower under CLA as SMA / NPA on account of default in the CLA exposure, the same classification shall be applicable to the exposure of the other RE to the borrower under CLA. NBFCs shall put in place a robust mechanism for sharing relevant information in this regard on a near-real time basis, and in any case latest by end of the next working day.

Therefore, where one co-lender classifies its share of a co-lent exposure as SMA or NPA, the other co-lender must apply the same borrower classification to its share of the same exposure. It was an extension of RBI’s long-standing borrower-wise classification principle into a multi-lender structure.

Why “under the CLA” cannot be read in isolation

However, the wording of paragraph 124 has, in practice, been interpreted by some lenders in a much narrower manner. The phrase “under the CLA” has been read to mean that the classification of the other co-lender’s share would change only if the borrower defaults on the co-lent exposure itself. On this interpretation, where a borrower defaults on a separate, non-co-lent loan, lenders may in their books follow borrower level classification but they need not share such information with the co-lending partner since there is no default in the co-lent loan.

This approach, however, runs contrary to the regulatory intent and represents a classic case where the literal reading of a provision is placed in conflict with its underlying purpose. Market practice reflects this divergence. Traditional lenders have generally adopted a conservative approach, applying borrower-level classification across exposures irrespective of whether the default arises under the CLA. Certain other lenders, however, have taken a more aggressive position, limiting classification alignment strictly for defaults under the co-lent exposure. The conservative approach is more consistent with RBI’s prudential framework and intent, which has always treated credit stress as a condition of the borrower rather than of a particular loan structure.

Implications for other exposures to the same borrower

Once borrower-level classification is accepted as the governing principle, the consequence is straightforward: any other exposure that a co-lender has to the same borrower must also reflect the borrower’s SMA or NPA status, even if that exposure is not part of the co-lending arrangement. Let us understand this by way of examples.

Scenario 1: Multiple Loans, No Co-Lending Exposure 

A borrower has three separate loans:

  1. L1: 100% funded by A
  2. L2: 100% funded by B
  3. L3: 100% funded by C

Although A, B and B may be co-lending partners with each other in general, none of the above loans are under a co-lending arrangement (CLA).

Treatment: Since there is no co-lent exposure to the borrower, paragraph 124 of the Directions does not apply. Each lender classifies and reports its own loan independently, as per its applicable asset classification norms. There is no obligation to share asset-classification information relating to these loans among the lenders.

Scenario 2: One Co-Lent Loan and Other Standalone Loans

A borrower has three loans:

  1. L1: Co-lent by B (80%) and A (20%)
  2. L2: 100% funded by A (not co-lent)
  3. L3: 100% funded by C (not co-lent)

Case A: Default under the Co-Lent Loan

If B classifies its 80% share of L1 as NPA:

  • A’s 20% share of L1 must also be classified as NPA, even if it was standard in A’s books. While given that the asset classification norms for different REs are aligned and the invocation of any default loss guarantee also does not impact the asset classification; there does not seem to be any reason for a difference in the asset classification of the co-lenders in this case.  
  • Since asset classification is borrower-level, A must also classify L2 as NPA, even though L2 is not under a co-lending arrangement.
  • L3 remains unaffected, as C is not a co-lender to the same borrower and there is no requirement for B or A to share borrower-level information with C.

Case B: Default under a Non-Co-Lent Loan by any one of the Co-Lenders

If A classifies L2 as NPA:

  • Since asset classification is borrower-level, A must also classify L1 as NPA
  • B’s 80% share of L1 must also be classified as NPA
  • L3 remains unaffected, as C is not a co-lender to the same borrower and there is no requirement for B or A to share borrower-level information with C.

Case B: Default under a Non-Co-Lent Loan of a Third Lender

Assume L3 is classified as NPA by C, while L1 and L2 remain standard.

  • There is no impact on the books of B or A.
  • C is not required to share information on L3 with B or C, as there is no co-lending exposure between them for this borrower.

Note that borrower-level asset classification and information sharing activates only where there is a co-lending exposure to the borrower. Once such an exposure exists, any default in any loan of a co-lender triggers borrower-level classification across all exposures of that lender, including standalone loans. However, lenders with no co-lending exposure to the borrower remain outside this information-sharing loop. May refer the below chart for more clarity:

Fig 1: Decision chart for asset classification of loans under co-lending

Information Sharing and Operational Impact

To make borrower-level classification work in practice, the 2025 Directions require co-lenders to put in place information-sharing arrangements. Any SMA or NPA trigger must be shared with the other co-lender promptly and, in any case, by the next working day. It requires aligned IT systems so that both lenders update their books on the borrower at the same time, or as close to real time as possible.

Conclusion

The 2025 Directions reinforce a long-standing regulatory principle: credit stress belongs to the borrower, not to a specific loan or lender. Uniform borrower-level classification and timely information sharing are essential to preserve consistency in risk recognition across co-lenders. While this increases operational complexity, it aligns co-lending practices with RBI’s prudential intent.

See our other resources on co-lending.

Banking group NBFCs:  Need to map businesses to avoid overlaps with the parent banks

/0 Comments/in , , , , , /by

– Vinod Kothari | finserv@vinodkothari.com

The new dispensation implemented from 5th December 2025 implies that lending business, obviously carried in the parent bank, needs to be allocated between the bank and the group entities so as to avoid overlaps. The bank will have to take its business allocation plan, at a group level, to its board, by 31st March 2026.

The RBI’s present move has certain global precedents. Singapore passed an anti-commingling rule applicable to banking groups way back in 2004, but has subsequently relaxed the rule by a provision referred to as section 23G of the Banking Regulations. However, the approach is not uniformly shared across jurisdictions.

We are of the view that as the decision works both at the bank as well as the NBFC/HFC level, the same has to be taken to the boards of the respective NBFCs/HFCs too.

Businesses which currently overlap include the following:

  1. Loans against properties
  2. Housing finance
  3. Loans against shares
  4. Trade finance
  5. Personal loans
  6. Digital lending
  7. Small business loans
  8. Gold loans
  9. Loans against vehicles  – passenger and commercial, or loans against construction equipment

In our view, banks will have serious concerns in meeting their priority sector lending targets, unless they decide to keep priority sector lending business in the bank’s books. Priority sector lending is quite often much less profitable, and the NBFCs in the group are able to create such loans at much higher rates of return due to their delivery strengths or customer franchise. As to how the banks will be able to originate such loans departmentally, will remain a big question.

There are other implications of the above restrictions too:

  1. If a bank is engaged, for example, in MSME lending, but auto loans are done at the group entity, the bank cannot be a co-lender with its group entity, nor can it acquire auto loans originated by its group entity.
  2. Extending the same argument, if the banking group is carrying auto loan activity in its group NBFC, it cannot buy auto loans either by way of a direct assignment or co-lending, originated by other banks or other independent NBFCs. The reason for this is obvious – if the bank has decided to carry auto lending activity in its group entity, it should stay away from that exposure, even if originated by other entities.
  3. The decision to keep particular loan products with group entities – can it be stretched to the extent that bank will not have indirect exposure in such products, for example, by way of giving a loan to its group entity for on-lending for a product which the bank does not undertake departmentally? One of the reasons that may have prompted the Mohanty Group report in 2020 to segregate products between the bank and its group entities was contagion risk. If contagion is at the core of the present restriction, then that risk is still there even if the bank lends to a group entity for on-lending for a product. However, in our view, the present restriction is primarily aimed at avoiding regulatory arbitrages, and cannot be expected to require a completely independent financing of the loan products that a subsidiary finances, and not the bank.
  4. Therefore, in our view, a bank may not only on-lend to its group entities (of course, on the basis of an arm’s length lending approach), but it may also buy the asset-backed securities arising from such loan portfolios as sit with its group entities.

Factors to decide loan product allocation

In case of several non-lending products such as securities trading, demat services, etc., the approach may be easier. However, lending services constitute the bulk of any bank’s financial business, and group NBFCs and HFCs are also evidently engaged in lending. Hence, there may be a delicate decisioning by each of the boards on who does what. Note that this choice is not spasmodic – it is a strategic decision that will bind the entities for several years.

The factors based on which banks will have to decide on their business allocation may include:

  1. Delivery mechanisms – Mostly, branch and team strengths are sitting in group entities. Therefore, the loan products that entail last mile customer outreach, geographical access, etc are naturally housed in entities which possess those abilities.
  2. Technology strength: Some of the products are based on fintech or similar technology strength, which may be sitting with respective entities.
  3. Recovery mechanisms – Group entities are typically more nimble than banks. Hence, while banks may keep loans on their books, but they may engage group entities for recovery purposes.
  4. Priority sector requirements-:  This will be a very important factor in deciding business allocation. Banks are mandated to invest 40% of their ANBC in qualifying priority sector loans – not NBFCs. Hence, for such loans as qualify as priority sector, the option may be to house the portfolios with the bank, or to invest in pass through certificates.

Securitised notes: whether investment in group entities?

Talking about pass through certificates, there is a complicated question as to whether the investment limits imposed by the 5th Dec. 2025 amendment on aggregate investments in group entities will include investment in pass through certificates arising out of pools originated by group entities. In our view, the answer is in the negative, as the investment is not originator, but in the asset pools. However, if the bank makes investment in the equity tranche or credit enhancing unrated tranches, the view may be different.

Conclusion

Banks are heading shortly in the last quarter of a year which is laden with strong headwinds. In this scenario, facing business allocation decisions, rather than business expansion or risk management, may be more challenging than it may seem to the regulators.

Other resources:

Bank group NBFCs fall in Upper Layer without RBI identification

/0 Comments/in , , , , /by

– Dayita Kanodia | finserv@vinodkothari.com

RBI on December 5, 2025 issued RBI (Commercial Banks – Undertaking of Financial Services) (Amendment) Directions, 2025 (‘UFS Directions’) in terms of which NBFCs and HFCs, which are group entities of Banks and are therefore undertaking lending activities, will be required to comply with the following additional conditions:

  1. Follow the regulations as applicable in case of NBFC-UL (except the listing requirement)
  2. Adhere to certain stipulations as provided under RBI (Commercial Banks – Credit Risk Management) Directions, 2025 and RBI (Commercial Banks – Credit Facilities) Directions, 2025

The requirements become applicable from the date of notification itself that is December 5, 2025. Further, it may be noted that the applicability would be on fresh loans as well as renewals and not on existing loans. The following table gives an overview of the compliances that NBFCs/HFCs, which are a part of the banking group will be required to adhere to:

Common Equity Tier 1RBI (Non-Banking Financial Companies – Prudential Norms on Capital Adequacy) Directions, 2025Entities shall be required to maintain Common Equity Tier 1 capital of at least 9% of Risk Weighted Assets.
Differential standard asset provisioning RBI (Non-Banking Financial Companies – IncomeRecognition, Asset Classification and Provisioning) Directions, 2025Entities shall be required to hold differential provisioning towards different classes of standard assets.
Large Exposure FrameworkRBI (Non-Banking Financial Companies – Concentration Risk Management) Directions, 2025NBFCs/HFCs which are group entities of banks would have to adhere to the Large Exposures Framework issued by RBI.
Internal Exposure LimitsIn addition to the limits on internal SSE exposures, the Board of such bank-group NBFCs/HFCs shall determine internal exposure limits on other important sectors to which credit is extended. Further, an internal Board approved limit for exposure to the NBFC sector is also required to be put in place.
Qualification of Board MembersRBI (Non-Banking Financial Companies – Governance)Directions, 2025NBFC in the banking group shall be required to undertake a review of its Board composition to ensure the same is competent to manage the affairs of the entity. The composition of the Board should ensure a mix of educational qualification and experience within the Board. Specific expertise of Board members will be a prerequisite depending on the type of business pursued by the NBFC.
Removal of Independent DirectorThe NBFCs belonging to a banking group shall be required to report to the supervisors in case any Independent Director is removed/ resigns before completion of his normal tenure.
Restriction on granting a loan against the parent Bank’s sharesRBI (Commercial Banks – Credit Risk Management) Directions, 2025NBFCs/HFCs which are group entities of banks will not be able to grant a loan against the parent Bank’s shares. 
Prohibition to grant loans to the directors/relatives of directors of the parent BankNBFCs/HFCs will not be able to grant loans to the directors or relatives of such directors of the parent bank. 
Loans against promoters’ contributionRBI (Commercial Banks – Credit Facilities) Directions,2025Conditions w.r.t financing promoters’ contributions towards equity capital apply in terms of Para 166 of the Credit Facilities Directions. Such financing is permitted only to meet promoters’ contribution requirements in anticipation of raising resources, in accordance with the board-approved policy and treated as the bank’s investment in shares, thus, subject to the aggregate Capital Market Exposure (CME) of 40% of the bank’s net worth.  
Prohibition on Loans for financing land acquisitionGroup NBFCs shall not grant loans to private builders for acquisition and development of land. Further, in case of public agencies as borrowers, such loans can be sanctioned only by way of term loans, and the project shall be completed within a maximum of 3 years. Valuation of such land for collateral purpose shall be done at current market value only.
Loan against securities, IPO and ESOP financingChapter XIII of the Credit Facilities Directions prescribes limits on the loans against financial assets, including for IPO and ESOP financing. Such restrictions shall also apply to Group NBFCs. The limits are proposed to be amended vide the Draft Reserve Bank of India (Commercial Banks – Capital Market Exposure) Directions, 2025. See our article on the same here
Undertaking Agency BusinessReserve Bank of India (Commercial Banks – Undertaking of Financial Services) Directions, 2025 NBFCs/HFCs, which are group entities of Banks can only undertake agency business for financial products which a bank is permitted to undertake in terms of the Banking Regulations Act, 1949. 
Undertaking of the same form of business by more than one entity in the bank groupUFS DirectionsThere should only be one entity in a bank group undertaking a certain form of business unless there is proper rationale and justification for undertaking of such business by more than one entities. 
Investment RestrictionsRestrictions on investments made by the banking group entities  (at a group level) must be adhered to. 

Read our write-up on other amendments introduced for banks and their group entities here.

Other resources:

  1. FAQs on Large Exposures Framework (‘LEF’) for NBFCs under Scale Based Regulatory Framework
  2. New NBFC Regulations: A ready reckoner guide
  3. New Commercial Bank Regulations: A ready reckoner guide

New Commercial Bank Regulations: A ready reckoner guide

/0 Comments/in , /by

– Team Corplaw | corplaw@vinodkothari.com

Under the consolidation exercise, more than 9,000 circulars and directions, issued up to October 9, 2025 have now been streamlined into 238 Master Directions, drafts for which were notified on October 10, 2025, covering 11 categories of regulated entities across 30 functional areas.

From November 28, 2025, all RBI-regulated entities are now governed by a completely new set of regulations.

We have prepared a complete comparative snapshot of the familiar regulations and their new avatars for commercial banks. Further, wherever applicable, we have highlighted the changes from the notified drafts, and added comfort comments where the regulations remain unchanged from the drafts.

Commercial Bank consolidation of RBI directionsDownload

See our other resources:

  1. RBI Master Directions 2025: Consolidated Regulatory Framework for NBFCs
  2. RBI norms on intra-group exposures amended
  3. 2025 RBI (Commercial Banks – Governance) Directions – Guide to Understanding and Implementation

RBI norms on intra-group exposures amended

/0 Comments/in , , , /by

– Payal Agarwal | payal@vinodkothari.com

Aligns intra group exposure norms with Large Exposure Framework; junks a 2016 framework for “large borrowers”

On 4th December, 2025,  less than a week after the massive consolidation exercise of RBI regulations, the RBI carried out amendments vide Reserve Bank of India (Commercial Banks – Concentration Risk Management) Amendment Directions, 2025, thus amending the recently consolidated Reserve Bank of India (Commercial Banks – Concentration Risk Management) Directions, 2025

Applicability of the Amendment Directions 

  • 1st January, 2026 – for Repeal of provisions on Enhancing Credit Supply for Large Borrowers through Market Mechanism. 
  • 1st April, 2026 – for other amendments
    • Banks may decide to implement such amendments from an earlier date
    • In case of any breach in exposure limits pursuant to the Amendment Directions, the exposures to be brought down within 6 months from the date of issuance of the Amendment Directions, i.e., 3rd June, 2026. 

Intent behind the Amendments and Key changes 

  • Repeal of requirements pertaining to credit supply to Large Borrowers through Market Mechanism (draft Circular proposing such repeal can be accessed here)
    • This is based on the Statement on Developmental and Regulatory Policies dated 1st October, 2025, wherein the extant guidelines pertaining to Large Borrowers were proposed to be withdrawn, in view of the reduced share of credit from the banking system to such large borrowers, and existence of LEF to address the concentration risks at an individual bank level. 
    • The repeal relates to a 2016 Notification (forming part of Chapter IV of the existing Concentration Risk Management Directions), whereby certain “specified borrowers” were identified, meaning those entities which had borrowed, on an aggregate from the banking system, including by way of private placed debt instruments, in excess of Rs 10000 crores.
    • There is a notable difference between LEF and the “specified borrowers” as covered by the 2016 Notification – the latter relates to large borrowers on an aggregate basis, whereas LEF still looks at the size of exposure relative to the Tier 1 capital of a single lender. However, the “specified borrower” regime is said to have lost its relevance. 
  • Alignment of requirements w.r.t. Intra-group transactions and exposures (ITEs) with the Large Exposure Framework (LEF) [see press release on the proposed amendments here]
    • Computation of exposure under ITEs to be made consistent with that under LEF 
    • Linking exposure thresholds for ITEs with Tier 1 capital instead of existing paid-up capital and reserves. 
  • Clarifications w.r.t. prudential treatment of exposures of foreign bank branches operating in India to their group entities

A track change version of the Reserve Bank of India (Commercial Banks – Concentration Risk Management) Directions, 2025, as amended vide the present Amendment Directions can be accessed here. 

RBI (Commercial Banks – Concentration Risk Management) Directions, 2025 – as amended –Download

Refer to our other resources here:

  1. 2025 RBI (Commercial Banks – Governance) Directions – Guide to Understanding and Implementation
  2. RBI Master Directions 2025:Consolidated RegulatoryFramework for NBFCs
  3. New NBFC Regulations: A ready reckoner guide

Draft RBI Directions: Banks may finance Acquisitions 

/0 Comments/in , , /by

– Conditions for acquisition finance, prudential limits and new LTV requirements for various capital market exposures

– Payal Agarwal, Partner | payal@vinodkothari.com

Capital markets are subject to higher fluctuations and volatility, and hence, Capital Market Exposures (CME) carry a higher risk, naturally requiring higher level of control and prudential norms by the regulator. The RBI recently released Draft Reserve Bank of India (Commercial Banks – Capital Market Exposure) Directions, 2025, consolidating and amending the regulatory directions pertaining to CMEs. The proposed amendments are significant, providing for a flexibility of financing “acquisitions” in the secondary market while also strengthening the prudential requirements in relation to CMEs. 

Read more

Operational Risk Assessment for NBFCs : Understanding The Basics

/0 Comments/in , , , /by

Simrat Singh | finserv@vinodkothari.com 

Operational risk, as defined by the Basel framework, refers to the possibility that a financial institution’s routine operations may be disrupted due to failures in processes, systems, people, or external events. While historically treated as secondary to credit and market risk, it has increasingly become a central focus of risk management, particularly for institutions with complex operations, heavy technology dependence, extensive outsourcing, and stringent regulatory obligations. Reflecting this shift, the RBI’s 2024 Guidance Note on Operational Risk Management and Resilience expands its expectations for operational risk management to all NBFCs. 

Having previously discussed the guidance note (refer here), this article now explains the fundamentals of operational risk assessment and outlines its process.

Operational Risk Management

Operational risk poses unique challenges because many of the events that cause losses arise from internal factors, making them difficult to generalise or predict. Large operational losses are often viewed as rare, which can make it difficult to get sustained management attention on the steady, routine work required to identify issues and track trends1. Operational risks typically stem from people, processes, systems and external events, ironically, the same resources essential for running the business. Unlike credit and market risk which are modelled and hedged, operational risks are often idiosyncratic, event-driven and subject to human, process and system failure.

Relevance For Financial Institutions

Financial institutions operate with complex processes, large transaction volumes, strict regulatory reporting requirements and often heavy dependence on technology, outsourcing arrangements and third-party service providers. Because of this, operational failures, such as system glitches, fraud, compliance breaches or breakdowns in business continuity, can result in substantial financial losses, regulatory sanctions, reputational harm and other disruptions to business operations. 

Given these risks, regulators have placed growing emphasis on the measurement and management of operational risk. Based on our experience, RBI has frequently raised queries regarding the operational risk frameworks of NBFCs during its supervisory inspections. Under Basel II, for instance, banks using the Advanced Measurement Approach were required to maintain strong, demonstrable operational risk management systems. Recognising the importance of operational risk, the Bank of England’s FSA0732 report, which is applicable on banks and large investment firms, requires firms to record the top ten operational risk loss events for each reporting year. This provides a clear view of what went wrong, where it occurred and the scale of the financial impact.

Operational Risk Assessment Process

In its guidance note for operational risk, RBI at many places underscored the importance for risk assessment. One such example is given below:

Principle 6: Senior Management should ensure the comprehensive identification and assessment of the Operational Risk inherent in all material products, activities, processes and systems to make sure the inherent risks and incentives are well understood. Both internal and external threats and potential failures in people, processes and systems should be assessed promptly and on an ongoing basis. Assessment of vulnerabilities in critical operations should be done in a proactive and prompt manner. All the resulting risks should be managed in accordance with operational resilience approach.

6.1 Risk identification and assessment are fundamental characteristics of an effective Operational Risk Management system, and directly contribute to operational resilience capabilities. Effective risk identification considers both internal and external factors. Sound risk assessment allows an RE to better understand its risk profile and allocate risk management resources and strategies most effectively.

Figure 1: Operational Risk Assessment Process

Risk identification

Risk identification means figuring out what exactly you need to assess. It involves recognising the different risk sources and risk events that may disrupt your business. A risk source is the underlying cause, something that has the potential to create a problem. A risk event is when that problem actually occurs. For example, a weak password is a risk source, while a data breach caused by that weak password is the risk event. 

As per the RBI’s Guidance Note, REs are expected to take a comprehensive view of their entire “risk universe”. This means identifying all categories of risks, traditional or emerging, that could potentially affect their operations. These may include insurance risk, climate-related risk, fourth- and fifth-party risks, geopolitical risk, AML and corruption risk, legal and compliance risks, and many others. The underlying expectation is simple: an RE should systematically identify everything that can go wrong within its business model, processes, people, systems, and external dependencies, and ensure that no material source of risk is overlooked.

There are many ways to identify risks. You may use questionnaires, self-assessments by business or functional heads, workshops with staff involved in risk management, or you may review past failures within the company. Industry reports, experiences of peers, and linking organisational goals to potential obstacles can also reveal important risks. You can even look at upcoming strategic initiatives and think ahead about the risks that may arise when these changes are implemented.

Every organisation has its own risk profile. A lender may worry about borrowers not repaying, untrained staff, biases in an AI underwriting model, IT system failures, employee fraud, or suppliers not delivering on time. These risks should be recorded in a risk register, but it is important that this register reflects your business. A company offering only physical loans may not face digital lending risks, and should not simply copy any generic list. The goal is to identify risks that genuinely matter to your day-to-day operations.

Assessment

Once you know which risks matter, the next step is to assess each of them. For every risk, ask yourself two basic questions: 

  1. What is the likelihood of this risk actually happening? This is simply the chance that the event might occur; You may assign parameters to determine the likelihood – for eg if the risk event is almost certain to occur in the next 1 year or is it likely to occur or it will occur only in remote situations?

Figure 2: Illustrative likelihood assessment criterias

  1. If it does happen, what impact will it have on my organisation? Will it hurt my reputation? Lead to financial loss? Negative feedback from customers? Cause a data leak? One can record the impact of the risk as High, medium or low based on its gravity

Figure 3: Illustrative impact assessment of risks

These two questions help you understand how serious the risk is inherently (inherent risk level) i.e, before considering whether you have any controls in place. Note that at this stage, you’re only interested in the natural level of risk that exists ignoring any controls you might already have. 

Evaluating Controls

Once the inherent risks are understood, the next step is to look at how these risks are currently being managed. These risk-reducing efforts are your controls or mitigation measures. Controls are simply the actions, checks, or processes already in place to lower the likelihood or impact of a risk. For example: Is your underwriting model checked for bias? Are board committees meeting regularly? Do you have proper maker–checker checks in your V-CIP process? Controls can take many forms such as policies, procedures, tools, system checks, reviews, or even day-to-day practices followed by employees. In essence, a control is any measure that maintains or modifies risk and helps the organisation manage it more effectively. 

Residual Risk

After evaluating the controls, you can determine the residual risk i.e. the level of risk that remains even after your mitigation measures have been applied. Residual risk shows whether the remaining exposure is acceptable or whether additional controls are needed. By definition, residual risk can never be higher than inherent risk. Generally, residual risk can be interpreted as follows:

  • Low Residual Risk: When the effectiveness of internal controls fully covers or even exceeds the inherent risk;
  • Medium Residual Risk: When controls reduce most of the risk, leaving only a small gap;
  • High Residual Risk: When controls address only part of the risk and a significant gap still remains;
CategoryRisk SourceRisk eventRoot causeLikelihoodConsequenceLevel of inherent riskControl EffectivenessLevel of Residual Risk
People RiskEmployees / StaffEmployee fraud, misappropriation, or collusionWeak internal controls, poor background checksHighly LikelyMediumHighWeakHIGH
Information Technology & Cyber RiskIT Infrastructure / SystemsSystem downtime or core platform failureServer outage, inadequate IT resiliencePossibleLowLowStrongLOW
Process & Internal Control RiskOnboarding / KYC ProcessesNon-compliance with KYC or onboarding proceduresInadequate verification, manual errorsPossibleHighHighAdequateMEDIUM
Legal & Compliance RiskOutsourcing / LSP ArrangementsNon-compliance in outsourcing / LSP arrangementsWeak SLA oversight, inadequate due diligenceUnlikelyLowLowAdequateLOW
External Fraud RiskBorrowers / External PartiesBorrower fraud – identity theft, fake borrowers, or collusionForged documents, weak KYCPossibleLowLowStrongLOW
Model / Automation / Reporting RiskData Aggregation / SystemsFailure in data aggregation across systems for regulatory returnsSystem inconsistencies, poor data governanceHighly LikelyMediumHighStrongLOW
Reputation Risk / Customer ExperienceCustomer Communication / Sales PracticesMiscommunication of terms or conditions to customersPoor training, unclear communication scriptsPossibleMediumMediumWeakMEDIUM

Figure 5: An illustrative Snapshot of Operational Risk Assessment

Understanding residual risk helps decide where further action is required and where the organisation may still be vulnerable.

Conclusion

The goal, therefore, is to move away from a simple “tick-box” approach and make the operational risk assessment truly tailored to the organisation. For ML and above NBFCs, the ICAAP requirement to set aside capital for operational risk is useful, but it covers only a narrow part of what operational risk really involves. A comprehensive assessment goes much further by examining the strength of the entity’s internal controls and how effectively they manage real-world risks. If the residual risk exceeds the organisation’s tolerance level, it should trigger a closer look at those controls and prompt corrective action. Ultimately, the focus should be on building a risk framework that is meaningful, proactive, and aligned with how the organisation actually operates. The ultimate goal is therefore to develop ‘operational resilience’ which as per Bank of England3 is the ability of firms and the financial sector as a whole to prevent, adapt, respond to, recover from, and learn from operational disruptions.

Our other resources on risk management:

  1. Analysing Banking Risk: World Bank ↩︎
  2. FSA073: Instruction ↩︎
  3. Operational resilience of the financial sector: Bank of England ↩︎

RBI Trade Relief Directions: How is your company impacted?

/0 Comments/in , , , , , /by

– Team Finserv | finserv@vinodkothari.com

Call it Trump relief! The RBI announced relief measures on the 14th Nov to help the exporters of certain specified items, who may have availed export credit facilities from a regulated lender, whereby all regulated entities (REs) “may” provide a moratorium, from 1st September 2025 to 31st December, 2025. The grant of such a relief shall be based on a policy, consisting of the criteria for grant of the subject relief, and such criteria shall be disclosed publicly. Not only this, REs shall also make a fortnightly disclosure of the reliefs granted to eligible borrowers on a RBI format on Daksh portal.

The Reserve Bank of India (Trade Relief Measures) Directions, 2025 (‘Directions’) are applicable to NBFCs and HFCs as well. This is accompanied with amendment to Foreign Exchange Management (Export of Goods and Services) (Second Amendment) Regulations, 2025 for extension of the period for both realization/repatriation of export value (from 9 to 15 months) and the shipment of goods against advance payment (from 1 to 3 years).

Highlights:

  • Whether your company grants an export credit or not, if your borrower is the one who has availed export credit for export of specified goods or services, the borrower may approach you for the moratorium.
  • Are you bound to grant the moratorium? Answer is, no. However, basis a policy which is publicly hosted, you will consider the eligibility of the borrower. The relevant factors on which the eligibility will be examined may also form a part of the policy, and ideally, should include the extent of dependence on exports of specified items to the USA, tariff-based disruption in the cashflows, alternative markets and transitioning possibilities, etc.
  • Effective: Immediately. 
  • Actionables: (a) Framing of policy to consider the eligibility of affected borrowers; (b) Hosting the policy on public website; (c) Creating mechanism for receiving and transmission of borrower requests for the moratorium and giving timely responses to the same (d) RBI fortnightly reporting.

What is the intent?

To mitigate the disruptions caused by global headwinds, and to ensure the continuity of viable businesses.

Tariff impositions by the USA are likely to impact several exporters. There may be a ripple effect on penultimate sellers or other segments of the economy as well, but the intent of the Trade Relief Directions seems limited to the direct exporters only.

Which all regulated entities are covered?

The Directions are applicable to following entities:

  • Commercial Banks
  • Primary (Urban) Co-operative Banks, State Co-operative Banks and Central Co-operative Banks
  • NBFCs
  • HFCs
  • All-India Financial Institutions
  • Credit Information Companies (only with reference to paragraph 16 of these Directions).

Does it matter whether the RE in question is giving export credit facilities or not? In our view, it does not matter. The intent of the Directions is to mitigate the impact of trade disruptions. Of course, the borrower in question must be an exporter, must have an export credit facility outstanding as on 31st Aug 2025, and the same must be standard.

If these conditions are met, then the RE which holds the export credit, as also other REs (of course, the nexus between the trade disruption and the servicing of the credit facility will have to be seen) should consider the borrower for the purpose of grant of relief.

Relief may or may not be granted. 

Policy on granting relief

The consideration of the grant of relief will be based on a policy. 

Below are some of the brief pointers to be incorporated in the policy: 

  1. Purpose and Scope: define which loan products, sectors, or borrower categories are covered; effective period for granting relief
  2. Eligibility Criteria for borrowers
  3. Assessment criteria for relief requests received from the borrowers
  4. Authority responsible for approving such request
  5. Relief measures that can be offered to borrowers
  6. Impact on asset classification and provisioning
  7. Disclosure Requirements
  8. Monitoring and Review: Authority which is responsible for monitoring such accounts; periodicity of review

How is the assessment of eligible borrowers to be done?

In our view, the relevant information to be obtained from the candidates should be:

  • Total export over a relevant period in the past, say 3 years
  • Break up of export of “impacted items” and other item
  • Of the above, exports to the USA
  • Gross profit margin
  • Impact on the cashflows
  • Information about cancellation of export orders from US importers
  • Any damages or other payments receivable from such importers
  • Any damages or other payments to be made to the penultimate suppliers
  • Alternative business strategies – repositioning of markets, alternative buyer base, etc
  • Cashflow forecasts, and how the borrower proposes to pay after the Moratorium Period.

What sort of lending facilities are covered?

Please note the following from the preamble: “mitigating the burden of debt servicing brought about by trade disruptions caused by global headwinds and to ensure the continuity of viable businesses”. Therefore, clearly, the relief intended here is one where “trade disruptions” create such a burden on debt servicing, which may impact the viability of the business.

From this, it implies that the entity in question must be a business entity, and the loan in question should be a business loan. 

In our thinking, the following facilities seem covered:

  1. Export credits of all forms, including packing credit, funded as well as unfunded, letters of credit, etc.
  2. Buyer’s credit or facilities for inward acquisitions/purchases by an exporter
  3. Cash credits, overdrafts or working capital related facilities, intended for export business of impacted items.
  4. Term loans relating to an impacted business
  5. Loans against property, where the end use is working capital

Eligible and ineligible borrowers:

Eligible borrowers:

  • Borrowers who have availed credit for export
  • Borrower had an outstanding export credit facility from a RE as of August 31, 2025 (However, in case the borrower has a sanctioned facility pending disbursement as on Aug 31, the same shall not be eligible)
  • Borrower with all REs was/were classified as ‘Standard’ as on August 31, 2025

In our view, the following borrowers/ credit facilities are not eligible for the relief:

  • Individuals or borrowers who have not borrowed for business purposes
  • Home loans or loans against specific assets or cashflows, where the debt servicing is unconnected with the cash flows from an export business
  • Loans against securities or against any other financial assets
  • Gold loans, other than those acquired for business purposes
  • Car loans, loans against commercial vehicles or construction equipment, unless the borrower is engaged in export business and the cashflows have a nexus with such business
  • Borrower is engaged in exports relating to any of the sectors specified
  • Borrower accounts which were restructured before August 31, 2025
  • Accounts which are classified as NPA as on August 31, 2025

Consider a borrower who is not an exporter himself, but an ancillary supplier, supplying to a trading house. Will such a penultimate exporter be covered by the Relief Directions? In our view, the answer is negative, as the “eligible borrowers” are defined to mean an exporter.

Impacted items and impacted markets

The list of impacted items broadly covers a wide spectrum of manufacturing and export-oriented sectors, including marine products, chemicals, plastics, rubber, leather goods, textiles and apparel, footwear, stone and mineral-based articles, jewellery and precious metals, metal products, machinery, electrical and electronic equipment, automobiles and auto components, medical and precision instruments, and furniture and furnishing items.

Is it mandatory that the borrower shall be exporting to USA? While the Directions do not specifically mandate that the borrower shall be exporting to the USA, the concerned REs should, as part of their assessment, evaluate whether the borrower genuinely requires such relief measures and, in our view, should consider the extent to which the borrower depends on exports of the specified items to the USA.

Why have HFCs been covered?

Generally speaking, the servicing of home loans is not supposed to be based on business cashflows, and therefore, the impact of trade disruptions on servicing of a home loan does not seem easy to establish.

However, HFCs grant other credit facilities too, including LAP or business loans. Therefore, there is no carve out for HFCs as such. HFCs are also expected to prepare the policy referred to above and be sensitive to requests from impacted borrowers.

Is the moratorium retrospective?

Yes, clearly, the moratorium is retrospective, as it covers the period from 1st September to 31st December. This is the range over which the moratorium may be granted; of course, the decision as to how much moratorium, within the above maximum range, is warranted in the particular case, is that of the lender. Let us call the agreed moratorium as the Moratorium Period.

If the moratorium is granted from 1st Sept., then any payments which were due for the period covered by the Moratorium Period will  not be taken as having fallen due. This will have significant impact on the loan management systems:

  • Considering that we are already in the middle of November, the day count for any payments due during the part of the Moratorium Period will be set to zero. In other words, day count will stop during the Moratorium Period. Thus, if an account was showing a DPD status of 60 days as on Aug 31, 2025, the DPD count will remain at a standstill till the moratorium period is over.
  • However, in case a borrower has made payment during the moratorium period, will the DPD count decrease or will it remain the same? 

The RBI Directions state that the days past due (DPD) count during the moratorium period will be excluded. However, this does not imply that a borrower who makes payments during this period should be denied the corresponding benefit. In our view, if a payment is received from the borrower, the DPD count should accordingly be reduced.

  • Any payments already made during the part of the Moratorium Period already elapsed may be taken towards principal, or may be held to be adjusted against the future dues of the borrower, after the Moratorium Period. This should also, appropriately, be captured in the policy.
  • Further, for accounts for which the CIC reporting has already been done on or after Aug 31, 2025, and the lender decides to extend the moratorium benefit, it must be ensured that the DPD count is revised so as to reflect the status as on Aug 31, 2025. 

Do lenders have to necessarily grant moratorium, or grant partial interest/principal relief?

The RBI Directions do not mandate REs from granting such relief measures. Accordingly, the concerned RE will need to assess individual cases based on the sectors, the need for such relief and the extent to which such relief may be granted. 

Lenders may grant full moratorium during the Moratorium Period, or may grant relief as may be considered appropriate.

Do lenders take positive actions, or simply respond to borrower requests?

The lenders must establish a policy for granting such relief measures prior to extending any relief, as the authority to do so will be derived from this policy. As discussed above, the discretion to grant relief rests with the concerned RE; therefore, each request submitted by a borrower must be evaluated on an individual basis.

For this purpose, the following information must be obtained from the borrowers seeking relief:

  1. The concerned sector and how the same has been impacted necessitating such relief
  2. Information relating to the current financial condition of the business of the borrower
  3. Facilities taken and outstanding with other REs 

Non-compounding of interest during the Moratorium Period:

Para 9 (iii) provides that while interest will accrue during the Moratorium Period, but the interest shall be simple, that is, shall not be compounded.

This may require REs to tweak their loan management systems to stop the compounding of interest during the Moratorium Period. 

However, the actual population of affected borrowers for a particular RE may be quite limited. Hence, REs may do manual or spreadsheet-based adjustments for affected borrowers, instead of making adjustments to their LMS itself.

Recomputation of facility cashflows after Moratorium:

During the moratorium period, as per the RBI directive, the lender can only accrue simple interest. Accordingly, the IRR of the credit facility will have a negative impact unlike the covid moratorium where the compound interest loss was compensated by the central government. 

Further, it has also been provided that the accrued interest may be converted into a new term loan which shall however be repayable in one or more installments after March 31, 2026, but not later than September 30, 2026. Accordingly, the accrued interest should anyhow be received by September 30, 2026.

Similar moratoriums in the past

  • Moratorium on loans due to COVID-19 disruption: Refer to our write-up here.
  • Moratorium 2.0 on term loans and working capital: Refer to our write-up here.

Our write-ups on similar topics:

Data Privacy Law and Rules notified: 18 months’ time to implement

/0 Comments/in , , /by
Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [559.19 KB]

Referral or Representation? The Fine Line Between LSP, DSA and Referral Partner

/0 Comments/in , , /by

Simrat Singh & Sakshi Patil | finserv@vinodkothari.com

India’s lending landscape is evolving from traditional, branch-led lending to digital and now “phygital” models, involving multiple intermediaries connecting borrowers and lenders. For regulated entities (REs), three different terms referring to loan intermediaries are commonly seen: Lending Service Providers (LSPs), Direct Selling Agents (DSAs) and Referral Partners. 

At first glance, these roles may appear similar since all “bring in business.” But as far as the RBI is concerned, the difference determines how much regulatory oversight the lender must exercise over these participants. This article attempts to answer who’s who in this lending chain, and more importantly, where a simple referral ends and a regulated lending function begins.

The Lending Trio: LSPs, DSAs and Referral Partners

LSPs: The digital lending backbone

In the digital lending framework, the most central participant is the LSP who are engaged by the REs to carry out some functions of RE in connection with its functions on digital platforms. These LSPs may be engaged in customer acquisition, underwriting support, recovery of loan, etc. The RBI’s Digital Lending Directions, 2025 define an LSP as:

An agent of a RE (including another RE) who carries out one or more of the RE’s digital lending functions, or part thereof, in customer acquisition, services incidental to underwriting and pricing, servicing, monitoring, or recovery of specific loans or loan portfolios on behalf of the RE, in conformity with the extant outsourcing guidelines issued by the Reserve Bank.”

The emphasis on the term “agent” is crucial since being an agent becomes a precondition to becoming an LSP. An agent is a person employed to act for another; to represent another in dealings with third persons within the overall authority granted and can legally bind the principal by their actions (more discussion on agency later). This distinguishes an agent from a mere vendor or service provider who delivers a contracted service but has no authority to affect the principal’s relationship with third parties and neither is subjected to a degree of control from the principal.

DSAs: The traditional middle ground

DSAs, though not formally defined by the RBI, their appointment, conduct and RE’s oversight on them is governed by Annex XIII of the SBR Directions (Instructions on Managing Risks and Code of Conduct in Outsourcing of Financial Services by NBFCs) for NBFCs and by Guidelines on Managing Risks and Code of Conduct in Outsourcing of Financial Services by Banks for Banks. DSAs operate largely in physical or “phygital” lending models, focusing on loan sourcing. They represent the lender while dealing with potential borrowers. However, their functions are narrower than those of an LSP. A DSA’s role typically ends with lead generation and preliminary documentation, without involvement in underwriting, servicing or recovery. While the DSA is an agent, it plays a more limited role in the lending value chain and has minimal borrower-facing obligations post origination.

Referral Partners: The nudge before negotiation

Referral Partners perform the most limited role. They simply share leads or basic borrower information with the lender and have no authority to represent or bind the lender. Their role is confined to referral i.e. the providing the first nudge to the lender. They are treated as independent contractors or service providers, not agents and operate under commercial referral agreements. The RE does not exercise control over their operations, nor is it responsible for their actions beyond the agreed referral activity. The distinction lies not in what they do (introducing borrowers) but in what they cannot do i.e. represent the lender or perform any of its lending functions.

Referral ≠ Representation: The Agency Test

The most important question then arises “How does one determine whether a person is an LSP, DSA, or a referral partner?”. All three may assist in borrower acquisition, but the answer might lie in distinguishing referring from representing. To be classified as an LSP (or even a DSA), the person must first be the agent of the RE, not just a vendor or service provider. The test of agency has been laid down in the Supreme Court’s decision in Bharti Cellular Ltd. v. Commissioner of Income Tax1. The Court, in para 8, observed that the existence of a principal–agent relationship depends on the following elements:

  1. The authority of one party to alter the legal relationship of the other with third parties;
  2. The degree of control exercised by the principal over the agent’s conduct (less than that over a servant, but more than over an independent contractor);
  3. The existence of a fiduciary relationship, where the agent acts on behalf of and under the guidance of the principal;
  4. The obligation to render accounts to the principal, and the entitlement to remuneration for services rendered.

Further, the Court clarified in para 9 that the substance of the relationship, not just its form, determines whether agency exists. If a person is neither authorised to affect the principal’s relationship with third parties nor under its control, and owes no fiduciary obligation, the person is not an agent, regardless of what the contract calls them. 

Similarly, in Bhopal Sugar Industries v. Sales Tax Officer2, the Supreme Court had observed that the mere word ‘agent’ or ‘agency’ is not sufficient to lead to the inference that parties intended the conferment of principal-agent status on each other. Mere formal description of a person as an agent is not conclusive to show existence of agency unless the parties intend it so hence, “the true relationship of the parties in such a case has to be gathered from the nature of the contract, its terms and conditions, and the terminology used by the parties is not decisive of the said relationship.”

On the aspect of supervision and control, the Supreme Court in para 40 of the Bharti Cellular ruling stated:

An independent contractor is free from control on the part of his employer, and is only subject to the terms of his contract. But an agent is not completely free from control, and the relationship to the extent of tasks entrusted by the principal to the agent are fiduciary….The distinction is that independent contractors work for themselves, even when they are employed for the purpose of creating contractual relations with the third persons. An independent contractor is not required to render accounts of the business, as it belongs to him and not his employee.

In lending transactions, therefore, the relevant considerations to determine whether an agency exists or not may be:

  1. Does the agency have the authority, under a contract with the principal, to represent the principal to create any relationship with the borrower?;
  2. Does the agency have the authority to approach potential borrowers, representing that the agency can source a loan from the RE?;
  3. What is the role of the agency in the loan contract – is the loan contract established between the lender and the borrower through the agent?;
  4. Does the agency agreement control/regulate the manner of the agent’s dealings with the borrowers?;
  5. Effectively, is the agency the interface between the RE and the borrowers?

Paanwala and the Poster: Not everyone who sells a loan lead is an LSP

To illustrate the difference between LSP/DSA and Referral Partner, consider a simple example. You stop at your neighbourhood paanwala for your regular paan or pack of mints. Between the faded ads for mobile recharges and UPI QR codes, one new poster catches your eye “Need a personal loan? Look No Further ! Fast approvals”. Curious, you ask if the shopkeeper has joined the finance world. Smiling, he replies, “Arre nahi sahib, I just share numbers! You give me your name and phone number, I’ll send it to my guy. If your loan gets approved, I get a small tip!” No exchange of KYC documents, no app, no credit score. Now, does this make the paanwala an LSP under the Digital Lending Directions? He may appear as performing a part of the customer acquisition function of the lender so should he now comply with outsourcing norms, data protection protocols and grievance redressal requirements? Of course not.

The paanwala is a pure referral partner. His role ends with introducing a potential borrower to a contact connected to a lender. He does not represent the lender, verify or collect documents, underwrite, service, or recover loans, nor can he legally bind the lender through his actions. Mere referral, without agency and without performing a lending function, does not make one an LSP. Passing a phone number over a cup of chai does not amount to digital intermediation.

BasisReferral PartnerLSP
Scope of activityLimited to sharing leads with the lenderPerforms one or more of the lenders functions w.r.t in customer acquisition, services incidental to underwriting and pricing, servicing, monitoring, recovery
Access to prospective customer’s information and documentsOnly basic contact information necessary for the lender to approach the customer for the loan is sharedTo the extent relevant for carrying out its functions
RepresentationDoes not represent the RERepresents the RE
Agency & PrincipalNot an agentAppointed as an agent
DLGCannot provideCan provide (in case of Digital Lending and Co-lending)
Applicability of Outsourcing GuidelinesNot applicableApplicable
Mandatory due diligence  before appointmentNot applicableApplicable
Appointment of GRONo such requirementLSP having interface with borrower needs to appoint a GRO
Right to auditNo right of RERE has a right
Disclosure on the website of the lenderNot applicableApplicable

Table 1: Distinction between Referral Partner and LSP

Conclusion

As digital lending continues to expand in India, ensuring that every intermediary’s role aligns with its true legal character is essential. The key in determining the true nature of the relationship would ultimately rest on the contractual terms that must reflect the true nature of the relationship. Misclassifying these entities can expose lenders to compliance risks under RBI’s outsourcing and digital lending guidelines.

  1. [2024] 2 S.C.R. 1001 : 2024 INSC 148 ↩︎
  2. 1977 AIR 1275 ↩︎

Our resources on the same:

  1. Lending Service Providers for digital lenders: Distinguishing agency contracts and principal-to-principal contracts
  2. Principles of Neutrality for Multi-Lender Platforms
  3. Multi-lender LSPs – Compliance & Considerations
  4. Outsourcing (Direct Selling Agent) v. Business Correspondent route
  5. Resources on Digital Lending