Disclosure of ESG ratings – automated or still needs manual disclosure?

/0 Comments/in , , , /by

Ankit Singh Mehar, Assistant Manager | corplaw@vinodkothari.com

Background

Pursuant to the recommendations of the Expert Committee and as discussed in the SEBI Board meeting held on Sep 30, 2024 and outlined in SEBI Circular dated December 31, 2024, stock exchanges (‘SEs) were mandated to specify the process and timelines for system-driven disclosure (‘SDD’) for any new ratings or revision in ratings. Pursuant to this, NSE and BSE issued their respective circulars specifying the procedural requirements with respect to system-driven disclosures for the ratings (‘SDD Circulars’) on August 1, 2025.

The receipt and/ or change in ESG ratings is a disclosable event in terms of Regulation 30 of the Listing Regulations read with clause (3) of Sch. III.A.A thereof. Hence, a question arises on whether or not the same is also covered by the SDD Circulars, or whether a manual disclosure is still required on receipt/ change of ESG ratings.

What is an ESG rating?

ESG rating is defined under Reg 28B(1)(b) of SEBI (Credit Rating Agencies) Regulations, 1999. However, to put it simply, an ESG rating is essentially an opinion about (a) either an ‘issuer’ or (b) a security. The ESG ratings provide an opinion on the ESG profile or characteristics, and may either refer to the ESG risks faced by the entity or the impact it may have on the environment and the society, or both.

As per SEBI’s framework for ESG rating provider, an ESG rating provider (‘ERP’) uses either of the below-mentioned models:

  1. Subscriber-pays model – wherein ratings are solicited by the subscribers that may include banks, insurance companies, pension funds, or the rated entity itself. 
  2. Issuer-pays – wherein the ratings are solicited by the rated entity, in terms of a written contractual agreement between such entity and the rating provider.

Disclosure requirement under Reg 30 of Listing Regulations

Any receipt of rating or revision in existing ESG rating is a ‘deemed material event’ and covered under clause (3) of Sch. III.A.A of Listing Regulations. Since the event emanates from outside the listed entity, such event is required to be disclosed to the SEs within 24 hours of such receipt / information.

Here, the following needs to be noted w.r.t. the disclosure requirements under Reg 30:

  • Ratings received under both subscriber-pays and issuer-pays model (solicited as well as unsolicited) are required to be disclosed.
  • Both upward and downward revision in ratings is required to be informed.
  • Withdrawal of an existing rating is required to be disclosed
  • Re-affirmation of an existing rating is required to be disclosed as well.

Automation of ESG rating disclosure

The SDD Circulars referred above, are applicable to both credit ratings and ESG ratings. Pursuant to the same, the ERPs are required to report the ESG ratings provided by them to the SEs. The manner of reporting by ERPs has also been provided in the SDD Circular itself. Once reported to the SEs, the ESG rating shall be automatically reflected on the website of the BSE and NSE.

Therefore, since SEs will get the ratings from the ERPs itself, both solicited and unsolicited ratings will be disclosed on the SE platform.

When does this SDD come into effect?

In terms of SDD Circulars, the disclosure of credit and ESG rating has become effective from August 2, 2025.

Actionable for the LEs?

Since the ESG rating shall be consumed by the SEs from the ERPs and auto disseminated on the website, there is no actionable for the LEs in relation to the disclosure of ESG rating under reg 30. However, LEs should monitor whether the ratings provided to them are reflected on SEs. In case any rating is not reported by the ERP, the LE may proactively disclose the same at its end.

Refer our resources below:

Expected to bleed: ECL framework to cause ₹60,000 Cr. hole to Bank Profits

/0 Comments/in , , , , /by

Dayita Kanodia and Chirag Agarwal | finserv@vinodkothari.com

The proposed ECL framework marks a major regulatory shift for India’s banking sector; it is long overdue, and therefore, there is no case that the RBI should have deferred it further. However, it comes coupled with regulatory floors for provisions, which would cause a major increase in provisioning requirements over the present requirements. Our assessment, on a very conservative basis, is that the first hit to Bank P/Ls will be at least Rs 60000 crores in the aggregate. 

RBI came up with a draft framework on ECL pursuant to the Statement on Developmental and Regulatory Policies, wherein it indicated its intention to replace the extant framework based on incurred loss with an ECL approach. The highlights can be accessed here.

A major impact that the draft directions will have on the Banking sector is the need to maintain increased provisioning pursuant to a shift from an incurred loss framework to the ECL framework. Under the existing framework, banks make provisions only after a loss has been incurred, i.e., when loans actually turn non-performing. The proposed ECL model, however, requires banks to anticipate potential credit losses and set aside provisions for such anticipated losses. 

Banks presently classify an asset as SMA1 when it hits 30 DPD, and SMA2 when it turns 60. Both these, however, are standard assets, which currently call for 0.4% provision. Under ECL norms, both these will be treated as Stage 2 assets, which calls for a lifetime probability of loss, with a regulatory floor of 5%. Thus, the differential provision here becomes 4.6%.

Once an asset turns NPA, the present regulatory requirement is a 15% provision; the ECL framework puts these assets under Stage 3, where the regulatory minimum provision, depending on the collateral and ageing, may range from 25% to 100%. Our Table below gives more granular comparison.

Type of assetAsset classificationExisting requirement Proposed requirementDifference
Farm Credit, Loan to Small and Micro EnterprisesSMA 00.25%0.25%
SMA 10.25%5%4.75%
SMA 20.25%5%4.75%
NPA15%25%-100% based on Vintage10%-85% based on Vintage
Commercial real estate loansSMA 01%Construction Phase -1.25%

Operational Phase – 1%		Construction Phase -0.25%

Operational Phase – Nil
SMA 11%Construction Phase -1.8125%

Operational Phase – 1.5625%		Construction Phase -0.8125%

Operational Phase – 0.5625%
SMA 21%Construction Phase -1.8125%

Operational Phase – 1.5625%		Construction Phase -0.8125%

Operational Phase – 0.5625%
NPA15%25%-100% based on Vintage10%-85% based on Vintage
Secured retail loans, Corporate Loan, Loan to Medium EnterprisesSMA 00.4%0.4%
SMA 10.4%5%4.6%
SMA 20.4%5%4.6%
NPA15%25%-100% based on Vintage10%-85% based on Vintage
Home LoansSMA 00.25%0.40%0.15%
SMA 10.25%1.5%1.25%
SMA 20.25%1.5%1.25%
NPA15%10%-100% based on Vintage(-)5% – 85% based on Vintage
LAPSMA 00.4%0.4%
SMA 10.4%1.5%1.1%
SMA 20.4%1.5%1.1%
NPA15%10%-100% based on Vintage (-)5% – 85% based on Vintage
Unsecured Retail loanSMA 00.4%1%0.6%
SMA 10.4%5%4.6%
SMA 20.4%5%4.6%
NPA25%25%-100% based on Vintage0%-75% based on Vintage

The actual impact of such additional provisioning will be a hit of more than 3% to the profit of banks1. Based on the RBI Financial Stability Report of FY 24-252, the current level of SMA and NPA is estimated to be ₹3,78,000 crores (2%) and ₹4,28,000 crores (2.3%), respectively. 


Accordingly, an additional provision of approximately₹ 18,000 crores (4.6% of SMA volume) and ₹ 42,000 crores (10% of NPA volume) will be required for SMA and NPA respectively, leading to a total impact of at least ₹60,000 crores. This estimate has been arrived at by considering the % of NPAs and SMA-1 & SMA-2 portfolios of banks. The actual impact may be higher, as lot of loans may be unsecured, and may have ageing exceeding 1 year, in which case the differential provision may be higher.

It may be noted that while the draft directions allow Banks to add back the excess ECL provisioning to the CET 1 capital, it does not neutralize the immediate profitability impact, as the additional provisions would still flow through the profit and loss account.

How do we expect banks to smoothen this hit that may affect the FY 27-28 P/L statements? We hold the view that it will be prudent for banks, who have system capabilities, to estimate their ECL differential, and create an additional provision in FY 25-26, or do technical write-offs.

Other Resources

  1. The total Net profit of SCBs is ₹ 23.50 Lakh Crore for FY 24. (https://ddnews.gov.in/en/indian-scbs-post-record-net-profit-of-%E2%82%B923-50-lakh-crore-in-fy24-reduce-npas/ )
    ↩︎
  2.  Based on our rough estimate of the data available here: https://www.rbi.org.in/Scripts/PublicationReportDetails.aspx?UrlPage=&ID=1300 ↩︎

Demystifying Structured Debt Securities: Beyond Plain Vanilla Bonds

/0 Comments/in , , , , /by

Palak Jaiswani, Manager | corplaw@vinodkothari.com

Debentures, one of the most common means for raising debt funding, where investors lend money to the issuer in return for periodic interest and repayment of principal at maturity. While the basic feature of any debenture is a fixed coupon rate and a defined tenure (commonly referred to as plain vanilla instruments), sometimes these instruments may be topped up with enhanced features such as additional credit support, market-linked returns, convertibility option, etc., thus referred to as structured debt securities.

Structured debt securities: motivation for issuers

Apart from the economic favouring such structural modifications, a primary motivation for the issuer in issuing such structured instruments might be the regulatory advantages that these securities offer. For instance,

  • Chapter VIII of SEBI NCS Master Circular provides an extra limit of 5 ISINs for structured debt securities & market-linked securities, thus more room for the issuers to issue debt securities, compared to the restriction of a maximum of 9 ISINs for plain vanilla debt.
  • In addition, as per NSE Guidelines on Electronic Book Provider (EBP) mechanism, market-linked debentures are not required to be routed through EBP, allowing issuers to place such instruments almost like an over-the-counter trade. This allows issuers to structure the debt securities on a tailored basis and offer them directly to specific investors.
Read more

Whitepaper on Future flows securitisation: Selling the future today:  frameworks, challenges, and opportunities for future flow securitisation

/0 Comments/in /by
Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [1.07 MB]

Other Whitepapers:

  1. India Securitisation 2025 – Whitepaper on Sustainable Securitisation : Structuring Finance for climate goals
  2. India Securitisation 2025 – Whitepaper on Infrastructure Securitisation : Where Concrete meets Capital Markets

India Securitisation 2025 – Whitepaper on Infrastructure Securitisation : Where Concrete meets Capital Markets

/0 Comments/in /by
Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [2.66 MB]

Other whitepapers:

  1. Whitepaper on Future flows securitisation: Selling the future today:  frameworks, challenges, and opportunities for future flow securitisation
  2. India Securitisation 2025 – Whitepaper on Sustainable Securitisation : Structuring Finance for climate goals

Capital subject to “Caps”: RBI relaxes norms for investment by REs in AIFs, subject to threshold limits

/0 Comments/in , , , , , /by

-Sikha Bansal (finserv@vinodkothari.com)

Introduction

The RBI has issued Draft Reserve Bank of India (Investment in AIF) Directions, 2025 (‘Draft Directions’), vide Press Release dated 19th May, 2025, marking a significant revision to the existing regulatory framework governing investments by regulated entities (REs) in Alternative Investment Funds (AIFs). These new directions, once finalised, will replace the existing circulars dated December 19, 2023 (“2023 Circular”), and March 27, 2024 (“2024 Clarification”) (collectively, referred to as “Existing Directions”), which currently govern such investments.

The Existing Directions prohibit REs from making investments in any scheme of AIFs which has downstream investments either directly or indirectly in a debtor company of the RE. In case of any such investment full provision is required to be maintained by the RE. Such prohibition is imposed to address the concerns of evergreening while making investments by an RE. See our analytical article on the same here.

However, the Draft Directions now propose to allow investment by the RE in such AIF upto 5% of the corpus of the AIF scheme. Any investment exceeding this 5% limit will require full capital if AIF has made debt investments in the debtor company. Note that these norms are entirely directed towards debt or debt instruments (whether at the RE level or the AIF level), as all sorts of equity instruments (equity shares, compulsorily convertible preference shares and compulsorily convertible debentures) are excluded – detailed discussion follows.

Comparison of Existing and Draft Directions

Below is a snapshot of what is going to change once the Draft Directions are finalised and notified, and certain important implications are discussed further:

Particulars2023 Circular read with 2024 clarificationDraft Directions
Investment by REs in scheme of AIFRE completely prohibited from investing in any scheme of AIF which has downstream investments in debtor company of the RE.Any investment already made had to be liquidated within 30 days of the issuance of the Circular. Similarly, where the RE had already invested, but AIF makes investment in a debtor company of RE, RE shall liquidate investments in AIF within 30 days.To be allowed subject to individual and collective limits:Max. contribution of single RE to an AIF scheme – 10% of its corpusMax. contribution of multiple REs – 15% of its corpusSee illustrations later in this article.
Debtor companyShall mean any company to which the RE currently has or previously had a loan or investment exposure anytime during the preceding 12 months.Shall imply any company to which the RE currently has or previously had a loan or investment exposure (excluding equity instruments) anytime during the preceding 12 months.
Provisioning requirementsInability to liquidate investments within 30-day liquidation period would entail 100% provisioning against such investments.Investment by the RE in such AIF allowed upto 5% of the corpus of the AIF scheme, without looking into the form of downstream investments made by AIF. Hence, no provisioning required.
If investment by RE exceeds 5%, it will require full capital, if downstream investments by AIF in debtor company are not permissible investments (see below). See illustrations later in this article
Provisioning required proportionately and not on entire investmentsProvisioning is required only to the extent of investment by the RE in the AIF scheme which is further invested by the AIF in the debtor company, and not on the entire investment of the RE in the AIF schemeNorms remain the same – RE shall be required to make 100 per cent provision to the extent of its proportionate investment in the debtor company through the AIF Scheme
Permissible forms of investments by AIF scheme in debtor companyInvestment in equity shares (by AIF scheme in debtor company) were excluded from the prohibition by 2024 clarification. However hybrid instruments were still included.All forms permitted, if investment by RE does not exceed 5%. Therefore, even debt investments by AIFs are permissible.Only equity shares, CCPS, and CCDs allowed, if investments by RE exceeds 5%. If AIF makes other forms of investments in debtor company, RE will have to provide for full capital.Note that, irrespective of the form of downstream investments by AIF in the debtor company, RE can take a maximum exposure of 10% in an AIF.
Priority distribution modelinvestment by REs in the subordinated units of any AIF scheme with a ‘priority distribution model’ shall be subject to full deduction from RE’s capital funds. Deduction shall be made from Tier I and II equally.Norms remain the same.
Investment policyNo specific requirement Investment policy to have suitable provisions to ensure that investments in an AIF Scheme comply, in letter and spirit, with the extant regulatory norms. In particular, such investments shall be subject to the test of evergreening.
Exemption by regulatorNo specific enabling provisionExempted category to be decided by RBI in consultation with GoI.

Illustrations on investment limits by RE

Below are certain illustrations to explain the implications of the investment thresholds under Draft Directions:

ScenariosImplications under Draft Directions
Investment of Rs. 10 Crores by an RE in an AIF scheme having corpus of 50 croresCannot make since the threshold limit of 10% will be breached.
Investment of Rs. 5 Cr by an RE in an AIF scheme having corpus of 50 crores with other REs contributing Rs. 15 CrWhile the investment by the RE individually is within the limit of 10%, the collective investment is more than 15%. Hence, such an investment cannot be made by the concerned RE. Further, since the total investment of 15 cr by other REs will also breach the threshold of 15%, the investments will not be possible.
Investment of Rs. 5 Cr by an RE in an AIF scheme having a corpus of 50 Cr. The AIF in turn has a downstream debt investment in a debtor company of the RE. Cannot be made since the limit of 5% will be breached.
Investment of Rs. 1 Cr by an RE in an AIF scheme having a corpus of 50 Cr. The AIF in turn has a downstream debt investment in a debtor company of the RE. This constitutes only 2% of the corpus of the AIF scheme. Hence, permissible – even when the downstream investment of the AIF is a debt investment.
Investment of Rs. 5 Cr by an RE in an AIF scheme having a corpus of 50 Cr. The AIF in turn has a downstream equity investment in a debtor company of the RE. Can be made as the downstream investment of the AIF is in equity of the debtor company. However, the maximum cap of 10% would apply to the RE.

Certain points of discussion/implications

  • Prospective applicability: The Draft Directions, once notified, will be applicable prospectively. It says, “These Directions shall come into force from the date of final issue (‘effective date’), substituting the existing circulars. Provided that, all outstanding investments as on the effective date, or subsequent drawdowns out of commitments made prior to the effective date, shall continue to be guided by the provisions of the existing circulars.” Therefore, no relaxations would be available to the existing investments/commitments by REs. If the same had not been liquidated so far – those will require to be liquidated. The Draft Directions will apply only to fresh investments by REs.
  • Maximum cap on investments by RE in AIF: Under Existing Directions, there is a blanket prohibition on RE to invest in AIF scheme which has invested in a debtor company. However, if such downstream investment is in equity shares, such prohibition would not apply. As such RE could invest in the said AIF without any limits. However, now, even if the AIF has invested only in equity instruments of the debtor company (equity shares, CCPS and CCDs), RE can only invest upto 10% of the corpus of the AIF scheme. Hence, to that extent, the Draft Directions are more restrictive than the Existing Directions. Note that, SEBI Circular on specific due diligence with respect to investors and investments of the AIFs does not provide any carve out for equity investments.
  • Exclusion of equity instruments (equity shares, CCDs and CCPS) from investment exposure of REs in the debtor company: Such exclusion is not explicitly there in the Existing Directions; which might have led to a possible interpretation that investment would include any nature of investment, including equity. Although, it was evident from the use of terminology that a debtor company would only mean a company where RE has extended only debt. The Draft Directions has clarified the same through explicit exclusion. Therefore, the directions will be applicable only where RE has investment in debt/debt instruments of the investee company.
  • Investments in AIF through intermediary funds: Existing directions exclude investments by REs in AIFs through intermediaries such as fund of funds or mutual funds from the scope of the directions. However, Draft Directions are silent on the same. We are of the view that such exclusion should continue to apply – as funds such as mutual funds are required to be well-diversified in terms of the SEBI Regulations, and investment decisions are taken by an independent investment manager.

Closing Remarks

We had earlier indicated that the Existing Directions may need to be reviewed and softened. The Draft Directions take a step in the same direction – however, a few concerns may still remain open. For instance, the Draft Directions retain the outreach of these restrictions to all AIFs, and not only affiliated AIFs. In our previous article, we had discussed how the concerns as to evergreening, etc. would arise mostly in cases involving affiliated AIFs, and not those AIFs which are completely unrelated to the RE..Further, no distinction has been made between various categories of AIF – therefore, investments in any AIF (Cat I, II, III) would be governed by these directions.

Online Authentication of Aadhaar: Exclusive Club, Members Only!

/0 Comments/in , , /by

-Archisman Bhattacharjee (finserv@vinodkothari.com)

Introduction

The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits, and Services) Act, 2016 (‘Aadhaar Act’) was introduced with a clear vision: to ensure efficient, transparent, and targeted delivery of subsidies, benefits, and services, fostering good governance. While its preamble underscores these fundamental objectives, Aadhaar’s role has expanded far beyond its original scope, becoming a cornerstone in the banking and NBFC sectors. As outlined in paragraph 16 of the RBI’s KYC Master Directions, Aadhaar now plays a central role in the Know Your Customer (KYC) process, a critical compliance measure for both prospective and existing borrowers.

A key aspect of KYC is the verification of the authenticity of customer documents, a process governed by specific guidelines. 

When it comes to Aadhaar-based KYC, there are two recognized methods: 

  1. Online Authentication and 
  2. Offline Verification 

The Offline Verification process is relatively straightforward (at least on paper), involving the verification of a Digital Signature Certificate (DSC) attached to the downloaded masked Aadhaar document. Importantly, offline verification can be conducted by all RBI-regulated entities for conducting KYC verification.

In contrast, Online Authentication, while offering a more robust and reliable method of KYC verification (refer FAQ 1 of UDIAI), is subject to stricter eligibility conditions and compliance requirements. Not all entities are permitted to perform Online Authentication (discussed in later parts of this article). While lenders may prefer Online Authentication due to its real-time verification capabilities and greater assurance of data authenticity, the regulatory fetters surrounding eligibility must be carefully navigated.

Given the evolving regulatory framework and industry practices, it is critical to develop a clear understanding of how Online Authentication operates and who is permitted to undertake it.

What is Online Authentication

The term authentication has been defined under Section 2(c) of the Aadhaar Act as a process “by which the Aadhaar number along with demographic information or biometric information of an individual is submitted to the Central Identities Data Repository for its verification and such Repository verifies the correctness, or the lack thereof, on the basis of information available with it”. Further The Aadhaar (Authentication and Offline Verification) Regulations, 2021 (‘Aadhaar Rules’) expands upon the process of carrying out online authentication. Rule 4 of the Aadhaar Rules states that:

Authentication may be carried out through the following modes:

(a) Demographic authentication: The Aadhaar number and demographic information of the Aadhaar number holder obtained from the Aadhaar number holder is matched with the demographic information of the Aadhaar number holder in the CIDR.

(b) One-time pin based authentication: A One Time Pin (OTP), with limited time validity, is sent to the mobile number and/ or e-mail address of the Aadhaar number holder registered with the Authority, or generated by other appropriate means. The Aadhaar number holder shall provide this OTP along with his Aadhaar number during authentication and the same shall be matched with the OTP generated by the Authority.

(c) Biometric-based authentication: The Aadhaar number and biometric information submitted by an Aadhaar number holder are matched with the biometric information of the said Aadhaar number holder stored in the CIDR. This may be fingerprints-based or iris-based authentication or other biometric modalities based on biometric information stored in the CIDR.

(d) Multi-factor authentication: A combination of two or more of the above modes may be used for authentication.

The stated modes of how the process of online authentication is required to be carried out is quite descriptive and does not require any further explanation. However one thing is certain that, based on  the definition of the term “authentication”, obtaining the Aadhaar number becomes a mandate. The KYC Master Directions under para 17 recognizes one such mode of authentication as OTP based online authentication.  

Who can carry out Online Authentication

Considering that the authentication process and the e-KYC data obtained through Aadhaar may include biometric information, such information constitutes “sensitive personal data” under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules). While the Digital Personal Data Protection Act, 2023 (DPDPA) does not expressly categorize any particular type of data as “sensitive personal data,” it is important to note that the Supreme Court’s judgment in the Aadhaar judgement recognized biometric data associated with Aadhaar as sensitive in nature. Given that the DPDPA itself has its origins in the principles laid down by the Aadhaar judgment, it is our view that such data should continue to be treated with a higher standard of care.

Without delving into the subject in great detail, it is sufficient to highlight that Aadhaar-based authentication exposes individuals to considerable risks of harm, particularly in the event of a data breach. This risk is exacerbated by the fact that other identifiers such as telephone numbers, PAN cards, and other financial data are often linked to an individual’s Aadhaar number. Consequently, possessing access to an individual’s full Aadhaar number may subject such an entity to considerable risk (including legal and litigation risk) in case proper security safeguards are not taken by such an organization. Usually these heightened data sensitivity concerns would not be present in case KYC verification is conducted through use of masked Aadhaar, i.e via Offline Verification.

Given the heightened sensitivity of Aadhaar information, it is imperative that, beyond compliance with technical security safeguards, the right to carry out Aadhaar authentication be restricted only to entities that have demonstrated robust security frameworks. Imbibing this philosophy, the Aadhaar Act has restricted access to Aadhaar number only to a few entities and these entities are known as “requesting entities” as defined under Section 2(u) of the Aadhar Act. From the context of Financial Sector Entities these requesting entities would be required to be a KUA/Sub-KUA (discussed in later parts of this article). 

Online authentication and KYC

Under paragraph 16(a)(ii) of the KYC Master Directions, an Aadhaar number can only be collected by entities that have been notified under Section 11A of the Prevention of Money-laundering Act, 2002 (PML Act). Further, Section 4(4)(b) of the Aadhaar Act stipulates that “authentication” can only be performed by an entity that is:

  1. either permitted to offer authentication services under any other law made by Parliament, or
  2. is seeking authentication for purposes as may be prescribed by the Central Government in consultation with the UIDAI, and in the interest of the State. 

Accordingly, a combined reading of Section 11A of the PML Act and the Aadhaar Act makes it evident that for RBI regulated entities [Except for banks, which are permitted to obtain Aadhaar numbers under paragraph 16(a)(i) of the KYC Master Directions and the proviso to Section 11A of the PMLA Act, no other entities may carry out Aadhaar authentication without being specifically notified by the Central Government.] only those entities which have been notified by the Central Government are authorized to carry out Aadhaar-based authentication by collecting Aadhaar numbers.

Under para 17 of the KYC Master Directions , OTP-based e-KYC authentication has been recognized as a valid mode of Aadhaar authentication. This form of authentication is also recognized under the Aadhaar (Authentication and Offline Verification) Regulations, 2021 (“Aadhaar Regulations”), wherein such authentication can be carried out by either a KUA (KYC User Agency) or an AUA (Authentication User Agency).

The Aadhaar Regulations further introduce the concept of a “Sub-KUA”, which is defined under Rule 2(ob) of Aadhaar rules as a requesting entity that utilizes the infrastructure of a licensed KUA to perform online Aadhaar authentication. Under Rule 16, it is stipulated that an e-KYC record obtained by a KUA can only be shared with its Sub-KUAs and cannot be transferred further to any other entity. Additionally, Rule 14(ga) of the Aadhaar Regulations mandates that a KUA must obtain prior approval from UIDAI before onboarding any third-party entity as a Sub-KUA.

Reference is also drawn to UIDAI Circular 2 of 2025 which discusses Sub-AUA and Sub-KUA application form and joint undertaking. The said documents specify that under the head “Category of Sub-KUA and Sub-AUA“, eligible entities include those “permitted to offer authentication services under Section 11A of the Prevention of Money-laundering Act, 2002 by virtue of being a reporting entity.”. A similar requirement has also been provided under the AUA/KUA Application Form.

In view of the above, it becomes clear that for any RBI-regulated entity (i.e., entities to whom the KYC Master Directions apply) wishing to onboard customers through OTP-based Aadhaar e-authentication, the following conditions must be satisfied:

  1. the entity must be registered either as a KUA or as a Sub-KUA with UIDAI; 
  2. the entity must be notified by the Central Government under Section 11A of the PML Act, thereby being authorized to collect Aadhaar numbers and conduct authentication.

However, it may be noted that in practice, the recognition processes under Section 11A of the PML Act and by UIDAI typically go hand in hand. For entities seeking notification under Section 11A of the PML Act, prior recognition by UIDAI, confirming the entity’s capability to carry out Aadhaar authentication is generally a prerequisite. This position is supported by Circular No. F.No.P-12011/7/2019-ES Cell-DOR issued by the Government of India, Ministry of Finance, Department of Revenue.

Conclusion

In today’s dynamic financial landscape, Aadhaar-based KYC—whether through online authentication or offline verification has become an indispensable tool for streamlining customer onboarding and ensuring regulatory compliance. However, the regulatory framework surrounding Aadhaar authentication remains stringent for good reason: it seeks to strike a delicate balance between enabling ease of business and safeguarding the sensitive personal information of individuals.

While offline verification using masked Aadhaar offers a universally accessible and relatively lower-risk method for KYC compliance by RBI-regulated entities, online authentication—though more robust and efficient—comes with heightened obligations. Only entities meeting the twin conditions of being recognized under Section 11A of the PML Act and being duly registered as a KUA or Sub-KUA with UIDAI are permitted to undertake online Aadhaar authentication. This dual-layered recognition ensures that only entities with demonstrably strong security practices are entrusted with the collection, storage, and processing of Aadhaar-related sensitive data.

As technology evolves and customer expectations shift toward faster, seamless digital experiences, regulated entities must not only prioritize compliance but also cultivate a strong internal culture of data protection and risk mitigation. Institutions seeking to leverage Aadhaar-based online authentication must therefore invest in robust data security frameworks, maintain strict internal governance standards, and ensure that their authentication practices align with both the letter and spirit of the law.

SEBI Securitisation Regulations: Track Record, Risk retention and Investment size among several new requirements

/0 Comments/in , , , , /by

– Dayita Kanodia (finserv@vinodkothari.com)

Requirements to apply to all listed issuances, from financial and non-financial issuers

Below are the major highlights of the SDI amendment regulations:

SEBI on May 5, 2025 has issued the SEBI (Issue and Listing of Securitised Debt Instruments and Security Receipts) (Amendment) Regulations. 2025. It may be noted that the SDI Regulations, was first notified on 26th May, 2008, after public consultation on the proposed regulatory structure with respect to public offer and listing of SDIs, following the amendments made in the SCRA. The Regulations, originally referred to as the SEBI (Public Offer and Listing of Securitised Debt Instruments) Regulations, 2008, were subsequently renamed as SEBI (Issue and Listing of Securitised Debt Instruments and Security Receipts) Regulations, 2008, w.e.f. 26th June, 2018.

In order to ensure that the regulatory framework remains in accordance with the  recent developments in the securitisation market, a working group chaired by Mr. Vinod Kothari was formed to suggest changes to the 2008 SDI regulations. Based on the suggestions of the working group and deliberations of SEBI with RBI, the amendment has been issued. The amendment primarily aims to align the SEBI norms for Securitised Debt Instruments (SDIs) with that of the RBI SSA Directions which only applies in case of securitisations undertaken by RBI regulated entities.

It can be said that these amendments are not in conflict with the SSA Directions and therefore for financial sector entities while there may be some additional compliance requirements if the securitisation notes are listed, there are as such no pain points which discourages such entities to go for listing. Further, certain requirements such as MRR, MHP, minimum ticket size have only been mandated for public issue of SDIs and therefore are not applicable in case of privately placed SDIs.

This article discusses the major amendments in the SDI Framework.

Major Changes

Definition of debt

The amendment makes the following changes to the definition of debt:

  1. All financial assets now covered – In order to align the SDI Regulations with the RBI SSA Directions, the definition of ‘debt’ has been amended to cover all financial assets as permitted to be originated by an RBI regulated originator. Further, this is subject to the such classes of assets and receivables as are permissible under the RBI Directions. Note that the RBI SSA Directions does not provide a definition of ‘debt’ or ‘receivables’, however, provides a negative list of assets that cannot be securitised under Para 6(d) of the RBI SSA Directions.
  2. Equipment leasing receivables, rental receivables now covered under the definition of debt.
  3. Listed debt securities – The explicit mention of ‘listed’ debt securities may remove the ambiguity with regard to whether SDIs can be issued backed by underlying unlisted debt securities, and limits the same to only listed debt securities. The second proviso to the definition further clarifies that unlisted debt securities are not permitted as an underlying for the SDIs.
  4. Trade receivables (arising from bills or invoices duly accepted by the obligors) – As regards securitisation of trade receivables, acceptance of bills or invoices is a pre-condition for eligibility of the same as a debt under the SDI Regulations.

‘Acceptance’, in literal terms, would mean acknowledgement of the existence of receivables. Under the Negotiable Instruments Act, 1881, ‘acceptance’ is not defined, however, ‘acceptor’ is defined to mean the drawee of a bill having signed his assent upon the bill, and delivered the same, or given notice of such signing to the holder or to some person on his behalf.

Note that a bill or invoice may either be a hard copy or in digital form. In the context of digital bill, acceptance through signature is not possible; therefore, existence of no disputes indicating a non-acceptance, should be considered as a valid acceptance.

  1. Such Debt/ receivable including sustainable SDIs as may be notified by SEBI – In addition to the forms of debts covered under the SDI Regulations, powers have been reserved with SEBI to specify other forms or nature of debt/ receivable as may be covered under the aforesaid definition. Further, the clause explicitly refers to sustainable SDIs, for which a consultation had been initiated by SEBI in August 2024[1].

Conditions governing securitisation

SEBI has mandated the following conditions to be met for securitisation under the SDI Framework:

  1. No single obligor to constitute more than 25% of the asset pool – This condition has been mandated with a view to ensure appropriate diversification of the asset pool so that risk is not concentrated with only a few obligors. However, it may be noted here that the RBI regulations does not currently prescribe any such obligor concentration condition. Only in case of Simple, Transparent and Comparable securitisation transactions, there is a mandate requiring a maximum concentration of 2% of the pool for each obligor.

However, SEBI has retained the power to relax this condition. In our view, this may be relaxed by SEBI for RBI regulated entities considering that RBI does not prescribe for any such condition.

  1. All assets to be homogenous – This is yet another provision which is only required by RBI in case of STC transactions. However, even in the context of RBI regulations, what exactly constitutes a homogenous asset is mostly a subjective test. SEBI has defined homogenous to mean same or similar risk or return profile arising from the proposed underlying for a securitised debt instrument. This has made the test of homogeneity even more subjective. For the purpose of determining homogeneity, reference can be made to the homogeneity parameters laid out by RBI in case of Simple, Transparent and Comparable securitization transactions.
  2. SDIs will need to be fully paid up-  The SDIs will need to be fully paid up, i.e., partly paid up SDIs cannot be securitised. 
  3. Originators to have a track record of 3 financial years: Originators should be in the same business of originating the receivables being securitised for a period of at least three financial years. This restricts new entities from securitising their receivables. However, this condition in our view should only apply to business entities other than business entities, complying with this condition does not seem feasible. 
  4. Obligors to have a track record of 3 financial years– The intent behind this seems to to reduce the risk associated with the transaction as the obligors having a track record in the same operations which resulted in the creation of receivables being securitized. However, this condition cannot be met in most types of future flow securitisation transactions such as toll road receivables and receivables from music royalties.

SEBI has made it clear that the last two conditions of maintenance of track record of 3 years for originators and obligors will not apply in case of transactions where the originators is an RBI regulated entity.

Amendments only applicable in case of public issue of SDIs

The following amendments will only be applicable if the SDIs are issued to the public. Here, it may be noted that the maximum number of investors in case of private placement of SDIs is limited to 50.

Minimum Ticket Size

The Erstwhile SDI Regulations did not provide for any minimum ticket size. However, with a view to align the SDI regulations with that of RBI’s SSA Direction, a minimum ticket size of Rs. 1 crore has been mandated in case of originators which are RBI regulated as well as of non-RBI regulated entities. It may however be noted that the minimum ticket size requirement has only been introduced in case of public offer of SDIs. Further, in cases with SDIs having listed securities as underlying, the minimum ticket size shall be the face value of such listed security.

Securitisation is generally perceived as a sophisticated and complex structure and therefore the regulators are not comfortable in making the same available to the retail investors. Accordingly, a minimum ticket size  of Rs. 1 Crore has been mandated for public issue of SDIs. In case of privately placed SDIs, the issuer will therefore have the discretion to decide on the minimum ticket size. However, since the RBI also mandates a minimum ticket size of Rs. 1 Crore, financial sector entities will need to adhere to the same.

Here, it is also important to note that in case of public issue of SDIs with respect to originators not regulated by RBI, SEBI has made it clear that the minimum ticket size of Rs. 1 Crore should be seen both at initial subscription as well as at the time of subsequent transfers of SDIs. However, nothing has been said for subsequent transfers in cases where the originator is a RBI regulated entity. The RBI SSA Directions also requires such minimum ticket size of Rs. 1 Crore to be seen only at the time of initial subscription. This in many cases led to the securitisation notes being broken down into smaller amounts in the secondary market.

In the absence of anything mentioned for RBI regulated entities, it can be said that there is no change with respect to the ticket size for RBI regulated entities even in the case of publicly issued SDIs which should be seen only at the time of initial subscription.

It is worth mentioning that under the SSA Directions of RBI requires that in case of transactions carried out outside of the SSA Directions (the transactions undertaken by non-RBI regulated entities), the investors which are regulated by RBI have to maintain full capital charge. This therefore discourages Banks from investing in securitisation transactions which are carried out outside the ambit of the SSA Directions.  Therefore, both retail investors as well RBI regulated entities will not be the investors which will hinder liquidity and overall growth of the SDI market.

Minimum Risk Retention

Aligning with RBI’s SSA Direction, a Minimum Risk Retention (MRR) requirement for public issue of SDIs has been mandated requiring retention by the originator of a minimum of

  1. 5% in case the residual maturity of the underlying loans is upto 24 months and
  2. 10% in case residual maturity is more than 24 months

Further, in case of RMBS transactions, the MRR has been kept at 5% irrespective of the original tenure.

SEBI has aligned the entire MRR conditions with that of the RBI SSA Directions, including the quantum and form of maintenance of MRR. Accordingly, for financial sector entities, there is no change with respect to MRR.

By introducing MRR in the SDI Regulations, non-financial sector entities will be held to similar standards of accountability, skin-in-the-game, reducing the risks associated with the originate-to-sell model and aligning their practices with those of financial sector originators. This will strengthen investor confidence across the board and mitigate risks of moral hazard or lax underwriting standards.

It may however be noted here that in case of non financial originators, there could be situations where retention is being maintained in some form (for example in leasing transactions, the residual value of the leased assets continues to be held by the originator) and therefore such originators will be required to hold MRR in addition to the retention maintained.

Minimum Holding Period

SEBI has aligned the MHP conditions as prescribed under the SSA directions for all RBI regulated entities. Accordingly, there is no additional compliance requirement for RBI regulated entities. For receivables other than loans, the MHP condition will be specified by SEBI.

Exercise of Clean up Call option by the originator

The provisions for the exercise of the clean up call option has been aligned with those prescribed under the SSA Directions. These provisions have been introduced under the chapter applicable in case of public offer of SDIs. However, the SDI Regulations always provided for the exercise of clean up call option and what has been now introduced in simply the manner in which such an option has to be exercised.

In case of private placement of SDIs, can the clean up call option be exercised at a threshold exceeding 10% ?

Although the provisions for the exercise of clean up call options has been made a part of chapter applicable in case of public offers, it should however be noted that these provisions are also a part of the RBI SSA Directions. Accordingly, financial sector originators are bound by such conditions even if they go for private placement of SDIs. Further, even in the case of the non-financial sector originator, clean up call is simply the clean up of the leftovers when they serve no economic purpose. Therefore, in our view, exercising clean up calls at a higher threshold should not arise.

Other Amendments

  1. Norms for liquidity facility aligned with that of RBI regulations
  2. All references to the Companies Act 1956 has been changed to Companies Act 2013
  3. Chapter on registration of trustees has been removed and reference has been made to SEBI (Debenture Trustees) Regulations, 1993
  4. Disclosure requirements for the originator and the SPDE have been prescribed; however the disclosure formats are yet to be issued by SEBI.
  5. Public offer of SDIs to remain open for a minimum period of 2 working days and upto a maximum of 10 working days.

Amendments proposed in the SEBI(LODR) Regulations

There are primarily two regulations which govern the listing of SDIs:

  1. SEBI SDI Regulations
  2. SEBI LODR Regulations

The following amendments have been proposed in the LODR regulations:

  1. SCORES registration to be taken at the trustee level
  2. Outstanding litigations, any material developments in relation to the originator or servicer or any other party to the transaction which could be prejudicial to the interests of the investors to be disclosed on an annual basis.
  3. Servicing related defaults to be disclosed on an annual basis.

[1] Read an article on the concept of sustainable SDIs at – https://vinodkothari.com/2024/09/sustainable-securitisation-the-next-in-filling-sustainable-finance-gap-in-india

NAME THEM ALL: SEBI reiterates mandatory disclosure of all promoter group entities in shareholding pattern, regardless of shareholding

/0 Comments/in , , , , /by

Lavanya Tandon, Senior Executive | corplaw@vinodkothari.com

Through the updated SEBI FAQs on LODR Regulations rolled out on April 23, 2025, SEBI has yet again clarified that  listed entities are required to disclose the names of all entities forming part of promoter / promoter group (P/PG), irrespective of any shareholding in the listed entity in the quarterly reporting of shareholding pattern to the stock exchanges. (FAQ no. 19 of section II)

Regulation 31(4) of LODR (inserted  via SEBI (LODR) (Sixth Amendment) Regulations, 2018) clearly mandates all entities falling under promoter and promoter group to be disclosed separately in the shareholding pattern. However, inspite of this clear mandate, as a matter of practice, India Inc seemingly has decided to disclose names of only such PGs who have shareholding in the company. With this reiteration of regulators expectation in its FAQ, this is the sign for the listed entities to buckle up and collate the entire list of PGs, irrespective of shareholding, for disclosure in the shareholding pattern (next disclosure due in June, 2025) 

It should be noted that a complete list of P/PG complements the listing of related parties as one of the elements of the definition of related party is “any person or entity forming a part of the promoter or promoter group of the listed entity”.

SEBI’s persistence requiring disclosure of complete list of PG

Since the longest time now (first through reg 31A and then through reg 31(4) among others), SEBI has been stressing in every way the requirement of disclosing the complete list of PG, irrespective of their shareholding.  Below are the instances where SEBI has identified the practice / clarified its position, over and over again. 

  1. Consultative Paper on re-classification of P/PG entities and disclosure of promoter group entities in the shareholding pattern dated Nov 23, 2020 

While Reg 31 of SEBI (LODR) Regulations, 2015 mandates that all entities falling under promoter and promoter group shall be disclosed separately in the  shareholding  pattern,  there  have  been  cases  where listed companies have not been disclosing names of persons in promoter(s)/ promoter group who hold ‘Nil’ shareholding. There is therefore a need for further clarification in this regard to the listed companies

  1. NSE FAQs on Disclosure of holding of specified securities and Holding of specified securities in dematerialized form dated Dec 14, 2022

Q6. Can the name of the promoter be removed from the Shareholding Pattern during the Quarter in case the Shares are transferred/sold? 

The name of the promoter can be removed only after seeking approval of Reclassification from the Exchange. Meanwhile Companies are requested to show the promoters/promoter group with nil shareholding till the approval for Reclassification is granted from Exchange. 

  1. SEBI Circular on disclosure of holding of specified securities in dematerialized form dated March 20, 2025 

Table II of the shareholding pattern has been amended as under: i. A  footnote  has  been  added  to  the table II that provides  the  details  of  promoter  and promoter group with shareholding “NIL”

Getting re-classified to stop disclosure – the only way

In the matter of Jagjanani Textiles Limited, upon transferring the entire shareholding, the name of a PG entity was not disclosed in the P/PG category; rather disclosed in the public category. SEBI observed this as a violation of Reg 31(4).  [See para 12 of the Order]

“12. It is observed that the promoter group entities of Noticee 1 i.e. Noticee 5 and 3 had acquired 2,94,000 shares and 5,51,424 shares during the quarter ended March 2013 and March 2014 respectively and since then both the Noticee 5 and 3 had been the shareholders of the Noticee 1 till the date of filing of DLoF i.e. April 10, 2023 except during the quarter ended September 2014 to June 2015 w.r.t the Noticee 5 where she ceased to be the shareholder. In this regard, it is observed that in terms of Regulation 31(4) of LODR Regulations, all entities falling under promoter and promoter group are required to be disclosed separately in the shareholding pattern appearing on the website of all stock exchanges having nationwide trading terminals where the specified securities of the entities are listed, in accordance with the formats specified by the Board. It is therefore alleged that both the Noticee 5 and 3 had been wrongly disclosed as Public shareholder during the aforesaid period. Further, it is observed that the Noticee 1 had confirmed to rectify the error in the shareholding pattern filed for the quarter ended June 30, 2023”

Where an entity not holding any shares in the listed entity wants to stop disclosing its name in the shareholding pattern – the only way is to apply for reclassification u/r 31A and get such approval from the stock exchange. Until such approval is obtained, one needs to disclose its name in the P/PG category.  

Our related resources on the topic

  1. SEBI clarifies on critical matters arising from LODR 3rd Amendments & Master Circular
  2. SEBI revisits the concept of Promoter and Promoter Group
  3. Making one’s way out – Promoter & Promoter Group
  4. Classification out of promoter category under Listing Regulations

 

Balancing between Bling & Business: RBI proposes new Gold Lending rules

/2 Comments/in , , , , , /by

– Team Finserv | finserv@vinodkothari.com

Genesis of the change

The RBI on September 30, 2024, flagged several concerns in gold lending practices of financial entities. Further, there were separate guidelines for banks and NBFCs leading to regulatory arbitrage and operational ambiguity. On April 09, 2025, the RBI introduced the Reserve Bank of India (Lending Against Gold Collateral) Directions, 2025 (Draft Directions).

 The Draft Directions intend to:

  1. Harmonise guidelines w.r.t. gold lending across all REs.
  2. Address previous observations raised by RBI in lending practices and plug any loopholes.

In this write-up, we highlight the major changes for lenders, and particularly for NBFCs (The same are subsequently elaborated in the article).

Read more