FAQs on contra trade restrictions under PIT Regulations

/0 Comments/in , /by

Team Corplaw | corplaw@vinodkothari.com

Updated as on November 19, 2025

Contra trade FAQs_for websiteDownload

Also access our Resource Centre on PIT here:

Prohibition of Insider Trading – Resource Centre

Downstreamed through intermediaries: Deemed public issue concerns for privately placed debt

/0 Comments/in , /by

– Vinod Kothari and Payal Agarwal | corplaw@vinodkothari.com

While equity is the “flavour of the season”, companies can produce efficient returns on equity only if they leverage it; therefore, companies are also reaching out to investors through debt issuance. Most of the bond issuance in India is privately placed; however, it is increasingly common for companies to reach out, mostly through intermediaries, to HNIs and other  investors to invest in privately placed listed debt. While some of it happens through OBPPs (see an article on Regulatory framework for Online Bond Platform), much of it is simply distributed to investors by brokers, portfolio managers, distributors, investment advisers, and so on. Question is, if a privately placed bond issue is downsold, through intermediaries, to more than 200 investors, will the issue itself be regarded as a “deemed public offer” and therefore, require compliance with public offer norms as per Part I of Chapter III of the Companies Act, 2013 read with Chapter III of the SEBI (Issue and Listing of Non-Convertible Securities) Regulations, 2021. 

If you cannot do something, you cannot employ someone to do it. In Sanskrit Nyayavali, there is a maxim that reads:

यः करोति  स करोत्येवेति  न्यायः

This maxim is used to denote that the responsibility of one who sets another to do a thing is quite equal to that of the doer himself. That is, what you cannot do, you cannot employ someone to do.

If a bond issuer engages an intermediary to downsell an issue to an undefined group of investors, it must be taken to be the act of the issuer itself. While mostly the focus is on the magical number 200, but 200 is only the “deeming line”. The real line of distinction is – did I reach out to a closed group of investors who were known to me, or did I make a wide and open offer to whoever might be interested. Even if one might contend that all the offerees were known to the offerers, the 200 lakshman rekha will still apply and will result in the so-called private placement being taken as a public offer.

This article discusses:

  • The contours of the deemed public offer provision in context of bonds 
  • What difference would be made if the bonds were privately placed and listed
  • Is the limit to be counted for all bonds issued in a year, or per ISIN or per bond issuance?
  • What if the intermediary buys the bonds from secondary market and then downsells the same?
  • How is the nexus between the bond issue and downselling derived/deduced?
  • What difference is made if the bonds are sold on OBPPs? What are the defining features of an OBPP, as opposed to securities intermediaries?
  • So, in what circumstances will a downsold bond not result in a breach of sec. 25(2) and 42 of the Companies Act / NCS Regs?

There have been various actions taken by ROC against use of crowdsourcing platforms for equity shares. Refer our article on Crowdsourcing funds faces stiff penal actions.

Contours of deemed public offer on bond issuance 

Section 25(2) of the Companies Act specifies cases that may be considered as a deemed public offer. 

For the purposes of this Act, it shall, unless the contrary is proved, be evidence that an allotment of, or an agreement to allot, securities was made with a view to the securities being offered for sale to the public if it is shown—

(a) that an offer of the securities or of any of them for sale to the public was made within six months after the allotment or agreement to allot; or

(b) that at the date when the offer was made, the whole consideration to be received by the company in respect of the securities had not been received by it.

Additionally, in terms of section 42(11) of the Act, a private placement offer, non-compliant with the provisions of Section 42(2) shall be deemed to be a public offer and shall attract the provisions as applicable to any public offer. Section 42(2) requires that a private placement offer be made only to pre-identified investors and to not more than 200 persons in a financial year. Penalty for breach of section 42 may stretch to the amount of funding raised, capped at Rs 2 crores. Further, the issuer is also required to refund all monies with interest to subscribers within a period of 30 days of the order imposing the penalty. The interest is to be paid at the rate of 12% p.a. calculated from the expiry of the 60th day from the date of the receipt of application money for such securities till the time the money has been refunded. 

Thus, downselling of bonds by the investor within 6 months of issuance by the bond issuer results in a deemed public offer. Further, in case of a public offer, section 40 mandates the listing of securities, in case of public offer of securities. In case of listed or proposed to be listed securities, Section 24 of the Act extends SEBI’s authority to administer the provisions of the Act (Chapter III and IV) in relation to the issue and transfer of such securities.

Deemed public issue in privately issued bonds and recent SEBI orders 

In an August 2025 order pertaining to downselling of privately placed unlisted NCDs to 699 investors, the issuer contended that the allotment of NCDs was made to a single investor on private placement basis, and any subsequent transfer of such securities within 6 months from its allotment is an independent action of the investor, with no direction or influence from the issuer. Here, SEBI referred to the legal maxim ‘acta exterior indicant interior secreta’ (external action reveals inner secrets) to rule out the aforesaid contention of the issuer. 

In the facts of the said case, the investor (primary subscription) was referred to as Debenture Holder Representative (DHR), and the investor was identified as a depository account of such DHR. The issue related documents indicated the primary subscriber’s intention to downsell, and not to hold investments in the NCDs.  

In the said case, while dealing with the concept of “deemed public offer”, SEBI also interpreted the construct of section 25, and observed: 

The expression “with a view to” in section 25 indicates  the  reason  or  goal  behind  an  action. It  signifies  the  action  being  taken  with  a specific  objective  in  mind  and  implies  a  forward-looking  perspective,  suggesting  that  the action is a means to an end. It is pertinent to mention that such intent, design or reason can be  drawn  from  a  mass  of  factual  details  and  can  be  gleaned  from  the  whole  gamut  of surrounding foundational facts and circumstances both poste and ante the typical gambit of allotment in this case.

SEBI also held that: 

…(unless the contrary is proved) if it is shown that an offer of the securities allotted or of any of them, for sale to the public was made within six months after the allotment or agreement to allot, it is presumed that the allotment or an agreement to allot the securities was made with a view to the securities being offered to the public and the document whereby the offer for sale is made shall be deemed to be a prospectus under section 25(1).

The order also referred to another adjudication order of SEBI dated 20th September, 2023 (subsequently settled on 10th April, 2024). In the said case, the allotment of NCDs was made in the portfolio demat account of the primary investor, which were subsequently transferred to 355 investors. The application money was also received from the portfolio pool account of the investor, and not the proprietary account. In the facts of the case, the investor had also acted as a structurer of the deal and received an advisory fee from the issuer for the same.

Downselling of privately placed “listed” bonds

Securities, once listed, are freely transferable. There is no lock-in period or transfer restrictions on the listed bonds. Therefore, a question arises on whether the downselling restrictions and deemed public issue implications arise in a case where the NCDs are issued through private placement, and listed on the stock exchanges? 

In our view, if the bonds were privately placed, but have been downsold in a quick succession, it is implied that the downselling was a part of the primary issuance. In such cases, the issuer may be said to have violated public issue norms by calling what was really a public offer as a private placement. Thus, if the nexus between primary issuance through private placement and secondary transfer to retail investors is clear, it is substantively a public offer, being camouflaged as a private placement. The impugning issue here is not the sale of a listed security, but claiming the issue to be private placement, though with distribution nexus.

Had the securities been intended to be offered to the public, the same should have been done through “public issue” of such bonds, and not through the “private placement” route. 

Downselling of bonds purchased from secondary market

The trigger of deemed public issue norms is not based on the number of stopovers; what is relevant is the intent of downselling to the retail public. For instance, consider a case where the issuer issues bonds to XYZ Ltd, an investor. The investor, in turn, transfers the same to a market intermediary (portfolio manager/ stock broker etc). Now, the market intermediary downsells such bonds to a large number of investors. The proximity of each of the aforesaid events, viz., (a) primary issuance, (b) secondary transfer to intermediary and (c) downselling by intermediary to public – are itself suggestive of the ultimate intent of downselling. Therefore, in such cases as well, the provisions of deemed public issue should apply. 

Further, where a registered market intermediary acts as a conduit investor to facilitate such transfers, SEBI may also take action against the same. For instance, In an adjudication order dated 25th April, 2023, SEBI has levied penalty on the registered intermediary (portfolio manager) for having facilitated downselling of privately placed securities in violation of the regulatory requirements. Similarly, in the August 2025 order referred above, while penalty has not been levied on the conduit investor, SEBI observed the following in relation to the role of the conduit investor: 

Down-selling of the NCDs cannot entirely be a unilateral and independent act without the involvement of other parties and the entire scheme could not have been possible without the connivance of the parties involved.

Nexus between primary issuance and secondary transfers

Section 25(2) of the Act refers to a time gap of six months between primary issuance and secondary transfer for considering the same as a deemed public issuance. The time period of six months is for the purpose of reasonability of connection between the primary issuance and the secondary sale. Thus, proximity between primary issuance and secondary transfer is one of the factors to be considered. 

Sometimes, attending circumstances make it clear that the intent of the intermediary was to downsell. For example, the intermediary may have reached out to the potential investors, sourced their intent to subscribe or actually procured their subscriptions, and then may have made the investment in the bonds. Or, as sometimes seen, there may be an irrevocable intent expressed by the ultimate investors to invest the subject bonds.

Charging of fees, by whatever name called, by the primary investor from the issuer may also indicate that the fees is being charged by the investor for acting as a conduit in the private placement offer of the issuer. 

Because the substantive view of the arrangement in its entirety is by connecting the dots together, the view may be subjective, but mostly, it is not difficult to discern.

Limit on number of offerees: each ISIN or each issuer? 

Section 42(2) r/w Rule 14 of the PAS Rules provides that an offer or invitation to subscribe securities under private placement should only be made upto 200 investors (excluding QIBs and employees under ESOP) in aggregate for a financial year. Further, an explanation to Rule 14(2) clarifies that the limit would be reckoned individually for each kind of security that is equity share, preference share or debenture. The same is based on the recommendations of the Report of the Companies Law Committee, 2016

The term “securities” is defined to include “debentures”, however, different series of debentures having different terms of issue, inter alia, nature of security, nature of listing, terms of conversion (OCDs, NCDs etc) does not comprise a separate “kind” of security altogether. ISIN (International Securities Identification Number) of securities is a unique 12-character alphanumeric code that identifies a specific financial security, such as a stock, bond, or mutual fund unit. As such, it is merely a tool of identification of security rather than a determinant of the kind of security.  Accordingly, the limit of 200 under the Rule should be reckoned at the issuer level for each type of security and not on ISIN basis. 

Sale of privately placed bonds by Online Bond Platform Providers

Offer of NCDs in secondary market transactions are permitted through the registered Online Bond Platform Providers (OBPP), as per Reg 51A of NCS Regulations read with Chapter XXI of the Master Circular for issue and listing of Non-convertible Securities, Securitised Debt Instruments, Security Receipts, Municipal Debt Securities and Commercial Paper. However, the OBPP is required to be registered with SEBI and their services are restricted to only (a) listed bonds and (b) bonds that are proposed to be listed through a public offering. 

In case of OBPPs, the concept itself was introduced to facilitate offering of listed debentures, in a controlled and compliant environment. That the lock-in restrictions of six months do not apply in case of sale of bonds through OBPP has been discussed by SEBI in its Board Meeting dated 30th Sep, 2022. Para 3.4.3. of the Board Note provides the rationale, as summarised below: 

SEBI already has regulations on issue and listing of privately placed debt securities which inter-alia provides for furnishing of private placement memorandum (which itself is very elaborate), memorandum of association, articles of association, requisite resolutions from the board or committees authorizing such listing of securities on stock exchanges. Once listed, the issuer has to follow all the requirements including detailed disclosures at various intervals. Hence, once the securities are listed, there is not likely to be any circumvention of key public issue requirements. Lock-in requirements, if introduced, may rob the investors from liquidity and the opportunity to exit their investments, if so desired. Debt investors may involve mutual funds or other institutional investors. Restrictions on liquidity can have ramifications which could have large scale implications. Accordingly, the lock-in requirement for listed debts is not proceeded with. 

However, it is to be noted that the registered OBPP can deal only in listed or to-be listed securities. The OBPP is not permitted to offer unlisted bonds/ other products either through the same platform or through a separate platform/ website. In this regard, SEBI, in its interim order dated 18th November, 2024, took action against three unregistered OBPPs that facilitated the offering of unlisted NCDs to retail investors.

Circumstances where downselling does not result in deemed public issue 

We will want to conclude the write up with some thoughts. 

The fact that an issuer cannot market debt instruments to over 200 investors surely cannot mean that at no point of time, the number of investors can exceed 200. While securities of a public company are freely transferable, even if the company is a private company, after listing of the debt securities, the transfers thereafter are largely beyond the control of the issuer. Therefore, the real issue is not the actual number of persons who have invested in the bonds: the real issue is, to how many persons was the issue offered? 

Hence, if the nexus between the issuance, and the downselling, is not clear or unambiguous, secondary market transactions do not necessarily hint at the intent of offering to over 200 investors. Even the provision of sec. 25 (2) (a) of the Companies Act is a rebuttable inference – it is capable of being dismissed by contrary evidence. Below, we list out some illustrative situations where it may be possible to contend that the issuer did not make an offer to over 200 investors:

  1. The primary investor of the bonds makes an offer on OBPP. As discussed above, the same is exempt from the deemed public issue restrictions u/s 25(2)(a).  
  2. There are acquirer/acquirers who have made a genuine investment in the bonds, and after a reasonable time, make a phased exit by downselling the bonds
  3. A portfolio manager acquires the bonds in the names of various clients, spaced over time, indicating clearly that the acquisition by the PMS clients was not a part of the initial offer.

We do understand the growing debt market in India needs wider investor participation, but there have been instances in the past where the device of private placement was exploited to the hilt. Hence there has to be that delicate balance between regulatory concerns and the need for broadbasing of listed debt, which is why instrumentalities like OBPPs have been permitted. 

Our other resources:

Crowdsourcing funds faces stiff penal actions

Resource Centre on Corporate Bonds

Introducing common offer document disclosures for Private Placement and Public Issue

Revamping private placement mechanism

Going Concern Sales in Liquidation – Ghosted or Alive?

/0 Comments/in , /by

Sikha Bansal, Resolution Division, Vinod Kothari & Company | resolution@vinodkothari.com

About the Amendment

The edifice of IBC is premised on value-maximisation, and thus, resolution has always been preferred over liquidation[1]. Even in liquidation, the regulations and Courts have stressed and preferred on selling the entity/business as going concern (referred to as GCS)[2]. However, IBBI, vide Insolvency and Bankruptcy Board of India (Liquidation Process) (Second Amendment) Regulations, 2025 (“Amendment”)[3], has amended Liquidation Regulations omitting the option of GCS altogether from the liquidation process. Notably both the GCS options – one, sale of CD as a going concern (reg. 32(e)), and second, sale of business of the CD as a going concern (reg. 32(f)) – have been omitted.

Read more

Operational Risk Assessment for NBFCs : Understanding The Basics

/0 Comments/in , , , /by

Simrat Singh | finserv@vinodkothari.com 

Operational risk, as defined by the Basel framework, refers to the possibility that a financial institution’s routine operations may be disrupted due to failures in processes, systems, people, or external events. While historically treated as secondary to credit and market risk, it has increasingly become a central focus of risk management, particularly for institutions with complex operations, heavy technology dependence, extensive outsourcing, and stringent regulatory obligations. Reflecting this shift, the RBI’s 2024 Guidance Note on Operational Risk Management and Resilience expands its expectations for operational risk management to all NBFCs. 

Having previously discussed the guidance note (refer here), this article now explains the fundamentals of operational risk assessment and outlines its process.

Operational Risk Management

Operational risk poses unique challenges because many of the events that cause losses arise from internal factors, making them difficult to generalise or predict. Large operational losses are often viewed as rare, which can make it difficult to get sustained management attention on the steady, routine work required to identify issues and track trends1. Operational risks typically stem from people, processes, systems and external events, ironically, the same resources essential for running the business. Unlike credit and market risk which are modelled and hedged, operational risks are often idiosyncratic, event-driven and subject to human, process and system failure.

Relevance For Financial Institutions

Financial institutions operate with complex processes, large transaction volumes, strict regulatory reporting requirements and often heavy dependence on technology, outsourcing arrangements and third-party service providers. Because of this, operational failures, such as system glitches, fraud, compliance breaches or breakdowns in business continuity, can result in substantial financial losses, regulatory sanctions, reputational harm and other disruptions to business operations. 

Given these risks, regulators have placed growing emphasis on the measurement and management of operational risk. Based on our experience, RBI has frequently raised queries regarding the operational risk frameworks of NBFCs during its supervisory inspections. Under Basel II, for instance, banks using the Advanced Measurement Approach were required to maintain strong, demonstrable operational risk management systems. Recognising the importance of operational risk, the Bank of England’s FSA0732 report, which is applicable on banks and large investment firms, requires firms to record the top ten operational risk loss events for each reporting year. This provides a clear view of what went wrong, where it occurred and the scale of the financial impact.

Operational Risk Assessment Process

In its guidance note for operational risk, RBI at many places underscored the importance for risk assessment. One such example is given below:

Principle 6: Senior Management should ensure the comprehensive identification and assessment of the Operational Risk inherent in all material products, activities, processes and systems to make sure the inherent risks and incentives are well understood. Both internal and external threats and potential failures in people, processes and systems should be assessed promptly and on an ongoing basis. Assessment of vulnerabilities in critical operations should be done in a proactive and prompt manner. All the resulting risks should be managed in accordance with operational resilience approach.

6.1 Risk identification and assessment are fundamental characteristics of an effective Operational Risk Management system, and directly contribute to operational resilience capabilities. Effective risk identification considers both internal and external factors. Sound risk assessment allows an RE to better understand its risk profile and allocate risk management resources and strategies most effectively.

Figure 1: Operational Risk Assessment Process

Risk identification

Risk identification means figuring out what exactly you need to assess. It involves recognising the different risk sources and risk events that may disrupt your business. A risk source is the underlying cause, something that has the potential to create a problem. A risk event is when that problem actually occurs. For example, a weak password is a risk source, while a data breach caused by that weak password is the risk event. 

As per the RBI’s Guidance Note, REs are expected to take a comprehensive view of their entire “risk universe”. This means identifying all categories of risks, traditional or emerging, that could potentially affect their operations. These may include insurance risk, climate-related risk, fourth- and fifth-party risks, geopolitical risk, AML and corruption risk, legal and compliance risks, and many others. The underlying expectation is simple: an RE should systematically identify everything that can go wrong within its business model, processes, people, systems, and external dependencies, and ensure that no material source of risk is overlooked.

There are many ways to identify risks. You may use questionnaires, self-assessments by business or functional heads, workshops with staff involved in risk management, or you may review past failures within the company. Industry reports, experiences of peers, and linking organisational goals to potential obstacles can also reveal important risks. You can even look at upcoming strategic initiatives and think ahead about the risks that may arise when these changes are implemented.

Every organisation has its own risk profile. A lender may worry about borrowers not repaying, untrained staff, biases in an AI underwriting model, IT system failures, employee fraud, or suppliers not delivering on time. These risks should be recorded in a risk register, but it is important that this register reflects your business. A company offering only physical loans may not face digital lending risks, and should not simply copy any generic list. The goal is to identify risks that genuinely matter to your day-to-day operations.

Assessment

Once you know which risks matter, the next step is to assess each of them. For every risk, ask yourself two basic questions: 

  1. What is the likelihood of this risk actually happening? This is simply the chance that the event might occur; You may assign parameters to determine the likelihood – for eg if the risk event is almost certain to occur in the next 1 year or is it likely to occur or it will occur only in remote situations?

Figure 2: Illustrative likelihood assessment criterias

  1. If it does happen, what impact will it have on my organisation? Will it hurt my reputation? Lead to financial loss? Negative feedback from customers? Cause a data leak? One can record the impact of the risk as High, medium or low based on its gravity

Figure 3: Illustrative impact assessment of risks

These two questions help you understand how serious the risk is inherently (inherent risk level) i.e, before considering whether you have any controls in place. Note that at this stage, you’re only interested in the natural level of risk that exists ignoring any controls you might already have. 

Evaluating Controls

Once the inherent risks are understood, the next step is to look at how these risks are currently being managed. These risk-reducing efforts are your controls or mitigation measures. Controls are simply the actions, checks, or processes already in place to lower the likelihood or impact of a risk. For example: Is your underwriting model checked for bias? Are board committees meeting regularly? Do you have proper maker–checker checks in your V-CIP process? Controls can take many forms such as policies, procedures, tools, system checks, reviews, or even day-to-day practices followed by employees. In essence, a control is any measure that maintains or modifies risk and helps the organisation manage it more effectively. 

Residual Risk

After evaluating the controls, you can determine the residual risk i.e. the level of risk that remains even after your mitigation measures have been applied. Residual risk shows whether the remaining exposure is acceptable or whether additional controls are needed. By definition, residual risk can never be higher than inherent risk. Generally, residual risk can be interpreted as follows:

  • Low Residual Risk: When the effectiveness of internal controls fully covers or even exceeds the inherent risk;
  • Medium Residual Risk: When controls reduce most of the risk, leaving only a small gap;
  • High Residual Risk: When controls address only part of the risk and a significant gap still remains;
CategoryRisk SourceRisk eventRoot causeLikelihoodConsequenceLevel of inherent riskControl EffectivenessLevel of Residual Risk
People RiskEmployees / StaffEmployee fraud, misappropriation, or collusionWeak internal controls, poor background checksHighly LikelyMediumHighWeakHIGH
Information Technology & Cyber RiskIT Infrastructure / SystemsSystem downtime or core platform failureServer outage, inadequate IT resiliencePossibleLowLowStrongLOW
Process & Internal Control RiskOnboarding / KYC ProcessesNon-compliance with KYC or onboarding proceduresInadequate verification, manual errorsPossibleHighHighAdequateMEDIUM
Legal & Compliance RiskOutsourcing / LSP ArrangementsNon-compliance in outsourcing / LSP arrangementsWeak SLA oversight, inadequate due diligenceUnlikelyLowLowAdequateLOW
External Fraud RiskBorrowers / External PartiesBorrower fraud – identity theft, fake borrowers, or collusionForged documents, weak KYCPossibleLowLowStrongLOW
Model / Automation / Reporting RiskData Aggregation / SystemsFailure in data aggregation across systems for regulatory returnsSystem inconsistencies, poor data governanceHighly LikelyMediumHighStrongLOW
Reputation Risk / Customer ExperienceCustomer Communication / Sales PracticesMiscommunication of terms or conditions to customersPoor training, unclear communication scriptsPossibleMediumMediumWeakMEDIUM

Figure 5: An illustrative Snapshot of Operational Risk Assessment

Understanding residual risk helps decide where further action is required and where the organisation may still be vulnerable.

Conclusion

The goal, therefore, is to move away from a simple “tick-box” approach and make the operational risk assessment truly tailored to the organisation. For ML and above NBFCs, the ICAAP requirement to set aside capital for operational risk is useful, but it covers only a narrow part of what operational risk really involves. A comprehensive assessment goes much further by examining the strength of the entity’s internal controls and how effectively they manage real-world risks. If the residual risk exceeds the organisation’s tolerance level, it should trigger a closer look at those controls and prompt corrective action. Ultimately, the focus should be on building a risk framework that is meaningful, proactive, and aligned with how the organisation actually operates. The ultimate goal is therefore to develop ‘operational resilience’ which as per Bank of England3 is the ability of firms and the financial sector as a whole to prevent, adapt, respond to, recover from, and learn from operational disruptions.

Our other resources on risk management:

  1. Analysing Banking Risk: World Bank ↩︎
  2. FSA073: Instruction ↩︎
  3. Operational resilience of the financial sector: Bank of England ↩︎

Tracking Your Material Risks – Importance of Risk Register for NBFCs

/0 Comments/in , , , /by

– Subhojit Shome | finserv@vinodkothari.com

Introduction

A Non-Banking Financial Company (NBFC), like other financial intermediaries,  operates in a risk-intensive environment where credit, operational, technology, liquidity and regulatory exposures evolve continuously. To manage these effectively, regulators and international standard-setters increasingly expect institutions to maintain a clear, documented, and continuously updated risk inventory. This document—commonly called a risk register—forms the backbone of an NBFC’s risk management framework. Standards such as ISO 31000 emphasise that organisations must maintain structured documentation of risks, controls and monitoring processes, while the Basel Committee recognises the importance of tools that consolidate information for oversight by senior management and boards. The Reserve Bank of India (RBI), through its compliance, operational risk, outsourcing, and information technology governance guidelines, also implicitly requires NBFCs to maintain evidence of risk identification, assessment and monitoring. Together, these expectations make a risk register not just a good practice, but an essential governance artefact.

This article explains what risk registers are, outlines the material risks relevant to NBFCs, describes the contents and structure of effective risk registers, discusses the merits of consolidated versus separate registers, and demonstrates how risk registers are used in practice.

What is a Risk Register?

ISO 73:2009 Risk management—Vocabulary defines a risk register as – record of information about identified risks. A risk register is a structured record that captures an organisation’s identified risks, the causes and consequences of those risks, the controls in place to manage them, the effectiveness of those controls, and the actions planned to further mitigate them. It is not merely a compliance document but a living tool that helps decision-makers view exposures at a glance, track risk levels, and allocate resources. The concept and practice are consistent with ISO 31000’s emphasis on systematic identification, assessment and treatment of risk.

For an NBFC, which must demonstrate proactive risk management under multiple RBI frameworks—including the SBR Master Directions, the operational risk guidance note, outsourcing guidelines, digital lending rules, and IT governance expectations—the register is foundational evidence of risk awareness and accountability.

Figure 1: An illustrative Snapshot of a Risk Register

Risks for Which NBFCs Should Maintain Registers

An NBFC typically faces a wide spectrum of material risks that require structured tracking. The most prominent among these is credit risk, arising from borrower defaults and delinquencies, portfolio deterioration and concentration exposures. NBFCs must also track liquidity risks, especially given their reliance on market borrowings and investor confidence. Operational risks, defined by Basel and adopted by the RBI as losses due to failed processes, people, systems or external events, form a substantial part of an NBFC’s potential vulnerabilities—from frauds and system outages to process gaps.

With increasing digitisation, IT and cybersecurity risks have become highly material. RBI’s guidelines on information technology governance frameworks require NBFCs to implement ongoing monitoring and incident tracking mechanisms, all of which depend on clear risk documentation. Similarly, third-party and outsourcing risks, emphasised by both RBI, are significant given NBFCs’ reliance on technology partners, collection agencies, loan service providers and outsourcing arrangements. NBFCs must also account for regulatory and compliance risks, model and data risks, and conduct and reputational risks that emerge from customer interactions and business practices. Finally, strategic and ESG-related risks are gradually gaining prominence in supervisory expectations.

Components of a Risk Register

Although institutions may customise formats, an effective risk register should contain certain core elements. Each entry should describe the risk clearly, including its causes, potential business impact, and the business unit or process where it arises. It should include an inherent risk assessment (before considering controls) and a residual risk assessment (after controls). Controls must be recorded along with their owners and the results of recent effectiveness testing. The register should also assign a responsible risk owner at a senior level to ensure accountability. Key Risk Indicators (KRIs), where relevant, should be linked to the risk entry along with thresholds, recent values and escalation triggers. Finally, each risk entry should reflect remediation actions, timelines and review dates to ensure the register remains a dynamic management tool rather than static documentation.

An actionable risk register should be concise, structured, and linked to governance and reporting. Recommended fields include:

Figure 2: Contents of a Risk Register

What an Enterprise-Wide Risk Register Looks Like

An enterprise-wide risk register (EWRR) consolidates the institution’s major risks across all business lines into a single, coherent view. In practice, this register acts as the central dashboard for senior management and the Board. It includes credit, operational, cyber, market, liquidity, compliance, strategic and reputational risks, each summarised in a uniform format. The EWRR provides an aggregated view of risk severity, risk levels, and concentration areas. For example, it may highlight that operational risks linked to IT outages are trending upward, or that credit risk concentration in a specific sector has crossed internal appetite thresholds.

Importantly, the EWRR does not replace detailed sub-registers maintained by specialised teams; instead, it integrates their findings. Basel supervisory materials emphasise consolidation as essential for Board oversight, and the EWRR serves precisely that purpose.

Separate Risk Registers vs an Enterprise-Wide Register

NBFCs often question whether it is more effective to maintain a single enterprise-wide register or individual registers for each risk category. Two common approaches exist: maintaining one enterprise-wide register (single source of truth) or maintaining focused registers (e.g., Operational Risk Register, Credit Risk Register) with a roll-up to an enterprise view. Both approaches are widely accepted; choice depends on size, complexity and risk-data capabilities.

In practice, the most effective approach is hybrid. Individual registers—for credit, operational, cyber/IT, third-party risk and others—allow specialised teams to capture detailed technical information, testing results, and granular observations. These feed into the enterprise-wide register, which provides the Board and CRO with clear, aggregated insights. Maintaining only the EWRR risks leads to oversimplifying important technical details, while relying exclusively on separate registers makes it difficult to achieve the consolidated oversight that regulators and Boards expect.

The best practice is to have a centralized ownership of taxonomy and scoring methodologies for the specialised risk registers and the EWRR. This is in accordance with para 32 of the Principles for Effective Risk Data Aggregation and Risk Reporting (BCBS), which states –

A bank should establish integrated data taxonomies and architecture across the banking group, which includes information on the characteristics of the data (metadata), as well as use of single identifiers and/or unified naming conventions for data including legal entities, counterparties, customers and accounts.

This fits in well with the hybrid approach where specialized registers maintained for detailed tracking but using a common data definition may be conveniently aggregated into a  governance-level enterprise register containing material risks, owners, KRIs and status for Board reporting.

Applications of a Risk Register in Practice

Risk registers influence nearly every stage of the risk management lifecycle. They support risk identification during new product assessments, process reviews and internal audit findings. They allow risk measurement through inherent/residual scoring and KRIs, ensuring early detection of deteriorating risk conditions. They facilitate the evaluation of controls, since internal audit and risk teams use the register as the primary record of what controls exist and how effective they are. Action plans arising from incidents, audits or supervisory observations are also tracked through the register, making it a central management tool.

Regulations call for a number of risk assessments including compliance risk assessment, ML/ TF risk assessment, information technology and cybersecurity risk assessment, outsourcing risk assessment, identification and assessment of operational risks, etc. NBFCs draw on the risk registers to supply the list of risk events, their inherent likelihood and consequence and provide the residual risks remaining with the company.

Risk registers are also a prerequisite for risk based internal audit. Risk registers, containing the list of internal controls, risk events and levels of inherent and residual risk, along with the Board’s risk appetite statement and tolerance limits form the basis of formulating the internal audit coverage. For more information on audit coverage refer to our write up here

For reporting, the register forms the basis of periodic risk reports, senior management dashboards and regulatory submissions where required. During supervisory reviews, the RBI often tests whether an NBFC can produce documented evidence of risk identification, control ownership, monitoring and remediation—exactly what a well-maintained register provides. In this way, the risk register becomes both a governance mechanism and a demonstration of compliance readiness.

RBI outsourcing directions emphasise documentation of material outsourcing arrangements and evaluation of outsourcing risk. A risk register is the optimum tool for such third-party risk management to track and escalate both foreseeable and actual outsourcing incidents and due-diligence findings.

Conclusion

For NBFCs, maintaining risk registers is not merely a procedural obligation; it is a critical part of the organisation’s risk culture and governance framework. International standards (ISO 31000), global supervisory principles (Basel Committee), and regulatory expectations all converge on the need for structured, documented, and regularly monitored risk inventories. A robust risk register—supported by discipline, clear ownership and periodic review—enables NBFCs to anticipate threats, strengthen controls, improve decision-making and satisfy supervisory expectations. As NBFCs continue to scale, digitalise and partner with third-party ecosystems, the importance of maintaining comprehensive, dynamic and enterprise-aligned risk registers will only grow.

Our other resources on risk management:

Meta-morphed: A corporate bond that puts $27 billion off-the-balance-sheet

/0 Comments/in , , , /by
Meta structures a data center investment funding with cash flows linked with rentals and guarantees

– Vinod Kothari | finserv@vinodkothari.com

In India, we often say: upar wala sab dekhta hai (God sees it all). However, if I could do things which God the almighty does not or cannot see, I will be most happy to do those. Doing things off-the-balance-sheet is always equally tempting; structurers of Frankenstein financial instruments have already tried to bring ingenuity to explore gaps in accounting standards to create such funding structures where the asset or the relevant liability does not show on the books. Recently, a $ 27 billion bond issuance by an SPV called Beignet Investor, LLC may have the ultimate effect of keeping the massive investment done at the instance of Meta group  kept off-the-balance-sheet. 

Structural Features

Essentially, the deal involves issuance of  bonds to the investors, the servicing of which is through the cash flows generated from the lease payments. Further, a residual value guarantee has been provided by the group entity which has again led to a rating upliftment for the bonds issued. 

The essential structure of the transaction involves a combination of project finance, lease payments and a residual value guarantee to shelter investors from project-related risks, and use of an operating lease structure, apparently designed to keep the funding off the balance sheet of Meta group. It is a special purpose joint venture which keeps the funding liability on its balance sheet.

Let us understand the transaction structure:

  • Meta intends to do a huge capex to build a massive 2.064-GW data center campus in Richland Parish, LA. The cost of this investment is estimated at $27 billion in total development costs for the buildings and long-lived power, cooling, and connectivity infrastructure at the campus. The massive facility will take until 2029 to finish.
  • The expense will be incurred by a joint venture, formed for the purpose, where Meta (or its group entities) will hold a 20% stake, and the 80% stake will come from Blue Owl Capital. The two of them together form the JV called Beignet Investor, LLC (issuer of the bonds).
  • The JV Co owns an entity called Laidley LLC, which will be the lessor of the data center facilities.
  • The lessee is a 100% Meta subsidiary, called Pelican Leap LLC, which enters into 4 year leases for each of the 11 data centers. Each lease will have a one-sided renewal option with 4 years’ term each, that is to say, a total term at the discretion of the lessee adding to 20 years. The leases are so-called triple-net (which is a term very commonly used in the leasing industry, implying that the lessor does not take any obligations of maintenance, repairs, or insurance). 
  • The 20-year right of use, though in tranches of  4 years at a time, will mean the rentals are payable over as many years. This is made to coincide with the term of amortisation of the bonds issued by the Issuer, as the bonds mature in 2049 (2026-2029 – the development period, followed by 20 years of amortisation).
  • If the lease renewal is at the option of the lessee, then, how is it that the lease payments for 20 years are guaranteed to amortise the bonds? This is where the so-called “residual value guarantee” (RVG) comes in. RVG is also quite a common feature of lease structures. In the present case, from whatever information is available on public domain, it appears that the RVG is an amount payable by Meta Platforms under a so-called Residual Value Guarantee agreement. The RVG on each renewal date (gaps of 4 years) guarantees to make a payment sufficient to take care of the debt servicing of the bonds, and is significantly lower than the estimated fair value of the data center establishment on each such date. 

The diagram below by provides for the transaction structure: 

Off-balance sheet: Gap in the GAAP?

Of course, as one would have expected, the rating agency Standard and Poor’s that was the sole rating agency having given rating for the bonds, its report does not say the structure is off-the-balance sheet for the lessee, a Meta group entity. However, various analysts and commentators have referred to this funding as off-the-balance sheet. For example, Bloomberg report  says The SPV structure helps tech companies avoid placing large amounts of debt on their balance sheets”. Another report says that the huge debt of $ 27 billion will be on the balance sheet of Beignet, the JV, rather than on the books of Meta. An  FT report says that bond was priced much higher than Meta’s balance sheet bonds, at a coupon of 6.58%, as a compensation for the off-balance sheet treatment it affords. A write up on Fortune also refers to this funding as off-the-balance sheet. 

In fact, Meta itself, on its website, gives a clear indication that the deal was struck in a way to ensure that the funding is not on the balance sheet of Meta or its affiliates. Here is what Meta says: 

Meta entered into operating lease agreements with the joint venture for use of all of the facilities of the campus once construction is complete. These lease agreements will have a four-year initial term with options to extend, providing Meta with long-term strategic flexibility.

To balance this optionality in a cost-efficient manner, Meta also provided the joint venture with a residual value guarantee for the first 16 years of operations whereby Meta would make a capped cash payment to the joint venture based on the then-current value of the campus if certain conditions are met following a non-renewal or termination of a lease.”

Here, two points are important to understand – first, the operating lease/financial lease distinction, and second, the so-called residual value guarantee – what it means, and why it is opposite in the present case.

The distinction between financial and operating leases, the key to the off-balance sheet treatment of operating leases, was the product of age-old accounting standards, dating back to the 1960s. In 2019, most countries in the world decided to chuck these accounting standards, and move to a new IFRS 16, which eliminates the distinction between financial and operating leases, at least from the lessee perspective. According to this standard, every lease will be put on the balance sheet, with a value assigned to the obligation to pay lease rentals over the non-cancellable lease term.

However, USA has not aligned completely with IFRS 16, and decided to adopt its own version called ASC 842 for lease accounting. The US accounting approach recognises the difference between operating leases and financial leases, and if the lease qualifies to be an operating lease, it permits the lessee to only bring an amount equal to the “lease liability”, that is, the discounted value of lease rentals as applicable for the lease term.

As to whether the lease qualifies to be an operating lease, or financial lease, one will apply the classic tests of present value of “lease payments” [note IFRS uses the expression “minimum lease payments”], length of lease term vis-a-vis the economic life of the asset, existence of any bargain purchase option, etc. “Lease payments” are defined to include not just the rentals payable by a lessee, but also the minimum residual value. This is coming from para 842-10-25-2(d). The reading of this para is sufficiently complicated, as it makes cross references to another para referring to a “probable payment” under “residual value guarantees”. The reference to para 842-10-55-34 may not be needed in the present case, as the residual value agreed to be paid by the lessee is included in “lease payment” for financial lease determination by virtue of the very definition of financial lease. Therefore, it remains open to interpretation whether the leases in the present case are indeed operating leases.

Considering that the residual value guarantee from the parent company in the present case may not meet the requirements for its inclusion in “lease payments”, it is unlikely that the lease payments over any of the 4 year terms will meet the present value test, to characterise the lease as a financial lease. Also, the economic life of the commercial property in form of the data centers may be significantly longer than the 20 year lease period, including the option to renew. Hence, the lease may quite likely qualify as an operating lease.

Residual value guarantee: Rationale and Implications

In lease contracts, a residual value guarantee by the lessee is understandable as a conjoined obligation with fair use and reasonable wear and tear of assets. In the present case, if the lessee is a tenant for only 4 years, and the renewal thereafter is at the option of the lessee. If the lessee chooses not to renew the lease, the lessee is exercising its uncontrolled discretion available under the lease. So, what could be the justification for the parent company being called to make a payment for the residual value of the property? After all, the property reverts to the lessor, and whatever is the value of the property then is the asset of the lessor. 

In the present case, it seems that the RVG comes under a separate agreement – whether that agreement is linked with the leases is not sure. However, for the holistic understanding of any complicated transaction, one always needs to connect all the dots together to get a a complete understanding of the transaction. If the lessee or a related party is paying for future rentals, it transpires that the understanding between the parties was a non-cancelable lease, and the RVG is a compensation for the loss of future rentals to the lessor. If that is the overall picture, then the lease may well be characterised as a financial lease.

Is the lessee’s balance sheet immune from the bond payment liability?

A liability is what one is obligated to pay; a commitment to pay. The $ 27 billion liability for the bonds in the present case sits on the balance of the JV Company. However, the question is, ultimately, what is it that will ensure the repayment of these bonds? Quite clearly, the payment for the bonds is made to match with the underlying lease payments, with a target debt service coverage. In totality, it is the lease payments that discharge the bond obligation; there is nothing else with the JV company to retire or redeem the bonds. From this perspective as well, an off-balance-sheet treatment at the lessee or at the group level seems tough.

However, off-balance-sheet may not be the objective really. What matters is, does the structure insulate Meta group from the risks of the payments from the data center. From the available data, it appears that the project related risks, from delays in completion to non-renewal, are all taken by Meta. Therefore, even from the viewpoint of project-related risks, there do not seem to be sufficient reasons for any off-balance sheet treatment.

Disclaimer: The analysis in the write-up above is limited to the reading that could be done from write-ups/materials in public domain.  

Other Resources:

Relaxing FEMA reforms to boost global trade

/0 Comments/in , /by

– Saloni Khant, Executive | corplaw@vinodkothari.com

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [511.39 KB]

Resource Centre on FEMA

Corporate  Treasury Centres: Managing your money with a window to the world

/0 Comments/in , /by

– Payal Agarwal, Partner | payal@vinodkothari.com 

Global/ Regional Corporate Treasury Centres (GRCTCs) set up in IFSCs, are recognised as Finance Companies under the IFSCA (Finance Company) Regulations, 2021. An updated Framework for Finance Company/Finance  Unit  undertaking  the activity  of  Global/ Regional Corporate Treasury Centres was issued on 4th April, 2025 in order to encourage ease of doing business and in alignment with the international best practices, after a public consultation on the same.

The Union Budget 2025-26 also provided specific tax incentives for transactions involving GRCTC, exempting such transactions from the purview of deemed dividend under section 2(22)(e) of the Income Tax Act, 1961. Vide a recent amendment to Companies (Meetings of Board and its Powers) Rules, 2014, published on 6th November, 2025 in the Official Gazette, Finance Companies undertaking the activities of GRCTCs have been exempt from the application of section 186 of the Companies Act, 2013 with respect to compliances pertaining to granting of loans, making investments, providing security or guarantee. 

What is a GRCTC? 

Simply put, a treasury centre is supposed to be an in-house bank, managing funds and providing liquidity across different entities in the group. Thus, the main objective of a GCRTC is to manage funds centrally and optimise the use of funds within the various entities of the group. Key responsibilities include intra-group financing, managing cash and liquidity and providing financial advisory services to group entities.

Activities of Global/ Regional Corporate Treasury Centres (GRCTC)

Service Recipients [Clause 12] Permissible Activities [Clause 13]
  • Group Entities of GRCTC [Clause 2(1)(d)]
    • Subsidiary-Parent (Ind AS 110/AS 21)
    • Joint venture (Ind AS 28/ AS 27)
    • Associate (Ind AS 28/ AS 23)
    • Related Party (Ind AS 24/ AS 18)
    • Common brand name 
    • Investment in equity shares > 20%
    • Group Entities of Parent [Clause 2(1)(g)]
    • Parent in case of FC – group entities desirous to set up FC to undertake GRCTC 
    • Parent in case of FU – entity desirous to set up branch to undertake GRCTC
  • Branches of Parent/ Group Entities 
  • Parent/ Group Entities may either be Person Resident in India (PRI) or Person Resident Outside India (PROI) 
  • Raising capital by issuance of equity shares;
  • Borrowing including in the form of inter-company deposits; 
  • Credit arrangements; 
  • Transacting or investing in financial instruments issued in IFSC or outside IFSC; 
  • Undertaking derivative transactions (Over the counter (OTC) and Exchange traded);
  • Foreign exchange transactions in such currencies as specified by the Authority;
  • Factoring and Forfaiting;
  • Acting as a Re-invoicing centre; 
  • Liquidity management;
  • Maintaining relationships with financial counterparties;
  • Management  of  obligations  of  its  service  recipients  towards  insurance  and  pension related commitments;
  • Advisory  service  related  to  aforesaid activities, and relating to: 
    • financial management including financial risk management; 
    • funding and capital market activities;
  • Acting as a holding company; 
  • Any other activity, notified u/s 3(1)(e)(xiv) of IFSC Act, with the prior approval of the Authority

Borrowing and Lending by GRCTCs – Compliance Considerations and Tax Implications 

Compliance with FEMA Directions

Pursuant to the notification of the FEM (International Financial Services Centre) Regulations, 2015, any financial institution or branch of a financial institution set up in the IFSC and permitted/ recognised as such by the Government of India or a Regulatory Authority shall be treated as a person resident outside India. A Finance Company established in IFSC, including GRCTC, is recognised as a financial institution and hence, shall be treated as a person resident outside India (PROI) for the purpose of FEMA Directions. 

Therefore, from compliance perspective, the applicability of FEMA Directions may be understood as follows: 

Lender Borrower  Applicability of FEMA Directions
Person Resident Outside India  GRCTC Not applicable 
GRCTC  Person Resident Outside India  Not applicable 
GRCTC  Person Resident in India  Applicable 
Person Resident in India  GRCTC  Applicable 

Thus, the borrowing/ lending between a GRCTC and an Indian company will be governed by the FEM (Borrowing and Lending) Regulations, 2018. The Draft Foreign Exchange Management (Borrowing and Lending) (Fourth Amendment) Regulations, 2025, issued on 3rd October 2025 contains a proposal on explicit inclusion of entities in IFSC as a recognised lender for the purpose of External Commercial Borrowings (ECBs). 

Compliance requirements under Companies Act, 2013 

GRCTC is a Finance Company or Finance Unit, incorporated as a company under the Companies Act, 2013 or as a branch of such a company. Therefore, compliance with the provisions of the Companies Act, 2013 attract. Certain exemptions are also extended to IFSC entities from the provisions of the Companies Act. Refer to the table below: 

Activities by GRCTC  Applicable provisions  Relaxation to GRCTCs 
Lending by GRCTC  Section 179 – Approval of Board  May be taken through circular resolution instead of board meeting
Section 186 – Limit on loans, investments, guarantee, security Unanimous approval of board Approval of shareholders Minimum rate of interest on loans Disclosure in financial statements Maintenance of registers   Does not apply, exemption granted to GRCTCs vide the Companies (Meetings of Board and its Powers) (Amendment) Rules, 2025 notified on 6th November, 2025
Borrowing by GRCTC  Section 179 – Approval of Board  May be taken through circular resolution instead of board meeting
Section 180  –  Limits on borrowings and approval of shareholders  Does not apply in case of private companyIn case of public company, relaxations may be provided through the Articles

Tax implications 

The tax benefits available to IFSC units coupled with the exemption granted to GRCTC vide the Finance Act, 2025 incentivise fund raising from foreign sources in India. For instance, an Indian group incorporates a GRCTC in IFSC. The GRCTC may avail borrowings from non-residents, and lend the same to the Indian company. In such a case, the following tax benefits attract: 

  • The GRCTC borrows money from a non-resident. The interest paid on such borrowings is exempt from tax in terms of section 10(15)(ix) of the IT Act, 1961. Since the interest income itself is exempt, the question of withholding tax does not arise. 
  • GRCTC is merely a treasury centre, the funds will ultimately be utilised by one or more of the group entities. To this end, lending/ borrowing between a GRCTC and its group entities is exempt from the application of deemed dividend u/s 2(22)(e) of the IT Act. 

In terms of section 2(22)(e) of the IT Act, loans or advances by a closely held company to the following are taxable as “deemed dividend” under income from other sources: 

  • Shareholder holding 10% or more of the voting power of such company, 
  • Any concern in which such shareholder is a member or a partner and in which he has a substantial interest (beneficial entitlement to 20% or more of the voting power) 

Sub-clause (iia) of the said section read with Explanation 3 thereto, provides exemption from such treatment where one of the entity is a GRCTC for undertaking treasury activities/ services and the parent entity/ principal entity is listed on the stock exchange of a country or territory outside India (except for countries falling under the restricted list notified by CBDT, if any). 

  • Pursuant to the exemptions granted to a Finance Company vide notification dated 7th March 2024, no TDS is required to be deducted on the interest income on ECBs/ loans as required in terms of section 195/ 194A of the IT Act. 
  • Interest income of GRCTC qualifies for tax holiday in terms of section 80LA of the IT Act. 

Concluding Remarks 

GRCTC seems to be an effective means of managing the finances of large groups, with an access to the world at large, towards the funding needs of the group. The non-resident status under FEMA coupled with the income tax exemptions and the exemptions from procedural compliances under the Companies Act makes it easier to manage the group wide funds, with more flexibility and lesser compliance burden. 

https://vinodkothari.com/resources-on-ifsca/

RBI Trade Relief Directions: How is your company impacted?

/0 Comments/in , , , , , /by

– Team Finserv | finserv@vinodkothari.com

Call it Trump relief! The RBI announced relief measures on the 14th Nov to help the exporters of certain specified items, who may have availed export credit facilities from a regulated lender, whereby all regulated entities (REs) “may” provide a moratorium, from 1st September 2025 to 31st December, 2025. The grant of such a relief shall be based on a policy, consisting of the criteria for grant of the subject relief, and such criteria shall be disclosed publicly. Not only this, REs shall also make a fortnightly disclosure of the reliefs granted to eligible borrowers on a RBI format on Daksh portal.

The Reserve Bank of India (Trade Relief Measures) Directions, 2025 (‘Directions’) are applicable to NBFCs and HFCs as well. This is accompanied with amendment to Foreign Exchange Management (Export of Goods and Services) (Second Amendment) Regulations, 2025 for extension of the period for both realization/repatriation of export value (from 9 to 15 months) and the shipment of goods against advance payment (from 1 to 3 years).

Highlights:

  • Whether your company grants an export credit or not, if your borrower is the one who has availed export credit for export of specified goods or services, the borrower may approach you for the moratorium.
  • Are you bound to grant the moratorium? Answer is, no. However, basis a policy which is publicly hosted, you will consider the eligibility of the borrower. The relevant factors on which the eligibility will be examined may also form a part of the policy, and ideally, should include the extent of dependence on exports of specified items to the USA, tariff-based disruption in the cashflows, alternative markets and transitioning possibilities, etc.
  • Effective: Immediately. 
  • Actionables: (a) Framing of policy to consider the eligibility of affected borrowers; (b) Hosting the policy on public website; (c) Creating mechanism for receiving and transmission of borrower requests for the moratorium and giving timely responses to the same (d) RBI fortnightly reporting.

What is the intent?

To mitigate the disruptions caused by global headwinds, and to ensure the continuity of viable businesses.

Tariff impositions by the USA are likely to impact several exporters. There may be a ripple effect on penultimate sellers or other segments of the economy as well, but the intent of the Trade Relief Directions seems limited to the direct exporters only.

Which all regulated entities are covered?

The Directions are applicable to following entities:

  • Commercial Banks
  • Primary (Urban) Co-operative Banks, State Co-operative Banks and Central Co-operative Banks
  • NBFCs
  • HFCs
  • All-India Financial Institutions
  • Credit Information Companies (only with reference to paragraph 16 of these Directions).

Does it matter whether the RE in question is giving export credit facilities or not? In our view, it does not matter. The intent of the Directions is to mitigate the impact of trade disruptions. Of course, the borrower in question must be an exporter, must have an export credit facility outstanding as on 31st Aug 2025, and the same must be standard.

If these conditions are met, then the RE which holds the export credit, as also other REs (of course, the nexus between the trade disruption and the servicing of the credit facility will have to be seen) should consider the borrower for the purpose of grant of relief.

Relief may or may not be granted. 

Policy on granting relief

The consideration of the grant of relief will be based on a policy. 

Below are some of the brief pointers to be incorporated in the policy: 

  1. Purpose and Scope: define which loan products, sectors, or borrower categories are covered; effective period for granting relief
  2. Eligibility Criteria for borrowers
  3. Assessment criteria for relief requests received from the borrowers
  4. Authority responsible for approving such request
  5. Relief measures that can be offered to borrowers
  6. Impact on asset classification and provisioning
  7. Disclosure Requirements
  8. Monitoring and Review: Authority which is responsible for monitoring such accounts; periodicity of review

How is the assessment of eligible borrowers to be done?

In our view, the relevant information to be obtained from the candidates should be:

  • Total export over a relevant period in the past, say 3 years
  • Break up of export of “impacted items” and other item
  • Of the above, exports to the USA
  • Gross profit margin
  • Impact on the cashflows
  • Information about cancellation of export orders from US importers
  • Any damages or other payments receivable from such importers
  • Any damages or other payments to be made to the penultimate suppliers
  • Alternative business strategies – repositioning of markets, alternative buyer base, etc
  • Cashflow forecasts, and how the borrower proposes to pay after the Moratorium Period.

What sort of lending facilities are covered?

Please note the following from the preamble: “mitigating the burden of debt servicing brought about by trade disruptions caused by global headwinds and to ensure the continuity of viable businesses”. Therefore, clearly, the relief intended here is one where “trade disruptions” create such a burden on debt servicing, which may impact the viability of the business.

From this, it implies that the entity in question must be a business entity, and the loan in question should be a business loan. 

In our thinking, the following facilities seem covered:

  1. Export credits of all forms, including packing credit, funded as well as unfunded, letters of credit, etc.
  2. Buyer’s credit or facilities for inward acquisitions/purchases by an exporter
  3. Cash credits, overdrafts or working capital related facilities, intended for export business of impacted items.
  4. Term loans relating to an impacted business
  5. Loans against property, where the end use is working capital

Eligible and ineligible borrowers:

Eligible borrowers:

  • Borrowers who have availed credit for export
  • Borrower had an outstanding export credit facility from a RE as of August 31, 2025 (However, in case the borrower has a sanctioned facility pending disbursement as on Aug 31, the same shall not be eligible)
  • Borrower with all REs was/were classified as ‘Standard’ as on August 31, 2025

In our view, the following borrowers/ credit facilities are not eligible for the relief:

  • Individuals or borrowers who have not borrowed for business purposes
  • Home loans or loans against specific assets or cashflows, where the debt servicing is unconnected with the cash flows from an export business
  • Loans against securities or against any other financial assets
  • Gold loans, other than those acquired for business purposes
  • Car loans, loans against commercial vehicles or construction equipment, unless the borrower is engaged in export business and the cashflows have a nexus with such business
  • Borrower is engaged in exports relating to any of the sectors specified
  • Borrower accounts which were restructured before August 31, 2025
  • Accounts which are classified as NPA as on August 31, 2025

Consider a borrower who is not an exporter himself, but an ancillary supplier, supplying to a trading house. Will such a penultimate exporter be covered by the Relief Directions? In our view, the answer is negative, as the “eligible borrowers” are defined to mean an exporter.

Impacted items and impacted markets

The list of impacted items broadly covers a wide spectrum of manufacturing and export-oriented sectors, including marine products, chemicals, plastics, rubber, leather goods, textiles and apparel, footwear, stone and mineral-based articles, jewellery and precious metals, metal products, machinery, electrical and electronic equipment, automobiles and auto components, medical and precision instruments, and furniture and furnishing items.

Is it mandatory that the borrower shall be exporting to USA? While the Directions do not specifically mandate that the borrower shall be exporting to the USA, the concerned REs should, as part of their assessment, evaluate whether the borrower genuinely requires such relief measures and, in our view, should consider the extent to which the borrower depends on exports of the specified items to the USA.

Why have HFCs been covered?

Generally speaking, the servicing of home loans is not supposed to be based on business cashflows, and therefore, the impact of trade disruptions on servicing of a home loan does not seem easy to establish.

However, HFCs grant other credit facilities too, including LAP or business loans. Therefore, there is no carve out for HFCs as such. HFCs are also expected to prepare the policy referred to above and be sensitive to requests from impacted borrowers.

Is the moratorium retrospective?

Yes, clearly, the moratorium is retrospective, as it covers the period from 1st September to 31st December. This is the range over which the moratorium may be granted; of course, the decision as to how much moratorium, within the above maximum range, is warranted in the particular case, is that of the lender. Let us call the agreed moratorium as the Moratorium Period.

If the moratorium is granted from 1st Sept., then any payments which were due for the period covered by the Moratorium Period will  not be taken as having fallen due. This will have significant impact on the loan management systems:

  • Considering that we are already in the middle of November, the day count for any payments due during the part of the Moratorium Period will be set to zero. In other words, day count will stop during the Moratorium Period. Thus, if an account was showing a DPD status of 60 days as on Aug 31, 2025, the DPD count will remain at a standstill till the moratorium period is over.
  • However, in case a borrower has made payment during the moratorium period, will the DPD count decrease or will it remain the same? 

The RBI Directions state that the days past due (DPD) count during the moratorium period will be excluded. However, this does not imply that a borrower who makes payments during this period should be denied the corresponding benefit. In our view, if a payment is received from the borrower, the DPD count should accordingly be reduced.

  • Any payments already made during the part of the Moratorium Period already elapsed may be taken towards principal, or may be held to be adjusted against the future dues of the borrower, after the Moratorium Period. This should also, appropriately, be captured in the policy.
  • Further, for accounts for which the CIC reporting has already been done on or after Aug 31, 2025, and the lender decides to extend the moratorium benefit, it must be ensured that the DPD count is revised so as to reflect the status as on Aug 31, 2025. 

Do lenders have to necessarily grant moratorium, or grant partial interest/principal relief?

The RBI Directions do not mandate REs from granting such relief measures. Accordingly, the concerned RE will need to assess individual cases based on the sectors, the need for such relief and the extent to which such relief may be granted. 

Lenders may grant full moratorium during the Moratorium Period, or may grant relief as may be considered appropriate.

Do lenders take positive actions, or simply respond to borrower requests?

The lenders must establish a policy for granting such relief measures prior to extending any relief, as the authority to do so will be derived from this policy. As discussed above, the discretion to grant relief rests with the concerned RE; therefore, each request submitted by a borrower must be evaluated on an individual basis.

For this purpose, the following information must be obtained from the borrowers seeking relief:

  1. The concerned sector and how the same has been impacted necessitating such relief
  2. Information relating to the current financial condition of the business of the borrower
  3. Facilities taken and outstanding with other REs 

Non-compounding of interest during the Moratorium Period:

Para 9 (iii) provides that while interest will accrue during the Moratorium Period, but the interest shall be simple, that is, shall not be compounded.

This may require REs to tweak their loan management systems to stop the compounding of interest during the Moratorium Period. 

However, the actual population of affected borrowers for a particular RE may be quite limited. Hence, REs may do manual or spreadsheet-based adjustments for affected borrowers, instead of making adjustments to their LMS itself.

Recomputation of facility cashflows after Moratorium:

During the moratorium period, as per the RBI directive, the lender can only accrue simple interest. Accordingly, the IRR of the credit facility will have a negative impact unlike the covid moratorium where the compound interest loss was compensated by the central government. 

Further, it has also been provided that the accrued interest may be converted into a new term loan which shall however be repayable in one or more installments after March 31, 2026, but not later than September 30, 2026. Accordingly, the accrued interest should anyhow be received by September 30, 2026.

Similar moratoriums in the past

  • Moratorium on loans due to COVID-19 disruption: Refer to our write-up here.
  • Moratorium 2.0 on term loans and working capital: Refer to our write-up here.

Our write-ups on similar topics:

Data Privacy Law and Rules notified: 18 months’ time to implement

/0 Comments/in , , /by
Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [559.19 KB]