Posts

Control and Assurance Functions for NBFCS- RBI Proposes Consolidation

  • Harshita Malik | finserv@vinodkothari.com

The RBI issued the Reserve Bank of India (Non-Banking Financial Companies – Governance) Directions, 2025 (‘Governance Directions’) on November 28, 2025, consolidating all governance-related instructions for NBFCs into a single master framework. While the said exercise addressed regulations around Board composition, fit and proper criteria, KMP compensation, and related matters, it left the two core control/assurance functions, namely, compliance and internal audit, governed by separate circulars. The draft Reserve Bank of India (Non-Banking Financial Companies – Governance) Amendment Directions, 2026 (‘Amendment Directions’), issued for public comments, absorbs the CCO Circular and RBIA Circular into the Governance Directions and proposes certain amendments to the risk management framework. 

Effective Date: The Amendment Directions propose an effective date of January 1, 2027, upon formal notification.

The amendments introduced go beyond mere consolidation of existing circulars; they introduce new obligations and structural changes to the governance norms. Key changes are given below, for banks, refer to our article here.

  1. Important concepts defined: The Amendment Directions contain new definitions of key concepts relating to control and assurance functions, including ‘Assurance’, ‘Clawback’, ‘Compliance’, ‘Compliance Culture’, ‘Compliance Function’, ‘Compliance Risk’, ‘Control Functions’, ‘Internal Audit Function’, ‘Internal Audit Plan’, ‘Internal Controls’, ‘Risk Appetite’, ‘Risk Limits’, ‘Risk Management’, and ‘Risk Management Function’.
  2. Common instructions for CRO, CCO and HIA: The Amendment Directions provide a unified set of provisions for the three heads of control and assurance functions, namely, Chief Risk Officer (CRO), Chief Compliance Officer (CCO), and Head of Internal Audit (HIA), covering eligibility, appointment conditions (seniority ≤2 levels below MD & CEO, Board approval, tenure ≥3 years, premature removal requiring Board approval), independence, and reporting lines (functional to Board/ACB; administrative to MD & CEO). Does this mean that the same person can be appointed as the CCO and HIA? Given that the role of the HIA includes oversight on compliance risk, it will be counter-intuitive to have the same person as the head of the compliance function as well as the head of internal audit. Similar instructions have also been introduced for banks.
  3. Relaxation for Base Layer continues and further enhancement- Under the existing framework, the CCO framework was applicable on Middle Layer NBFC and appointment of CRO and RBIA Framework on those with an asset size more than ₹5000 crore, respectively. The said exemption for base layer NBFCs continues and further even includes the requirement of constituting the RMC. 
  4. ₹5,000 crore threshold for mandatory RMC: NBFCs with total assets of ₹5,000 crore or above must constitute a RMC and establish a Risk Management Function headed by a CRO; the RMC is responsible for evaluating overall risks, including liquidity risk, and reporting to the Board. The existing regulations require the RMC to be constituted by all NBFCs irrespective of asset size, and hence, this may be seen as a major relaxation.
  5. Quarterly Board meetings without Senior Management: CCO, CRO, and HIA must meet the Board or ACB at least once every quarter without the presence of Senior Management (including MD/CEO/WTD), and must have direct and unrestricted access to the Board/ACB to communicate concerns without management interference.
  6. Stricter external hiring restrictions: Consultants, advisors, part-time auditors, or individuals who are neither on the NBFC’s payroll nor have a contractual employer-employee relationship with the NBFC shall not be appointed/designated as CRO, CCO, or HIA. The same criteria has been prescribed for banks as well.
  7. Differentiated intimation timelines to RBI/NHB: For CCO and HIA (NBFC-ML and above), appointment/premature transfer/removal/exit/change in tenure must be reported to DoS, RBI/NHB at least five working days in advance, with candidate profile and fit & proper confirmation; for CRO, such intimation must be made within five working days, accompanied by the candidate’s profile.
  8. CRO’s role in credit committee and override mechanism: CRO shall be an invitee to credit sanction/approval committee meetings without voting rights; where risk/exposure is assumed contrary to CRO advice without adequate mitigation, the responsibility rests with the next higher authority in the delegation matrix (except where the Board is the risk-assuming authority), and all such cases must be reported to the Board/RMCB.
  9. Internal audit of Compliance and Risk Management Functions: The Compliance Function and Risk Management Function shall be subject to regular internal audit.
  10. New tenure and audit-cycle mandates for Internal Audit: Staff posted to the Internal Audit Function shall ordinarily have a tenure of at least three years, and all significant activities shall be audited over a defined cycle ordinarily not exceeding three years, with high-risk areas reviewed more frequently.
  11. RBIA adoption and NBFC-BL exemption: All NBFCs shall adopt a Risk-Based Internal Audit (RBIA) approach focusing on higher risk, materiality, systemic relevance, and supervisory concerns as given in Annex I-A of the Amendment Directions; adoption of RBIA is voluntary for NBFC-BL. As per the Companies Act, internal audit is applicable even on private companies having a turnover of ₹ 200 crore rupees or outstanding loans or borrowings exceeding ₹100 crore or more. This means that even Base Layer NBFCs can be subjected to internal audit requirements. However, risk-based internal audit will be applicable only in case of Middle Layer and above entities. RBIA is an audit methodology that focuses on identifying, assessing, and prioritising the most significant risks faced by an organisation, and allocating audit resources accordingly. Unlike traditional compliance-oriented audits, RBIA aligns audit activities with the NBFC’s risk management framework and strategic objectives. Refer to our article on RBIA – here.
  12. Periodic external review for NBFC-UL Risk Management Function: NBFC-UL shall subject its Risk Management Function to periodic external review to benchmark practices and strengthen effectiveness. However, in the case of banks, all three functions- compliance, risk and internal audit are subject to external review.
  13. Formal Risk Exposure Matrix (9-cell grid) & Risk Audit Prioritisation Matrix (Magnitude vs. Frequency): The Amendment Directions introduce two formalised, structured risk assessment and prioritisation tools under the RBIA framework (Annex I‑A).
  14. Assumption of risk exposure contrary to the advice of CRO: If risk is taken contrary to the CRO’s advice without adequate mitigation, the responsibility lies with the next higher authority in the delegation matrix (except when the Board is the risk-assuming authority). All such cases must be reported to the Board/RMC.
  15. Intimation of appointment to RBI/NHB: For CCO and HIA: Report appointment/premature transfer/removal/exit/change in tenure at least 5 working days in advance (pre-event intimation). Intimation to include profile and fit & proper confirmation by the competent authority. Appointment may be communicated to the candidate only after the five-day window, unless a contrary communication is received from RBI/NHB. For CRO: Report appointment/premature transfer/removal/exit/change in tenure within 5 working days (post-event intimation).

For ease of reference, the amendments have been classified into three categories and detailed below:

  1. Changes Common for CCO, CRO and HIA
ProvisionDraft Amendment DirectionsCurrent Directions/Circulars
RankNot more than two levels below MD & CEO (for SPDs: not more than three level; for NBFC-BL: as per policy)CCO shall be not below two levels from CEO; for NBFC-ML, relaxable by one further level
Appointment tenureOrdinarily not less than three years with no explicit relaxation. Premature transfer/removal requires Board approvalBoard permitted to relax the minimum three-year tenure by one year in exceptional cases for CCO.
External HiringExternal hiring permitted, however, consultants, advisors, part-time auditors, or individuals without employer-employee relationship with the NBFC.External hiring permitted, no negative list prescribed
Reporting LineFunctional reporting: Board/ACB; Administrative: MD & CEOReporting by CCO to MD & CEO was the primary option; Board reporting was an alternative.
Quarterly meeting without senior managementMeet Board/ACB quarterly without Senior Management (including the MD / CEO / WTD)CCO and CRO shall meet the Board or ACB at least once a quarter without the presence of the Senior Management (including the MD / CEO / WTD)
Intimation to RBI/NHBFor CCO and HIA:report appointment/premature transfer/removal/exit/change in tenure at least 5 working days in advance (pre-event intimation). Intimation to include profile and fit & proper confirmation by competent authority. Appointment may be communicated to the candidate only after the five-day window, unless a contrary communication is received from RBI/NHB

For CRO:Report appointment/premature transfer/removal/exit/change in tenure within 5 working days (post-event intimation)
Prior intimation was required for appointment of CCO without specifying a minimum period. Intimation to include Detailed profile of candidate, fit and proper certification by MD & CEO confirming the person meets prescribed supervisory requirements and rationale for changes, if applicable.
Internal auditCompliance Function and Risk Management Function shall be subject to regular internal auditNo explicit requirement that Compliance must be audited by IA
  1. Changes Specific to CRO
ProvisionDraft Amendment DirectionsGovernance Directions
Threshold for RMCNBFCs with assets ≥ ₹5,000 croreAll NBFCs
CRO’s role in credit decisionCRO shall be an invitee to the meetings of the credit sanction / approval committee, without any voting rights.CRO shall have voting power and all members shall individually and severally be liable.
Contrary risk adviceAssumption of any risk / exposure, contrary to the advice of the CRO, without incorporating adequate risk mitigation measures, shall rest with the next higher authority in the delegation matrix.No equivalent provision.
Risk Management Function dutiesEnsure NBFC operates within risk appetite; assess risks independently – Implement NBFC-wide risk strategy aligned with Board-approved risk appetite; clear risk limits; allocate parameters – Robust information infrastructure for capital/liquidity, granular monitoring, consolidated reporting – Continuously evaluate exposures vs. limits; challenge business decisions; escalate critical issues to SM/Board/RMCBCRO had similar duties but risk appetite/limits were not defined and escalation mechanism was not explicitly prescribed
External review of Risk Management FunctionNBFC-UL shall subject Risk Management Function to periodic external review to benchmark practices and strengthen effectivenessNo explicit external review requirement for Risk Management Function
  1. Changes in Internal Audit Function – RBIA
ProvisionDraft Amendment DirectionsRBIA Circular
Applicability of CRONBFC-ML and above (mandatory), thus, making it mandatory for ML entities irrespective of asset size; NBFC-BL (voluntary).Deposit-taking NBFCs (all sizes) and non-deposit-taking NBFCs with assets ≥ ₹5,000 crore
Tenure of internal auditorsStaff posted to Internal Audit Function should ordinarily have a tenure of at least three yearsNo specified tenure for internal audit staff
Internal audit cycleAll significant activities audited over a defined cycle ordinarily not exceeding three years; high-risk areas to be reviewed more frequentlyNo specified audit cycle
Structured RBIA FrameworkRisk Exposure Matrix (9-cell grid, inherent risk vs. control risk) and Risk Audit Prioritisation Matrix (magnitude vs. frequency) has been specified.No such formal risk matrix was specified.

Private sector banks to continuously monitor major shareholders

RBI Directions, 2023 require banks to have a mechanism to detect violation w.r.t. RBI prior approval and ‘fit and proper’ status

– Vinita Nair, Senior Partner | corplaw@vinodkothari.com

Given their systemic significance, ensuring that ownership of banks neither gets concentrated, nor falls into wrong hands, has always been important. Therefore, acquisition of shares or voting rights (‘S/VR’) is strictly regulated by Section 12B of Banking Regulation Act, 1949 (‘BR Act’), supplemented by RBI Directions issued from time to time. In the case of public sector banks, there is a ceiling of 10% of the total voting rights for shareholders other than the Central Government.

Section 12B of BR Act prescribes the requirement of prior approval of RBI in case of a person intending to become a “major shareholder”, that is, a holder with 5% of the S/VR in a banking company. The requirement is applicable where a person acquires or agrees to acquire S/VR, which could be (a) either directly or indirectly, and (b) whether alone, or  by acting in concert with any other person. Hence, there is a need to do both horizontal aggregation [that is, relatives[1] and persons acting in concert (PAC)[2]], as well as vertical aggregation (that is, indirect acquisition through controlled entities or “associated enterprises[3].

This article discusses the possible pain points likely to be faced by the banks, other requirements under the new regime and actionable arising therefrom.

Read more

De-novo Master Directions on PPIs

I. Introduction

The Reserve Bank of India (RBI) on August 27, 2021, issued the Master Directions on Prepaid Payment Instruments[1] (‘Master Directions’) repealing the Master Directions on Issuance and Operation of Prepaid Payment Instruments[2] (‘Erstwhile Master Directions’) with immediate effect. These Master Directions have been issued keeping in mind the recent updates to the Erstwhile Master Directions.

In this write-up we aim to cover the major regulatory changes brought about by the Master Directions.

II. Overview of key changes

1.  Classification of PPIs instruments

The Erstwhile Master Directions classified PPIs into three categories namely closed ended PPIs which could be issued by anyone and required no RBI approval, semi-closed PPIs and open ended PPIs which could be issued only by Banks. The new Master Directions have also classified PPIs in three categories i.e. Closed-ended PPI, Small PPIs and Full-KYC PPIs. However, since closed-ended PPIs are not a part of the payment and settlement system, they are not regulated by the RBI. A brief snapshot of the nature of the other two types of PPIs is presented below:

Basis Small PPI Full KYC PPIs
With cash loading facility Without cash loading facility
Issuer Banks and non-banks after obtaining minimum details of PPI holder (mobile number verified with OTP; self-declaration of name and unique identity/identification number of any OVD) Banks and non-banks after completing KYC of holder
Identification Process Verification of mobile number through an OTP

Self-declaration of name and unique identify number of any OVD as recognized in KYC Master Directions

Video-based Customer Identification Process
Nature of PPI Reloadable and can be issued in electronic form.

 

Electronic payment transactions have been divided into two categories- transactions that do not require physical PPIs and those which require. Hence, even cards could be issued.

Reloadable and can be issued in card or electronic form.

 

Loading/Reloading shall be from a bank account / credit card / full-KYC PPI.

 

Reloadable and can be issued in electronic form.

 

Electronic payment transactions have been divided into two categories- transactions that do not require physical PPIs and those which require. Hence, even cards could be issued.

Maximum amount that can be loaded In a month: INR 10,000

In a year: INR 120,000

No maximum limits
Maximum outstanding amount at any point of time INR 10,000 INR 200,000
Limit on debit during a month INR 10,000 per month No limit No limit
Usage of funds For purchase of goods and services only.

Cash withdrawal or fund transfer not permitted

 

Transfer to source or bank account of PPI holder, other PPIs, debit or credit card permitted subject to:

 

Pre-registered benefit – maximum INR 200,000 per month per beneficiary

 

Other cases – maximum INR 10,000

Cash Withdrawal Not permitted Permitted subject to limits:

 

INR 2000 per transaction and

INR 10,000 per month

Conversion To be converted into full-KYC PPIs within a period of 24 months from the date of issue of the PPI. Small PPI with cash loading can be converted into Small PPI without cash loading, if desired by the PPI holder. Not applicable
Restriction on issuance to a single person Cannot be issued to same person using the same mobile number and same minimum details more than once. No such restriction No such restriction
Closure Funds transferred back to source or Holders bank account after complying with KYC norms

 

Funds transferred to pre-designated bank account or

 

PPIs of the same issuer

 

The concept of ‘Small PPI’ and ‘Full-KYC PPI’ cannot be said to be a new introduction, rather, it is more of a merger of the existing variety of semi closed PPIs in Small PPI and the open ended PPI to Full KYC PPI. However, an important change that has been inserted is the recognition of non-bank PPI issuers to issue Full KYC PPI, who were earlier not allowed to issue open ended PPIs.

2. Validity of Registration

Earlier, the Certificate of Authorisation was valid for five years unless otherwise specified and was subject to review including cancellation of the same. However, under the Master Directions, the authorisation is granted for perpetuity (even for existing authorisation which becomes due for renewal) subject to compliance with the following conditions:

  1. Full compliance with the terms and conditions subject to which authorisation was granted;
  2. Fulfilment of entry norms such as capital, net worth requirements, etc.;
  3. No major regulatory or supervisory concerns related to operations, as observed during onsite and / or offsite monitoring;
  4. Efficacy of customer grievance redressal mechanism;
  5. No adverse reports from other departments of RBI / regulators / statutory bodies, etc.

Also, the concept of ‘cooling period’ was introduced in December 2020[3], for effective utilisation of regulatory resources. PPI issuer whose CoA is revoked or not-renewed for any reason; or CoA is voluntarily surrendered for any reason; or application for authorisation has been rejected by RBI; or new entities that are set-up by promoters involved in any of the above categories; will have a one year cooling period. During the said cooling period, entities shall be prohibited from submission of applications for operating any payment system under the PSS Act.

3. Cross border transactions in Indian denomination

The Erstwhile Master Directions provided that Cross Border Transactions in INR denominated PPIS was allowed only by way of KYC compliant semi-closed and open PPIs which met the conditions specified therein. However, under the Master Directions, such issuances have been permitted only in the form of Full-KYC PPI and other conditions as prescribed earlier have not been altered.

4. Maintenance of Current Account

Apart from maintaining an escrow account with a scheduled commercial bank, non-bank PPI issuer that is a member of the Centralised Payment Systems operated by RBI i.e. non-bank issuers as covered under Master Directions on Access Criteria for Payment Systems[4] which have been allowed to access Real Time Gross Settlement (RTGS) System and National Electronic Fund Transfer (NEFT) Systems and any other such systems as provided by RBI, shall also be required to maintain a current account with the RBI.

Transfer from and to such current account is permitted to be credited or debited from the escrow account maintained by the PPIs.

5. Ensuring additional safety norms

  • To ensure safety and security, PPIs issuers are now required to put in place a Two Factor Authentication (2FA) in place for all wallet transactions involving debit to wallet transactions including cash withdrawals. However, it is not mandatory in case of PPI-MTS and gift PPIs.
  • The Erstwhile Master Directions required PPI issuers to put in place a mechanism to send alerts to the PPI holder regarding debit/credit transactions, balance available /remaining in the PPI. In addition to the same, the Master Directions now require issuers to send alerts to the holder even in case of offline transactions. The issuer may send a common alert for all transactions as soon as the issuer receives such information. Separate alerts for each transaction shall not be required.

6. Miscellaneous

  • In case of co-branding, additionally it has been specified that the co-branding partner can also be a Government department / ministry.
  • The Erstwhile Master Directions provided banks and non-banks a period of 45 days to apply to the Department of Payment and Settlement Systems (DPSS) after obtaining the clearance under the Payment and Settlement Systems Act, 2007. The same has now been reduced to 30 days from obtaining such clearance.
  • In addition to the satisfactory system audit report and net worth certificate, RBI also requires issuers to submit a due diligence report for granting final Certificate of Authorisation (CoA).
  • Transfer of funds back to source account in case of Gift PPIs has been allowed after receiving the consent of the PPI holder.
  • To improve customer protection and grievance redressal, the Master Directions have provided customers of non-bank PPI issuers to have recourse to the Ombudsman Scheme for Digital Transactions.

7. Effect on existing issuers

The timeline for complying with the minimum positive net-worth of 15 crores by non-bank PPI issuers has been extended and shall now be met with by September 30, 2021 instead of March 31, 2020. Non-bank issuers shall submit the provisional balance sheet indicating the positive net-worth and CA certificate to the RBI on or before October 30, 2021, failing which they may not be permitted to carry on their business.

III. Conclusion

In this write-up we have aimed to cover the gist of changes introduced in the Master Directions as compared to the Erstwhile Master Directions. The changes made in the regulatory framework for the PPIs have created a level playing field for banks and non-banks, especially, with respect to issuance of full KYC PPIs. Comparatively, the new directions are way more liberal than the earlier one, which only indicates how bullish the regulator must be with respect to PPIs.

 

[1] https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12156#MD

[2] https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=11142

[3] https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12001&Mode=0

[4] MD51170116C65788DE8A564165B74D5FECE0626A73.PDF (rbi.org.in)

Banking exposure to open the current account by the banks

-Siddarth Goel (finserv@vinodkothari.com)

Background

Declaration from current account customers

The RBI issued a circular dated August 06, 2020, whereby the regulator instructed all scheduled commercial banks and payments banks shall not open a current account for customers who have availed credit facilities in form of cash credit (CC)/overdraft (OD) from the banking system. The motive behind the circular being that all the transactions of borrowers should be routed through the CC/OD account.

The genesis of this circular was in RBI circular dated May 15, 2004, where banks were advised that at the time of opening of current accounts for their customers, they have to insist on a declaration form by the account-holder to the effect that he is not enjoying any credit facility with any other bank or obtain a declaration giving particulars of credit facilities enjoyed by such customer. The move was in essence to secure the overall credit discipline in banking so that there is no diversion of funds by the borrowers to the detriment of the banking system. Post-May 15, 2004, a clarification notification was issued by the regulator dated August 04, 2004, stipulating that in case there is no response obtained concerning NOC after waiting a minimum period of a fortnight, the banks may open current accounts of the customers.

Thus there was an obligation on banks to scrupulously ensure that their branches do not open current accounts of entities that enjoy credit facilities (fund based or non-fund based) from the banking system without specifically obtaining a No-Objection Certificate (NOC) from the lending bank(s). Further, the non-adherence by banks as per the circular is to be perceived as abetting the siphoning of funds and such violations which are either reported to RBI or noticed during the regulator inspection would make the concerned banks liable for penalty under Banking Regulation Act.

Establishment of CRILC

The RBI established a Central Repository of Information on Large Credits (CRILC). The CRILC was established in connection to the RBI framework “Early Recognition of Financial Distress, Prompt Steps for Resolution and Fair Recovery for Lenders: Framework for Revitalising Distressed Assets in the Economy“. As under the framework banks were required to furnish credit information to CRILC on all their borrowers having aggregate fund-based and non-fund based exposure of Rs. 5 Crores and above with them. Besides banks were required to furnish current accounts of their customers with outstanding balance (debit or credit) of Rs 1 Crore and above to the CRILC. The reporting under the extant framework was to determine SMA-0 classification, where the principal or interest payment is not overdue for more than 30 days but account showing signs of stress. An increase in the frequency of overdrafts in current accounts is one of the illustrative methods for determining stress.

Reposting of large credits

Post establishment of CRILC, a subsequent guideline on the opening of current accounts by banks was issued by the RBI via circular dated July 02, 2015, dealing with the same subject. To enhance credit discipline, especially for the reduction in NPA level in banks, banks were asked to use the information available in CRILC and not limit their due diligence to seeking NOC. Banks were to verify from the data available in the CRILC database whether the customer is availing of credit facility from another bank.

The chart below highlights the series and events and relevant circulars.

Credit Discipline- August 06, 2020 Circular

As per the circular dated August 06, 2020, issued by the regulator on Opening of Current Accounts by Banks – Need for Discipline (‘Revised Guidelines’), there are two aspects that need to be considered before opening a CC/OD facility or opening the current account of the customer. The Revised Guidelines provides a clear guiding flowchart for banks to follow when the customer approaches a bank for opening of the current account, the same has been categorised into two scenarios which could be considered by the banks to comply with the revised guideline.

Case 1: Customer wants to avail or is already having a credit facility in form of CC/OD

Case 2: Customer wants to open a current account or have an existing current account with the bank

 

Further, there is a requirement on banks to monitor all CC/OD accounts regularly at least quarterly, especially concerning the exposure of the banking system to the borrower. There has been an ambiguity surrounding what would amount to ‘exposure’ under the Revised Guidelines.

‘Exposure to the banking system’ under Revised Guidelines

The Revised Guidelines provides that exposure shall mean the sum of sanctioned ‘fund based and non-fund based credit facilities’. However, there is a regulatory ambiguity, since neither the term used by the RBI has been specifically defined in the Revised Guideline nor elsewhere under any other regulations. There is no straight jacket exclusive definition for determining as to what exposure banks should include determining funded and non-funded credit facilities. Therefore, based on back-tracing of regulatory regime an inclusive list can be of guidance for banks and borrowers especially large borrowers (like NBFCs and HFCs) and other financial institutions and corporates who rely on banking facilities (current account and CC/OD) extensively for their business.

The CRILC may not be the only source for banks while the collection of borrower’s credit information. Other modes could be information by Credit Information Companies (CICs), National E-Governance Services Ltd. (NeSL), etc., and even by obtaining customers’ declaration, if required. However, since the revised guideline stresses on borrowers having exposure more than 5 crores, therefore, information disseminated by the banks to CRILC is a good point to start with and to comply with under the revised guidelines. The circular dated July 02, 2015, draws reference to the Central Repository of Information on Large Credits (CRILC) to collect, store, and disseminate data on all borrowers’ credit exposures. The guideline further provided banks to verify the data available in the CRILC database whether the customer is availing credit facility from another bank. Further even under the Guidelines on “Early Recognition of Financial Distress, Prompt Steps for Resolution and Fair Recovery for Lenders” dated January 30, 2014, provided that credit information shall include all types of exposures as defined under RBI Circular on Exposure Norms.

The RBI Exposure Norms dated July 01, 2015, defines exposure as;

“Exposure shall include credit exposure (funded and non-funded credit limits) and investment exposure (including underwriting and similar commitments). The sanctioned limits or outstandings, whichever are higher, shall be reckoned for arriving at the exposure limit. However, in the case of fully drawn term loans, where there is no scope for re-drawal of any portion of the sanctioned limit, banks may reckon the outstanding as the exposure.”

The banking exposure norms provide for two exposures; namely credit and investment exposures. Further RBI Exposure Norms defines ‘credit exposure’ and ‘Investment Exposure’ as follows;

“2.1.3.3. Credit Exposure

Credit exposure comprises the following elements:

(a) all types of funded and non-funded credit limits.

(b) facilities extended by way of equipment leasing, hire purchase finance and factoring services.

2.1.3.4 Investment Exposure

  1. a) Investment exposure comprises the following elements:

(i) investments in shares and debentures of companies.

(ii) investment in PSU bonds

(iii) investments in Commercial Papers (CPs).

  1. b) Banks’ / FIs’ investments in debentures/ bonds / security receipts / pass-through certificates (PTCs) issued by an SC / RC as compensation consequent upon sale of financial assets will constitute exposure on the SC / RC. In view of the extraordinary nature of the event, banks / FIs will be allowed, in the initial years, to exceed the prudential exposure ceiling on a case-to-case basis.
  2. c) The investment made by the banks in bonds and debentures of corporates which are guaranteed by a PFI1(as per list given in Annex 1) will be treated as an exposure by the bank on the PFI and not on the corporate.
  3. d) Guarantees issued by the PFI to the bonds of corporates will be treated as an exposure by the PFI to the corporates to the extent of 50 per cent, being a non-fund facility, whereas the exposure of the bank on the PFI guaranteeing the corporate bond will be 100 per cent. The PFI before guaranteeing the bonds/debentures should, however, take into account the overall exposure of the guaranteed unit to the financial system.”

The Revised Guidelines, specifically define exposure in a footnote to the revised guideline stipulating that to arrive at aggregate exposures in the footnote as follows;

“‘Exposure’ for the purpose of these instructions shall mean sum of sanctioned fund based and non-fund based credit facilities”.

Further the RBI in its subsequent FAQs on revised guidelines dated December 14, 2020, guided on what could be included in aggregate exposure.

4. Whether aggregate exposure shall include Day Light Over Draft (DLOD)/ intra-day facilities and irrevocable payment commitments, limits set up for transacting in FX and interest rate derivatives, CPs, etc.

All fund based and non-fund based credit facilities sanctioned by the banks and carried in their Indian books shall be included for the purpose of aggregate exposure.”

Further in FAQ No. 3 in the circular dated December 14, 2020, the RBI clarified that

3. For the purpose of this circular, whether exposure of non-banking financial companies (NBFCs) and other financial institutions like National Housing Bank (NHB) shall be included in computing aggregate exposure of the banking system.

The instructions are applicable to Scheduled Commercial Banks and Payments Banks. Accordingly, the aggregate exposure for the purpose shall include exposures of these banks only”

While the regulator evaded assigning express meaning as to what could be included while determining banking exposure and took an inclusive view. However, from the foregoing, it is amply clear that the credit facilities should include credit exposures (funded and not funded) that have been sanctioned by banks. Therefore, only exposures to banks and payments banks are to be included while calculating exposures, any or all the exposure of a borrower to the other financial institutions like NHB, LIC Housing, SIDBI, NABARD, Mutual funds & other development Banks are neither commercial banks nor payments banks hence are to be excluded. [The list of licensed payments banks by the RBI can be viewed here. ]

CIRLC captures credit information of borrowers having aggregate fund-based and non-fund based exposures of Rs. 5 Crores and above including investment exposures. The banks are required to submit a quarterly return to CIRLC. It is pertinent to note that total investment exposure is to be indicated separately under the head total investment exposure. While there is a need for a detailed breakup on fund-based and non-fund based credit facilities in the CIRLC return. The table below is an indicative list of (funded and non-funded) loans to be submitted from the CIRLC return.

 

Non-Funded credit exposure  Funded credit exposure
Letter of Credit Cash Credit/ Overdraft
Guarantees Working Capital Demand Loan (including CPs)*
Acceptances Inland Bills
Foreign Exchange Contracts Packing Credit
Interest Rate Derivatives (incl FX Interest Rate Derivatives) Export Bills
Term Loan
Credit equivalent of OBS/derivative exposure

*CP to be included in WCDL only if part of working capital sanctioned limit. All other CPs are to be considered as investment exposure.

Therefore, all the investment exposures of banks to the borrower such as investments in corporate bonds, shares, PTCs issued by asset reconstruction companies and securitisation companies, and others are to be excluded while arriving at aggregate fund-based and non-fund based credit facilities as under the Revised Guidelines. Nevertheless, the PTCs issued by NBFCs or HFCs are investment exposure of banks on the underlying loan pools and not on the originator entity. Similarly, exposure of a bank in a co-lending transaction is exposure on the ultimate obligor and not the co-originating partner NBFC.

 

 

Our Other Related Articles

Banking Regulation (Amendment) Ordinance By Vallari Dubey – Vinod Kothari Consultants

RBI guidelines on governance in commercial banks – Vinod Kothari Consultants

RBI proposes to strengthen governance in Banks – Vinod Kothari Consultants