RBI has published a draft “Guidance on Regulatory Principles for Model Risk Management, 2026” for public consultation and it’s the first time AI/ML models used in credit underwriting, customer interaction and other business processes get a dedicated regulatory lens, applicable across the full spectrum of REs, including NBFC-BL, ML, UL and TL.
Here’s what stood out for NBFCs deploying AI/ML:
𝟏. 𝐈𝐭’𝐬 𝐧𝐨𝐭 𝐣𝐮𝐬𝐭 𝐚𝐛𝐨𝐮𝐭 “𝐀𝐈” — 𝐬𝐜𝐨𝐩𝐞 𝐢𝐬 𝐰𝐢𝐝𝐞 A “model” now covers any system — including spreadsheet-based tools — that takes inputs, applies processing logic, and produces outputs materially affecting decisions, irrespective of whether the RE itself labels it a “model.” A loan pricing calculator that drives lending rates qualifies. Many NBFCs may discover they’re running more “models” than they thought.
𝟐. 𝐀𝐜𝐜𝐨𝐮𝐧𝐭𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐬𝐭𝐚𝐲𝐬 𝐰𝐢𝐭𝐡 𝐭𝐡𝐞 𝐍𝐁𝐅𝐂 — 𝐞𝐯𝐞𝐧 𝐟𝐨𝐫 𝐭𝐡𝐢𝐫𝐝-𝐩𝐚𝐫𝐭𝐲/𝐯𝐞𝐧𝐝𝐨𝐫 𝐀𝐈 Many NBFCs lean on fintech/vendor-provided AI for underwriting or collections scoring. The draft makes clear: outsourcing the model doesn’t outsource the risk. Independent validation by the RE is mandatory regardless of any certification the vendor provides, plus enhanced RMCB oversight irrespective of risk tier, and contractual rights to technical documentation and audit access.
𝟑. 𝐄𝐱𝐩𝐥𝐚𝐢𝐧𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐟𝐨𝐫 𝐦𝐚𝐭𝐞𝐫𝐢𝐚𝐥 𝐝𝐞𝐜𝐢𝐬𝐢𝐨𝐧𝐬 Credit underwriting models fall squarely in “material decision-making” territory — meaning higher explainability thresholds apply. If a model (e.g., a black-box ML scorecard) can’t fully explain itself, NBFCs must compensate with enhanced validation, output verification, frequent monitoring and usage restrictions.
𝟒. 𝐁𝐢𝐚𝐬 𝐚𝐧𝐝 𝐟𝐚𝐢𝐫𝐧𝐞𝐬𝐬 𝐭𝐞𝐬𝐭𝐢𝐧𝐠 𝐛𝐞𝐜𝐨𝐦𝐞𝐬 𝐞𝐱𝐩𝐥𝐢𝐜𝐢𝐭 NBFCs must proactively identify risks of discriminatory outputs — especially unfair treatment of customer groups in credit decisions — run fairness assessments, and recalibrate or redesign where needed.
𝟓. 𝐂𝐡𝐚𝐭𝐛𝐨𝐭𝐬, 𝐯𝐨𝐢𝐜𝐞 𝐛𝐨𝐭𝐬 & 𝐠𝐞𝐧𝐀𝐈 𝐜𝐮𝐬𝐭𝐨𝐦𝐞𝐫 𝐢𝐧𝐭𝐞𝐫𝐟𝐚𝐜𝐞𝐬 𝐠𝐞𝐭 𝐬𝐩𝐞𝐜𝐢𝐟𝐢𝐜 𝐠𝐮𝐚𝐫𝐝𝐫𝐚𝐢𝐥𝐬 For any AI model interfacing with customers, NBFCs must:
Disclose to customers that they’re interacting with an AI/ML system, with its limitations;
Provide an option to switch to a human when requested;
Guard against hallucinations via system-level controls (critical for generative AI);
Build in protections against prompt injection, adversarial inputs and anomalous usage;
Run structured “red-teaming” / challenge testing on such models
𝟔. 𝐇𝐮𝐦𝐚𝐧 𝐨𝐯𝐞𝐫𝐬𝐢𝐠𝐡𝐭 𝐢𝐬 𝐧𝐨𝐧-𝐧𝐞𝐠𝐨𝐭𝐢𝐚𝐛𝐥𝐞 Human-in-the-loop/on-the-loop arrangements, kill-switch/override mechanisms, and periodic human review of AI-driven decisions are mandated — with explicit attention to “automation bias” and decision fatigue among reviewing staff.
𝟕. 𝐆𝐨𝐯𝐞𝐫𝐧𝐚𝐧𝐜𝐞 𝐧𝐞𝐞𝐝𝐬 𝐭𝐨 𝐠𝐨 𝐭𝐨 𝐁𝐨𝐚𝐫𝐝 𝐥𝐞𝐯𝐞𝐥 A Board-approved Model Risk Management Framework covering AI/ML models is mandatory, with high-risk models requiring Risk Management Committee of the Board (RMCB) approval, risk-based tiering, a living model inventory, and decommissioned models retained for 10+ years.
𝐓𝐡𝐞 𝐭𝐚𝐤𝐞𝐚𝐰𝐚𝐲 𝐟𝐨𝐫 𝐍𝐁𝐅𝐂𝐬: this is currently in draft/consultation stage and will eventually replace Chapter 3 (Credit Risk Models) of RBI’s 2002 Guidance Note on Credit Risk Management. NBFCs using AI/ML for credit underwriting, collections, or customer-facing chat/voice interfaces should start mapping their existing models against this framework now — inventory, validation independence, explainability thresholds, and human oversight will likely demand real governance uplift, not just policy paperwork.
https://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.png00Staffhttps://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.pngStaff2026-06-24 20:11:342026-06-24 20:15:09RBI's Draft Model Risk Management Guidelines, 2026; What NBFCs using AI/ML Need to Know
https://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.png00Staffhttps://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.pngStaff2026-06-16 15:51:542026-06-16 18:41:02From Consent to Compensation: RBI’s Directions for REs on Sales Practices
The draft Capital Adequacy Amendment Directions of RBI propose changes to the existing Directions in relation to the Pillar 3 disclosure requirements (Market Discipline). The amendments are proposed to be made towards better alignment of the regulatory disclosure framework with the Basel norms. In addition to the new disclosure requirements with respect to Liquidity Risks and Macro-prudential Supervisory measures, the Draft proposes a move from narrative disclosures to a more structured, comprehensive transparency.
Proposed to be effective from: quarter ended 30th September, 2026
Highlights of the proposal
Banks to have formal disclosure policy for Pillar 3 data
Key elements of the policy to be described in the year-end Pillar 3 report or cross- referenced to another location where they are available
Formal attestation by one or more WTDs in writing that Pillar 3 disclosures have been prepared in accordance with the board-agreed internal control processes
Safeguarding proprietary and confidential information:
Disclosure not required for proprietary or confidential information that may reveal the position of a bank or contravene its legal obligations
More general information about the subject matter including the fact that specific items of information have not been disclosed and the reasons thereof.
Guiding principles of Pillar 3 disclosures specified
Disclosures to be clear, comprehensive, meaningful, consistent and comparable
Disclosure of data points for previous period not required in case of first-time reporting of a metric
For permitted transitions, the transitional data shall be reported unless the bank is compliant with fully loaded requirements
For regulatory disclosures on the website, archive period proposed to increase to 10 years, against existing 3 years’ requirement
Disclosure on Liquidity Risk Management measures
The proposed format, amongst others, incorporates a new field for liquidity related disclosures. This includes, qualitative and quantitative disclosures on liquidity risk management aspects, alongside disclosure of Liquidity Coverage Ratio (LCR) and Net Stable Funding Ratio (NSFR):
Qualitative disclosures: LRM governance Funding strategy including policies on diversification and tenor Liquidity risk mitigation techniquesExplanation of stress testingOutline of contingency funding plans
Quantitative disclosures: Measurement tools for structural liquidity and cash flow projections Concentration limits on collateral pools and sources of fundingLiquidity exposures and funding needs and entity and branch level including limitations on transferability of liquidityBalance sheet and off-balance sheet items broken down into maturity buckets and the resultant liquidity gaps
Contents of disclosure (Annex III)
Proposed Format
Existing Format
New Disclosures
Frequency of Disclosure
1. Overview of risk management, key prudential metrics, and RWA
Template KM1: Key metrics (at consolidated group level)
New addition in the form of summary table, cross-linked to respective detailed tables
Liquidity Coverage Ratio (LCR)
Net Stable Funding Ratio (NFSR)
Quarterly
Table OVA: Bank risk management approach
General qualitative disclosure requirement under Risk Exposure and Assessment
More granular information such as risk governance structure, qualitative information on stress testing etc.
Annual
Template OV1: Overview of RWA
No specific equivalent
RWAs and minimum capital requirements broken down for various risk categories: credit, CCR, market, operational etc.
Quarterly
2. Linkages between financial statements and regulatory exposures
Table LIA: Explanations of differences between accounting and regulatory exposure amounts
New table, some information overlap with Table DF-1: Scope of application
Qualitative explanations on the differences observed between accounting carrying value and amounts considered for regulatory purposes
Annual
Table LIB: Outline of the differences in the scope of consolidation (entity by entity)
Corresponds to Table DF-1: Scope of application
–
Annual
Template LI1: Differences between accounting and regulatory scopes of consolidation and mapping of financial statement categories with regulatory risk categories
No specific table; however, overlaps with Table DF-12: Composition of capital – reconciliation requirements
Breakdown of each component of balance sheet by risk framework — credit risk, CCR, securitisation, market risk, or not subject to capital requirements/ capital deduction
Annual
Template LI2: Main sources of differences between regulatory exposure amounts and carrying values in financial statements
No specific table; source of material differences between its total balance sheet assets (net of on-balance sheet derivative and SFT assets) as reported in its financial statements and its on-balance sheet exposures to be disclosed and detailed in line 1 of the common disclosure template.
Detailed template covers sources of differences, viz., valuation differences, netting differences, provisions, and prudential filters — by risk category column.
Only a single line-item within regulatory capital composition table
Break down PVAs by type (CVA loss, closeout cost, early termination, model risk, operational risk, funding costs, administrative costs, other) and by instrument category (equity, rates, FX, credit) and book (trading / banking).
Annual
3 Composition of Capital
Table CCA – Main features of regulatory capital instruments
Table DF-13: Main features of regulatory capital instruments
–
Ongoing, at least on a semi-annual basis
Template CC1 – Composition of regulatory capital
Table DF-11: Composition of capital
–
Semi-annual
Template CC2: Reconciliation of regulatory capital to balance sheet
Table DF-12: Composition of capital – reconciliation requirements
Higher granularity provided under each line-item
Semi-annual
4 Remuneration
Table REMA – Remuneration policy
Qualitative disclosures under Table DF-15: Disclosure requirements for remuneration
Annual
Template REM1 – Remuneration awarded during financial year
Quantitative disclosures under Table DF-15: Disclosure requirements for remuneration
More granular details sought
Annual
Template REM2: Special payments
Annual
Template REM3: Deferred remuneration
Annual
5. Credit Risk
Table CRA – General qualitative information about credit risk
Table DF-3: Credit risk: general disclosures for all banks
Specific disclosure w.r.t. credit risk function, viz.,
Structure and organisation of the credit risk management and control function
Relationships between the credit risk management, risk control, compliance and internal audit functions etc.
Annual
Template CR1: Credit quality of assets
Semi-annual
Template CR2: Changes in stock of non-performing loans and debt securities
Semi-annual
Table CRB: Additional disclosure related to the credit quality of assets
Breakdown of restructured exposures between standard and non-performing exposures.
Annual
Table CRC: Qualitative disclosure related to credit risk mitigation techniques
Table DF-5: Credit risk mitigation: disclosures for standardised approaches
On-balance sheet and off-balance sheet exposures for each asset class:
Before CCF and CRM
Post CCF and CRM
RWA and RWA density
Semi-annual
Template CR5: Standardised approach – exposures by asset classes and risk weights
Table DF-4 – Credit risk: disclosures for portfolios subject to the standardised approach (quantitative)
Risk weight buckets increased; existing format divides into 3 major risk buckets
Semi-annual
6. Counterparty credit risk
Table CCRA – Qualitative disclosure related to counterparty credit risk
Table DF-10: General disclosure for exposures related to counterparty credit risk
–
Annual
Template CCR1 – Analysis of counterparty credit risk (CCR) exposure by approach
Structured in a tabulated form with more granular data requirements
Semi-annual
Template CCR3 – CCR exposures by regulatory portfolio and risk weights
Semi-annual
Template CCR4 – Composition of collateral for CCR exposures
Semi-annual
Template CCR5 – Credit derivatives exposures
Template CCR6 – Exposures to central counterparties
7. Securitisation
Table SECA – Qualitative disclosure requirements related to securitisation exposures
Table DF-6: Securitisation exposures: disclosure for standardised approach
List of:
affiliated entities (i) that the bank manages or advises and (ii) that invest either in the securitisation exposures that the bank has securitised or where the bank acts as facility provider.
a list of entities to which the bank provides implicit support and the associated capital impact for each of them
Annual
Template SEC1 – Securitisation exposures in the banking book
Bifurcation based on:
bank as an originator and as an investor
STC and others
Semi-annual
Template SEC2 – Securitisation exposures in the trading book
Semi-annual
Template SEC3 – Securitisation exposures in the banking book and associated regulatory capital requirements – bank acting as originator
–
Semi-annual
Template SEC4 – Securitisation exposures in the banking book and associated capital requirements – bank acting as investor
–
Semi-annual
8. Market Risk
Table MRA – Qualitative disclosure requirements related to market risk
Table DF-7: Market risk in trading book
Elaboration of qualitative disclosures, viz.,
Strategies and processes
Structure and organisation of the market risk management function
Scope and nature of risk reporting and/or measurement systems.
Annual
Template MR1 – Market risk under the standardised approach
Classification of positions:
Outright products
Options – Simplified approach, delta-plus method or scenario approach
Semi-annual
9. Operational Risk
Table ORA: Disclosure related to operational risk and operational resilience
Table DF-8: Operational risk
Elaboration of qualitative disclosures
10. Interest rate Risk
Table IRRA: Disclosure related to Interest Rate Risk
Table DF-9: Interest rate risk in the banking book (IRRBB)
Elaborated qualitative disclosures
Annual for qualitative disclosure and semiannual for quantitative disclosure
11. Macroprudential supervisory measures
Template GSIB1 – Disclosure of G-SIB indicators
–
12 indicators used in the assessment methodology of the G-SIB framework
Annual
Template CCyB1 – Geographical distribution of credit exposures used in the countercyclical capital buffer
–
Geographical breakdown of private sector credit exposures (values and RWAs) and Countercyclical capital buffer rate for computation of the bank-specific countercyclical capital buffer rate and amount
Semi-annual
12. Leverage Ratio
Template LR1 – Summary comparison of accounting assets vs leverage ratio exposure measure
Table DF 17- Summary comparison of accounting assets vs. leverage ratio exposure measure
–
Quarterly
Template LR2 – Leverage ratio common disclosure template
Table DF-18: Leverage ratio common disclosure template
–
Quarterly
13. Liquidity
Table LIQA – Liquidity risk management
–
See above
Annual
Template LIQ1 – Liquidity coverage ratio (LCR)
–
Unweighted and weighted values of
Total High Quality Liquid Assets
Cash outflows and cash inflows (component-wise)
Quarterly
Template LIQ2 – Net stable funding ratio (NSFR)
–
Unweighted value by residual maturity and weighted value of
Available Stable Funding (ASF) Item (each component)
On May 21,2026, RBI issued revised draft RBI (Non-Banking Financial Companies – Responsible Business Conduct) Amendment Directions, 2026 that contains several paragraphs, not being there in the earlier Draft RBI (Non-Banking Financial Companies – Responsible Business Conduct) Second Amendment Directions, 2026 version, which permit a financier of devices to be able to remotely lock its partial functionality, on continued non-payment of dues. Among other safeguards, such as preserving the basic functionality (access to internet, incoming calls, emergency SOS features, and receipt of emergency Government or public-safety notifications), the RBI also imposes a minimum 90 days default to trigger the locking. In our view, given the short tenure of funding, the 90-day default threshold, clearly a legacy of long-term lending practices, is quite impractical in the context. We present the highlights and our critical appraisal of the RBI’s proposals.
Introduction
Remote device locking is fast becoming the new device in recovery practices. With the ability to remotely restrict access to a borrower’s device, lenders are increasingly viewing the technology as a powerful tool to control defaults and strengthen recoveries.
In the past supervisory observations, RBI raised concerns regarding “full device locking” mechanisms adopted by certain lenders/Lending Service Provider (LSPs), noting that such measures may be disproportionate, coercive, and restrict access to essential device functionalities. The concerns appear to stem from borrower protection and fair practices considerations, particularly where borrowers are denied access to basic device features unrelated to the financed asset or outstanding dues.
At the same time, the Digital Personal Data Protection Act, 2023 (DPDP Act) introduces an additional layer of regulatory scrutiny like device-level restrictions and monitoring inherently involve the processing and control of personal data, making borrower consent, lawful processing, proportionality, purpose limitation, and data minimisation central to any remote locking framework.
From a data protection perspective, excessive control over a borrower’s device may raise serious concerns around privacy, digital autonomy, and the broader obligation to safeguard the rights of data principals.
The RBI has issued Revised Draft – RBI (Non-Banking Financial Companies – Responsible Business Conduct) Amendment Directions, 2026 which provides deployment of technology-based mechanism for recovery of loan duesalso known as “Remote Device Locking”, and proposes to restrict the use of device-locking mechanisms as a recovery tool, except where the loan was specifically granted for financing the concerned mobile device.
The regulatory message is increasingly clear that technology-driven recovery mechanisms cannot come at the cost of privacy, fairness, or access to essential digital services.
Pre-requisites for Remote Device Locking
Device-locking mechanisms as a recovery tool is not permitted. However, in case the loan was specifically granted for financing the concerned mobile device, such measures may be adopted by the lenders subject to certain conditions:
Documentation and Communication:
Clear and unambiguous disclosure which expressly authorises such restrictions in loan agreement.
Further, trigger events for initiating recovery-related restrictions must be clearly defined and disclosed upfront to the borrower.
Prior Notice: A structured notice and cure mechanism must be implemented prior to imposing any restriction.
A minimum 21-day notice period should be provided once the account reaches 60 DPD, giving the borrower a chance to cure the default.
Following expiry of 21 days notice an additional 7-day cure period is given to the borrower before any restrictive measure is imposed.
DPD Status: Restrictions should be invoked only where the account remains in default beyond 90 DPD despite prior notices and cure opportunities, ensuring that such measures are used strictly as a last resort.
Access Control: Under no circumstances should restrictions impair access to essential device functionalities, including internet connectivity, incoming calls, emergency SOS services, or government/public safety notifications.
Conclusion
Most device financing loans are short-tenure products, typically ranging from 3 to 12 months. If lenders are required to wait until 60 DPD, followed by a 21-day notice period, an additional 7-day cure window, and eventual restriction only after 90 DPD, this may significantly reduce the commercial effectiveness of remote device locking as a recovery tool.
In short-tenure device financing loans, recovery measures are most effective during the early stages of delinquency, when the borrower continues to actively rely on the device.
In practice, several lenders have historically adopted much earlier-stage device restrictions upon payment default. However, RBI appears to be consciously moving away from such practices due to concerns around coercive recovery measures, borrower protection, proportionality, and access to essential digital services.
https://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.png00Staffhttps://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.pngStaff2026-04-27 16:22:522026-06-12 16:12:57Virtual Certificate Course on Grooming of Chief Compliance Officers of NBFCs
Volumes of securitisation (which, of course, have always included bilateral assignments or so-called DA transactions) fell by 6% in FY 26, if the origination volume by Reliance group entities in the first half were to be excluded. However, the market has shown more originator diversity, with an increasing share of smaller issuers, including those tasting the market for the first time.
The dip in volumes is because of the larger issuers who were prominently absent or subdued – Shriram Finance as the largest issuer having raised on-balance sheet liquidity, and banking companies. However, the share of gold loans went up sharply, largely due to the sharp increase in gold prices and gold lending, Microfinance companies went more for securitisation, rather than direct assignment transactions.
For anyone studying the Indian securitisation market, it is important to note the following:
Reported volumes in India include direct assignments, which, in international parlance, are not “securitisation” (pure bilateral loan sales). However, in India, traditionally, DA has been a close and quick proxy for securitisation, and hence, mostly included. In FY 26, the split of DA/PTC volumes shows PTC transactions having gained in proportion. One rating agency1 reports an increase of PTC volume percentage from 54% to 60%; another one2 shows the increase from 48% to 52%.
Indian transactions mostly show LAP transactions as a part of MBS, whereas what the world reports as RMBS is quite small in India. Last year, there was a prominent transaction by LIC Housing Finance, through the NHB-promoted RDCL. There was no RDCL issuance this year. It seems that RMBS volume was either too small to be reportable, or was completely absent.
Microfinance sector has been under some stress in the recent past; however, MFIs have increasingly resorted to PTC issuances, with small deal sizes. Some deal sizes are even below 100 crores. This is indicating greater diversity of issuers, and of course, yields and ratings.
The market also seems to be showing larger acceptance for lower rated securities i.e., BBB+.
Overall, in a stressful global scenario, securitisation has stood firm. Non financial sector entities have shown increasing willingness to tap the market. Of course, SEBI regulations have to be more enabling.
Below, we give a detailed overview of the securitisation market, including a discussion on the asset classes.
NBFCs vs Banks
Securitisation volumes have been largely driven by NBFCs, which recorded a 30% year-on-year increase in value. In contrast, originations by banks have declined significantly.
Recent Securitisation Structures in India – A Mix of Tradition and Innovation
Among asset classes, vehicle loans (including commercial vehicles and two-wheelers) accounted for 50% of securitisation volumes (vs 47% in the corresponding period last fiscal). Mortgage-backed loans accounted for about 28% of securitisation volume (vs 37% in the last FY).
Vehicle loan-backed securitisations dominated the market, both in terms of number of deals and total value, reaffirming the sector’s strong position. This is consistent with the growth trend in vehicle loan originations during FY 25.
In addition to vehicle loans, originators also securitised receivables from a diverse set of underlying asset classes during Q4, including:
Microfinance Loans
Secured Business Loans
Unsecured Business Loans
Home Loans
Unsecured Personal Loans
Gold Loans
The continued diversification in underlying asset classes highlights the evolving maturity of India’s securitisation market and growing investor appetite across segments. The break-up of securitisation volumes across various asset classes have been presented below:
Securitisation of Vehicle Loans
The issuance volume for vehicle loan securitisation during FY26 was approximately ₹1.26 lakh crores. Most of the transactions were structured as single-tranche issuances. However, a few exceptions featured more layered structures comprising senior and equity tranches, or senior, mezzanine, and equity tranches.
In terms of credit ratings, the tranches were rated between A- and AAA. Notably, the senior tranches in the majority of transactions received high investment-grade ratings, typically falling within the AA+ to AAA range. This indicates strong investor confidence and reflects the underlying credit quality of the asset pools, supported by adequate credit enhancement mechanisms.
Further, replenishing structures were also observed commonly during FY26. These variations indicate growing sophistication in transaction structuring within the vehicle loan securitisation space, aimed at catering to different investor preferences, improving credit protection, and aligning with originator risk appetite. As the market matures, further innovation in structuring and risk mitigation features can be expected.
In terms of credit enhancements, most vehicle loan securitisation transactions during the last quarter of FY26 featured: cash collateral (CC) and overcollateralisation (OC), with the Excess Interest Spread (EIS) serving as the first layer of loss absorption.
Securitisation of Microfinance Loans
During FY26, the MFI sector has seen a revival after a period of stress during FY 25 and FY 24. This has been due to better credit underwriting of lenders, improving performance trends and granular pool characteristics. Further, after a period of stress, the lenders relied on time-tested borrowers rather than exploring new markets leading to higher average ticket size of loans. This has led to a growth in the volumes of securitisation of microfinance loans during FY26. The PTC issuance volume of microfinance institutions increased to 14% of total PTC issuance in FY26 from 6% of total PTC issuances in FY25. Most of the transactions were structured as a single tranche securitisation.
Further, most microfinance loan securitisation transactions during the quarter featured credit enhancement through two primary mechanisms: CC and overcollateralisation OC, with the EIS serving as the first layer of loss absorption.
Securitisation of pool of loans backed by Home Loans & LAP
The volume of mortgage backed securitisation has been low both in terms of number as well as in terms of amount of issuance. As compared to FY25, the total MBS issuances dropped to 28% of total issuance from 37%. The transactions featured a common waterfall matrix and had received an overall rating of AAA.
In terms of credit enhancement, CC and OC has been provided as a credit enhancement with the EIS serving as the first layer of loss absorption.
Securitisation of Gold Loans
Gold loan securitisation volumes in H2FY26 stood at approximately ₹18,500 crore, significantly higher than the ₹5,000 crore recorded for the whole of FY25.
The jump in gold lending securitisation may be due to increase in gold prices and resultant increase in the value of the collateral. As a result of this valuation spike, average ticket sizes have increased, indicating that as gold valuations rise, consumers are leveraging higher-value loans to meet their financing needs. Another reason for the increased origination may be removal of LTV restriction in case of income generating gold loans.
Securitisation of Unsecured Loans
As per rating rationales published by Care the securitisation volumes of unsecured loans (both personal and business) increased during FY26. Investors in unsecured loan transactions, are preferring the PTC route, due to the support provided by external enhancement. CC and OC have also been provided as a credit enhancement with the EIS serving as the first layer of loss absorption.
https://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.png00Staffhttps://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.pngStaff2026-04-14 17:59:412026-04-14 18:00:39Indian Securitisation in FY26: Securitised Paper Volumes grow, with originator and asset diversity
Following the consolidation action undertaken by the Department of Regulations (DoR) in November 2025, the Department of Supervision has now undertaken a comprehensive exercise to consolidate existing standalone circulars issued by RBI in supervisory domain into function-wise, entity-specific consolidated Directions for easier navigation and application. The supervisory instructions have been organised into distinct Directions for each type of RE on each supervisory function.
Compliance Function– Prescribing the guidelines for compliance risk assessment and appointment of the chief compliance officer.
Concurrent Audit– This is specifically applicable in case of banks and not NBFCs. In case of NBFCs, the Auditor’s Report Directions lays down the disclosures and reporting by auditors of NBFCs
Cybersecurity, Technology: Risk, Resilience and Assurance- Provides comprehensive guidelines on IT governance and policy, information security and cybersecurity, IT operations, information system audit, BCP, disaster recovery and IT services outsourcing.
Digital Payments Security Controls- Provides guidelines for credit-card issuing NBFCs on governance and security risk mitigation, authentication framework, fraud risk management, reconciliation mechanism, grievance redressal mechanism, web application, mobile application and card payment security controls.
Fraud Risk Management- Lays down the process for identification and classification of fraudulent borrowers and the implementation of early warning signals (EWS)
Internal Audit Function or Risk Based Internal Audit- Provides for harmonised Internal Audit systems and processes to be implemented by larger NBFCs (Deposit Taking and entities having asset size above ₹5000 cr)
Statutory Audit- Lays down the regulations for appointment of statutory auditors, their eligibility criteria, intimation and reporting to the RBI, etc.
Supervisory Returns- All regulatory filings and submission of returns to the RBI
Miscellaneous- Consolidates the instructions for implementation of CFSS, nomination facility to be provided in case of deposit accounts, fair lending practices for charging of interest and the Prompt Corrective Action Framework.
A detailed analysis of the drafts for NBFCs has been covered here-
No major changes.It has been clarified that in the absence of a new product committee, the CCO shall be required to evaluate all new products before they are launched.
CICs were not required to comply requirements of IT Governance Framework, the draft IT Directions now mandate CICs to comply with the IT baseline technology standardsFor NBFCs with asset size below ₹ 500 cr-Chapter IV of IT Directions:Use of public key infrastructure (PKI) for ensuring confidentiality of data, access control, data integrity has been made mandatory (earlier recommendatory)Timeline of reporting of cyber incidents to RBI specified as 6 hours (IT Framework did not contain any such timeline)Use of Digital Signature to authenticate electronic records has been made mandatory (earlier recommendatory)For NBFCs with asset size above ₹ 500 cr-Chapter IV of IT Directions, has specified that IT capacity requirements are now to be ensured by ITSC
There is additional expectation that Risk and Control Self Assessment (RCSA) shall be conducted by vendors as well and such RCSA should be evaluated by the Credit-Card issuing NBFC.Credit-Card issuing NBFCs are required to comply with a number of technical standards for card payment security. Status of compliance with these standards are to be reported to the ITSC for deliberation and appropriate action.
Change in name of return DNBS09 from DNBS09-CRILC Weekly– RDB return to DNBS09- Return on Defaulted Borrowers.Quarterly return on Large Exposure Framework to be filed quarterly by all NBFCs in the Upper Layer – The earlier requirement was reporting of 10 largest exposures of the entity as against the proposed requirement of reporting the top 20 largest exposures. Change in nomenclature of returns on fraud reporting:FMR-I to FMRFMR-III to FUAFMR-IV to FMR 4Form A Certificate is now proposed to be filed online instead of filing in hard copy/ via email.It is proposed that hard copy of returns (hand/post/courier) or email submissions would not be accepted (i.e., would not be deemed to have been submitted by the NBFC) unless specifically prescribed.Additional returns to be filed by SPDs specified.
Chapter III – All NBFCs including HFCs and MFIsChapter IV – Deposit Taking NBFCs (excl. HFCs)Chapter V- Deposit taking, Non-Depositaking, in Middle, Upper and Top Layers including CICs but excluding NBFCs not accepting/ intending to accept public funds.
The phased manner timelines for implementation of CFSS has been removed since the circular is now effective
Clarified that the auditor is now obligated to report to the RBI instances of non-compliance with all applicable extant directions issued by RBI. Other than the above, no major change except updation of references.
https://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.png00Staffhttps://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.pngStaff2026-04-08 19:19:192026-04-08 19:19:20Consolidation of RBI Directions Ver 2.0
The National Credit Guarantee Trust Company (NCGTC), under the Department of Financial Services, has floated a scheme which will guarantee lending upto ₹20000 crores by banks and financial institutions (Member Lending Institutions or MLIs), for taking incremental loan exposure to MFIs. The Scheme intends to nudge bank lending to MFIs, as the former has shunned away in view of the perceived risk of the sector in the recent past. The NCGTC takes 70% – 80% risk of default of the bank loans to the MFIs, provided the lending is done accordingly with the conditions of the Scheme.
Among the conditions, the MFI must lend at least at 1% lower than the average lending rate over the last 6 months, and the MLI must lend at no more than 2% over the benchmark rate (MCLR or EBLR as applicable).
In our view, the Scheme has following outcome expectations:
Given the credit risk transfer to the extent of 70% – 80% (depending on the 3 sizes of MFIs), the credit risk aversion as also the credit risk premium, should significantly come down.
In view of the credit risk transfer, the risk weight for capital adequacy also comes to zero for the guaranteed portion, resulting into significant capital relief for the MLI
Since the Scheme can be utilised only for incremental lending, and that too, at a cheaper rate, there may be downward pressure on lending rates, resulting in a demand-side push. The latter is quite important, as reduced lending volumes in the MFI sector are quite often the cause of higher defaults as well.
Overall, the environment of sectoral aversion would change.
Essential Features of the Scheme
Who are MLIs?
Schedule Commercials Banks
AIFIs
What type of loans are covered under the Scheme?
Funding provided by the MLIs to MFIs for on-lending to microfinance borrowers
What is the interest cap under the Scheme?
Loans sanctioned by MLIs to NBFC-MFIs/MFIs is capped at EBLR or 1 Year MCLR + 2% per annum
Loans by NBFC- MFIs/MFIs to microfinance borrowers is capped at 1% below the average rate of their lending in past 6 months.
What is the cap on tenure of loans under the Scheme?
Maximum tenure of the loan provided by MLI to MFIs shall be 3 years (1-year moratorium plus 2 years for loan repayment).
Conditions for MLIs to get benefits under the Scheme:
At least 5% of the total loan amount under the Scheme shall be sanctioned to small-sized MFIs, & 10% to medium-sized MFIs.
The maximum amount of loan which can be sanctioned by MLIs to MFIs shall be capped at 20% of the Assets Under Management (AUM) of respective MFI subject to maximum of ₹100 crore to small size, ₹200 crore to medium size and ₹300 crore to large size MFIs
MFIs shall be classified as small, medium and large based on their AUM as follows:
Small MFIs – Less than 500 crores
Medium MFIs – Rs.500 crores to less than Rs. 2000 crores
Large MFIs -Rs. 2000 crores or more
Maximum coverage under the guarantee:
70% to Large MFIs, 75% to Medium MFIs & 80% to Small MFIs of the amount in default for a maximum period of 3 years
Guarantee Fee:
MLIs shall pay to NCGTC Guarantee Fee at 0.5% of the sanction amount (first year) and outstanding amount (thereafter).
Claim Process:
MLI shall submit a claim on an annual basis (once every year) in respect of the amount in default.
https://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.png00Staffhttps://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.pngStaff2026-03-20 19:10:332026-03-20 19:10:34CGTMSE Risk Shield for MFI Lending
https://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.png00Staffhttps://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.pngStaff2026-03-11 16:00:442026-03-11 16:25:01Navigation Roadmap through New Consolidated RBI Directions – Presentation for NBFCs
https://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.png00Team Finservhttps://vinodkothari.com/wp-content/uploads/2023/06/vinod-kothari-logo.pngTeam Finserv2026-02-12 18:29:262026-02-12 18:29:28Webinar on Selling of Financial Products by Banks and NBFCs
Reload document 
Open in new tab 
