Posts

Operational Risk Assessment for NBFCs : Understanding The Basics

/0 Comments/in , , , /by

Simrat Singh | finserv@vinodkothari.com 

Operational risk, as defined by the Basel framework, refers to the possibility that a financial institution’s routine operations may be disrupted due to failures in processes, systems, people, or external events. While historically treated as secondary to credit and market risk, it has increasingly become a central focus of risk management, particularly for institutions with complex operations, heavy technology dependence, extensive outsourcing, and stringent regulatory obligations. Reflecting this shift, the RBI’s 2024 Guidance Note on Operational Risk Management and Resilience expands its expectations for operational risk management to all NBFCs. 

Having previously discussed the guidance note (refer here), this article now explains the fundamentals of operational risk assessment and outlines its process.

Operational Risk Management

Operational risk poses unique challenges because many of the events that cause losses arise from internal factors, making them difficult to generalise or predict. Large operational losses are often viewed as rare, which can make it difficult to get sustained management attention on the steady, routine work required to identify issues and track trends1. Operational risks typically stem from people, processes, systems and external events, ironically, the same resources essential for running the business. Unlike credit and market risk which are modelled and hedged, operational risks are often idiosyncratic, event-driven and subject to human, process and system failure.

Relevance For Financial Institutions

Financial institutions operate with complex processes, large transaction volumes, strict regulatory reporting requirements and often heavy dependence on technology, outsourcing arrangements and third-party service providers. Because of this, operational failures, such as system glitches, fraud, compliance breaches or breakdowns in business continuity, can result in substantial financial losses, regulatory sanctions, reputational harm and other disruptions to business operations. 

Given these risks, regulators have placed growing emphasis on the measurement and management of operational risk. Based on our experience, RBI has frequently raised queries regarding the operational risk frameworks of NBFCs during its supervisory inspections. Under Basel II, for instance, banks using the Advanced Measurement Approach were required to maintain strong, demonstrable operational risk management systems. Recognising the importance of operational risk, the Bank of England’s FSA0732 report, which is applicable on banks and large investment firms, requires firms to record the top ten operational risk loss events for each reporting year. This provides a clear view of what went wrong, where it occurred and the scale of the financial impact.

Operational Risk Assessment Process

In its guidance note for operational risk, RBI at many places underscored the importance for risk assessment. One such example is given below:

Principle 6: Senior Management should ensure the comprehensive identification and assessment of the Operational Risk inherent in all material products, activities, processes and systems to make sure the inherent risks and incentives are well understood. Both internal and external threats and potential failures in people, processes and systems should be assessed promptly and on an ongoing basis. Assessment of vulnerabilities in critical operations should be done in a proactive and prompt manner. All the resulting risks should be managed in accordance with operational resilience approach.

6.1 Risk identification and assessment are fundamental characteristics of an effective Operational Risk Management system, and directly contribute to operational resilience capabilities. Effective risk identification considers both internal and external factors. Sound risk assessment allows an RE to better understand its risk profile and allocate risk management resources and strategies most effectively.

Figure 1: Operational Risk Assessment Process

Risk identification

Risk identification means figuring out what exactly you need to assess. It involves recognising the different risk sources and risk events that may disrupt your business. A risk source is the underlying cause, something that has the potential to create a problem. A risk event is when that problem actually occurs. For example, a weak password is a risk source, while a data breach caused by that weak password is the risk event. 

As per the RBI’s Guidance Note, REs are expected to take a comprehensive view of their entire “risk universe”. This means identifying all categories of risks, traditional or emerging, that could potentially affect their operations. These may include insurance risk, climate-related risk, fourth- and fifth-party risks, geopolitical risk, AML and corruption risk, legal and compliance risks, and many others. The underlying expectation is simple: an RE should systematically identify everything that can go wrong within its business model, processes, people, systems, and external dependencies, and ensure that no material source of risk is overlooked.

There are many ways to identify risks. You may use questionnaires, self-assessments by business or functional heads, workshops with staff involved in risk management, or you may review past failures within the company. Industry reports, experiences of peers, and linking organisational goals to potential obstacles can also reveal important risks. You can even look at upcoming strategic initiatives and think ahead about the risks that may arise when these changes are implemented.

Every organisation has its own risk profile. A lender may worry about borrowers not repaying, untrained staff, biases in an AI underwriting model, IT system failures, employee fraud, or suppliers not delivering on time. These risks should be recorded in a risk register, but it is important that this register reflects your business. A company offering only physical loans may not face digital lending risks, and should not simply copy any generic list. The goal is to identify risks that genuinely matter to your day-to-day operations.

Assessment

Once you know which risks matter, the next step is to assess each of them. For every risk, ask yourself two basic questions: 

  1. What is the likelihood of this risk actually happening? This is simply the chance that the event might occur; You may assign parameters to determine the likelihood – for eg if the risk event is almost certain to occur in the next 1 year or is it likely to occur or it will occur only in remote situations?

Figure 2: Illustrative likelihood assessment criterias

  1. If it does happen, what impact will it have on my organisation? Will it hurt my reputation? Lead to financial loss? Negative feedback from customers? Cause a data leak? One can record the impact of the risk as High, medium or low based on its gravity

Figure 3: Illustrative impact assessment of risks

These two questions help you understand how serious the risk is inherently (inherent risk level) i.e, before considering whether you have any controls in place. Note that at this stage, you’re only interested in the natural level of risk that exists ignoring any controls you might already have. 

Evaluating Controls

Once the inherent risks are understood, the next step is to look at how these risks are currently being managed. These risk-reducing efforts are your controls or mitigation measures. Controls are simply the actions, checks, or processes already in place to lower the likelihood or impact of a risk. For example: Is your underwriting model checked for bias? Are board committees meeting regularly? Do you have proper maker–checker checks in your V-CIP process? Controls can take many forms such as policies, procedures, tools, system checks, reviews, or even day-to-day practices followed by employees. In essence, a control is any measure that maintains or modifies risk and helps the organisation manage it more effectively. 

Residual Risk

After evaluating the controls, you can determine the residual risk i.e. the level of risk that remains even after your mitigation measures have been applied. Residual risk shows whether the remaining exposure is acceptable or whether additional controls are needed. By definition, residual risk can never be higher than inherent risk. Generally, residual risk can be interpreted as follows:

  • Low Residual Risk: When the effectiveness of internal controls fully covers or even exceeds the inherent risk;
  • Medium Residual Risk: When controls reduce most of the risk, leaving only a small gap;
  • High Residual Risk: When controls address only part of the risk and a significant gap still remains;
CategoryRisk SourceRisk eventRoot causeLikelihoodConsequenceLevel of inherent riskControl EffectivenessLevel of Residual Risk
People RiskEmployees / StaffEmployee fraud, misappropriation, or collusionWeak internal controls, poor background checksHighly LikelyMediumHighWeakHIGH
Information Technology & Cyber RiskIT Infrastructure / SystemsSystem downtime or core platform failureServer outage, inadequate IT resiliencePossibleLowLowStrongLOW
Process & Internal Control RiskOnboarding / KYC ProcessesNon-compliance with KYC or onboarding proceduresInadequate verification, manual errorsPossibleHighHighAdequateMEDIUM
Legal & Compliance RiskOutsourcing / LSP ArrangementsNon-compliance in outsourcing / LSP arrangementsWeak SLA oversight, inadequate due diligenceUnlikelyLowLowAdequateLOW
External Fraud RiskBorrowers / External PartiesBorrower fraud – identity theft, fake borrowers, or collusionForged documents, weak KYCPossibleLowLowStrongLOW
Model / Automation / Reporting RiskData Aggregation / SystemsFailure in data aggregation across systems for regulatory returnsSystem inconsistencies, poor data governanceHighly LikelyMediumHighStrongLOW
Reputation Risk / Customer ExperienceCustomer Communication / Sales PracticesMiscommunication of terms or conditions to customersPoor training, unclear communication scriptsPossibleMediumMediumWeakMEDIUM

Figure 5: An illustrative Snapshot of Operational Risk Assessment

Understanding residual risk helps decide where further action is required and where the organisation may still be vulnerable.

Conclusion

The goal, therefore, is to move away from a simple “tick-box” approach and make the operational risk assessment truly tailored to the organisation. For ML and above NBFCs, the ICAAP requirement to set aside capital for operational risk is useful, but it covers only a narrow part of what operational risk really involves. A comprehensive assessment goes much further by examining the strength of the entity’s internal controls and how effectively they manage real-world risks. If the residual risk exceeds the organisation’s tolerance level, it should trigger a closer look at those controls and prompt corrective action. Ultimately, the focus should be on building a risk framework that is meaningful, proactive, and aligned with how the organisation actually operates. The ultimate goal is therefore to develop ‘operational resilience’ which as per Bank of England3 is the ability of firms and the financial sector as a whole to prevent, adapt, respond to, recover from, and learn from operational disruptions.

Our other resources on risk management:

  1. Analysing Banking Risk: World Bank ↩︎
  2. FSA073: Instruction ↩︎
  3. Operational resilience of the financial sector: Bank of England ↩︎

RBI Trade Relief Directions: How is your company impacted?

/0 Comments/in , , , , , /by

– Team Finserv | finserv@vinodkothari.com

Call it Trump relief! The RBI announced relief measures on the 14th Nov to help the exporters of certain specified items, who may have availed export credit facilities from a regulated lender, whereby all regulated entities (REs) “may” provide a moratorium, from 1st September 2025 to 31st December, 2025. The grant of such a relief shall be based on a policy, consisting of the criteria for grant of the subject relief, and such criteria shall be disclosed publicly. Not only this, REs shall also make a fortnightly disclosure of the reliefs granted to eligible borrowers on a RBI format on Daksh portal.

The Reserve Bank of India (Trade Relief Measures) Directions, 2025 (‘Directions’) are applicable to NBFCs and HFCs as well. This is accompanied with amendment to Foreign Exchange Management (Export of Goods and Services) (Second Amendment) Regulations, 2025 for extension of the period for both realization/repatriation of export value (from 9 to 15 months) and the shipment of goods against advance payment (from 1 to 3 years).

Highlights:

  • Whether your company grants an export credit or not, if your borrower is the one who has availed export credit for export of specified goods or services, the borrower may approach you for the moratorium.
  • Are you bound to grant the moratorium? Answer is, no. However, basis a policy which is publicly hosted, you will consider the eligibility of the borrower. The relevant factors on which the eligibility will be examined may also form a part of the policy, and ideally, should include the extent of dependence on exports of specified items to the USA, tariff-based disruption in the cashflows, alternative markets and transitioning possibilities, etc.
  • Effective: Immediately. 
  • Actionables: (a) Framing of policy to consider the eligibility of affected borrowers; (b) Hosting the policy on public website; (c) Creating mechanism for receiving and transmission of borrower requests for the moratorium and giving timely responses to the same (d) RBI fortnightly reporting.

What is the intent?

To mitigate the disruptions caused by global headwinds, and to ensure the continuity of viable businesses.

Tariff impositions by the USA are likely to impact several exporters. There may be a ripple effect on penultimate sellers or other segments of the economy as well, but the intent of the Trade Relief Directions seems limited to the direct exporters only.

Which all regulated entities are covered?

The Directions are applicable to following entities:

  • Commercial Banks
  • Primary (Urban) Co-operative Banks, State Co-operative Banks and Central Co-operative Banks
  • NBFCs
  • HFCs
  • All-India Financial Institutions
  • Credit Information Companies (only with reference to paragraph 16 of these Directions).

Does it matter whether the RE in question is giving export credit facilities or not? In our view, it does not matter. The intent of the Directions is to mitigate the impact of trade disruptions. Of course, the borrower in question must be an exporter, must have an export credit facility outstanding as on 31st Aug 2025, and the same must be standard.

If these conditions are met, then the RE which holds the export credit, as also other REs (of course, the nexus between the trade disruption and the servicing of the credit facility will have to be seen) should consider the borrower for the purpose of grant of relief.

Relief may or may not be granted. 

Policy on granting relief

The consideration of the grant of relief will be based on a policy. 

Below are some of the brief pointers to be incorporated in the policy: 

  1. Purpose and Scope: define which loan products, sectors, or borrower categories are covered; effective period for granting relief
  2. Eligibility Criteria for borrowers
  3. Assessment criteria for relief requests received from the borrowers
  4. Authority responsible for approving such request
  5. Relief measures that can be offered to borrowers
  6. Impact on asset classification and provisioning
  7. Disclosure Requirements
  8. Monitoring and Review: Authority which is responsible for monitoring such accounts; periodicity of review

How is the assessment of eligible borrowers to be done?

In our view, the relevant information to be obtained from the candidates should be:

  • Total export over a relevant period in the past, say 3 years
  • Break up of export of “impacted items” and other item
  • Of the above, exports to the USA
  • Gross profit margin
  • Impact on the cashflows
  • Information about cancellation of export orders from US importers
  • Any damages or other payments receivable from such importers
  • Any damages or other payments to be made to the penultimate suppliers
  • Alternative business strategies – repositioning of markets, alternative buyer base, etc
  • Cashflow forecasts, and how the borrower proposes to pay after the Moratorium Period.

What sort of lending facilities are covered?

Please note the following from the preamble: “mitigating the burden of debt servicing brought about by trade disruptions caused by global headwinds and to ensure the continuity of viable businesses”. Therefore, clearly, the relief intended here is one where “trade disruptions” create such a burden on debt servicing, which may impact the viability of the business.

From this, it implies that the entity in question must be a business entity, and the loan in question should be a business loan. 

In our thinking, the following facilities seem covered:

  1. Export credits of all forms, including packing credit, funded as well as unfunded, letters of credit, etc.
  2. Buyer’s credit or facilities for inward acquisitions/purchases by an exporter
  3. Cash credits, overdrafts or working capital related facilities, intended for export business of impacted items.
  4. Term loans relating to an impacted business
  5. Loans against property, where the end use is working capital

Eligible and ineligible borrowers:

Eligible borrowers:

  • Borrowers who have availed credit for export
  • Borrower had an outstanding export credit facility from a RE as of August 31, 2025 (However, in case the borrower has a sanctioned facility pending disbursement as on Aug 31, the same shall not be eligible)
  • Borrower with all REs was/were classified as ‘Standard’ as on August 31, 2025

In our view, the following borrowers/ credit facilities are not eligible for the relief:

  • Individuals or borrowers who have not borrowed for business purposes
  • Home loans or loans against specific assets or cashflows, where the debt servicing is unconnected with the cash flows from an export business
  • Loans against securities or against any other financial assets
  • Gold loans, other than those acquired for business purposes
  • Car loans, loans against commercial vehicles or construction equipment, unless the borrower is engaged in export business and the cashflows have a nexus with such business
  • Borrower is engaged in exports relating to any of the sectors specified
  • Borrower accounts which were restructured before August 31, 2025
  • Accounts which are classified as NPA as on August 31, 2025

Consider a borrower who is not an exporter himself, but an ancillary supplier, supplying to a trading house. Will such a penultimate exporter be covered by the Relief Directions? In our view, the answer is negative, as the “eligible borrowers” are defined to mean an exporter.

Impacted items and impacted markets

The list of impacted items broadly covers a wide spectrum of manufacturing and export-oriented sectors, including marine products, chemicals, plastics, rubber, leather goods, textiles and apparel, footwear, stone and mineral-based articles, jewellery and precious metals, metal products, machinery, electrical and electronic equipment, automobiles and auto components, medical and precision instruments, and furniture and furnishing items.

Is it mandatory that the borrower shall be exporting to USA? While the Directions do not specifically mandate that the borrower shall be exporting to the USA, the concerned REs should, as part of their assessment, evaluate whether the borrower genuinely requires such relief measures and, in our view, should consider the extent to which the borrower depends on exports of the specified items to the USA.

Why have HFCs been covered?

Generally speaking, the servicing of home loans is not supposed to be based on business cashflows, and therefore, the impact of trade disruptions on servicing of a home loan does not seem easy to establish.

However, HFCs grant other credit facilities too, including LAP or business loans. Therefore, there is no carve out for HFCs as such. HFCs are also expected to prepare the policy referred to above and be sensitive to requests from impacted borrowers.

Is the moratorium retrospective?

Yes, clearly, the moratorium is retrospective, as it covers the period from 1st September to 31st December. This is the range over which the moratorium may be granted; of course, the decision as to how much moratorium, within the above maximum range, is warranted in the particular case, is that of the lender. Let us call the agreed moratorium as the Moratorium Period.

If the moratorium is granted from 1st Sept., then any payments which were due for the period covered by the Moratorium Period will  not be taken as having fallen due. This will have significant impact on the loan management systems:

  • Considering that we are already in the middle of November, the day count for any payments due during the part of the Moratorium Period will be set to zero. In other words, day count will stop during the Moratorium Period. Thus, if an account was showing a DPD status of 60 days as on Aug 31, 2025, the DPD count will remain at a standstill till the moratorium period is over.
  • However, in case a borrower has made payment during the moratorium period, will the DPD count decrease or will it remain the same? 

The RBI Directions state that the days past due (DPD) count during the moratorium period will be excluded. However, this does not imply that a borrower who makes payments during this period should be denied the corresponding benefit. In our view, if a payment is received from the borrower, the DPD count should accordingly be reduced.

  • Any payments already made during the part of the Moratorium Period already elapsed may be taken towards principal, or may be held to be adjusted against the future dues of the borrower, after the Moratorium Period. This should also, appropriately, be captured in the policy.
  • Further, for accounts for which the CIC reporting has already been done on or after Aug 31, 2025, and the lender decides to extend the moratorium benefit, it must be ensured that the DPD count is revised so as to reflect the status as on Aug 31, 2025. 

Do lenders have to necessarily grant moratorium, or grant partial interest/principal relief?

The RBI Directions do not mandate REs from granting such relief measures. Accordingly, the concerned RE will need to assess individual cases based on the sectors, the need for such relief and the extent to which such relief may be granted. 

Lenders may grant full moratorium during the Moratorium Period, or may grant relief as may be considered appropriate.

Do lenders take positive actions, or simply respond to borrower requests?

The lenders must establish a policy for granting such relief measures prior to extending any relief, as the authority to do so will be derived from this policy. As discussed above, the discretion to grant relief rests with the concerned RE; therefore, each request submitted by a borrower must be evaluated on an individual basis.

For this purpose, the following information must be obtained from the borrowers seeking relief:

  1. The concerned sector and how the same has been impacted necessitating such relief
  2. Information relating to the current financial condition of the business of the borrower
  3. Facilities taken and outstanding with other REs 

Non-compounding of interest during the Moratorium Period:

Para 9 (iii) provides that while interest will accrue during the Moratorium Period, but the interest shall be simple, that is, shall not be compounded.

This may require REs to tweak their loan management systems to stop the compounding of interest during the Moratorium Period. 

However, the actual population of affected borrowers for a particular RE may be quite limited. Hence, REs may do manual or spreadsheet-based adjustments for affected borrowers, instead of making adjustments to their LMS itself.

Recomputation of facility cashflows after Moratorium:

During the moratorium period, as per the RBI directive, the lender can only accrue simple interest. Accordingly, the IRR of the credit facility will have a negative impact unlike the covid moratorium where the compound interest loss was compensated by the central government. 

Further, it has also been provided that the accrued interest may be converted into a new term loan which shall however be repayable in one or more installments after March 31, 2026, but not later than September 30, 2026. Accordingly, the accrued interest should anyhow be received by September 30, 2026.

Similar moratoriums in the past

  • Moratorium on loans due to COVID-19 disruption: Refer to our write-up here.
  • Moratorium 2.0 on term loans and working capital: Refer to our write-up here.

Our write-ups on similar topics:

Virtual Certificate Course on Grooming of Chief Compliance Officers of NBFCs

/0 Comments/in , , , /by

Register here: https://forms.gle/qGvbWxup1QrvpQb9A

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [7.95 MB]

Refer our other resources:

  1. Tech-driven compliance monitoring and validation of internal models
  2. Compliance-o-meter: From abstraction to structured granular assessment
  3. Compliance Risk Assessment
  4. Enhanced Corporate Governance and Compliance Function for larger NBFCs

Upfronting Uprooted: RBI puts an end to early profit booking in Co-lending

/0 Comments/in , , /by

Simrat Singh | Finserv@vinodkothari.com

Co-lending is an arrangement where two or more regulated entities (REs) jointly extend credit to a borrower under a pre-agreed Co-Lending Agreement (CLA). The CLA, signed before origination, defines borrower selection criteria, product lines, operational responsibilities, servicing terms and the proportion in which each lender will fund and share the loan. The aim is to combine the origination strength of a RE with the lower cost of funds of another RE, thereby expanding credit outreach.

Before the issuance of the RBI (Co-Lending Arrangements) Directions, 2025 (‘Directions’), there was no formal co-lending framework for non-PSL loans and for PSL loans, the CLM-2 ‘originate-and-transfer’ model was the most common structure. Under this model, the originating RE would book 100% of the loan in its books and, within a stipulated period, selectively transfer a portion to the funding partner. This post-origination discretion enabled ‘cherry-picking’ of loans. CLM-2 mirrored a loan sale under TLE framework but without any minimum holding period restrictions, making it a preferred route. It offered the economic and accounting benefits of transfer, including derecognition and upfront gain recognition without waiting for loan seasoning.  

Upon transfer, the originating RE would derecognise the transferred portion and book ‘upfront gains’. The upfront gain arose from the excess spread between the interest rate charged to the borrower and the yield at which the loan pool was transferred to the funding partner. For example, if the originating RE extended loans at 24% and sold down 80% of the pool at 18%, the 6% differential represented the excess spread. This spread, which would otherwise have been earned over the life of the loan, was discounted to present value and recognised as gain on transfer upfront, at the time of derecognition. This led to the originating RE recognising profits immediately despite not receiving any actual cash on the co-lent loans. This practice allowed originating REs to show higher profits upfront, even though no cash had actually been received on the co-lent loans.

The Directions fundamentally alter this framework as well as the prevalent market practice. They move away from originate-and-transfer and institute a pure co-origination model. It has been expressly stated that The CLA must now be executed before origination, with borrower selection and product parameters agreed ex ante. The funding partner must give an irrevocable commitment to take its share on a back-to-back basis as loans are originated. Importantly, the 15-day window provided under the Directions is only for operational formalities such as fund transfers, data exchange and accounting. It is not for evaluating or selecting loans after origination. If the transfer does not occur within 15 days due to inability, not discretion, the originating RE must retain the loan or transfer it under the securitisation route or as per Transfer of Loan Exposure framework. In short, post-origination cherry-picking is no longer permitted.

This change has direct accounting consequences. Under Ind AS 109, a financial asset is recognised only when the entity becomes a party to the contractual provisions and has enforceable rights to the underlying cash flows (see para 3.1.1 and B3.1.1). In a co-lending transaction under the Directions where co-origination is a must, each lender should recognise only its respective share of the loan at origination. The originating partner should not recognise the funding partner’s share at any stage, except as a temporary receivable if it disburses on behalf of the funding partner. Since the originating partner never recognises the funding partner’s share (except as a servicer), there is no recognition and therefore, there is no question of any subsequent derecognition and booking of any gain on sale. Income, if any, is limited to servicing fees or mutually agreed charges, not upfront profit.

By eliminating post-origination discretion, RBI has closed the upfronting route. Co-lending is now truly co-origination, joint funding from day one, with proportionate recognition and no accounting arbitrage.  The practice that once allowed REs to accelerate income has been uprooted.

Click here to see our other resources on co-lending

The Great Consolidation: RBI’s subtle shifts; big impacts on NBFCs

/1 Comment/in , , , /by

Team Finserv | finserv@vinodkothari.com

In its recent consolidation exercise of the Master Directions applicable to NBFCs, the RBI has done a lot of clause shifting, reshuffling, reorganisation, replication for different regulated entities, pruning of redundancies, etc. However, there are certain places where subtle changes or glimpses of mindset may have a lot of impact on NBFCs. Here are some:

Read more

Old Rules, New Book: RBI consolidates Regulatory Framework

/1 Comment/in , , , /by

Team Finserv | finserv@vinodkothari.com

RBI Consolidation of Circulars (1)Download

Read our related resources:

RBI’s Regulatory Shelf gets a Pre-Diwali Dusting  

RBI’s Regulatory Shelf gets a Pre-Diwali Dusting  

/0 Comments/in /by

RBI releases plethora of draft regulations to consolidate existing regulations

Manisha Ghosh & Sakshi Patil | finserv@vinodkothari.com 

In 2021, RBI had set up an expert committee with the ideal objective of consolidating the multitude of separate notifications, Directions, circulars, and regulations applicable to various regulated entities. The aim was to create a comprehensive repository that such REs could easily refer to, streamlining compliance and reducing ambiguity.   

This consolidation exercise builds upon the groundwork laid by the Regulations Review Authority, which was tasked with reviewing regulations, circulars, and reporting requirements based on feedback from the public, banks and financial institutions, as highlighted in the press release dated April 15, 2021.

Ever since RBI was entrusted with the powers to regulate the financial sector entities, the RBI’s regulatory framework has steadily expanded, issuing numerous Directions under its statutory powers. While such evolution is natural, overlapping jurisdictions and a lack of clear supersession of older instructions have added complexity to the regulatory landscape.

In line with the above, the RBI has carried out a thorough consolidation of the regulatory instructions currently overseen by the Department of Regulation. On a prima facie review, it seems that this exercise has been carried out on an ‘as-is’ basis, with only minor editorial updates to clarify language or update terminology. There has been no substantive review of the instructions as such for any revisions or new additions. 

Under the consolidation exercise, more than 9000 circulars and Directions issued up to October 9, 2025, have been streamlined into 238 Master Directions, covering 11 specific categories of regulated entities across up to 30 functional areas. As a result, all these existing circulars, including various Master Circulars and Master Directions, administered by the Department of Regulation are proposed to be repealed.

Previously, a single circular often applied to multiple entities, with provisions scattered across different sections. This sometimes led to some confusion- for example, under the KYC Directions, 2016,  reference to “opening a small account” applied to banks, however, it created ambiguity about whether this shall be applicable to a borrower taking a loan in the case of NBFCs. 

It has been proposed that the regulatory framework shall be divided amongst regulated entities like commercial banks, payments banks, All India financial institutions, NBFCs, etc. Additionally, within each entity the provisions shall be separated into key areas such as, prudential requirements, interest on advances, asset liability management, valuation of investments, concentration risks, credit reporting, outsourcing, disclosures, etc. The aim is to ease out the compliance process by simplifying and arranging the regulations into identified key operational areas  applicable to a particular RE

While the intent of the consolidation exercise was refinement of the regulatory provisions and clarify any existing ambiguities, however, the segregation exercise requires a thorough review before being notified. Various provisions that were once uniformly applicable across all regulated entities have now been segregated based on the construct of respective REs, however, in ironing out one ambiguity, other creases may have surfaced! This underscores the need for a critical analysis of the implications of these provisions on individual regulated entities.

Drafts of these Master Directions have been circulated for comments to enable stakeholders to provide their views on this step taken towards ease of compliance. There could be uncertainties that would still persist post the streamlining process, and hence, warrants thorough review.

Read our detailed analysis of the consolidated regulations through here: Old Rules, New Book: RBI consolidates Regulatory Framework

For reference, RBI has made available on its website the following draft documents for public comments, with a focus on their completeness and accuracy:

Old Rules, New Book: RBI consolidates Regulatory Framework

The Law of Prepaid Payment Instruments (PPIs): A Guide For New Market Entrants

/0 Comments/in /by

Subhojit Shome, Senior Manager and Aditya Iyer | finserv@vinodkothari.com

The law of Prepaid Payment Instruments (PPIs) (2)Download

Read our other resources:

  1. Prepaid Payment Instruments, its regulation and current issues
  2. The future of Loan-loaded Prepaid Payment Instruments
  3. Regulations on Prepaid Payment Instruments -Comparing the Master Circular and Master Directions

RBI Monetary Policy Update: Enhancing Financial Stability for Banks and NBFCs

/0 Comments/in /by

– Team Finserv | finserv@vinodkothari.com

Introduction

As a part of the governor’s statement dated October 1, 2025, it was highlighted that banks and NBFCs continue to exhibit financial stability, by way of strong liquidity positions, capital adequacy, and sustained profitability. Further, NBFCs have shown improvement with better asset quality and declining GNPA ratios. Against this backdrop, the RBI has maintained a cautious yet forward-looking stance, keeping policy rates unchanged while focusing on strengthening financial stability, enhancing risk management, and reinforcing consumer protection through regulatory measures affecting banks and NBFCs. Some of the developmental and regulatory policy measures introduced by the RBI, which are expected to impact financial entities such as banks and NBFCs, have been discussed below:

Key Highlights:

Particular Change and Impact
Expected Credit Loss (ECL) FrameworkApplicability:
Banks  
Impact/Change:
RBI plans to implement an ECL-based provisioning framework for banks, effective from April 2027.Under this framework, banks will be required to make provisions upfront for potential losses based on expected credit deterioration, in alignment with that being followed by NBFCs under IndAS.The ECL approach is intended to strengthen credit risk management and promote more forward-looking provisioning practices.You can read our analysis on the same here.
Basel III Guidelines – Standardised Approach  Applicability:
Scheduled Commercial Bank, excluding Small Finance Banks, Payments Banks, and Regional Rural Banks
Impact/Change:
RBI has proposed draft guidelines on the Revised Basel Framework – Standardised Approach for Credit Risk. Accordingly, the approach for arriving at risk weight for computation of capital ratios will be revisited.   While guidelines are awaited, IIRB approach may be introduced for Indian Banks, in line with global practices. Guidelines are awaited.
Risk-Based Premium Framework for Deposit InsuranceApplicability:
All Commercial Banks, All State, Central and Primary Cooperative Banks  
Impact/Change:
At present, the Deposit Insurance and Credit Guarantee Corporation (DICGC) operates the deposit insurance scheme where each depositor in a bank is insured up to a maximum of ₹5,00,000. Currently, DIGC levies a uniform flat premium of 12 paise per ₹100 of deposits from all banks, irrespective of the financial strength of the bank.   The RBI has now proposed a shift to a Risk-Based Premium Framework, which would reduce the premium payable by banks that are financially sound. Guidelines are awaited.
Risk Weights on Infrastructure Lending by NBFCsApplicability:
NBFCs engaged in project finance, HFCs with LAP exposure, and banks with large infrastructure portfolios  
Impact/Change:
“Infrastructure lending” (as per para 5.1.14, SBR Master Directions) refers to credit extended by way of term loans, project loans, or investment in bonds/debentures/preference/equity shares of a project company, where the subscription is treated as an advance or other long-term funded facility in the sub-sectors as may be notified by the Ministry of Finance. Under SBR, provisioning norms did not differentiate between construction and operational phases, overlooking the higher risks during construction. The Project Finance Directions, 2025 addressed this by mandating higher provisioning for under-construction projects. Presently, NBFCs can apply lower risk weights to operational PPP projects (50% for operating vs. 100% for construction). RBI now proposes a principle-based framework to better align risk weights with the actual risk profile of operational projects. Guidelines are awaited.
Review of the External Commercial Borrowing FrameworkApplicability:
Entities intending to avail an External Commercial Borrowing.
Impact/Change:
RBI has proposed a review of the External Commercial Borrowing (ECB) framework to rationalise and simplify existing regulations. The proposed changes include Expanding eligible borrower and lender categories, Relaxing borrowing limits and maturity restrictions, Removing cost ceilings, Revising end-use conditions, Simplifying reporting requirements.   Draft regulations are yet to be issued for the same.
Strengthening the Internal Ombudsman (IO) MechanismApplicability:
NBFCs-NDs with an asset size of ₹5000 crore and above, and having public customer interface; Deposit-taking NBFCs with 10 or more branches.   Impact/Change:
The RBI intends to enhance the effectiveness of the IO framework introduced for the REs in 2018 (revised direction was introduced in 2023). As per the extant regulatory requirements, the IO serves as an independent authority within the applicable REs to review complaints that are rejected by the REs. The proposed revisions seek to strengthen this mechanism by:   Empowering IOs with compensation powers and granting them the ability to directly interact with complainants, thereby aligning their role more closely with that of the RBI Ombudsman.   Introducing a two-tier grievance redress structure within applicable REs, to ensure that complaints are first addressed at multiple levels internally before being escalated to the IO.   The draft of the revised master direction on the internal ombudsman is yet to be released, which will then be open for wider analysis of the changes and their implication.
Review of Reserve Bank – Integrated Ombudsman Scheme, 2012Applicability:
The Scheme applies to services rendered by Regulated Entities in India to their customers under the RBI Act, 1934; Banking Regulation Act, 1949; Payment and Settlement Systems Act, 2007; and the Credit Information Companies (Regulation) Act, 2005.  
Impact/Change:
The RBI has conducted a comprehensive review of the RBI – Integrated Ombudsman Scheme, and will be releasing the draft of the revised Scheme for stakeholder feedback. The revision of the scheme is related to the following:   To extend its applicability to State Co-operative Banks and District Central Cooperative Banks (previously under NABARD), thereby the customers of these rural co-operative banks can now approach the RBI Ombudsman for complaints related to banking services instead of NABARD.   To enhance clarity, simplify procedures and reduce timelines to ensure more effective handling of complaints.   Considering the publications, there is expectation of cross reporting between RBI Ombudsman and Internal Ombudsman.
Consolidation of Regulatory InstructionsRBI is streamlining and consolidating its regulatory instructions into Master Directions for easier access and compliance. Around 250 draft Master Directions, covering 30 regulatory areas across 11 types of regulated entities, will be published on the RBI website, and stakeholders will be given an opportunity to review them and give feedback on their completeness and accuracy.

Fixed rate flip on interest rate reset now optional

/0 Comments/in /by

Offering fixed option not mandatory at reset; Banks can pass benefits of reduced cost to borrowers before 3 years

– Yuvraj Kundargi | Executive, finserv@vinodkothari.com

The Reserve Bank of India issued amendment directions on September 29, 2025[1] that modify the extant guidelines that govern floating interest rate loans. They provide that:

  • Reduction in costs owing to reduction in components of spread (other than credit risk premium) can be passed to customers in a shorter time frame, that is, even before 3 years, and
  • that lenders are not obligated to offer fixed loan options to borrowers when floating rates are reset.

These amendments are poised to address the capabilities of lenders by improving transmission of low costs and reducing operational complexities. A brief overview of changes follows:

  • Conversion to Fixed rate is now optional:

Vide amendment to Reset of Floating Interest Rate on Equated Monthly Instalments (EMI) based Personal Loans applicable to banks as well as NBFCs.

The old circular stated that REs had to compulsorily provide the option to borrowers to switch over to a fixed rate as per their Board approved policy. Even in cases when the RE did not have any fixed rate personal loan products, it was mandated to offer such an option, and thus mandated to offer fixed rate loan products.

The amended circular enables REs to optionally providea choice to borrowers to switch to fixed rate loans, but does not make it mandatory for them to do so. Thus, they do not need to offer fixed rate loan products, reducing the complexity of their operations.

In India, banks have traditionally extended floating-rate loans, particularly for long-tenure lending, without absorbing the underlying interest rate risk. The regulatory compulsion to provide borrowers with the option to convert to fixed rates placed lenders in a difficult position, as they were effectively pushed to offer a product they were neither structurally prepared for nor inclined to provide.

One could argue that banks, being better positioned to manage interest rate risk, might eventually have developed fixed-rate loan offerings for longer maturities, especially since India’s interest rate environment has historically been less volatile than economies where fixed-rate loans remain a norm. However, to avoid exposing banks to the embarrassment of being unable to practically deliver such products, the RBI appears to have stepped in, making the provision of this conversion option itself optional.

Under the old guidelines, the other components of the spread (other than credit risk premium) such as operating costs and liquidity costs could only be changed once every three years. Thus, any major changes to the bank’s costs, such as a reduction in operating costs, could not be easily passed on to its customers.

With the amendment, such costs may be reduced by banks earlier than three years for customer retention, ensuring that any benefit the bank gets in terms of lower cost is passed on effectively to customers. This must be included in the bank’s policy and must be non-discriminatory, ensuring transparency and fairness. A leaner performance by Banks now enables them to offer better rates sooner, of course supporting a better customer outreach.

[1] That will come into effect from October 01, 2025

Our Resources on the topic:

a. FAQs on Reset of Floating Interest Rate on Equated Monthly Instalments (EMI) based Personal Loans