Posts

Financial Intermediation: The Future Will Test What the Past Has Taught

/0 Comments/in /by

Pearls of Wisdom from Dr Frank Fabozzi

Read the trascript from the Mahattva session with Dr. Frank Fabozzi. See the full video on our YouTube channel here.

Vinod Kothari

Good day, everyone, and today our guest is Dr. Frank Fabozzi. If you are in finance, I don’t need to introduce who Dr. Fabozzi is, because anyone who has studied finance would have gone through some of his books. If you are in the financial world, you would probably go through some of the institutions where he started. If you are in one of the leading financial players, you would have probably heard or benefited from his lectures or writings. Author of over 150 books. Over the last 60 years of teaching and writing history, Dr. Fabozzi is a leading, pioneering name in the world of finance, and today it’s sheer good luck that we have him. He has taught in leading institutions in the world, including the MIT, including City University of New York, including Yale University, plenty of academic institutions all over the world he has taught Dr. Fabozzi, it’s our indeed a great pleasure that despite your extremely busy schedule, you could find time to address us and our participants today. Dr. Fabozzi.

Dr Frank Fabozzi

Thank you for that kind introduction, I appreciate it.

Vinod Kothari

Okay. Dr. Fabozzi, the first that I have for you is quite generic, and I’m trying to talk or get some sense from you about financial intermediation in general. Now, you are a veteran, and you’ve seen the financial intermediaries evolve over the last, roughly about 60 years, and you’re, I mean, interacted and written with a lot of scholars all over this time. Could you tell us what are the key trends that you were able to identify, and going forward, how do you see these trends emerging? Dr Fabozzi.

Dr Frank Fabozzi

Well. I’ve been around, as you mentioned, in this market for 50 or 60 years, and, you know, if we’re talking about how financial intermediation or financial markets have changed over that period, I mean. I’ll give you some general information about it, but it’s very interesting. It’s hard to appreciate how the market has changed until you actually were involved in that market and saw how those innovations were important. But if we were looking at, like, thinking about several long-term trends that stand out over the last 50 to 60 years, I can think of, like, 3 themes that would help me think about how capital markets have changed. The first one is what we call the transformation from what is called “originate and hold” to “originate and distribute”. We’ll talk about that. Second, the impact of technology and data, and that’s often overlooked. And the growing inter-connectedness of the financial system. 

So let me just take them one at a time. 

First is, if we’ve seen a shift from bank-centered finance toward market-centered finance. So we know historically what a bank would have done. They’ve gathered deposits, they made loans, they largely held those loans on their balance sheet until maturity. Today, capital markets perform many functions that were once dominated by banks. For example, developments such as securitization, which you and I know very well, given a book on that area, syndicated lending, private credit. even ETFs and derivatives. They’ve expanded the role of markets in allocating capital, and managing risk. So the broader significance is really not what a lot of people think: the creation of new products. But it is a change in how financial intermediation is organized. The financial system has moved from, as I mentioned before, the originate and hold model, towards originate and distribute model, where origination, funding, risk-bearing, servicing, and distributions, can be performed by different specialized participants. 

The second trend, I believe, is that information technology has fundamentally changed the economics of financial intermediation. Traditionally, banks possessed significant informational advantages because they knew their customers, and they knew their local markets better than anyone else. Credit decisions then, often relied on personal relationships, local knowledge, and accumulated experience. Today, we know there is a vast amount of financial, operational, and behavioral data that can be collated, analyzed, and transmitted almost instantly. Information that was once difficult to obtain and largely confined to local institutions has become far more accessible. As a result, this competitive advantage increasingly comes from the data, analytics, and technology, rather than proximity alone, or factors like understanding local markets. This has, if we think of the implications, lowered the information barriers, increased the competition, and enabled new entrants. 

Vinod Kothari

New entrants, such as?

Dr Frank Fabozzi

FinTech companies, and firms that lend to private entities, and private credit in general. These all compete in an area that was once dominated by traditional banks. 

And the third trend I see is regulation has played an important role in shaping the evolution of financial intermediation. You know, historically, after every major financial crisis, regulators get wiser.. They make sure that their regulated entities tighten up on their credit. improved liquidity, and they develop risk management requirements. So these reforms generally made the banking system safer and more resilient; but what they’ve also done is they’ve altered the economics of certain activities that go on in the financial markets. So as a result, some lending and risk-taking activities migrated to other parts of the financial system as a result. And the risk that disappears, that’s the important thing, we always think about, you know, these innovations as better handling of risk. But it’s the handling of risk, not risk disappearing. What we see is risk is now redistributed among the key participants in the financial market. 

So, one of the enduring lessons of financial history is that regulation often brings changes where risk resides, who bears that risk, rather than eliminating the risk itself. So, looking ahead, here’s what I expect. Financial intermediation is going to become increasingly interconnected. The traditional boundaries between banks, asset management firms, technology firms, even the exchanges and data providers, are already becoming less distinct, and that trend is going to continue. 

And at the same time, some of the things are unlikely to change, and this is important to emphasize. Finance is ultimately built on trust. Institutions can adopt new technology, business models, delivery channels, but still, they must earn the confidence of customers, investors, and markets. Those are the tools that’ll continue to continually evolve, but the core functions of finance: allocating capital, providing liquidity, managing risk – they fundamentally remain the same.

Vinod Kothari

Sir, thank you very much for the perspective, and you talked about three key trends which you say have changed the shape of financial intermediation over the years. You talked about, number one, the originate- to-distribute the model having taken over the originate- to-hold the model. And then you talked about the role of data technology. And then you talked about the increasing interconnectedness in the financial system. Extremely important, sir. 

My second question flows from what you just mentioned; It’s actually an offshoot of what you just elaborated, and therefore comes naturally. You talked about the role of financial intermediaries from changing from the aggregated model: originating to hold, to continue to fund it, and continue to keep it, and to manage the risk of the lending transaction. And you’re saying that this is now getting kind of broken into several subcomponents. Now, does it mean the so-called concept of universal banking, where one bank does it all, is gradually giving way to more itemized or atomized functions, with each intermediary focusing on core competencies? There are some who do underwriting, some who do processing, there are some who do data keeping, there are some who do recoveries or risk management, and there are some who do funding. Do you see, therefore, that universal banking is going to be a thing of the past?

Dr Frank Fabozzi

Well I don’t know if it’s going to be a thing of the past. I do think the traditional concept of universal banks is under increasing pressure, although I don’t believe that they’ll disappear, and let me just explain why. Historically, if we think about it, universal banks offered all of the functions that you mentioned, [and it’s a little difficult for me to hear you, if you could put it a little louder, but I think I got what you said.] But, you know, you know, all of those things you mentioned, there were clear advantages to do that in one structure, because what can a bank do? A bank could share information internally, develop customer relationships, which could spill over to multiple products. and large balance sheets provided stability and funding capability. Now, let’s look at what has changed. Okay, first, technology dramatically lowered the cost of specialization. All those little things the banks did, today, different firms can excel at, for example, acquiring customers, credit assessment, payments, custody, investment management, servicing, data analytics. And they can all be done now by specialized firms. As a result, many activities that were bundled together in a universal bank can now be performed more efficiently by specialized providers. However, I don’t think that the coordinating function has disappeared. Financial services ultimately, and I’m coming back to this concept of depends on trust, accountability, and relationship management. Someone still needs to understand the customer, aggregate information across multiple activities, manage risk holistically, and provide a seamless experience. Those responsibilities become even more important as the underlying financial system becomes more fragmented, more participants. For that reason, I see universal banks evolving. Rather than disappearing. Their role’s likely to shift from being vertically integrated manufacturers of every financial product to becoming platforms that coordinate a network of specialized providers, and by platform, just to be clear, I mean an organization that brings together and coordinates multiple providers and customers through a common interface, rather than producing every service itself. The customer may continue to interact with a single institution, but what goes behind the scenes is : There are multiple firms that may be contributing different components to the overall service. For example, a wealth management client may receive investment advice through a brand, we see this bank brand platform, while portfolio management is provided by an asset management that could be a subsidiary to the bank. Securities are held by custodians. Trades are executed through external market makers and exchange. Risk analytics are supplied by specialized technology firms, and the underlying infrastructure operates on a third-party cloud computing platform. And similarly, if we look at the mortgage customer, they may deal exclusively with a bank, even though who all are actually involved ? Credit scoring by another entity. Property valuation. Nowadays we have these drive-by inspections in the United States. But you have specialized people who do that. You have fraud detection, documentation verification, then you have loan services. All provided by separate specialized providers. So, in this environment, the competitive advantage of universal banks will increasingly rely on their ability to integrate and oversee the specialized services. Well, from the customer’s perspective, they don’t see this. They just see one entity. 

So, this evolution creates both opportunities and challenges. Specialization can improve efficiency. innovation and customer choice. At the same time, it makes risks harder to identify, because exposures are distributed across a network of institutions rather than concentrated on the balance sheet of just one entity. So understanding how these connections interact will become increasingly important, not only for market participants, but, really regulators also. 

So I don’t think the concluding response here is whether universal banks will survive. The more important message is they adapt. My expectation is that the most successful institutions will be those that combine the trust, the balance sheet strength, and relationships of traditional banking with the flexibility of platform based business models. So in that sense, the universal banking of the future may look less like a financial conglomerate and more like an orchestrator of a financial ecosystem.

Vinod Kothari

Extremely wonderful comment, sir. 

So, my next flows from the point that you mentioned some time back. Where you were talking about the evolution of the regulations focusing on risk management. And, given that, you also mentioned that, there is an increasing risk-based regulation by the financial regulators across the world. Now, we also see that there is a development which is very clearly visible, and for this, concerns have been expressed by the Financial Stability Board as well. The development of unregulated or less regulated financial intermediaries, which are not banks. For example, talk about private credit funds. Now, roughly about $1.5 to $2 trillion are sitting with private credit funds, which are non-banking financial intermediaries. They are not banks. They’re doing functions which are similar to banks. And at the same time, there is obviously no prudential regulation applicable to them. Do you see any concern in this development where non-banking financial bodies, such as private credit funds, accumulate a substantial extent of wealth. They do a function which is quite close to the traditional banks, and yet not be subjected to the banking regulations.

Dr Frank Fabozzi

We’re talking about the rise of non-financial intermediaries, NDFIs, and actually, I think it’s one of the most significant developments in modern finance. These entities include asset managers, private credit funds, hedge funds, money market funds, insurance companies, and other entities that perform important intermediation functions without operating as traditional banks, as you pointed out. But to me, their growth is just a natural evolution of the financial systems. They’ve expanded access to capital, they’ve created alternative funding channels. They’ve brought specialized expertise to different market segments, and they’ve increased competition. So, in many cases, they’ve helped make financial markets broader and more efficient. To me, the key is not whether they’re good or they’re bad. They’re now an essential part of the financial system. The more important, I think, is whether we fully understand the risks that they create, and how those risks interact with the broader financial system. 

So, if I were to focus on three areas, the first would be leverage. It can be more difficult to identify and measure risk of leverage in parts of the non-banking system. In banks. Leverage is generally visible. We could look at the balance sheet, and report to regulators, and they’re subject to extensive regulatory oversight. Now, when we talk about non-bank institutions. Leverage may arise through taking it away. They can securitise. You have derivatives, you have repo financing, you have borrowing arrangements, or you have other structures, but they’re not as transparent as the risks that we see as we can identify in banks. So as a result, risk can build gradually and remain largely unnoticed on these non-bank institutions. Until market conditions deteriorate. 

The second is liquidity risk, and that remains a significant concern. Some investment vehicles offer frequent liquidity while holding assets that may be difficult to sell and value, during periods of market distress. Under normal conditions, that mismatch may not be apparent. During periods of uncertainty, however, it can create pressure for asset sales, and I think, create market instability. 

And third, the financial system has become interconnected, as I’ve emphasized, everything across the board. If I didn’t mention clearinghouses, we have that same thing. They’re all linked through funding arrangements, collateral relationships, all having shared risk exposure. As a result, risks that originated in one sector can rapidly spread to others. Financial shocks rarely remain confined to the institutions where they first appeared. And this is particularly concerning really in private markets. 

We talk about private credit and private equity, and those are the two major areas in alternative investments that we’re concerned with. And they’re key, also, to the role of development of startup companies. I don’t view NBFIs as a source of weakness, nor do I view them as a substitute for traditional banking. They become permanent and important components of the financial ecosystem. The challenge for regulators, in my opinion, and not only regulators, but investors, is to focus less on where risks are located, and more on how leverage, liquidity pressures, and this interconnectedness can interact across the system. So, in the future, financial stability will depend not only on the resilience of individual institutions, but also on our ability to understand the networks that connect them.

Vinod Kothari

That’s an extremely important observation, and you mentioned, the three significant risks of private credit, or private equity for that matter, are leverage, liquidity, and interconnectedness. Would you also take opacity as one of the significant risks? Opacity because they are not governed by any specific reporting requirements, and they are not governed by any specific valuation requirements as well?

Dr Frank Fabozzi

Yes, I agree, yeah.

Vinod Kothari

So, that brings me to the fifth question relating to artificial intelligence, and the entire world today is talking about artificial intelligence. So far as financial intermediaries are concerned, it’s quite obvious that most of them are currently relying on AI, and I’m sure you would agree that going forward, they rely more on use of AI, either for decision making, and obviously for managing their business. Now, one of the risks which is quite commonly pointed out when you rely on artificial intelligence is that human thinking could be different. Every human mind can think differently, but artificial intelligence, ultimately, the way it’s structured, it might probably lead to or give the same answer in given situations. So hundreds of thousands of people thinking alike, or thinking exactly the same because all of them are relying on the AI tool, might result in a homogenized action. And therefore, there might probably be more volatility in the system because of reliance on AI. Is that a risk that you perceive, or do you see any other risk in the increasing dependence of the financial world on financial technology, including artificial intelligence? Sir.

Dr Frank Fabozzi

Well, it’s the first time someone asked me about AI, mostly when people say, well, I lost my job due to AI? But, that’s a different answer, and for this one, and I’ll have a different answer. I think the concern that you mentioned is very real, although perhaps not for the reasons that some people often assume. Most discussions about AI and finance focus on whether AI can make better predictions, improve efficiency, reduce costs. or process information faster than humans can. And those are important, but let’s look at it from a financial stability perspective. I think the more important issue is whether AI changes what you just mentioned, the diversity of decision-making within the financial system. Financial markets function best when the market when participants hold different views.

Every time someone says, oh, great minds think alike, I would say, no, great minds should think differently. Every transaction , think about this, every transaction that we see going on in the marketplace reflects some disagreement about value, risk, or future outcomes. Historically, that diversity emerged because of different investors, institutions, investment committees brought different experiences, incentives, and judgments to the decision-making. So, the concern to me is that widespread adoption of AI can unintentionally reduce that diversity. If a large number of institutions rely on similar models, data sources and training methods, and they may begin to reach conclusions at roughly the same time, the same conclusions, at the same time. In normal markets. That may improve efficiency. During periods of stress, however, it can amplify market movements, because many participants are reaching, or they’re reacting in the same direction simultaneously, based on what AI provides. So, in many ways, this is not an entirely new phenomenon. If we look at financial history, it contains numerous examples of institutions relying on similar risk models, credit ratings, or forecasting frameworks. So, one lesson from a past crisis is that a system can become fragile when too many participants make decisions based on the same assumptions. Even if each individual institution appears to be prudent when viewed in isolation. 

If we go back and we tear apart the global financial crisis, we could see the assumptions that were made. Just a simple example. You know, people generating their models assuming, their risk models assuming, a normal distribution.

We’ve now learned a lot more about probability distributions of outcomes, particularly extreme events, but people did that only after the crisis. 

So at the same time, I don’t believe that the solution is to reject AI. Not that you could really reject it; that’s an impossibility. But the real challenge to me is governance. I didn’t spend a lot of time talking about governance. Now with AI and a few other events, I see that as becoming increasingly important. Because as AI becomes more deeply embedded in financial institutions, it’s essential that the responsibility for a decision remains with human professionals. Models can provide insights, recommendations, but accountability cannot be delegated to a computer programmer. You can’t get it from algorithms. So, decisions that affect clients. portfolios and institutions, they require human oversight, something I think we’re not seeing. Not only human oversights, judgment, and the ability to consider factors that may not be captured by the data. The goal should be Judgment enhanced by AI rather than judgment by AI.

By the way, look at the World Cup, since I imagine you have a global audience here. There’s a human that’s coaching that team. They have all the data and all the statistics. If you ever looked at the accumulation of information, statistics, on every moment. On a court, you know, whether it’s a basketball court, a soccer field, or a base they have all the statistics they want. We still have a human coach managing those teams, or coaching those teams. 

So, in fact, I think the greatest risk is not that AI makes mistakes, because we all make mistakes. The greater risk is that large institutions begin making the same mistake at the same time, because they’re relying on similar models and similar recommendations. A single bad decision: no problem. That’s manageable. But thousands of institutions making the same bad decision simultaneously has systemic consequences. 

So I think, to wrap it up, I think about AI in terms of financial stability. The key is not simply whether a model is accurate. The more important question is whether widespread adoption of that model makes the financial system, to use the term you said earlier, more homogeneous. Efficiency is valuable, but resilience often comes from diversity.

Vinod Kothari

Fantastic comments. I think it’s extremely wonderful to hear your thoughts on this, that ultimately it’s human decision, human governance, which can mitigate the risk of the homogenized behavior that might result from reliance on artificial intelligence. Extremely valid comment. 

Sir, I cannot resist the temptation but to ask you about this book that we wrote immediately after the global financial crisis. [Shows Introduction to Securitization, by Dr Fabozzi and Vinod Kothari] It’s your book Introduction to Securitization. So, where do we stand today? What do you think about securitization and credit derivatives? Are these the products which were designed for good times? But now that we have volatile markets, are these products still going to be relevant? What’s your futuristic thinking on these instruments?

Dr Frank Fabozzi

It’s very funny. You know as well as I, at that time, securitization was considered a gimmick and all that. As soon as the global financial crisis hit, though, the major agencies in the U.S. kept writing to emphasize the importance of securitization. If we think of it, there’s certainly periods when investors become more willing to take risks in search of higher returns. During those periods, you know, financial innovation often accelerates. Products become more complex, market participants sometimes focus more on yield than on the risk required to achieve the return. So financial history contains many of these examples, and, you know, we talk about securitization and credit derivatives. They’re such examples. 

You know, it’s very difficult to see how the scenario changed. I’m 79. I’ll give you an example: When I tell you about securitization, how important it is, it is so difficult for most of the people listening to understand that. Let me put it in perspective. And this is no exaggeration at all. In 1972 or 73, prior to securitization I went to get a mortgage loan for a house. I went to my local savings and loan association, I walked in there, and I said, I’d like to get a house. I need money to buy this particular house, and I gave them the address. They said to me, first thing is, oh, do you have an account here? And I would say, yes, I did. Because I knew they were going to ask that.

Then they said to me, okay, you want to buy the old Phillips property? I know him, he’s a great guy, I used to golf with him on weekends, and we’d have dinners together, I know his kids, and all that. He knew all about the house. He said, oh, a couple of months ago, they just added an enhancement to their basement and all that. So he [banker] knew everything about the house. He knew everything about the seller. He didn’t know that much about me, because I just moved into the area. Now, what happened then? He said, I can evaluate your credit. He did. He said, we approve you for the loan. I said, great, when can I close? He said to me, you can close when other people who we’ve made loans to pay off their loans! Now, I couldn’t believe that I couldn’t get a loan until other people paid off their loans or defaulted. 

So what happened? There were parts of the country where banks had a lot of money. There were other parts of the country, and I was in the other one. Parts of a country where money was very tight. 

In comes securitization. And then, at the same time, there was the savings and loan crisis. Banks had 30-year mortgages on their books. During a period of rising interest rates, these banks were technically underwater, but the government kept them alive. And I mean, these institutions were savings and loan institutions.

So what then happened? Someone came up with a bright idea and said, Why keep the mortgage loans on the books? A bank doesn’t want to hold a loan for 30 years, because they’re worried about interest rates fluctuating up and down. When rates fluctuate up and down, a bank’s margin, will either decrease, or increase, and become negative, as it did during the savings and loan crisis1. So they developed securitization. What they did, they said, is take these illiquid loans. And pull them together, And then create securities based on these loans, that are backed by these loans. 

And all of a sudden, you now created a capital market for these instruments alone, these mortgage-backed securities. And that helped resolve the savings and loan crisis, and make mortgages readily available. Nowadays, you want a mortgage? And you don’t have that much time. You have gone to fill up your gas tank. May not be the gas tank of a small car, but if you have a big truck, by the time you fill up that truck with gas, they will give you a mortgage. 

So, to me, even though securitization sounds like a horrible thing, you could see in the context that I described why it was very important. 

Credit derivatives did the same thing. Credit derivatives, and by the way, securitization, have gone beyond mortgages. We have student loans. You can even get municipalities doing securitization, their traffic tickets, everything, nowadays. And in fact, you may be an athlete in a certain sport. You can securitize your future royalties. Almost all the major entertainers, particularly musicians and other artists, securitized their future earnings. 

So both credit derivatives and securitization, they were both developed to address legitimate economic needs. And they make economic sense. What they’re doing is separating the origination of risk from the ownership of risk. And that improves efficiency, expands access to capital, and enhances, certainly, risk management. When corporations do it, this securitization is a risk management tool for them. So, the difficulty arises when market participants begin to confuse risk transfer with risk elimination. Moving risk from one institution to another doesn’t make the risk disappear. It simply changes who bears it. So, that’s my view on the two. I don’t see them as being gimmickry at all.

Vinod Kothari

Thank you very much, sir. It’s an extremely pertinent comment. Your thoughts are extremely important for the market participants. And your time today, I know, is extremely precious, so thank you very much for giving your time today, and wish you health and happiness, sir. Thank you very much.

Dr Frank Fabozzi

Thank you, thank you for the opportunity.

  1. Readers may note US mortgages are typically fixed rate mortgages. ↩︎

Avoid Turning Your Referral Partner into a DSA/LSP

/0 Comments/in , /by

Simrat Singh | Finserv@vinodkothari.com

RBI regulatory framework for banks and NBFCs recognise entities such as LSPs and DSAs, but do not define the term “referral partner”. Consequently, several lenders engage referral partners under agreements that merely replicate the DSA arrangement with a change in the nomenclature but without altering its substance. This is a risky approach. Courts have held that the existence of an agency relationship depends on the rights created between the parties, not on the title of the agreement. Therefore, if a referral partner agreement authorises the intermediary to represent the lender or perform functions ordinarily discharged by a DSA or outsourced agent, the intermediary may be regarded as a DSA irrespective of its contractual designation. Accordingly, while drafting a referral partner agreement, equal attention must be paid not just to the scope of what can be done but also  what the agreement does not permit. To understand the difference between a LSP, Referral partner and DSA, may refer to our resource Referral or Representation? The Fine Line Between LSP, DSA and Referral Partner.

Set out below are contractual provisions that should be avoided in an agreement with a referral partner.

  1. Do not confer authority to make commitments: Such authority is inconsistent with a mere referral arrangement and indicates an agency relationship. The agreement should not permit the referral partner to:
    1. assure loan sanction;
    2. quote specific interest rates since that is a function of borrower risk and lender’s credit evaluation and interest rate model;
    3. commit timelines for approval or disbursement; or
    4. make any representation which is binding on the lender
  2. Do not permit the referral partner to hold itself out as representing the lender: A referral partner should not portray itself as the lender’s representative or create the impression that it is authorised to act on the lender’s behalf. Accordingly, the agreement should prohibit the intermediary from describing itself as the lender’s agent or representative, using the lender’s name or branding in a manner that suggests an affiliation beyond a referral arrangement, or making any statement or representation that could lead customers to believe that it has authority to act for or bind the lender. 
  3. Do not permit collection or processing of loan applications and loan repayments: These functions form part of customer acquisition, onboarding and servicing, which are characteristics of DSAs or LSPs. A referral partner should not collect or verify KYC documents and/or scrutinise applications and collect customer information/documents in any manner. Further, activities such as identity verification, obtaining customer consents, conducting due diligence or facilitating KYC should remain with the lender or its authorised service providers. A referral partner should not participate in the lending process beyond introducing the customer.
  4. Keep performance obligations limited to referrals: The referral partner should not be evaluated based on portfolio quality; recovery performance; or loan servicing metrics. Performance obligations should relate only to successfully introducing prospective customers. 
  5. No compensation linked to lending functions or loan performance: A success-based referral fee, by itself, does not create an agency relationship. However, the consideration should not be linked to underwriting, servicing, collections, portfolio performance, recoveries or any other lending function. The agreement should make it clear that the referral fee is payable solely for successful referrals and not for performing any activity connected with the lending process.
  6. Do not authorise communication of lending decisions/negotiation: All customer communications should originate directly from the lender. The referral partner should not communicate sanction or rejection of applications; loan terms; deficiencies in documentation; repayment schedules; or disbursement confirmation. Further, negotiation on behalf of the lender is a strong indicator of representation/agency. The agreement should not authorise the intermediary to negotiate pricing; tenure; collateral requirements; repayment schedules; or restructuring terms.
  7. Do not assign post-disbursement responsibilities: Its role should ordinarily cease once the customer has been introduced. The referral partner should not undertake collections; recovery; repayment follow-ups; customer grievance handling; restructuring assistance; or foreclosure processing.
  8. Avoid clauses indicating exclusive representation: Clauses requiring the intermediary to exclusively promote the lender’s products or act as its sales representative reinforce the impression that the intermediary is representing the lender rather than merely referring customers.
  9. Avoid excessive operational control: Compliance obligations may be imposed, but they should not amount to day-to-day supervision. Operational control is a recognised indicator of agency. Accordingly, the agreement should avoid prescribing detailed supervision clauses or detailed operational instructions unrelated to regulatory compliance.
  10. Include non-agency provisions: The agreement should expressly provide that:
    1. the referral partner is an independent contractor;
    2. the relationship between the parties is on a principal-to-principal basis;
    3. it has no authority to represent or bind the lender;
    4. the referral partner shall not collect, process, or handle customer documents, KYC records, or sensitive customer information;
    5. all lending decisions are taken exclusively by the lender;
  11. Avoid agency terminology: Last but not the least, expressions such as authorised representative; sales representative; marketing representative; branch; agent; or authorised person should be avoided throughout the agreement because the language used often reflects the intended legal relationship.

NBFC-UL Classification Approach Revised by RBI

/0 Comments/in /by
  • Harshita Malik | finserv@vinodkothari.com

Background

RBI, vide its Press Release dated April 10, 2026, had issued draft Amendment Directions (read our article on the draft here) proposing changes to the methodology for identification of NBFC-Upper Layer (NBFC-UL) and the inclusion of Government-owned NBFCs in the Upper Layer. Following the consultation period, the RBI has finalised these proposals vide its Press Release dated June 24, 2026, effective immediately. The amendment package comprises four directions:

  1. SBR 2nd Amendment Directions: revises the UL identification framework under the Scale Based Regulation architecture;
  2. CRM 3rd Amendment Directions: extends concentration norms to Govt.-owned NBFCs and introduces the State Government guarantee provision;
  3. Governance Amendment Directions: exempts Govt.-owned NBFC-ULs from mandatory listing and pre-listing disclosures; and
  4. Financial Statements 2nd Amendment Directions: aligns the financial statements framework with the revised UL classification.

Revised Norms of Classification and Compliance

  1. Annual Classification/Identification Process:
    RBI will continue to conduct an annual identification exercise for classifying NBFCs in the Upper Layer. Compliance obligations attach from the date the RBI notifies the NBFC-UL list, not from the date an entity crosses the asset threshold independently.  
  2. Revised Criteria for UL-Classification:
    The current two-step approach (top ten by asset size and parametric scoring) will be replaced by a simple, absolute asset size criterion.
An NBFC with standalone audited assets of ₹1,00,000 crore or more (as per the latest audited balance sheet) shall be classified in the Upper Layer.

Key features of the revised criterion are: 

  1. Standalone basis: asset size test applies to the standalone balance sheet of the NBFC, not consolidated group assets.
  2. Periodic review: ₹1,00,000 crore threshold will be reviewed every 3 years, more stringent than the 5-year cycle proposed in the draft, ensuring the threshold remains calibrated to market evolution.
  3. Bright-line simplicity: subjective scoring element is eliminated entirely, reducing regulatory uncertainty for entities near the boundary.
  4. Category-agnostic: UL list may include NBFC-ICCs, HFCs, CICs, deposit-taking NBFCs, and Government NBFCs; the type of NBFC is not a pre-condition.
  5. Inclusion of Government-owned NBFCs:
    Eligible Government-owned NBFCs that breach the ₹1,00,000 crore threshold will now be included in the NBFC-UL list for the first time. Previously, these entities were placed only in the Base or Middle Layer. However, Government-owned NBFC-ULs are exempt from two obligations:
    1. Mandatory listing within three years of notification (proviso to Para 43 of the Governance Directions); and
    2. Pre-listing disclosures (proviso to Para 23 of the Financial Statements Directions).

All other Upper Layer norms, including CET-1 capital, leverage, large exposures, governance, and provisioning requirements, apply in full.

  1. No exemption to Government Owned NBFCs from Concentration Norms:
    Government-owned NBFCs will henceforth be subject to the concentration norms applicable to their respective layer. The earlier blanket exemption has been withdrawn. The transition is handled as follows:
    1. Existing exposures that currently breach prudential limits are grandfathered and may continue until maturity, but no fresh exposure to such obligors is permitted.
    2. Additional exposure beyond prudential limits is permissible only if fully covered by eligible credit risk transfer instruments, resulting in zero net incremental exposure for Middle Layer and Upper Layer NBFCs.
  2. Provision for Credit Risk Transfer:
    All NBFC-ULs may now use State Government guarantees to offset credit exposures without any portfolio-level cap. The regulatory treatment of the exposure so transferred is:
    1. The exposure is recognised on the State Government (rather than the borrower);
    2. The exposure is exempt from prudential exposure limits; and
    3. 20% risk weight applies for capital computation purposes.
  3. Higher permissible exposure limit on connected counterparties for IFCs in Upper Layer:
    NBFC-Infrastructure Finance Companies (‘NBFC-IFCs’) benefit from a specific carve-out: while the general rule caps exposure to a group of connected counterparties at 25% of the eligible capital base, NBFC-IFCs in the Upper Layer are permitted to go up to 45% of the eligible capital base (a 20 percentage-point premium) under the proviso to Para 35 of the Concentration Risk Management Directions. This reflects the inherently concentrated and long-tenor nature of infrastructure financing.  
  4. NBFCs in the Banking Group to comply with existing provisions:
    NBFCs that are part of a banking group do not follow the SBR layer-based identification process for UL compliance. Instead, they shall continue to adhere to the applicable provisions for Upper Layer NBFCs, as per the RBI (Commercial Banks – Undertaking of Financial Services) Directions, 2025, for NBFCs under the banking group and carrying out lending activities. Our article on compliances to be followed by such NBFCs in the banking group can be seen here.

Regulatory Implications for Newly Classified NBFCs-UL

Classification as an NBFC-UL triggers a comprehensive set of enhanced regulatory requirements. Entities crossing the ₹1,00,000 crore threshold for the first time should anticipate the following:

Compliance AreaRequirement for NBFC-ULTrigger/Notes
CET-1 CapitalMinimum 9% of Risk-Weighted AssetsBinding where growth is aggressive
Leverage RatioMaintained alongside CRAR; special attention for derivative-heavy entitiesCurrently less acute as most NBFCs in India are not active in derivatives
Large Exposures FrameworkSingle-party cap: 20% of Tier 1 capital; Group cap: 25% (NBFC-IFC: 45%)Economic-interdependence test determines group risk
Standard Asset ProvisioningDifferential provisioning by asset classHigher than ML/BL requirements
Mandatory ListingWithin 3 years of notification as ULExempt for Govt.-owned NBFC-ULs
GovernanceEnhanced governance- board composition and listing requirementsApplicable under Chapter-V of the Governance Directions 2025

Closing Remarks

The shift from a hybrid scoring methodology to a single asset-size threshold is a significant moment in India’s NBFC regulatory architecture. The old framework, elegant in theory but notoriously opaque in application, left entities in a state of perpetual uncertainty about whether their exposure profile, liability structure, or interconnectedness would tip them over the UL line in any given year. The replacement with a bright-line rule removes that ambiguity.

That clarity, however, comes with a structural trade-off: the parametric approach was designed to capture systemic importance beyond sheer size: interconnectedness, leverage complexity, and liability fragility. A purely asset-based threshold is a blunter instrument. An NBFC with ₹1,05,000 crore in assets but a conservative, government-securities-heavy balance sheet will face the same UL compliance burden as one of equal size with complex wholesale funding and concentrated sector exposures.

The inclusion of Government-owned NBFCs is the more substantive policy shift. Large public-sector financial institutions, several of which have historically operated outside the SBR scrutiny framework, will now be subject to CET-1 discipline, large exposure limits, and differential provisioning. The listing exemption softens the reputational-governance dimension but does not dilute the prudential obligations.

The three-year review cycle (tightened from the draft’s five years) signals that the RBI is alive to the possibility that India’s NBFC sector may grow in ways that make ₹1,00,000 crore a less meaningful threshold over time. Market participants should treat this as a dynamic floor, not a permanent bright line.

Finally, the State Government guarantee provision, extending a zero-cap credit risk transfer tool to all NBFC-ULs, is a quiet but important liquidity-facilitation measure, especially relevant for NBFCs with significant exposure to state-owned utilities and infrastructure projects.

FAQs on Advertising, Marketing and Sale of Financial Products and Services, agency and referral activities: Commercial Banks

/0 Comments/in /by

– Team Finserv | finserv@vinodkothari.com

In order to regulate mis-selling concerns for both products/ services of regulated entities and third-parties by a regulated entity, amendments have been issued  ‘Advertising, Marketing and Sale of Financial Products and Services by Regulated Entities’, via two sets of amendment directions for Commercial Banks: 

See our other resources on the subject: 

  • Detailed write up on the Amendment Directions here.
  • Youtube video here
  • FAQs on Advertising, Marketing and Sale of Financial Products and Services, and agency activities: NBFCs here.
  • The Brochure for a half day workshop on June 26, 2025 (Physical-Bengaluru) where we will be discussing the Amendment Directions in detail can be accessed through here.
Commercial Banks-FAQs on AdvertisingDownload

The Sale That Was Never About the Product

/0 Comments/in , , , /by

Why RBI’s New Directions on Responsible Business Conduct Could Change Financial Services More Than Any New Technology

– Guest Contributor | Dr. Aneish Kumar (aneishk@yahoo.com)

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [174.77 KB]

Other Resources on the topic:

FAQs on Advertising, Marketing and Sale of Financial Products and Services, and agency activities: NBFCs

/0 Comments/in , , , /by

– Team Finserv | finserv@vinodkothari.com

In order to regulate mis-selling concerns for both products/ services of regulated entities and third-parties by a regulated entity, amendments have been issued  ‘Advertising, Marketing and Sale of Financial Products and Services by Regulated Entities’, via two sets of amendment directions for NBFCs: 

  1. Reserve Bank of India (Non-Banking Financial Companies – Responsible Business Conduct) Second Amendment Directions, 2026 (‘RBC Amendment Directions’/’Amendment Directions’) 
  2. Reserve Bank of India (Non-Banking Financial Companies – Undertaking of Financial Services) Second Amendment Directions, 2026 (‘UFS Amendment Directions’)

(Refer to our detailed write up on the Amendment Directions here, our youtube video here. Further we are also hosting a half day workshop on June 26, 2025 (Physical-Bengaluru) where we will be discussing the Amendment Directions in details. The Brochure for the workshop can be accessed through here)

Refer to our FAQs on the Amendment Directions and the UFS Amendment Directions below

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [1.07 MB]

From Consent to Compensation: RBI’s Directions for REs on Sales Practices

/0 Comments/in /by

RBI issues Directions on Advertising, Marketing and Sales of Financial Products and Services by Regulated Entities

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF [1.93 MB]

Agency and referral activities of NBFCs and Banks: RBI June 2026 Amendments

/0 Comments/in /by

– Team Finserv | finserv@vinodkothari.com

RBI has issued Reserve Bank of India (Non-Banking Financial Companies – Undertaking of Financial Services) Second Amendment Directions, 2026 (‘UFS Amendment Directions’) on June 15, 2026. The RBI also issued the Reserve Bank of India (Non-Banking Financial Companies – Responsible Business Conduct) Second Amendment Directions, 2026 (‘RBC Amendment Directions’) under the RBI press release for issuance of Amendment Directions on ‘Advertising, Marketing and Sale of Financial Products and Services by Regulated Entities’. Earlier draft Reserve Bank of India (Non-Banking Financial Companies – Undertaking of Financial Services) Amendment Directions, 2026 (‘Draft Direction’) were issued as a part of the Draft Amendment Directions for Advertising, Marketing and Sales of Financial Products and Services by Regulated Entities

By way of Highlights, the UFS Amendments introduce a unified framework for agency business of banks and NBFCs, and referral activities of banks. Specifically, the Amendments provide that agency/referral activities will be undertaken without risk participation, and in case of referral, the bank will be limited to simply connecting the customer with the external provider (TPPSP), and will not be involved in the sale process. The physical or electronic machinery of the bank will not be used for third party product sales.

Our interpretation of the regulated entity’s (RE’s) participation being on no-risk basis is that if the agency or referral fees are linked with the profits or performance of the product/service offered by the third party, the agent or referring entity indeed gets subjected to risk.

We also give specific details about insurance distribution, a lucrative add-on income opportunity for most regulated entities.

Unified Framework for Agency Business

  • RBI has formally defined “Agency Business” as an arrangement where a Bank/ NBFC acts as an agent of a third-party product or service provider (TPPSP) for the distribution of financial products and services. Thus, banks/NBFCs under agency business can only distribute financial products or services. 
  • The RBI has not covered non-financial products and services under the purview of the UFS Directions, however, the same is not restricted in case of NBFCs.
  • The distribution of financial products and services would include marketing, sales, promotion, customer onboarding support, grievance facilitation and after-sales services.
  • The arrangement must be undertaken without any risk participation by the NBFC.

Agency versus referral

  • A principle-based distinction is required between Agency Business and Referral Services. Refer to our article discussing this in detail- Referral or Representation? The Fine Line Between LSP, DSA and Referral Partner – Vinod Kothari Consultants
  • For such TPPS that require higher and continuous customer interactions, the Agency Business arrangement may be used instead of Referral Services. However, REs may undertake only such third-party product or services under referral route where continued customer interactions such as distribution, grievance redressal, post sales services are not required to be undertaken. 

Undertaking Insurance Agency business by Banks/NBFCs/HFCs

  • Banks may act as an insurance broker departmentally
  • NBFCs and eligible HFCs may undertake insurance distribution under the corporate agency or broking model without prior RBI approval.
  • Prior approval/registration from IRDAI and compliance with applicable IRDAI regulations remain mandatory. Here, it may be noted that the RBI NOC is generally required at the time of making an application to IRDAI.
  • Insurance distribution must:
    • Be undertaken on a fee basis;
    • Involve no risk participation;
    • Be clearly disclosed to customers by disclosing the products on the website of the NBFC;
    • Be supported by robust grievance redressal mechanisms of the insurer. The NBFC may facilitate the redressal of grievances.
  • Earlier, the Reserve Bank of India (Non-Banking Financial Companies – Undertaking of Financial Services) Directions, 2025 (‘UFS Direction’), provided that no incentive (cash or non-cash) should be paid to the staff engaged in insurance broking/ corporate agency services by the insurance company. The same has now been deleted. However, it may be noted that this requirement has been covered under para 101U of the RBC Amendment Directions.

Does Insurance Distribution include  a lender acting as master policyholer?

The UFS Amendment Directions uses the terms ‘Agency Business’ to mean an arrangement under which an NBFC acts as an agent of a third-party product or service provider (TPPSP), without risk participation, to facilitate the sale of the latter’s financial products or services (e.g., insurance, mutual fund, pension fund, etc.) to its own customers Para 32 clarifies that an NBFCs intending to undertake insurance distribution can do so only in the capacity of a Corporate Agent (“CA”) or an Insurance Broker, in accordance with the applicable regulations issued by the Insurance Regulation Development Authority of India (‘IRDAI’). This disallows any unregulated or informal distribution arrangements, including informal referral models or structures that may resemble the outsourcing of distribution without appropriate licensing.

The question arises as to whether NBFCs may act as a master policyholder for group insurance or through Insurance Self-Network Platforms (‘ISNP’), in accordance with the applicable IRDAI regulations.

In our view, the amendment does not restrict the NBFCs from acting as the Master Policy Holder for group insurance policy covering lender-borrower groups, as permitted under the IRDAI_Master_Circular_on_Protection_of_Policyholders_interests_2024 as while acting as a master policyholder, the NBFC cannot draw any commission from the insurance company, it solely acts as a policyholder for the benefit of its customers. In this capacity, the NBFC facilitates enrolment, premium collection, and claims support, without undertaking solicitation in the capacity of an agent or broker. 

With respect to ISNP Platforms, only insurance intermediaries are permitted to take registration for operating an ISNP. Therefore, in our view NBFCs shall still be permitted to operate ISNPs. 

Further, the recent Sabka Bima Sabki Raksha (Amendment of Insurance Laws) Act, 2025 has introduced the concept of Managing General Agent (“MGA”) (which is still not implemented by IRDA) by including the same within the definition of “insurance intermediary”. Given that the MGA construct involves undertaking core functions such as underwriting support (assessment of risk only), product design, and distribution facilitation on behalf of insurers, it may fall within the broader ambit of “insurance distribution business”. While the regulatory contours around MGAs are still evolving, NBFCs have not been expressly restricted from acting as MGAs via this amendment, subject to clarity from the IRDAI on permissibility, registration requirement etc.  Read our article on Managing General Agents here.

No Routing of Funds through the NBFC/HFC

The UFS Directions earlier provided that the premium shall be paid by the insured directly to the insurance company without routing through the NBFC. This requirement has now been deleted under the present UFS Amendment Directions. It may however, be noted that Section 64VB of the Insurance Act, 1938 provides that, 

Where an insurance agent collects a premium on a policy of insurance on behalf of an insurer, he shall deposit with, or dispatch by post to, the insurer, the premium so collected in full without deduction of his commission within twenty-four hours of the collection excluding bank and postal holidays.

Accordingly, in case the NBFC/HFC acts as the corporate agent and collects any insurance amount, the same must be deposited with the insurance company within a period of 24 hours. 

Enhanced Disclosures in case of undertaking insurance agency business


The UFS Amendment Directions introduce an explicit requirement for NBFCs to make clear, upfront disclosures to customers that insurance distribution activities are undertaken strictly on a fee-based model and without any risk participation. Unlike the earlier framework where disclosure obligations were largely confined to financial statements (such as notes to accounts) and did not necessarily extend to customer-level communication at the point of sale. While the quantum or percentage of fees is not required to be disclosed, an appropriate disclaimer should be incorporated in the relevant loan documentation and/or on the website/ application through which loan journey is conducted, clarifying that the NBFC does not assume any risk participation in the insurance product and is acting solely in the capacity of an agent for the insurer.

Illustrative Disclaimer- The Company acts solely as an agent of the insurer for distribution of insurance products. The Company does not underwrite or assume any insurance risk, and all claims, benefits, and liabilities under the insurance policy are the sole responsibility of the respective insurer.

Mutual Fund Distribution Framework Revised

  • NBFCs may distribute mutual funds subject to:
    • Compliance with applicable SEBI regulations and code of conduct;
    • Compliance with the RBC Directions;
    • Distribution being undertaken solely on a fee-based, non-risk participation basis and with upfront disclosure to the customer.
  • Mutual fund houses whose products are distributed must maintain robust grievance redressal systems. The NBFC may also facilitate the redressal of grievances. 
  • MF products should be clearly disclosed to customers by disclosing the products on the website or other digital channels of the NBFC.
  • Nothing has been specifically provided for Banks in this regard

Pension Distribution / NPS Services

  • Eligible NBFCs (other than Base Layer NBFCs) meeting prescribed CRAR requirements and having reported profits in the previous financial year may act as Points of Presence (PoPs) for NPS.
  • Registration with PFRDA remains mandatory.
  • Activities must be undertaken on a fee basis without risk participation and in compliance with RBI’s RBC Directions and PFRDA guidelines.

Referral business in case of Banks

  • A specific definition of “Referral Services” has been introduced to mean an arrangement under which a bank may refer its customers to a TPPSP by making available information about the financial products or services offered by the TPPSP. This definition has not been introduced in the case of NBFCs/HFCs.
  • Banks may refer customers only to products and services regulated by financial sector regulators and must comply with the instructions of the relevant regulator.
  • Banks may market and refer the TPPS to their customers, but cannot sell under the referral arrangement. This should be made explicitly clear upfront through a disclaimer to the customers.
  • The name or brand of the bank shall not feature in any of the product/ service documents. This ensures that customers do not misconstrue the product as being offered or backed by the bank.
  • Banks must publicly disclose the list of TPPSPs and products covered under referral arrangements on their website, mobile application and other digital banking channels.
  • Product onboarding, servicing and other TPPS-related processes cannot be integrated into the bank’s platform. The bank may only provide a link redirecting the customer to the TPPSP’s platform.
  • Banks must undertake proper due diligence before entering into referral arrangements with TPPSPs. Particular emphasis is placed on assessing reputational risks associated with the TPPSP.
  • Banks must ensure that the TPPSP has robust customer grievance redressal mechanisms in place before referring customers.

Grievance Redressal Mechanism

Under the erstwhile IRDAI (Registration of Corporate Agents) Regulations, 2015, corporate agents were permitted only to provide guidance and advisory to customers on issues arising during the course of an insurance contract. However, pursuant to the IRDAI (Protection of Policyholders’ Interests, Operations and Allied Matters of Insurers) Regulations, 2024, it has been mandated that every insurer and distribution channel shall establish robust procedures and effective mechanisms for the efficient and timely resolution of policyholder and/or claimant grievances.

In alignment with the above, the RBI, through its UFS Amendment Directions, has required NBFCs to ensure that the insurance companies whose products are distributed by them have adequate and effective customer grievance redressal mechanisms in place. Additionally, NBFCs may facilitate the redressal of such grievances.

Policy Mandate

The UFS Amendment Directions proposes to delete Para 6 of the UFS Direction, which requires NBFCs to put in place a broad Board-approved policy governing the distribution of third-party financial products, including insurance products. A closer reading indicates that the change is primarily structural rather than substantive, as the underlying policy requirement has already been added within the RBI’s RBC Amendment Directions, through the insertion of Para 101A, which mandates every regulated entity to adopt a comprehensive policy covering advertising, marketing, and sales of both its own and third-party financial products and services. 

It is also relevant to note that, independent of RBI requirements, sectoral regulators already mandate similar requirements. For instance, IRDAI requires corporate agents to maintain an open architecture policy and a grievance redressal policy. As such, most NBFCs engaged in these activities are likely to have comparable policies already in place. Consequently, we understand that where an NBFC has already adopted policies to comply with the RBC Amendment Directions or applicable sectoral regulations, those frameworks would adequately satisfy the regulatory expectation. 

Angel Tax on CCPS Issued to Parent Company: ITAT Grants Relief

/0 Comments/in , , /by

– Yuttika Dalmia | finserv@vinodkothari.com

Section 56(2)(viib) of the Income-tax Act, 1961, popularly known as the “Angel Tax” provision, was introduced to prevent the routing of unaccounted money through the issue of shares at a high premium. In an important ruling discussed below, the Delhi ITAT held that this anti-abuse provision should be applied only to transactions that fall within its intended purpose and should not be mechanically invoked in genuine transactions between group companies.

Facts of the case

  • OYO issued CCPS to its holding company Oravel Stays Ltd. following a court-approved demerger of its India hotel business.
  • Oravel’s holding reduced from 100% to 99.6% solely due to the demerger — parent-subsidiary relationship maintained throughout.
  • Shares issued at substantial premium based on DCF valuation report.
  • Capital infused was FEMA-compliant downstream foreign investment.
  • AO alleged shares were issued in excess of FMV and made an addition of ₹3,885.52 crore under Section 56(2)(viib).

Issues Before the Tribunal

  • Whether Section 56(2)(viib) applies to shares issued by a subsidiary to its holding company.
  • Whether AO can reject DCF valuation and substitute NAV method.
  • Whether premium on conversion of CCPS into equity is taxable under Section 56(2)(viib).

AO’s Findings

  • Rejected DCF valuation citing negative net worth, losses and aggressive COVID-era projections.
  • Treated excess consideration over FMV as taxable income under Section 56(2)(viib).

ITAT’s Findings

  • Section 56(2)(viib) being an anti-abuse provision cannot extend to bona fide holding-subsidiary capital infusions absent any money laundering concerns.
  • AO acted beyond jurisdiction by rejecting merchant banker’s DCF report — tax authorities lack expertise to redo such valuations.
  • FEMA-compliant downstream investment cannot be treated as unaccounted money — foundational assumption of Section 56(2)(viib) fails.

Key Takeaways

  • Section 56(2)(viib) must be interpreted purposively — it targets unaccounted money, not genuine intra-group restructurings.
  • AO cannot disregard a registered valuer/merchant banker report without strong and cogent reasons.
  • FEMA compliance creates a strong presumption of genuineness against Angel Tax application.
  • Entire addition of ₹3,885.52 crore deleted by ITAT.

Note: Section 56(2)(viib) of the Income-tax Act, 1961 has been omitted with effect from 1 April 2025 and accordingly is no longer applicable from Assessment Year 2026–27 onwards.

Link to case law: Oyo Hotels And Homes Private … vs Deputy Commissioner Of Income Tax, … on 4 June, 2026

Control and Assurance Functions for NBFCS- RBI Proposes Consolidation

/0 Comments/in /by
  • Harshita Malik | finserv@vinodkothari.com

The RBI issued the Reserve Bank of India (Non-Banking Financial Companies – Governance) Directions, 2025 (‘Governance Directions’) on November 28, 2025, consolidating all governance-related instructions for NBFCs into a single master framework. While the said exercise addressed regulations around Board composition, fit and proper criteria, KMP compensation, and related matters, it left the two core control/assurance functions, namely, compliance and internal audit, governed by separate circulars. The draft Reserve Bank of India (Non-Banking Financial Companies – Governance) Amendment Directions, 2026 (‘Amendment Directions’), issued for public comments, absorbs the CCO Circular and RBIA Circular into the Governance Directions and proposes certain amendments to the risk management framework. 

Effective Date: The Amendment Directions propose an effective date of January 1, 2027, upon formal notification.

The amendments introduced go beyond mere consolidation of existing circulars; they introduce new obligations and structural changes to the governance norms. Key changes are given below, for banks, refer to our article here.

  1. Important concepts defined: The Amendment Directions contain new definitions of key concepts relating to control and assurance functions, including ‘Assurance’, ‘Clawback’, ‘Compliance’, ‘Compliance Culture’, ‘Compliance Function’, ‘Compliance Risk’, ‘Control Functions’, ‘Internal Audit Function’, ‘Internal Audit Plan’, ‘Internal Controls’, ‘Risk Appetite’, ‘Risk Limits’, ‘Risk Management’, and ‘Risk Management Function’.
  2. Common instructions for CRO, CCO and HIA: The Amendment Directions provide a unified set of provisions for the three heads of control and assurance functions, namely, Chief Risk Officer (CRO), Chief Compliance Officer (CCO), and Head of Internal Audit (HIA), covering eligibility, appointment conditions (seniority ≤2 levels below MD & CEO, Board approval, tenure ≥3 years, premature removal requiring Board approval), independence, and reporting lines (functional to Board/ACB; administrative to MD & CEO). Does this mean that the same person can be appointed as the CCO and HIA? Given that the role of the HIA includes oversight on compliance risk, it will be counter-intuitive to have the same person as the head of the compliance function as well as the head of internal audit. Similar instructions have also been introduced for banks.
  3. Relaxation for Base Layer continues and further enhancement- Under the existing framework, the CCO framework was applicable on Middle Layer NBFC and appointment of CRO and RBIA Framework on those with an asset size more than ₹5000 crore, respectively. The said exemption for base layer NBFCs continues and further even includes the requirement of constituting the RMC. 
  4. ₹5,000 crore threshold for mandatory RMC: NBFCs with total assets of ₹5,000 crore or above must constitute a RMC and establish a Risk Management Function headed by a CRO; the RMC is responsible for evaluating overall risks, including liquidity risk, and reporting to the Board. The existing regulations require the RMC to be constituted by all NBFCs irrespective of asset size, and hence, this may be seen as a major relaxation.
  5. Quarterly Board meetings without Senior Management: CCO, CRO, and HIA must meet the Board or ACB at least once every quarter without the presence of Senior Management (including MD/CEO/WTD), and must have direct and unrestricted access to the Board/ACB to communicate concerns without management interference.
  6. Stricter external hiring restrictions: Consultants, advisors, part-time auditors, or individuals who are neither on the NBFC’s payroll nor have a contractual employer-employee relationship with the NBFC shall not be appointed/designated as CRO, CCO, or HIA. The same criteria has been prescribed for banks as well.
  7. Differentiated intimation timelines to RBI/NHB: For CCO and HIA (NBFC-ML and above), appointment/premature transfer/removal/exit/change in tenure must be reported to DoS, RBI/NHB at least five working days in advance, with candidate profile and fit & proper confirmation; for CRO, such intimation must be made within five working days, accompanied by the candidate’s profile.
  8. CRO’s role in credit committee and override mechanism: CRO shall be an invitee to credit sanction/approval committee meetings without voting rights; where risk/exposure is assumed contrary to CRO advice without adequate mitigation, the responsibility rests with the next higher authority in the delegation matrix (except where the Board is the risk-assuming authority), and all such cases must be reported to the Board/RMCB.
  9. Internal audit of Compliance and Risk Management Functions: The Compliance Function and Risk Management Function shall be subject to regular internal audit.
  10. New tenure and audit-cycle mandates for Internal Audit: Staff posted to the Internal Audit Function shall ordinarily have a tenure of at least three years, and all significant activities shall be audited over a defined cycle ordinarily not exceeding three years, with high-risk areas reviewed more frequently.
  11. RBIA adoption and NBFC-BL exemption: All NBFCs shall adopt a Risk-Based Internal Audit (RBIA) approach focusing on higher risk, materiality, systemic relevance, and supervisory concerns as given in Annex I-A of the Amendment Directions; adoption of RBIA is voluntary for NBFC-BL. As per the Companies Act, internal audit is applicable even on private companies having a turnover of ₹ 200 crore rupees or outstanding loans or borrowings exceeding ₹100 crore or more. This means that even Base Layer NBFCs can be subjected to internal audit requirements. However, risk-based internal audit will be applicable only in case of Middle Layer and above entities. RBIA is an audit methodology that focuses on identifying, assessing, and prioritising the most significant risks faced by an organisation, and allocating audit resources accordingly. Unlike traditional compliance-oriented audits, RBIA aligns audit activities with the NBFC’s risk management framework and strategic objectives. Refer to our article on RBIA – here.
  12. Periodic external review for NBFC-UL Risk Management Function: NBFC-UL shall subject its Risk Management Function to periodic external review to benchmark practices and strengthen effectiveness. However, in the case of banks, all three functions- compliance, risk and internal audit are subject to external review.
  13. Formal Risk Exposure Matrix (9-cell grid) & Risk Audit Prioritisation Matrix (Magnitude vs. Frequency): The Amendment Directions introduce two formalised, structured risk assessment and prioritisation tools under the RBIA framework (Annex I‑A).
  14. Assumption of risk exposure contrary to the advice of CRO: If risk is taken contrary to the CRO’s advice without adequate mitigation, the responsibility lies with the next higher authority in the delegation matrix (except when the Board is the risk-assuming authority). All such cases must be reported to the Board/RMC.
  15. Intimation of appointment to RBI/NHB: For CCO and HIA: Report appointment/premature transfer/removal/exit/change in tenure at least 5 working days in advance (pre-event intimation). Intimation to include profile and fit & proper confirmation by the competent authority. Appointment may be communicated to the candidate only after the five-day window, unless a contrary communication is received from RBI/NHB. For CRO: Report appointment/premature transfer/removal/exit/change in tenure within 5 working days (post-event intimation).

For ease of reference, the amendments have been classified into three categories and detailed below:

  1. Changes Common for CCO, CRO and HIA
ProvisionDraft Amendment DirectionsCurrent Directions/Circulars
RankNot more than two levels below MD & CEO (for SPDs: not more than three level; for NBFC-BL: as per policy)CCO shall be not below two levels from CEO; for NBFC-ML, relaxable by one further level
Appointment tenureOrdinarily not less than three years with no explicit relaxation. Premature transfer/removal requires Board approvalBoard permitted to relax the minimum three-year tenure by one year in exceptional cases for CCO.
External HiringExternal hiring permitted, however, consultants, advisors, part-time auditors, or individuals without employer-employee relationship with the NBFC.External hiring permitted, no negative list prescribed
Reporting LineFunctional reporting: Board/ACB; Administrative: MD & CEOReporting by CCO to MD & CEO was the primary option; Board reporting was an alternative.
Quarterly meeting without senior managementMeet Board/ACB quarterly without Senior Management (including the MD / CEO / WTD)CCO and CRO shall meet the Board or ACB at least once a quarter without the presence of the Senior Management (including the MD / CEO / WTD)
Intimation to RBI/NHBFor CCO and HIA:report appointment/premature transfer/removal/exit/change in tenure at least 5 working days in advance (pre-event intimation). Intimation to include profile and fit & proper confirmation by competent authority. Appointment may be communicated to the candidate only after the five-day window, unless a contrary communication is received from RBI/NHB

For CRO:Report appointment/premature transfer/removal/exit/change in tenure within 5 working days (post-event intimation)		Prior intimation was required for appointment of CCO without specifying a minimum period. Intimation to include Detailed profile of candidate, fit and proper certification by MD & CEO confirming the person meets prescribed supervisory requirements and rationale for changes, if applicable.
Internal auditCompliance Function and Risk Management Function shall be subject to regular internal auditNo explicit requirement that Compliance must be audited by IA
  1. Changes Specific to CRO
ProvisionDraft Amendment DirectionsGovernance Directions
Threshold for RMCNBFCs with assets ≥ ₹5,000 croreAll NBFCs
CRO’s role in credit decisionCRO shall be an invitee to the meetings of the credit sanction / approval committee, without any voting rights.CRO shall have voting power and all members shall individually and severally be liable.
Contrary risk adviceAssumption of any risk / exposure, contrary to the advice of the CRO, without incorporating adequate risk mitigation measures, shall rest with the next higher authority in the delegation matrix.No equivalent provision.
Risk Management Function dutiesEnsure NBFC operates within risk appetite; assess risks independently – Implement NBFC-wide risk strategy aligned with Board-approved risk appetite; clear risk limits; allocate parameters – Robust information infrastructure for capital/liquidity, granular monitoring, consolidated reporting – Continuously evaluate exposures vs. limits; challenge business decisions; escalate critical issues to SM/Board/RMCBCRO had similar duties but risk appetite/limits were not defined and escalation mechanism was not explicitly prescribed
External review of Risk Management FunctionNBFC-UL shall subject Risk Management Function to periodic external review to benchmark practices and strengthen effectivenessNo explicit external review requirement for Risk Management Function
  1. Changes in Internal Audit Function – RBIA
ProvisionDraft Amendment DirectionsRBIA Circular
Applicability of CRONBFC-ML and above (mandatory), thus, making it mandatory for ML entities irrespective of asset size; NBFC-BL (voluntary).Deposit-taking NBFCs (all sizes) and non-deposit-taking NBFCs with assets ≥ ₹5,000 crore
Tenure of internal auditorsStaff posted to Internal Audit Function should ordinarily have a tenure of at least three yearsNo specified tenure for internal audit staff
Internal audit cycleAll significant activities audited over a defined cycle ordinarily not exceeding three years; high-risk areas to be reviewed more frequentlyNo specified audit cycle
Structured RBIA FrameworkRisk Exposure Matrix (9-cell grid, inherent risk vs. control risk) and Risk Audit Prioritisation Matrix (magnitude vs. frequency) has been specified.No such formal risk matrix was specified.