Skip to main content

Fraud Risk Management in Commercial Banks (including RRBs), AIFI, UCBs, StCBs, CCBs and NBFCs (including HFCs)

Reserve Bank of India (RBI) has issued directions on fraud risk management in Commercial Banks [including Regional Rural Banks (RRBs)], All India Financial Institutions (AIFI), Urban Cooperative Banks (UCBs), State Cooperative Banks (StCBs), Central Cooperative Banks (CCBs) and Non-Banking Financial Companies (NBFCs) [including Housing Finance Companies (HFCs)].

What is the purpose of the directions?

The directions are issued with a view to providing a framework to Commercial Banks, AIFI, Cooperative Banks and applicable NBFCs for prevention, early detection and timely reporting of incidents of fraud to Law Enforcement Agencies (LEAs), Reserve Bank of India (RBI), National Bank for Agriculture and Rural Development (NABARD) and National Housing Bank (NHB) and dissemination of information by RBI and matters connected therewith or incidental thereto.

To whom are the directions applicable?

The directions are applicable to –

Banks Cooperative Banks Applicable NBFCs
Commercial Banks (including foreign banks, Local Area Banks, Small Finance Banks, Payments Banks and RRBs)

AIFIs –

– Export-Import Bank of India (Exim Bank)
– NABARD
– National Bank for Financing Infrastructure and Development (NaBFID)
– NHB
– Small Industries Development Bank of India (SIDBI)
UCBs
StCBs
CCBs
 NBFCs (including HFCs) in –
– Upper Layer
– Middle Layer
– Base Layer (with asset size of ₹500 crore and above)

What are the directions on Fraud Risk Management Policy?

  • The Board approved policy on fraud risk management shall incorporate measures for ensuring compliance with principles of natural justice in a time-bound manner which at a minimum shall include –
    • Issuance of a detailed Show Cause Notice (SCN) to the Persons, Entities and its Promoters / Whole-time and Executive Directors against whom allegation of fraud is being examined.
    • A reasonable time of atleast 21 days shall be provided to the Persons / Entities on whom the SCN was served to respond to the said SCN.
    • A reasoned Order shall be served on the Persons / Entities conveying the decision regarding declaration / classification of the account as fraud or otherwise.
  • Fraud Risk Management Policy shall be reviewed by the Board at least once in 3 years, or more frequently.

What are the directions on Special Committee of the Board for Monitoring and Follow-up of cases of Frauds (SCBMF)?

Banks Cooperative Banks Applicable NBFCs
Committee of the Board to be known as ‘Special Committee of the Board for Monitoring and Follow-up of cases of Frauds’ (SCBMF) shall oversee the effectiveness of the fraud risk management.
SCBMF shall be constituted with a minimum of 3 members of the Board, consisting of a whole-time director and a minimum of 2 independent directors / non-executive directors. SCBMF shall be constituted with a minimum of 3 members of the Board, consisting of the Chief Executive Officer and 2 directors. SCBMF shall be constituted with a minimum of 3 members of the Board, consisting of the Chief Executive Officer and 2 Independent Directors.
The Committee shall be headed by one of the independent directors / non-executive directors. The Committee shall be headed by one of the directors. The Committee shall be headed by one of the Independent Directors.

 

 Tier 1 & 2 UCBs and StCBs / CCBs having deposits below ₹1000 crore shall have the option of constituting a Committee of the Executives (CoE) with a minimum of 3 members, at least one of whom shall be the Chief Executive Officer for the purpose of performing the roles and responsibilities of SCBMF. Applicable Middle Layer and Base Layer NBFCs shall have the option of constituting a Committee of the Executives (CoE) with a minimum of 3 members, at least one of whom shall be a Whole-time director or equivalent rank Official for the purpose of performing the roles and responsibilities of SCBMF.
A senior official in the rank of at least a General Manager or equivalent shall be responsible for monitoring and reporting of frauds. A sufficiently senior official shall be responsible for monitoring and reporting of frauds.

What is Red Flagged Account (RFA)?

A Red Flagged Account (RFA) is one where suspicion of fraudulent activity is thrown up by the presence of one or more Early Warning Signals (EWS) indicators, alerting / triggering deeper investigation from potential fraud angle and initiating preventive measures.

What is the framework for early detection of frauds?

Banks Cooperative Banks Applicable NBFCs
Banks shall have a framework for EWS and RFA. Tier 3 & 4 UCBs and StCBs / CCBs having deposits above ₹1000 crore shall have a framework for EWS. NBFCs in the Upper Layer and Middle Layer (NBFCs – UL & ML) shall have a framework for EWS.
Risk Management Committee of the Board (RMCB) shall oversee the effectiveness of the framework for EWS and RFA. Board Level Committee shall oversee the effectiveness of the framework for EWS.
An account meeting the CRILC reporting threshold (i.e. aggregate fund-based and non-fund-based exposure of ₹3 crore and above for reporting RFA / frauds), shall be reported to RBI within 7 days of being red flagged.

 

Central Repository of Information on Large Credits (CRILC) and Central Fraud Registry (CFR) are not applicable to RRBs.

What are the directions on reporting of fraud?

Banks Cooperative Banks Applicable NBFCs
The decision to classify any account, either standard or NPA, as a RFA shall be at the individual bank level and such banks shall report the status of the account on RBI’s CRILC platform immediately (within 7 days from date of classification as RFA).

 
The principles of natural justice shall be strictly adhered to before classifying / declaring an account as fraud.
Once an account has been red-flagged, the entire process of classification of the account as fraud or removal of RFA status shall be completed within 180 days from the date of first reporting of the account as RFA on the CRILC platform. Cases remaining in RFA status beyond 180 days shall be reported to the SCBMF for review with adequate reasoning / justification thereof. Such cases shall also be subject to supervisory review by RBI.

 
In case an account is identified as a fraud, the borrowal accounts of other group companies, in which one or more promoters / whole-time directors are common, shall also be subjected to examination from fraud angle.
In cases where Law Enforcement Agencies (LEAs) have suo moto initiated investigation involving a borrower account, the bank shall immediately red-flag the account and follow the usual process for classification of account as fraud. In cases where Law Enforcement Agencies (LEAs) have suo moto initiated investigation involving a borrower account, Cooperative Banks / applicable NBFCs shall follow the process of classification of account as fraud.
Necessary terms and conditions may be incorporated in agreements with third-party service providers to hold them accountable in situations where wilful negligence / malpractice by them is found to be a causative factor for fraud.
After complying with the principles of natural justice, the details of such third parties or professionals involved in frauds shall be reported to Indian Banks’ Association (IBA). IBA would, in turn, prepare caution lists of such third parties for circulation.

 

What are the directions on staff accountability?

Banks Cooperative Banks Applicable NBFCs
PSBs and AIFIs shall conduct examination of staff accountability as per the guidelines issued by the Central Vigilance Commission (CVC). In terms of CVC Order, PSBs and AIFIs shall also refer all fraud cases of amount involving ₹3 crore and above for examining the role of all levels of officials / whole-time directors (including ex-officials / ex-WTDs) to the Advisory Board for Banking and Financial Frauds (ABBFF) constituted by the CVC.

 

 Government-NBFCs shall conduct examination of staff accountability as per the guidelines issued by the CVC. In terms of CVC Order, applicable NBFCs in the public sector shall also refer all fraud cases of amount involving ₹3 crore and above for examining the role of all levels of officials / whole-time directors (including ex-officials / ex-WTDs) to the ABBFF constituted by the CVC.
In cases involving very senior executives of the bank (MD & CEO / Executive Director / Executives of equivalent rank), the Audit Committee of the Board (ACB) shall initiate examination of their accountability and place it before the Board. However, in case of PSBs and AIFIs, such cases shall also be referred to the ABBFF. In cases involving very senior executives of the Cooperative Banks (MD & CEO / Chief Executive Officer / Executives of equivalent rank), the ACB shall initiate examination of their accountability and place before the Board. In cases involving very senior executives of the applicable NBFCs (MD & CEO / Executive Director / Executives of equivalent rank), the ACB shall initiate examination of their accountability and place it before the Board. However, in case of applicable NBFCs in the public sector, such cases shall also be referred to the ABBFF.

What penal measures shall be taken against persons / entities reported as fraud?

Persons / Entities classified and reported as fraud by Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs and also Entities and Persons associated with such Entities, shall be debarred from raising of funds and / or seeking additional credit facilities from financial entities regulated by RBI, for 5 years from the date of full repayment of the defrauded amount / settlement amount agreed upon in case of a compromise settlement.

What shall be the treatment of accounts under resolution?

  • In case an entity classified as fraud has subsequently undergone a resolution either under IBC or under the resolution framework of RBI resulting in a change in the management and control of the entity / business enterprise, Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs shall examine whether the entity shall continue to remain classified as fraud. 
  • This would, however, be without prejudice to the continuance of criminal action against erstwhile promoters / directors / persons who were in charge and responsible for the management of the affairs of the entity / business enterprise.
  • The penal measures shall not be applicable to entities / business enterprises after implementation of the resolution plan under IBC or aforesaid prudential framework.
  • The penal measures shall continue to apply to the erstwhile promoters / directors / persons who were in charge and responsible for the management of the affairs of the entity / business enterprise.

What are the directions on reporting of frauds to LEA?

Banks Cooperative Banks Applicable NBFCs
The incidents of fraud shall be immediately reported to LEAs, subject to applicable laws, as indicated below –
Category of bank Amount involved in the fraud LEA to whom complaint should be lodged
Private Sector / Foreign Banks Below ₹1 crore State / Union Territory (UT) Police
₹1 crore and above In addition to State / UT Police, Serious Fraud Investigation Office (SFIO), Ministry of Corporate Affairs, Government of India
Public Sector Banks / RRBs Below ₹6 crore State / UT Police
₹6 crore and above Central Bureau of Investigation (CBI)

The incidents of fraud shall be immediately reported to appropriate LEAs viz. State Police authorities, etc. subject to applicable laws.

What are the directions on reporting of fraud to RBI?

Banks (except RRBs) UCBs Applicable NBFCs (except HFCs)
Fraud Monitoring Return (FMR) shall be furnished in individual fraud cases, irrespective of the amount involved, immediately within 14 days from the date of classification of an incident / account as fraud.
Incidents of fraud at overseas branches of Indian banks shall also be reported to the concerned overseas LEAs in accordance with the relevant laws / regulations of the host countries.

 

 Incidents of fraud at overseas branches of Indian NBFCs shall also be reported to the concerned overseas LEAs in accordance with the relevant laws / regulations of the host countries.
Banks shall also report frauds perpetrated in their group entities to RBI separately (FMR through email only), if such entities are not regulated / supervised by any financial sector regulatory / supervisory authority. However, in case of overseas banking group entity of Indian banks, the parent bank shall also report incidents of fraud to RBI.

 

 Applicable NBFCs shall also report frauds perpetrated in their group entities to RBI separately (FMR through email only), if such entities are not regulated / supervised by any financial sector regulatory / supervisory authority. However, in case of overseas financial group entity of Indian NBFC, the parent NBFC shall also report incidents of fraud to RBI.
Banks may, under exceptional circumstances, withdraw FMR / remove names of perpetrators from FMR. Such withdrawal / removal shall, however, be made with due justification and with the approval of an official at least in the rank of a whole-time director. UCBs / applicable NBFCs may, under exceptional circumstances, withdraw FMR / remove names of perpetrators from FMR. Such withdrawal / removal shall, however, be made with due justification and with the approval of an official at least in the rank of a director.
Banks are required to report payment system related disputed / suspected or attempted fraudulent transactions to Central Payments Fraud Information Registry (CPFIR), maintained by RBI. However, such transactions, if subsequently concluded as fraud committed on banks, shall invariably be reported through FMR so as to be reflected in CFR.

 
Fraud cases shall be closed using 'Closure Module' where the below stated actions are complete –
  • The fraud cases pending with LEAs / Court are disposed of; and
  • The examination of staff accountability has been completed.
Banks are allowed, for limited statistical / reporting purposes, to close those reported fraud cases involving amount up to ₹1 crore, where examination of staff accountability and disciplinary action, if any, have been taken and –
  • The investigation is going on or charge-sheet has not been filed in the Court by LEA for more than 3 years from the date of registration of First Information Report (FIR); or
  • The charge-sheet is filed by the LEAs in trial court and the trial in the court has not commenced or is pending before the court for more than 3 years from the date of registration of FIR.

 

 NBFCs are allowed, for limited statistical / reporting purposes, to close those reported fraud cases involving amount upto ₹25 lakh, where examination of staff accountability and disciplinary action, if any, has been taken and –
  • The investigation is going on or charge-sheet has not been filed in the Court by LEA for more than 3 years from the date of registration of FIR; or
  • The charge-sheet is filed by the LEAs in trial court and the trial in the court has not commenced or is pending before the court for more than 3 years from the date of registration of FIR.

  • RRBs, StCBs and CCBs shall report incidents of fraud to NABARD in the manner and in Returns / Formats as prescribed by NABARD.
  • HFCs shall report incidents of fraud to NHB in the manner and in Returns / Formats as prescribed by NHB.

What are the directions on reporting cheque related frauds?

  • Reporting of frauds involving forged instruments, including fake / forged instruments sent in clearing in respect of truncated instruments, shall continue to be done by the paying banker and not by the presenting banker. 
  • However, in the case of presentment of an instrument which is genuine but payment has been made to a person who is not the true owner; or where the amount has been credited before realisation and subsequently the instrument is found to be fake / forged and returned by the paying bank, the presenting bank shall file the fraud report with RBI and inform the LEAs.

What are directions on audit and transfer of accounts?

  • The title deeds and other related title documents shall be subject to periodic legal audit and re-verification, till the loan is fully repaid, as below –

Commercial Banks / AIFIs All credit facilities of ₹5 crore and above
Small Finance Banks, Local Area Banks, Regional Rural Banks, Cooperative Banks and applicable NBFCs All credit facilities of ₹1 crore and above
  • Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs shall complete the investigation from fraud angle before transferring the loan account / credit facility to other lenders / ARCs. In cases where Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs conclude that a fraud has been perpetrated in the account, they shall report it to RBI / NABARD / NHB before selling the asset / accounts to other lenders / ARCs.

What is the date of occurrence, detection and classification of frauds for filing FMR?

  • The ‘date of occurrence’ is the date when the actual misappropriation of funds has started taking place, or the event occurred, as evidenced / reported in the audit or other findings.
  • The ‘date of detection’ is the actual date when the fraud came to light in the concerned branch / audit / department, and not the date of approval by the competent authority of Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs.
  • The ‘date of classification’ is the date when due approval from the competent authority has been obtained for such a classification, and the reasoned order is passed.  

What are the directions for reporting cases of Theft, Burglary, Dacoity and Robbery?

  • Commercial Banks / AIFIs / UCBs / applicable NBFCs shall report instances of theft, burglary, dacoity and robbery (including attempted cases) to RBI, immediately (within 7 days from their occurrence).
  • Commercial Banks / AIFIs / UCBs / applicable NBFCs shall also submit a quarterly Return (RBR) on theft, burglary, dacoity and robbery to RBI using online portal within 15 days from the end of the quarter to which it relates.
  • RRBs, StCBs and CCBs shall report cases of theft, burglary, dacoity and robbery to NABARD in the manner and in Returns / Formats as prescribed by NABARD.
  • HFCs shall report cases of theft, burglary, dacoity and robbery to NHB in the manner and in Returns / Formats as prescribed by NHB.


References

Reserve Bank of India. (2024, July 15). 'Master Directions on Fraud Risk Management in Commercial Banks (including Regional Rural Banks) and All India Financial Institutions'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12702&Mode=0

Reserve Bank of India. (2024, July 15). 'Master Directions on Fraud Risk Management in Non-Banking Financial Companies (NBFCs) (including Housing Finance Companies)'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12704&Mode=0

Reserve Bank of India. (2024, July 15). 'Master Directions on Fraud Risk Management in Urban Cooperative Banks (UCBs) / State Cooperative Banks (StCBs) / Central Cooperative Banks (CCBs)'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12703&Mode=0


Follow at - Telegram   Instagram   LinkedIn   X   Facebook

Labels:

Comments

Post a Comment

Popular Posts

Report of the Committee to develop a Framework for Responsible and Ethical Enablement of Artificial Intelligence (FREE-AI) in the Financial Sector

Reserve Bank of India (RBI) has released the report of the committee to develop a framework for responsible and ethical enablement of artificial intelligence (FREE-AI) in the financial sector. Committee to develop a Framework for Responsible and Ethical Enablement of Artificial Intelligence (FREE-AI) in the Financial Sector In the financial sector, Artificial Intelligence (AI) has the potential to unlock new forms of customer engagement, enable alternate approaches to credit assessment, risk monitoring, fraud detection, and offer new supervisory tools. At the same time, increased adoption of AI could lead to new risks like bias and lack of explainability, as well as amplifying existing challenges to data protection, cybersecurity, among others. To encourage the responsible and ethical adoption of AI in the financial sector, the committee to develop a Framework for Responsible and Ethical Enablement of Artificial Intelligence (FREE-AI) in the Financial Sector (Chairperson: Dr. Pushpak B...
Post a Comment
Read more

Lending against Gold and Silver collateral

Reserve Bank of India (RBI) has issued directions on lending against the collateral of gold and silver. To whom are the directions applicable? The directions are applicable to the following regulated entities (REs) – Commercial Banks (including Small Finance Banks, Local Area Banks and Regional Rural Banks, but excluding Payments Banks). Primary (Urban) Co-operative Banks (UCBs) & Rural Co-operative Banks (RCBs), i.e., State Co-operative Banks (StCBs) and Central Co-operative Banks (CCBs). Non-Banking Financial Companies (NBFCs), including Housing Finance Companies (HFCs). Which loans are covered under the directions? The directions shall apply to all loans offered by an RE for the purpose of consumption or income generation (including farm credit) where eligible gold or silver collateral is accepted as a collateral security. What is eligible collateral? Eligible collateral means the collateral of jewellery, ornaments or coins made of gold or silver. A lender shall not grant any ad...
Post a Comment
Read more

All about RBI Integrated Ombudsman Scheme, 2021

Filed a complaint against a bank / financial institution but haven’t received a reply for more 30 days? Or received a reply but not satisfied with the resolution offered by the bank / financial institution? Or the complaint was rejected by the bank / financial institution? You can approach RBI Ombudsman under the RBI Integrated Ombudsman Scheme, 2021. What is RBI Integrated Ombudsman Scheme (RBI-IOS), 2021? RBI-IOS was launched on November 12, 2021, by integrating the existing 3 Ombudsman schemes of RBI. RBI-IOS adopts ‘One Nation One Ombudsman’ approach by making the RBI Ombudsman mechanism jurisdiction neutral. It provides cost-free redress of customer complaints involving deficiency in services rendered by entities regulated by RBI. Which schemes are integrated in RBI-IOS? RBI-IOS integrates following existing schemes of RBI – Schemes Powers derived from Entities covered Banking Ombudsman Scheme, 2006 Section 35A of BR Act, 1949 S...
Post a Comment
Read more

Investments in Debt Instruments by Non-residents

Reserve Bank of India (RBI) has issued directions on investments in debt instruments by non-residents. What are the channels for investments in debt instruments by non-residents? General Route – for investment in Government securities and corporate debt securities by Foreign Portfolio Investors (FPIs) subject to specified investment limits and macro-prudential limits. Voluntary Retention Route (VRR) – for investments in Government securities and corporate debt securities, free of certain macro-prudential limits applicable to FPI investments in debt markets under the General Route, by FPIs that commit to remain invested for a stipulated retention period. Fully Accessible Route (FAR) – for investments by non-residents in certain specified categories of Central Government securities (‘specified securities’) without any restriction. Scheme for Trading and Settlement of Sovereign Green Bonds (SGrBs) issued by the Central Government by eligible foreign investors in the International Finan...
Post a Comment
Read more

Continuous Clearing and Settlement on Realisation in Cheque Truncation System (CTS)

Reserve Bank of India (RBI) has issued direction on continuous clearing and settlement on realisation in Cheque Truncation System (CTS). What is Cheque Truncation System (CTS)? Cheque Truncation System (CTS) involves halting the physical movement of the cheque and its replacement by images of the instrument and the corresponding data contained in the MICR line.  In CTS, 3 images are taken of each cheque – front Gray Scale, front Black & White and back Black & White. MICR (Magnetic Ink Character Recognition) is a 9-digit code printed at the bottom of cheques using magnetic ink – first 3 digits indicate City Code, middle 3 digits indicate Bank Code and the last 3 digits indicate Bank Branch Code. Only CTS-2010 standards compliant instruments can be presented for clearing through CTS. The presenting banks which truncates the cheques need to preserve the physical instruments for 10 years. From when will the continuous clearing and settlement on realisation in CTS be implemented...
Post a Comment
Read more