Skip to main content

Fraud Risk Management in Commercial Banks (including RRBs), AIFI, UCBs, StCBs, CCBs and NBFCs (including HFCs)

Reserve Bank of India (RBI) has issued directions on fraud risk management in Commercial Banks [including Regional Rural Banks (RRBs)], All India Financial Institutions (AIFI), Urban Cooperative Banks (UCBs), State Cooperative Banks (StCBs), Central Cooperative Banks (CCBs) and Non-Banking Financial Companies (NBFCs) [including Housing Finance Companies (HFCs)].

What is the purpose of the directions?

The directions are issued with a view to providing a framework to Commercial Banks, AIFI, Cooperative Banks and applicable NBFCs for prevention, early detection and timely reporting of incidents of fraud to Law Enforcement Agencies (LEAs), Reserve Bank of India (RBI), National Bank for Agriculture and Rural Development (NABARD) and National Housing Bank (NHB) and dissemination of information by RBI and matters connected therewith or incidental thereto.

To whom are the directions applicable?

The directions are applicable to –

Banks Cooperative Banks Applicable NBFCs
Commercial Banks (including foreign banks, Local Area Banks, Small Finance Banks, Payments Banks and RRBs)

AIFIs –

– Export-Import Bank of India (Exim Bank)
– NABARD
– National Bank for Financing Infrastructure and Development (NaBFID)
– NHB
– Small Industries Development Bank of India (SIDBI)
UCBs
StCBs
CCBs
 NBFCs (including HFCs) in –
– Upper Layer
– Middle Layer
– Base Layer (with asset size of ₹500 crore and above)

What are the directions on Fraud Risk Management Policy?

  • The Board approved policy on fraud risk management shall incorporate measures for ensuring compliance with principles of natural justice in a time-bound manner which at a minimum shall include –
    • Issuance of a detailed Show Cause Notice (SCN) to the Persons, Entities and its Promoters / Whole-time and Executive Directors against whom allegation of fraud is being examined.
    • A reasonable time of atleast 21 days shall be provided to the Persons / Entities on whom the SCN was served to respond to the said SCN.
    • A reasoned Order shall be served on the Persons / Entities conveying the decision regarding declaration / classification of the account as fraud or otherwise.
  • Fraud Risk Management Policy shall be reviewed by the Board at least once in 3 years, or more frequently.

What are the directions on Special Committee of the Board for Monitoring and Follow-up of cases of Frauds (SCBMF)?

Banks Cooperative Banks Applicable NBFCs
Committee of the Board to be known as ‘Special Committee of the Board for Monitoring and Follow-up of cases of Frauds’ (SCBMF) shall oversee the effectiveness of the fraud risk management.
SCBMF shall be constituted with a minimum of 3 members of the Board, consisting of a whole-time director and a minimum of 2 independent directors / non-executive directors. SCBMF shall be constituted with a minimum of 3 members of the Board, consisting of the Chief Executive Officer and 2 directors. SCBMF shall be constituted with a minimum of 3 members of the Board, consisting of the Chief Executive Officer and 2 Independent Directors.
The Committee shall be headed by one of the independent directors / non-executive directors. The Committee shall be headed by one of the directors. The Committee shall be headed by one of the Independent Directors.

 

 Tier 1 & 2 UCBs and StCBs / CCBs having deposits below ₹1000 crore shall have the option of constituting a Committee of the Executives (CoE) with a minimum of 3 members, at least one of whom shall be the Chief Executive Officer for the purpose of performing the roles and responsibilities of SCBMF. Applicable Middle Layer and Base Layer NBFCs shall have the option of constituting a Committee of the Executives (CoE) with a minimum of 3 members, at least one of whom shall be a Whole-time director or equivalent rank Official for the purpose of performing the roles and responsibilities of SCBMF.
A senior official in the rank of at least a General Manager or equivalent shall be responsible for monitoring and reporting of frauds. A sufficiently senior official shall be responsible for monitoring and reporting of frauds.

What is Red Flagged Account (RFA)?

A Red Flagged Account (RFA) is one where suspicion of fraudulent activity is thrown up by the presence of one or more Early Warning Signals (EWS) indicators, alerting / triggering deeper investigation from potential fraud angle and initiating preventive measures.

What is the framework for early detection of frauds?

Banks Cooperative Banks Applicable NBFCs
Banks shall have a framework for EWS and RFA. Tier 3 & 4 UCBs and StCBs / CCBs having deposits above ₹1000 crore shall have a framework for EWS. NBFCs in the Upper Layer and Middle Layer (NBFCs – UL & ML) shall have a framework for EWS.
Risk Management Committee of the Board (RMCB) shall oversee the effectiveness of the framework for EWS and RFA. Board Level Committee shall oversee the effectiveness of the framework for EWS.
An account meeting the CRILC reporting threshold (i.e. aggregate fund-based and non-fund-based exposure of ₹3 crore and above for reporting RFA / frauds), shall be reported to RBI within 7 days of being red flagged.

 

Central Repository of Information on Large Credits (CRILC) and Central Fraud Registry (CFR) are not applicable to RRBs.

What are the directions on reporting of fraud?

Banks Cooperative Banks Applicable NBFCs
The decision to classify any account, either standard or NPA, as a RFA shall be at the individual bank level and such banks shall report the status of the account on RBI’s CRILC platform immediately (within 7 days from date of classification as RFA).

 
The principles of natural justice shall be strictly adhered to before classifying / declaring an account as fraud.
Once an account has been red-flagged, the entire process of classification of the account as fraud or removal of RFA status shall be completed within 180 days from the date of first reporting of the account as RFA on the CRILC platform. Cases remaining in RFA status beyond 180 days shall be reported to the SCBMF for review with adequate reasoning / justification thereof. Such cases shall also be subject to supervisory review by RBI.

 
In case an account is identified as a fraud, the borrowal accounts of other group companies, in which one or more promoters / whole-time directors are common, shall also be subjected to examination from fraud angle.
In cases where Law Enforcement Agencies (LEAs) have suo moto initiated investigation involving a borrower account, the bank shall immediately red-flag the account and follow the usual process for classification of account as fraud. In cases where Law Enforcement Agencies (LEAs) have suo moto initiated investigation involving a borrower account, Cooperative Banks / applicable NBFCs shall follow the process of classification of account as fraud.
Necessary terms and conditions may be incorporated in agreements with third-party service providers to hold them accountable in situations where wilful negligence / malpractice by them is found to be a causative factor for fraud.
After complying with the principles of natural justice, the details of such third parties or professionals involved in frauds shall be reported to Indian Banks’ Association (IBA). IBA would, in turn, prepare caution lists of such third parties for circulation.

 

What are the directions on staff accountability?

Banks Cooperative Banks Applicable NBFCs
PSBs and AIFIs shall conduct examination of staff accountability as per the guidelines issued by the Central Vigilance Commission (CVC). In terms of CVC Order, PSBs and AIFIs shall also refer all fraud cases of amount involving ₹3 crore and above for examining the role of all levels of officials / whole-time directors (including ex-officials / ex-WTDs) to the Advisory Board for Banking and Financial Frauds (ABBFF) constituted by the CVC.

 

 Government-NBFCs shall conduct examination of staff accountability as per the guidelines issued by the CVC. In terms of CVC Order, applicable NBFCs in the public sector shall also refer all fraud cases of amount involving ₹3 crore and above for examining the role of all levels of officials / whole-time directors (including ex-officials / ex-WTDs) to the ABBFF constituted by the CVC.
In cases involving very senior executives of the bank (MD & CEO / Executive Director / Executives of equivalent rank), the Audit Committee of the Board (ACB) shall initiate examination of their accountability and place it before the Board. However, in case of PSBs and AIFIs, such cases shall also be referred to the ABBFF. In cases involving very senior executives of the Cooperative Banks (MD & CEO / Chief Executive Officer / Executives of equivalent rank), the ACB shall initiate examination of their accountability and place before the Board. In cases involving very senior executives of the applicable NBFCs (MD & CEO / Executive Director / Executives of equivalent rank), the ACB shall initiate examination of their accountability and place it before the Board. However, in case of applicable NBFCs in the public sector, such cases shall also be referred to the ABBFF.

What penal measures shall be taken against persons / entities reported as fraud?

Persons / Entities classified and reported as fraud by Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs and also Entities and Persons associated with such Entities, shall be debarred from raising of funds and / or seeking additional credit facilities from financial entities regulated by RBI, for 5 years from the date of full repayment of the defrauded amount / settlement amount agreed upon in case of a compromise settlement.

What shall be the treatment of accounts under resolution?

  • In case an entity classified as fraud has subsequently undergone a resolution either under IBC or under the resolution framework of RBI resulting in a change in the management and control of the entity / business enterprise, Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs shall examine whether the entity shall continue to remain classified as fraud. 
  • This would, however, be without prejudice to the continuance of criminal action against erstwhile promoters / directors / persons who were in charge and responsible for the management of the affairs of the entity / business enterprise.
  • The penal measures shall not be applicable to entities / business enterprises after implementation of the resolution plan under IBC or aforesaid prudential framework.
  • The penal measures shall continue to apply to the erstwhile promoters / directors / persons who were in charge and responsible for the management of the affairs of the entity / business enterprise.

What are the directions on reporting of frauds to LEA?

Banks Cooperative Banks Applicable NBFCs
The incidents of fraud shall be immediately reported to LEAs, subject to applicable laws, as indicated below –
Category of bank Amount involved in the fraud LEA to whom complaint should be lodged
Private Sector / Foreign Banks Below ₹1 crore State / Union Territory (UT) Police
₹1 crore and above In addition to State / UT Police, Serious Fraud Investigation Office (SFIO), Ministry of Corporate Affairs, Government of India
Public Sector Banks / RRBs Below ₹6 crore State / UT Police
₹6 crore and above Central Bureau of Investigation (CBI)

The incidents of fraud shall be immediately reported to appropriate LEAs viz. State Police authorities, etc. subject to applicable laws.

What are the directions on reporting of fraud to RBI?

Banks (except RRBs) UCBs Applicable NBFCs (except HFCs)
Fraud Monitoring Return (FMR) shall be furnished in individual fraud cases, irrespective of the amount involved, immediately within 14 days from the date of classification of an incident / account as fraud.
Incidents of fraud at overseas branches of Indian banks shall also be reported to the concerned overseas LEAs in accordance with the relevant laws / regulations of the host countries.

 

 Incidents of fraud at overseas branches of Indian NBFCs shall also be reported to the concerned overseas LEAs in accordance with the relevant laws / regulations of the host countries.
Banks shall also report frauds perpetrated in their group entities to RBI separately (FMR through email only), if such entities are not regulated / supervised by any financial sector regulatory / supervisory authority. However, in case of overseas banking group entity of Indian banks, the parent bank shall also report incidents of fraud to RBI.

 

 Applicable NBFCs shall also report frauds perpetrated in their group entities to RBI separately (FMR through email only), if such entities are not regulated / supervised by any financial sector regulatory / supervisory authority. However, in case of overseas financial group entity of Indian NBFC, the parent NBFC shall also report incidents of fraud to RBI.
Banks may, under exceptional circumstances, withdraw FMR / remove names of perpetrators from FMR. Such withdrawal / removal shall, however, be made with due justification and with the approval of an official at least in the rank of a whole-time director. UCBs / applicable NBFCs may, under exceptional circumstances, withdraw FMR / remove names of perpetrators from FMR. Such withdrawal / removal shall, however, be made with due justification and with the approval of an official at least in the rank of a director.
Banks are required to report payment system related disputed / suspected or attempted fraudulent transactions to Central Payments Fraud Information Registry (CPFIR), maintained by RBI. However, such transactions, if subsequently concluded as fraud committed on banks, shall invariably be reported through FMR so as to be reflected in CFR.

 
Fraud cases shall be closed using 'Closure Module' where the below stated actions are complete –
  • The fraud cases pending with LEAs / Court are disposed of; and
  • The examination of staff accountability has been completed.
Banks are allowed, for limited statistical / reporting purposes, to close those reported fraud cases involving amount up to ₹1 crore, where examination of staff accountability and disciplinary action, if any, have been taken and –
  • The investigation is going on or charge-sheet has not been filed in the Court by LEA for more than 3 years from the date of registration of First Information Report (FIR); or
  • The charge-sheet is filed by the LEAs in trial court and the trial in the court has not commenced or is pending before the court for more than 3 years from the date of registration of FIR.

 

 NBFCs are allowed, for limited statistical / reporting purposes, to close those reported fraud cases involving amount upto ₹25 lakh, where examination of staff accountability and disciplinary action, if any, has been taken and –
  • The investigation is going on or charge-sheet has not been filed in the Court by LEA for more than 3 years from the date of registration of FIR; or
  • The charge-sheet is filed by the LEAs in trial court and the trial in the court has not commenced or is pending before the court for more than 3 years from the date of registration of FIR.

  • RRBs, StCBs and CCBs shall report incidents of fraud to NABARD in the manner and in Returns / Formats as prescribed by NABARD.
  • HFCs shall report incidents of fraud to NHB in the manner and in Returns / Formats as prescribed by NHB.

What are the directions on reporting cheque related frauds?

  • Reporting of frauds involving forged instruments, including fake / forged instruments sent in clearing in respect of truncated instruments, shall continue to be done by the paying banker and not by the presenting banker. 
  • However, in the case of presentment of an instrument which is genuine but payment has been made to a person who is not the true owner; or where the amount has been credited before realisation and subsequently the instrument is found to be fake / forged and returned by the paying bank, the presenting bank shall file the fraud report with RBI and inform the LEAs.

What are directions on audit and transfer of accounts?

  • The title deeds and other related title documents shall be subject to periodic legal audit and re-verification, till the loan is fully repaid, as below –

Commercial Banks / AIFIs All credit facilities of ₹5 crore and above
Small Finance Banks, Local Area Banks, Regional Rural Banks, Cooperative Banks and applicable NBFCs All credit facilities of ₹1 crore and above
  • Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs shall complete the investigation from fraud angle before transferring the loan account / credit facility to other lenders / ARCs. In cases where Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs conclude that a fraud has been perpetrated in the account, they shall report it to RBI / NABARD / NHB before selling the asset / accounts to other lenders / ARCs.

What is the date of occurrence, detection and classification of frauds for filing FMR?

  • The ‘date of occurrence’ is the date when the actual misappropriation of funds has started taking place, or the event occurred, as evidenced / reported in the audit or other findings.
  • The ‘date of detection’ is the actual date when the fraud came to light in the concerned branch / audit / department, and not the date of approval by the competent authority of Commercial Banks / AIFIs / Cooperative Banks / applicable NBFCs.
  • The ‘date of classification’ is the date when due approval from the competent authority has been obtained for such a classification, and the reasoned order is passed.  

What are the directions for reporting cases of Theft, Burglary, Dacoity and Robbery?

  • Commercial Banks / AIFIs / UCBs / applicable NBFCs shall report instances of theft, burglary, dacoity and robbery (including attempted cases) to RBI, immediately (within 7 days from their occurrence).
  • Commercial Banks / AIFIs / UCBs / applicable NBFCs shall also submit a quarterly Return (RBR) on theft, burglary, dacoity and robbery to RBI using online portal within 15 days from the end of the quarter to which it relates.
  • RRBs, StCBs and CCBs shall report cases of theft, burglary, dacoity and robbery to NABARD in the manner and in Returns / Formats as prescribed by NABARD.
  • HFCs shall report cases of theft, burglary, dacoity and robbery to NHB in the manner and in Returns / Formats as prescribed by NHB.


References

Reserve Bank of India. (2024, July 15). 'Master Directions on Fraud Risk Management in Commercial Banks (including Regional Rural Banks) and All India Financial Institutions'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12702&Mode=0

Reserve Bank of India. (2024, July 15). 'Master Directions on Fraud Risk Management in Non-Banking Financial Companies (NBFCs) (including Housing Finance Companies)'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12704&Mode=0

Reserve Bank of India. (2024, July 15). 'Master Directions on Fraud Risk Management in Urban Cooperative Banks (UCBs) / State Cooperative Banks (StCBs) / Central Cooperative Banks (CCBs)'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12703&Mode=0


Follow at - Telegram   Instagram   LinkedIn   X   Facebook

Labels:

Comments

Post a Comment

Popular Posts

Reserve Bank of India Act, 1934 – Part-II – Section 17 to 19

The Reserve Bank of India Act, 1934 provides the statutory basis of the functioning of the Reserve Bank of India (RBI). In a series of articles, we will briefly go through the provisions of RBI Act, 1934. This is the second article in the series.  Section 17 – Business which the Bank may transact RBI shall be authorized to carry on and transact the several kinds of business hereinafter specified, namely – 17(1) – Accept deposit without interest from the Central / State Government, local authorities, banks and any other persons. 17(1A) – Accept deposit, repayable with interest, from banks or any other person under the Standing Deposit Facility Scheme, as approved by the Central Board, for the purposes of liquidity management.   Bills of Exchange (B/E) & Promissory Note (PN) Bearing 2 or more good signatures, one of which shall be of B/E & PN arising out of Maturing within 17(2)(a) Purchase, sale and rediscou...
Post a Comment
Read more

Reserve Bank of India Act, 1934 – Part-I – Preamble and Section 1 to 13

The Reserve Bank of India Act, 1934 provides the statutory basis of the functioning of the Reserve Bank of India (RBI). In a series of articles, we will briefly go through the provisions of RBI Act, 1934. This is the first article in the series. Preamble of the Act RBI to – Regulate the issue of bank notes. Keep reserves for monetary stability in India. Operate currency and credit system of the country to its advantage. The primary objective of the monetary policy is to maintain price stability while keeping in mind the objective of growth. Chapter I – Preliminary Section 1 – Short title, extent and commencement 1(1) – This Act may be called the Reserve Bank of India Act, 1934. 1(2) – The Act extends to whole of India. Chapter II - Incorporation, Capital, Management and Business Section 3 – Establishment and incorporation of Reserve Bank 3(1) – RBI to take over management of the currency from the Central Government. 3(2) – RBI to have perpetual succession, common seal, and shall by...
Post a Comment
Read more

Reserve Bank of India Act, 1934 – Part-III – Section 20 to 40

The Reserve Bank of India Act, 1934 provides the statutory basis of the functioning of the Reserve Bank of India (RBI). In a series of articles, we will briefly go through the provisions of RBI Act, 1934. This is the third article in the series.  Chapter III - Central Banking Functions Section 20 – Obligation of the Bank to transact Government business RBI shall undertake – To accept monies for account of the Central Government and to make payments up to the amount standing to the credit of its account, and to carry out its exchange, remittance and other banking operations. Management of the public debt of the Union. Section 21 – Bank to have the right to transact Government business in India The Central Government shall entrust RBI with – All its money, remittance, exchange and banking transactions in India, and shall deposit free of interest all its cash balances with RBI. The Central Government may carry on money transactions at places where RBI has no branches or agencies and m...
Post a Comment
Read more

Reserve Bank of India Act, 1934 – Part-IV – Section 42 to 45

The Reserve Bank of India Act, 1934 provides the statutory basis of the functioning of the Reserve Bank of India (RBI). In a series of articles, we will briefly go through the provisions of RBI Act, 1934. This is the fourth article in the series.  Section 42 – Cash reserves of scheduled banks to be kept with the Bank 42(1) – Every bank included in the Second Schedule shall maintain with RBI an average daily balance at a percent (notified by RBI) of its total demand and time liabilities in India. 42(1A) – RBI may direct every scheduled bank to maintain with RBI, in addition to the balance prescribed under Section 42(1), an additional average daily balance at a rate (specified by RBI). 42(1C) – RBI may specify any transaction or class of transactions to be regarded as liability in India of a scheduled bank. If any question arises as to whether any transaction or class of transactions shall be regarded as liability in India of a schedule bank, the decision of RBI thereon shall be fina...
Post a Comment
Read more

Reserve Bank of India Act, 1934 – Part-V – Section 45B to 45JA

The Reserve Bank of India Act, 1934 provides the statutory basis of the functioning of the Reserve Bank of India (RBI). In a series of articles, we will briefly go through the provisions of RBI Act, 1934. This is the fifth article in the series.  Chapter IIIA - Collection and Furnishing of Credit Information Section 45B – Power of Bank to collect credit information RBI may collect credit information from banking companies and furnish it to any banking company in accordance with section 45D. Section 45C – Power to call for returns containing credit information RBI may direct any banking company to submit statements relating to credit information. Section 45D – Procedure for furnishing credit information to banking companies A banking company may apply to RBI to provide credit information. RBI shall furnish the requested credit information without disclosing the names of the banking companies which have submitted the information. RBI may levy fees of up to Rs.25 for furnishing credit...
Post a Comment
Read more