top of page
Search

Compliance Framework for NBFCs



NBFC Compliance Framework By Hiral Shah

Introduction

Non-Banking Financial Companies (NBFCs) play a vital role in India's financial sector, providing credit and financial services to various segments of the economy. To ensure financial stability and consumer protection, NBFCs must comply with stringent regulatory requirements set by the Reserve Bank of India (RBI) and other governing bodies. This article outlines the major compliance requirements for NBFCs, including Scale-Based Regulation (SBR), RBI regulatory returns, credit bureau reporting, and other essential filings.


Major Compliance Requirements as per SBR

The Scale-Based Regulation (SBR) framework, introduced by the RBI, categorizes NBFCs into four layers based on their size, activity, and risk perception:


  1. Base Layer (NBFC-BL): Small NBFCs with asset size below ₹1,000 crore.

  2. Middle Layer (NBFC-ML): Deposit-taking NBFCs and non-deposit-taking NBFCs with asset size ₹1,000 crore and above.

  3. Upper Layer (NBFC-UL): Systemically important NBFCs identified by the RBI.

  4. Top Layer (NBFC-TL): NBFCs posing potential systemic risks.


Each layer has specific compliance requirements, including capital adequacy norms, risk management guidelines, and governance standards.


RBI Regulatory Returns

NBFCs must submit periodic returns to the RBI to ensure transparency and regulatory oversight. Some key returns include:


  • DNBS01: Quarterly financial parameters for deposit-taking NBFCs and systemically important NBFCs.

  • DNBS02: Quarterly financial parameters for non-deposit-taking NBFCs.

  • DNBS03: Quarterly prudential parameters, including capital adequacy and asset classification.

  • DNBS04A & DNBS04B: Liquidity and interest rate sensitivity reports.

  • DNBS10: Statutory Auditor’s Certificate (SAC) return.


These returns help the RBI monitor the financial health and risk exposure of NBFCs.


DNBS02: Quarterly Return for NBFCs

The DNBS02 return is a crucial compliance requirement for almost every NBFC. It captures financial details such as:


  • Assets and liabilities

  • Profit and loss account

  • Compliance with prudential norms


NBFCs must submit this return quarterly to ensure regulatory transparency.


Data Submission to Credit Bureaus

NBFCs are required to report borrower data to all four credit bureaus in India: Currently the data submission frequency is every 15 days and the same is expected soon to be weekly submission.


  1. CIBIL

  2. Equifax

  3. Experian

  4. CRIF High Mark


This ensures accurate credit profiling and helps lenders assess borrower creditworthiness.


NeSL Compliance

NBFCs must report financial debt to the National E-Governance Services Limited (NeSL), India's first Information Utility (IU) under the Insolvency and Bankruptcy Code (IBC), 2016. Reporting to NeSL helps in:

  • Maintaining transparency in financial transactions

  • Facilitating insolvency resolution processes


FIU Compliance

NBFCs must register with the Financial Intelligence Unit – India (FIU-IND) and report financial transactions to combat money laundering and financial fraud. Key reporting requirements include:


  • Cash Transaction Reports (CTR)

  • Suspicious Transaction Reports (STR)

  • Know Your Customer (KYC) compliance


CKYC Compliance

NBFCs must comply with Central KYC (CKYC) regulations, ensuring uniform KYC processes across financial institutions. CKYC helps in:


  • Reducing duplication in KYC verification

  • Enhancing customer identification and risk assessment


CERSAI Compliance

NBFCs must register security interests with the Central Registry of Securitisation Asset Reconstruction and Security Interest of India (CERSAI) to prevent fraudulent multiple loans against the same asset. This ensures:


  • Transparency in secured lending

  • Protection of lender rights over collateral


DPDP 2023 Compliance

The Digital Personal Data Protection Act (DPDP), 2023 mandates NBFCs to:


  • Obtain explicit consent for data processing

  • Ensure data security and privacy

  • Comply with cross-border data transfer regulations


NBFCs must align their data governance policies with DPDP 2023 to protect customer information.


Other Key Compliance Requirements

Apart from the above, NBFCs must also comply with:

  • Fair Practices Code (FPC): Ensuring ethical lending practices.

  • Risk-Based Internal Audit (RBIA): Strengthening internal controls.

  • Anti-Money Laundering (AML) and Combating Financing of Terrorism (CFT): Preventing financial crimes. This is part of FIU


RBI Master Circular NESL DBR.No.Leg.BC.98/09.08.019/2017-18

Credit Information Reporting DoR.FIN.REC.No.55/20.16.056/2024-25

Supervisory Returns DoS.DSG.No.10/33.01.001/2023-24

Comentários

© Hiral Shah 2024 | Technology Managed by Maeve Global

  • Hiral's Instagram
  • Hiral's LinkedIn
  • Hiral's Facebook
bottom of page