RBI Penalty Report – 22nd May 2026

Penalty: ₹10.10 Lakh Date: May 20, 2026 Category: Priority Sector Loans & Data Reporting

Violation: 1) Levied loan-related charges on agriculture priority sector loans up to ₹25,000. 2) Failed to report Self Help Group (SHG) member-level data to Credit Information Companies (CICs).

• Charge Levies: Core Banking System (CBS) misconfiguration where parameterization failed to exempt agriculture loans ≤ ₹25,000 from automated processing/inspection charges.
• SHG Data: Flaws in data extraction logic where the system only aggregated loan data at the group level, neglecting granular member-level mapping required by CICs.

• System Hardcoding: Implement hard-coded business rules in the CBS to auto-waive all processing, inspection, and related fees for agriculture loans ≤ ₹25,000.
• Granular Data Architecture: Upgrade data extraction tools to capture, map, and mandate individual SHG member KYC and loan share before authorizing SHG disbursements.
• Pre-Disbursement Audits: Introduce automated pre-disbursement checks to flag any unauthorized fees applied to protected loan categories.

System-driven controls are far superior to manual interventions when managing regulatory fee waivers. Furthermore, as financial inclusion deepens, regulators require granular, member-level transparency for group loans (like SHGs) to prevent over-leveraging and build accurate credit histories.

Penalty: ₹3.10 Lakh Date: May 15, 2026 Category: Know Your Customer (KYC)

Violation: The company failed to upload the KYC records of certain customers onto the Central KYC Records Registry (CKYCR) within the prescribed timeline.

• Operational backlog due to manual KYC verification and upload processes.
• Potential API integration failures between the internal Loan Origination System (LOS) and the CKYCR portal.
• Lack of an aging report to track un-uploaded KYC records post-customer onboarding.

• Automated EOD Uploads: Integrate APIs to automatically push KYC data to CKYCR as part of the End-of-Day (EOD) processing for all newly onboarded customers.
• Exception Tracking: Develop a daily aging dashboard that highlights accounts where CKYCR upload is pending beyond 3 days.
• Account Holds: Implement system-level restrictions that pause subsequent loan disbursements if the CKYCR upload is incomplete.

Customer onboarding is not considered legally complete until registry obligations like CKYCR are fulfilled. Operational delays in data entry directly translate to regulatory non-compliance, emphasizing the need for robust automation in standard compliance workflows.

Penalty: ₹2.70 Lakh Date: May 15, 2026 Category: Corporate Governance

Violation: The company appointed directors without prior written RBI permission, resulting in a management change exceeding 30% of its directors (excluding independent directors).

• Lack of a centralized tracking mechanism for cumulative board changes over the financial year.
• Inadequate understanding of the “30% threshold rule” by the Board’s Nomination and Remuneration Committee (NRC).
• Poor communication flow between HR, Board Secretariat, and the RBI regulatory liaison.

• Board Succession Matrix: Implement a live dashboard tracking board composition, automatically triggering alerts when proposed changes approach a 20% threshold.
• Standard Operating Procedure (SOP): Draft a strict SOP requiring compliance sign-off before any board appointment agenda is circulated or approved.
• Approval Contingency: Issue offer letters to prospective directors with a strict caveat that appointments are explicitly subject to prior RBI approval.

The regulator closely monitors changes in management to ensure the “fit and proper” criteria of NBFC/Banking leadership. Cumulative tracking of director appointments/resignations is crucial, as isolated changes may unexpectedly breach macro regulatory thresholds (like the 30% rule).

Penalty: ₹1.80 Lakh Date: May 18, 2026 Category: Acquisition of Shareholding/Control

Violation: The company sought post-facto approval and failed to obtain prior written permission from the RBI for a change in shareholding/control exceeding 26% of its paid-up equity capital.

• Disconnect between the fundraising/investment team and the legal/compliance department.
• Failure to flag regulatory prerequisites (RBI guidelines) before executing shareholder agreements and capital allotment.
• Treating regulatory approval as a procedural afterthought rather than a pre-condition for closing the deal.

• Equity Compliance Checklist: Mandate a rigorous legal review for any equity transaction exceeding a 10% threshold to serve as an early warning mechanism.
• Condition Precedent (CP) Clauses: Ensure all term sheets and Share Subscription Agreements explicitly list “RBI Prior Approval” as a non-negotiable CP.
• Secretarial Gatekeeping: Restrict the Company Secretary from executing share transfers or fresh allotments without documented RBI clearance.

Post-facto approvals are fundamentally unacceptable for significant changes in shareholding or management control. Financial transactions and capital infusion strategies must be deeply intertwined with regulatory timelines to avoid compliance breaches.

Penalty: ₹20,000 Date: May 14, 2026 Category: Credit Information Reporting

Violation: The bank failed to submit the credit information of its borrowers to all four Credit Information Companies (CICs), violating Section 25 read with Section 23 of the Credit Information Companies (Regulation) Act, 2005.

• Breakdown or absence of an automated integration mechanism with all four CICs.
• Lack of a dedicated operational control to monitor and reconcile the periodic data submission schedule.
• Potential resource or technical limitations typical of district co-operative frameworks in updating legacy data formats.

• Automated Data Pipelines: Implement automated, API-driven or scheduled batch reporting mechanisms aligned with the formats of all four CICs.
• Reconciliation Matrix: Establish a monthly cross-verification process confirming successful data ingestion by each CIC.
• Compliance Dashboard: Deploy a tracking system that alerts the compliance team prior to reporting deadlines.

Regulatory reporting to all designated credit bureaus is mandatory, not optional. Partial compliance (submitting to one or two CICs instead of all four) leads to systemic data asymmetry and invites regulatory penalties, regardless of the size of the cooperative bank.