1. Canara Bank
Penalty: ₹41.80 LakhKey Details
- Order Date: June 5, 2026
- Inspection Reference: March 31, 2025
- Violations:
- Failure to upload KYC records of certain customers onto the Central KYC Records Registry (CKYCR) within the prescribed timeline.
- Classifying certain accounts as ‘inoperative’ despite the last customer-induced transaction being less than one year old.
Root Cause Analysis (RCA)
- System Configuration Error: The Core Banking System (CBS) logic for flagging inoperative accounts was likely misconfigured, failing to accurately track the mandatory 2-year non-operation rule or misinterpreting recent customer-induced transactions.
- Integration & Workflow Gaps: Delayed CKYCR uploads suggest inadequate automated API integration between the bank’s internal KYC database and the central registry, leading to manual delays or batch-processing failures.
Preventive Controls
- Automated CBS Triggers: Implement rigorous, automated logic in the CBS that correctly differentiates between bank-induced (e.g., charges/interest) and customer-induced transactions before changing account status to inoperative.
- CKYC Automation: Deploy straight-through processing (STP) to ensure KYC documents are automatically synced to CKYCR immediately upon account opening or KYC updation.
- Exception Reports: Generate daily automated exception reports highlighting accounts pending CKYC upload nearing the regulatory deadline.
Lessons Learnt
Technology parameterization is just as critical as policy drafting. Core systems must be routinely audited by concurrent IT auditors to ensure their operational logic perfectly mirrors RBI’s prudential norms. Discrepancies in automated processes lead to widespread, systemic compliance failures.
RBI Press Release
2. Nagar Sahkari Bank Ltd., Maharajganj
Penalty: ₹14.25 LakhKey Details
- Order Date: May 26, 2026
- Inspection Reference: March 31, 2025
- Violations:
- Failure to classify credit facilities as NPAs, incorrect NPA classification, and lack of ongoing NPA identification.
- Breach of prescribed regulatory ceilings on unsecured advances (individual and aggregate).
- Failure to upload credit information to Credit Information Companies (CICs).
- Deficiencies in credit sanctions and lack of suitable precautions.
Root Cause Analysis (RCA)
- Manual Intervention: Heavy reliance on manual tracking for IRAC (Income Recognition and Asset Classification) rather than a system-driven Day-End identification process.
- Lack of System Hard-Stops: Absence of limits in the loan origination system to block loan sanctions that breach unsecured advance ceilings.
- Process Negligence: Inadequate operational discipline resulting in the failure to submit mandatory monthly reports to CICs.
Preventive Controls
- System-Driven IRAC: Migrate to a fully automated NPA classification module within the CBS to flag accounts daily based on strict 90-day overdue logic.
- Sanction Limit Guardrails: Introduce hard-coded exposure limits in the CBS that prevent the disbursement of unsecured advances once aggregate or individual limits are reached.
- Automated CIC Reporting: Set up automated data extraction and transmission to all four CICs on a fixed monthly schedule, supervised by a designated Compliance Officer.
- Enhanced Credit Appraisal: Implement a mandatory multi-level maker-checker system for credit sanctions to ensure all precautions and documentation are complete prior to disbursement.
Lessons Learnt
Cooperative banks must transition from manual bookkeeping mentalities to modern, core-banking reliant compliance frameworks. Financial stability requires that exposure limits and asset classifications be managed by objective software rules, not subjective manual reviews, to prevent institutional risk.
RBI Press Release
3. Puran Associates Private Limited
Penalty: ₹3.10 LakhKey Details
- Order Date: May 27, 2026
- Inspection Reference: March 31, 2025
- Violations:
- Failure to reclassify certain accounts as ‘non-performing assets’ (NPAs) upon restructuring, in violation of RBI directions on Asset Classification.
Root Cause Analysis (RCA)
- Knowledge Deficit: Lack of understanding among the credit/operations team regarding the strict regulatory mandate that restructured accounts must generally be downgraded to NPA status immediately upon restructuring.
- System Limitation: The loan management software lacked a specific feature to automatically trigger an asset downgrade when the “Restructure” flag was applied to a standard asset.
Preventive Controls
- Restructuring SOP Overhaul: Update internal Standard Operating Procedures (SOPs) to clearly mandate that standard accounts subjected to restructuring must be immediately downgraded to Sub-Standard.
- System Upgrade: Modify the Loan Management System (LMS) so that any modification to loan terms categorized as “restructuring” automatically enforces an NPA classification downgrade until the specified satisfactory performance period is met.
- Staff Training: Conduct regular, mandatory training sessions for the credit risk and compliance teams specifically focused on RBI’s dynamic IRAC and restructuring guidelines.
Lessons Learnt
Restructuring is not merely an operational modification of loan terms; it is a significant credit event. NBFCs must treat restructuring as an immediate trigger for asset quality downgrading. Regulatory guidelines on asset classification supersede internal desires to maintain healthy-looking standard asset portfolios.