The Reserve Bank of India (RBI) has imposed a monetary penalty on Bank of Maharashtra following the Statutory Inspection for Supervisory Evaluation (ISE 2025). This statutory inspection was conducted with reference to the bank’s financial position as on March 31, 2025. The detailed breakdown of the compliance failures and subsequent insights are outlined below.
Key Details
| Bank Name | Bank of Maharashtra |
| Penalty Amount | ₹32.50 lakh (Rupees Thirty Two Lakh Fifty Thousand only) |
| Date of Order | February 06, 2026 |
| Statutory Provisions | Section 25(1)(iii) read with section 23(4) of the Credit Information Companies (Regulation) Act, 2005 and section 47A(1)(c) read with sections 46(4)(i) and 51(1) of the Banking Regulation Act, 1949 |
| Violated Directions | ‘Credit information reporting in respect of Self Help Group members’ and ‘Know Your Customer’ |
Root Cause Analysis (RCA)
Based on the RBI’s supervisory findings, notice, and the bank’s personal hearing submissions, the monetary penalty was warranted by two specific sustained charges:
- Failure in Credit Reporting: The bank did not report Self Help Group member level data to Credit Information Companies.
- Deficient KYC Compliance: The bank did not identify Beneficial Owners in certain accounts.
Preventive Controls
To mitigate the risk of recurrence and strengthen systemic compliance, the following operational controls are recommended:
- Automated CIC Integration: Implement robust data-extraction protocols within the core banking system to automatically compile and transmit member-level data for Self Help Groups (SHGs) to all relevant Credit Information Companies on a mandated schedule.
- Mandatory Beneficial Ownership Fields: Update the digital onboarding and account modification workflows to make Beneficial Owner (BO) identification a mandatory, non-bypassable field for non-individual accounts before activation.
- Periodic KYC Audits: Institute a secondary layer of quarterly compliance audits specifically targeting high-risk accounts to ensure BO documentation remains updated and accurate over time.
Lessons Learnt
- Granular Data Reporting is Critical: Aggregate reporting is insufficient for Self Help Groups. Banks must ensure their systems are capable of capturing and reporting credit data at the individual member level to maintain compliance with Credit Information Companies directives.
- KYC is an Ongoing Obligation: Identifying the ultimate beneficial owner is a foundational pillar of Anti-Money Laundering (AML) safeguards. Lapses in this area attract strict regulatory scrutiny and penalties under the Banking Regulation Act.
- Separation of Compliance and Contract Validity: This regulatory action is based on deficiencies in regulatory compliance and is not intended to pronounce upon the validity of any transaction or agreement entered into by the bank with its customers.
- Risk of Further Action: The imposition of this monetary penalty is without prejudice to any other action that may be initiated by the RBI against the bank, highlighting the need for immediate remediation.