Five Star Business Finance Limited
Penalty: ₹6.20 Lakh📋 Key Details
- Date of Order: June 18, 2026
- Violations: KYC Directions & Fair Practice Code.
- Specifics: Lack of software for suspicious transaction reporting; failure to disclose risk gradation and rationale for interest rates to borrowers.
🔍 Root Cause Analysis (RCA)
Over-reliance on manual AML/KYC monitoring processes rather than investing in automated, scalable technology. Deficiencies in the Loan Origination System (LOS) workflows that failed to enforce the explicit printing of interest rate rationales on borrower-facing documents.
🛡️ Preventive Controls
- Procure and deploy a robust, AI/rule-based Transaction Monitoring System (TMS) for automated AML alerts.
- Update the LOS to programmatically map customer risk profiles to interest rates and print this rationale on all sanction letters automatically.
💡 Lessons Learnt
Transparency in loan pricing is an absolute regulatory mandate. Furthermore, as NBFCs scale, manual transaction monitoring becomes a systemic risk; technology-driven compliance is non-negotiable.
RBI Press Release
Mahila Co-operative Bank Ltd., Bangalore
Penalty: ₹5.00 Lakh📋 Key Details
- Date of Order: June 11, 2026
- Violations: Section 47A(1)(c), 46(4)(i), and 56 of the BR Act, 1949.
- Specifics: Sanctioning loans and advances to directors and their relatives.
🔍 Root Cause Analysis (RCA)
Weak Board-level governance and an ineffective conflict-of-interest policy. Credit appraisal teams likely lacked systemic flags to identify related parties or faced pressure to bypass standard underwriting protocols for connected entities.
🛡️ Preventive Controls
- Implement strict Maker-Checker hard stops in the Core Banking System (CBS) restricting loan generation for KYC profiles linked to Board Members.
- Mandatory annual declaration of relatives by all directors, digitized and cross-referenced during loan origination.
💡 Lessons Learnt
Related-party lending is heavily scrutinized by the RBI to prevent nepotism and protect depositor funds. UCBs must maintain an absolute firewall between board members’ interests and the bank’s lending operations.
RBI Press Release
Pahal Financial Services Private Limited
Penalty: ₹3.10 Lakh📋 Key Details
- Date of Order: June 18, 2026
- Violations: KYC Directions under Section 58G(1)(b) of RBI Act, 1934.
- Specifics: Failure to put in place robust software for the effective identification and reporting of suspicious transactions.
🔍 Root Cause Analysis (RCA)
Management’s failure to upgrade compliance infrastructure alongside business growth. The absence of a dedicated IT budget for anti-money laundering (AML) operations resulted in a systemic gap in Suspicious Transaction Report (STR) generation.
🛡️ Preventive Controls
- Immediate integration of a certified AML/KYC software suite integrated with the CBS.
- Establish a dedicated compliance committee to review software alert rules on a quarterly basis.
💡 Lessons Learnt
Regulators expect technological capabilities for compliance to match the scale of lending operations. Manual interventions for identifying suspicious transactions are no longer acceptable.
RBI Press Release
Can Fin Homes Limited
Penalty: ₹2.70 Lakh📋 Key Details
- Date of Order: June 18, 2026
- Violations: Fair Practices Code (Section 52A of the National Housing Bank Act, 1987).
- Specifics: Failure to clearly indicate the bifurcation between interest and principal in loan instalments collected from borrowers.
🔍 Root Cause Analysis (RCA)
System configuration deficiency in the receipt generation module. The customer communication layer was likely generating aggregated EMI receipts without pulling the detailed amortization breakdown from the back-end ledger.
🛡️ Preventive Controls
- Re-engineer receipt and statement generation templates to explicitly fetch and display Principal and Interest components separately.
- Conduct periodic User Acceptance Testing (UAT) on all customer-facing communications to ensure Fair Practice Code adherence.
💡 Lessons Learnt
Customer transparency extends beyond the point of sale. Borrowers have a fundamental right to know exactly how their repayments are being appropriated over the lifecycle of the loan.
RBI Press Release
The Nasik Road Deolali Vyapari Sahakari Bank Ltd.
Penalty: ₹2.10 Lakh📋 Key Details
- Date of Order: June 12, 2026
- Violations: Section 47A(1)(c), 46(4)(i), and 56 of the BR Act, 1949.
- Specifics: Sanctioning loans to the relatives of its directors.
🔍 Root Cause Analysis (RCA)
Circumvention of credit policies and lack of independence in the loan sanctioning committee. Failure of the compliance officer to veto transactions that directly breached RBI’s strict directives on director-related exposures.
🛡️ Preventive Controls
- Establish an independent credit risk management committee with no overlapping members from the Board of Directors.
- Implement a systemic “Relationship Tagging” feature during KYC onboarding to auto-reject applications linked to bank officials.
💡 Lessons Learnt
Co-operative banks must institutionalize professional credit underwriting. Favoritism or lack of due diligence in related-party transactions will inevitably be flagged during RBI statutory inspections.
RBI Press Release
The Chitradurga District Co-operative Central Bank Ltd.
Penalty: ₹1.50 Lakh📋 Key Details
- Date of Order: June 15, 2026
- Violations: Section 20 read with Section 56 of the BR Act, 1949 & KYC Directions.
- Specifics: Sanctioned director-related loans AND failed to upload KYC records onto the Central KYC Records Registry (CKYCR) within timelines.
🔍 Root Cause Analysis (RCA)
A dual failure in both governance (allowing connected lending) and operational efficiency (backlog in CKYCR data processing due to manual data entry or lack of API integration with the registry).
🛡️ Preventive Controls
- Automate CKYCR data uploads via API integration directly from the CBS upon account opening.
- Enforce a strict Board-approved policy explicitly prohibiting any credit facility to directors/relatives, monitored by external auditors.
💡 Lessons Learnt
Operational compliance (like timely CKYCR uploads) is treated with the same severity as prudential compliance (connected lending). Both require automated workflows to prevent human error or omission.
RBI Press Release
Sarvodaya Commercial Co-operative Bank Ltd.
Penalty: ₹20,000📋 Key Details
- Date of Order: May 29, 2026
- Violations: Instructions on ‘Inoperative Accounts / Unclaimed Deposits’.
- Specifics: Levying penal charges for non-maintenance of minimum balances in certain inoperative accounts.
🔍 Root Cause Analysis (RCA)
Flawed logic in the Core Banking System’s End-of-Day (EOD) fee generation batch. The system failed to exclude accounts tagged as “Inoperative” or “Dormant” from the automated minimum balance penalty routines.
🛡️ Preventive Controls
- Patch the CBS to ensure a system-level block on debiting charges from any account bearing an “Inoperative” status flag.
- Conduct a retrospective audit to identify and refund any erroneously deducted penal charges to affected customers.
💡 Lessons Learnt
Consumer protection guidelines heavily safeguard inactive accounts from depletion by bank fees. Automated systems must be regularly audited against evolving RBI consumer protection mandates.
RBI Press Release
Wardha District Ashirwad Mahila Nagari Sahakari Bank Maryadit
Penalty: ₹20,000📋 Key Details
- Date of Order: June 15, 2026
- Violations: Exposure Norms & Statutory/ Other Restrictions – UCBs.
- Specifics: Failure to adhere to the prescribed regulatory ceiling on certain advances.
🔍 Root Cause Analysis (RCA)
Inadequate tracking of Single/Group Borrower Limits (SBL/GBL) in relation to the bank’s capital base. Disconnect between the credit underwriting team and the capital adequacy monitoring team.
🛡️ Preventive Controls
- Implement dynamic limits in the loan management system that automatically calculate exposure ceilings based on real-time Tier 1 capital.
- Require a mandatory compliance sign-off for any high-ticket loan exceeding 5% of the capital funds.
💡 Lessons Learnt
Prudential exposure limits are designed to prevent concentration risk. Banks must proactively manage their loan portfolios to ensure no single entity can threaten the bank’s stability upon default.
RBI Press Release
Navapur Mercantile Co-operative Bank Ltd.
Penalty: ₹10,000📋 Key Details
- Date of Order: June 16, 2026
- Violations: Section 35(2) read with Section 56 of the BR Act, 1949.
- Specifics: Did not furnish requisite information sought by the inspecting officer of the RBI during a statutory inspection.
🔍 Root Cause Analysis (RCA)
Poor MIS (Management Information Systems), inadequate record-keeping, or deliberate obstruction. The bank lacked a centralized data repository or a competent nodal officer capable of catering to regulatory data requests promptly.
🛡️ Preventive Controls
- Appoint a dedicated Principal Nodal Officer responsible for regulatory liaison and inspection management.
- Digitize all historical records and create automated MIS dashboards to instantly generate reports required during RBI audits.
💡 Lessons Learnt
Transparency and cooperation with the regulator are fundamental. Withholding information or exhibiting poor data readiness during an inspection is viewed as a severe statutory breach and attracts immediate punitive action.