1. The Fatehpur District Co-operative Bank Limited, Uttar Pradesh
| Penalty Amount | ₹2.00 Lakh |
| Order Date | November 20, 2025 |
| Regulatory Basis | Non-compliance with RBI directions on ‘Know Your Customer (KYC)’. |
🚩 Key Deficiencies
- Failure to put in place a system for periodic review of risk categorization of accounts (required at least once every six months).
- Failure to carry out periodic updation of KYC of its customers.
🔍 Root Cause Analysis (RCA)
Process Failure: The absence of a “system” suggests a lack of automated triggers in the Core Banking Solution (CBS) to flag accounts due for risk review. The failure to update KYC indicates a gap in the operational backend to track high/medium/low-risk customer cycles.
🛡️ Preventive Controls
- Automated Alerts: Configure CBS to generate reports for accounts pending risk categorization review 15 days prior to the 6-month deadline.
- Re-KYC Campaigns: Implement a centralized tracking mechanism to freeze partial operations for accounts where periodic KYC updation is overdue, following due notice.
💡 Lesson Learnt
Risk Categorization is dynamic. Banks must treat it as a continuous cycle, not a one-time onboarding task. Static risk codes lead to compliance breaches.
2. The District Co-operative Central Bank Limited, Kurnool, AP
| Penalty Amount | ₹1.50 Lakh |
| Order Date | November 20, 2025 |
| Regulatory Basis | Contravention of Section 20 of BR Act (Loans to Directors) and KYC deficiencies. |
🚩 Key Deficiencies
- Sanctioned loans to its directors (Violation of Sec 20 read with Sec 56).
- Failed to upload KYC records of customers onto Central KYC Records Registry (CKYCR) within the prescribed timeline.
🔍 Root Cause Analysis (RCA)
Governance & Technical Gap: The loan sanction indicates a failure in the credit appraisal policy to flag “Related Party” transactions. The CKYCR failure suggests a lack of API integration or batch processing errors in pushing data to the central registry.
🛡️ Preventive Controls
- Director Flagging: Hard-code PANs of all Directors and their relatives in the Loan Origination System (LOS) to trigger an automatic “Stop” on loan applications.
- CKYCR Dashboard: Implement a daily reconciliation report between new accounts opened vs. CKYCR uploads to identify “upload failures” immediately.
💡 Lesson Learnt
Statutory prohibitions (like Sec 20 BR Act) are zero-tolerance areas. Digital registries (CKYCR) are not optional administrative tasks but critical compliance mandates.
3. Tumkur Grain Merchants Co-operative Bank Limited, Karnataka
| Penalty Amount | ₹1.00 Lakh |
| Order Date | November 20, 2025 |
| Regulatory Basis | Non-compliance with ‘Supervisory Action Framework (SAF)’. |
🚩 Key Deficiencies
- Sanctioned fresh loans and advances carrying risk-weight of more than 100%.
- Offered interest rates on fixed deposits higher than those offered by SBI (SAF restriction).
- Sanctioned/renewed credit facilities to sectors having high levels of NPA/defaults.
🔍 Root Cause Analysis (RCA)
Strategic Defiance: The bank appears to have prioritized aggressive business growth (high-risk loans, high deposit rates) over the containment measures imposed by the SAF. This indicates a failure of the Asset Liability Committee (ALCO) to adhere to regulatory caps.
🛡️ Preventive Controls
- System Hard Stops: Configure the CBS to reject FD rate inputs that exceed the SBI rate + authorized spread when under SAF.
- Risk Weight Cap: Implement logic in the credit appraisal module to block approval of any loan product with a risk weight >100% or belonging to negative-list (High NPA) sectors.
💡 Lesson Learnt
SAF is a corrective regime. Operational restrictions under SAF (like deposit rate caps and lending stops) must be integrated into the IT system to prevent manual overrides by branch staff.
4. The District Co-operative Central Bank Limited, Kakinada, AP
| Penalty Amount | ₹1.00 Lakh |
| Order Date | November 20, 2025 |
| Regulatory Basis | Contravention of Section 20 read with Section 56 of the Banking Regulation Act, 1949. |
🚩 Key Deficiencies
- The bank had sanctioned a loan to one of its directors.
🔍 Root Cause Analysis (RCA)
Conflict of Interest Check Failure: The credit sanctioning committee failed to identify the applicant as a Director. This usually happens when the “list of directors/interested parties” is not cross-referenced during the loan origination stage.
🛡️ Preventive Controls
- Mandatory Declarations: Include a mandatory “Relationship with Directors” declaration field in all loan application forms.
- Director Database: Maintain a real-time database of Directors (including their PAN/Aadhaar) in the CBS and block any credit facility initiation against these IDs.
💡 Lesson Learnt
Section 20 of the BR Act is absolute. Even a single instance of lending to a director attracts penalties. Robust “Know Your Employee/Director” protocols are as vital as KYC.