1. Nagar Sahakari Bank Limited, Etawah, U.P.
📋 Key Details & Violations
- Sanctioned loans to directors, their relatives, or firms in which they are interested.
- Failed to accurately classify specific credit facilities as Non-Performing Assets (NPAs).
- Breached the prescribed regulatory limits for single borrower exposure.
- Failed to upload customer KYC records to the Central KYC Records Registry (CKYCR).
🔍 Root Cause Analysis (RCA)
The violations stem fundamentally from an over-reliance on manual processes and a lack of system-driven hard stops in the Core Banking System (CBS). The approval of director-related loans indicates a bypass or absence of Conflict of Interest checks during the loan origination phase. Misclassification of NPAs and single-borrower breaches highlight a failure in automated parameterization of Income Recognition and Asset Classification (IRAC) norms and exposure limits. Lastly, the CKYCR failure points to a broken or non-existent API integration between the bank’s onboarding system and the central registry.
🛡️ Preventive Controls
- System-Driven Hard Stops: Implement CBS blocks preventing the sanctioning of advances if the applicant’s PAN/Aadhaar matches a master list of directors and their declared relatives.
- Automated IRAC Module: Transition completely to System-Driven NPA classification where the CBS automatically downgrades accounts based on day-end (EOD) days-past-due (DPD) parameters without manual override capability.
- Exposure Parameterization: Code the bank’s capital funds into the CBS to automatically calculate and restrict maximum single-borrower limits during the loan appraisal stage.
- Automated CKYC Pipeline: Deploy a middleware solution to automatically batch and upload KYC data to CKYCR within 3 days of account opening, complete with an exception dashboard for failed uploads.
💡 Lessons Learnt
Manual compliance tracking is obsolete and high-risk. The Board of Directors must ensure that conflict-of-interest policies are translated into un-bypassable software rules. Regulatory exposure limits are absolute ceilings, not guidelines, and asset quality reporting requires uncompromising technological fidelity to present a true financial picture.
RBI Press Release
2. The Davanagere District Central Co-operative Bank Ltd, Karnataka
📋 Key Details & Violations
- Held shares in other co-operative societies, contravening Section 19 of the BR Act, 1949.
- Allotted multiple customer identification codes to individual customers instead of a Unique Customer Identification Code (UCIC).
- Failed to upload KYC records of customers onto CKYCR within the prescribed timeline.
🔍 Root Cause Analysis (RCA)
The holding of restricted shares indicates a gap in the Investment Policy and a lack of compliance oversight by the investment committee regarding the BR Act’s statutory prohibitions. The UCIC failure reveals a significant flaw in the Customer Information File (CIF) creation process—specifically, the absence of an algorithmic deduplication check (using demographic data or ID numbers) before generating a new customer ID. Similar to the first case, the CKYCR delay shows a breakdown in operational timelines and standard operating procedures (SOPs) for post-onboarding regulatory reporting.
🛡️ Preventive Controls
- Investment Vetting Protocol: Update the Treasury/Investment manual to strictly align with Section 19 of the BR Act. Institute a mandatory compliance sign-off for any equity or share investments outside of permissible sovereign/approved securities.
- UCIC Deduplication Engine: Implement a mandatory de-duplication step in the onboarding software. The system must flag potential duplicates based on fuzzy logic (Name + DOB) and exact matches (PAN, Aadhaar, Mobile Number) forcing the operator to merge accounts if a CIF already exists.
- Maker-Checker SLA Tracking: Introduce a dashboard for branch managers that highlights accounts opened but pending CKYCR upload after 48 hours, triggering automated escalations.
💡 Lessons Learnt
A fragmented view of the customer (multiple IDs) severely cripples Anti-Money Laundering (AML) monitoring and risks regulatory censure. Furthermore, Co-operative banks must rigorously scrutinize their investment portfolios against the Banking Regulation Act to ensure statutory compliance. Post-onboarding tasks like CKYC are not just back-office chores; they are time-bound regulatory mandates.