July 01, 2016
The Chairmen & Chief Executive Officers of all
Scheduled Commercial Banks (excluding RRBs)
and All India Select Financial Institutions
Master Directions on Frauds – Classification and Reporting by commercial banks and select FIs
Please refer to our letter DBS.CO.CFMC.BC.No.1/23.04.001/2015-16 dated July 01, 2015 forwarding the Master Circular on ‘Frauds – Classification and Reporting’. These Master Directions, being issued under Section 35 A of the Banking Regulation Act, 1949, consolidate and update all the instructions issued on the subject up to June 30, 2016, and have been placed on the web-site of the Reserve Bank of India (www.rbi.org.in).
Chief General Manager
In exercise of the powers conferred by section 35 A of the Banking Regulation Act, 1949 the Reserve Bank of India being satisfied that it is necessary and expedient in the public interest so to do, hereby, issues the directions hereinafter specified.
1.1.1 These directions shall be called the Reserve Bank of India (Frauds classification and reporting by commercial banks and select FIs) directions 2016.
1.1.2 These directions shall come into effect on the day they are placed on the official website of the Reserve Bank of India (RBI).
The provisions of these Directions shall apply to scheduled commercial banks (excluding RRBs) and select FIs operating in India
These directions are issued with a view to providing a framework to banks enabling them to detect and report frauds early and taking timely consequent actions like reporting to the Investigative agencies so that fraudsters are brought to book early, examining staff accountability and do effective fraud risk management. These directions also aim to enable faster dissemination of information by the Reserve Bank of India (RBI) to banks on the details of frauds, unscrupulous borrowers and related parties, based on banks’ reporting so that necessary safeguards / preventive measures by way of appropriate procedures and internal checks may be introduced and caution exercised while dealing with such parties by banks.
2.1.1 The Chairmen and Managing Directors/Chief Executive Officers (CMD/CEOs) of banks must provide focus on the “Fraud Prevention and Management Function” to enable, among others, effective investigation of fraud cases and prompt as well as accurate reporting to appropriate regulatory and law enforcement authorities including Reserve Bank of India.
2.1.2 The fraud risk management, fraud monitoring and fraud investigation function must be owned by the bank’s CEO, Audit Committee of the Board and the Special Committee of the Board.
2.1.3 Banks with the approval of their respective Boards, shall frame internal policy for fraud risk management and fraud investigation function, based on the governance standards relating to the ownership of the function and accountability resting on defined and dedicated organizational set up and operating processes.
2.1.4 Banks shall send the Fraud Monitoring Returns (FMR) and data, based on the Frauds Reporting and Monitoring System (FRMS) supplied to banks, as detailed in para 3 below. Banks should specifically nominate an official of the rank of General Manager who will be responsible for submitting all the returns referred to in this circular.
2.2.1 In order to have uniformity in reporting, frauds have been classified as under, based mainly on the provisions of the Indian Penal Code:
- Misappropriation and criminal breach of trust.
- Fraudulent encashment through forged instruments, manipulation of books of account or through fictitious accounts and conversion of property.
- Unauthorised credit facilities extended for reward or for illegal gratification.
- Cash shortages.
- Cheating and forgery.
- Fraudulent transactions involving foreign exchange
- Any other type of fraud not coming under the specific heads as above.
2.2.2 As regards cases under d) and f) above cash shortages resulting from negligence and fraudulent forex transactions involving irregularities / violation of regulations have also to be reported as fraud if the intention to cheat/defraud is suspected or proved. Notwithstanding the above, the following cases shall be treated as fraud and reported accordingly:
- cases of cash shortage more than ₹ 10,000/-, (including at ATMs) and
- cases of cash shortage more than ₹ 5,000/- if detected by management / auditor/ inspecting officer and not reported on the day of occurrence by the persons handling cash
3.1.1 Banks need not furnish FMR 1 return in fraud cases involving amount below ₹ 0.1 million to RBI in either hard or soft copy. However, banks at their end should make the data entry in respect of such cases through the FRMS package individually in FMR 1 format (less than ₹ 0.1 million) which will get automatically captured in FMR 2 return and will form part of the consolidated database relating to frauds for the respective bank. In respect of frauds above ₹ 0.1 million the following procedure may be adopted.
|Name of the return||Amount involved in the fraud||Medium in which to be reported||To whom it should be reported||Timeline for reporting||Remarks|
Report on actual or suspected frauds
A format of the return is given in Annex II
|Frauds involving ₹ 0.1 million and above||Soft copy||Central Fraud Monitoring Cell (CFMC), Bengaluru.||Within three weeks of detection||A monthly certificate, as per Annex –III, (mentioning that soft copy of all the FMRs-1 have been submitted to RBI) is to be submitted by the bank to CFMC, Bengaluru with a copy to the respective Regional Office of RBI under whose jurisdiction the Head Office of the bank falls /SSM of the bank, within seven days from the end of the month.|
|Flash report for frauds involving amounts of ₹ 50 million and above.||For frauds involving ₹ 50 million and above||Hard copy||Through a DO letter addressed to the PCGM / CGM-in-Charge, DBS, RBI, Central Office, Mumbai with a copy to CFMC, Bengaluru.||Within a week of such frauds coming to the notice of the bank’s head office.||Should include amount involved, nature of fraud, modus operandi in brief, name of the branch/ office, names of parties involved, their constitution names of proprietors / partners and directors, names of officials involved and lodging of complaint with police/CBI.|
A format of the return is given in Annex II
|Quarterly report on frauds outstanding||Soft copy only||CFMC Bengaluru||Within 15 days of the end of the quarter to which it relates||Nil report to be submitted if no fraud is outstanding.|
A format of the return is given in Annex II
|Case-wise quarterly progress reports on frauds involving ₹ 0.1 million and above||Soft copy only||CFMC Bengaluru||Within 15 days of the end of the quarter to which they relate.||Nil report to be submitted if there are no frauds above ₹ 0.1 million outstanding.|
3.1.2 In respect of frauds in borrowal accounts, additional information as prescribed under Part B of FMR 1 should also be furnished. It is observed while scrutinizing FMR 1 returns from the banks, that certain vital fields in the returns are left blank. As the complete particulars on frauds perpetrated in the banks are vital for monitoring and supervisory purposes and dissemination of information through caution advices / Central Fraud Registry (CFR), banks should ensure that the data furnished are complete/accurate and up-to-date. Incidentally, if no data is to be provided in respect of any of the items, or if details of any of the items are not available at the time of reporting of FMR 1 return, the bank may indicate as “no particulars to be reported” or “details not available at present” etc. In such a situation, the banks have to collect the data and report the details invariably through FMR 3 return on quarterly basis.
3.1.3 Fraud reports should also be submitted in cases where central investigating agencies have initiated criminal proceedings suo moto and/or where the Reserve Bank has directed that such cases be reported as frauds.
3.1.4. Banks may also report frauds perpetrated in their subsidiaries and affiliates/joint ventures in FMR 1 format in hard copy only. Such frauds should, however, not be included in the report on outstanding frauds and the quarterly progress reports referred to in paragraph 4 below. Such frauds should not be entered in the FRMS package at any stage. In case the subsidiary/ affiliate/joint venture of the bank is an entity which is regulated by Reserve Bank of India and is independently required to report the cases of fraud to RBI in terms of guidelines applicable to that subsidiary/affiliate/joint venture, the parent bank need not furnish the hard copy of the FMR 1 statement in respect of fraud cases detected at such subsidiary/affiliate/joint venture.
3.1.5 Banks (other than foreign banks) having overseas branches/offices should report all frauds perpetrated at such branches/offices also to RBI.
3.1.6 Central Fraud Monitoring Cell (CFMC), Department of Banking Supervision, Central Office located at Bengaluru will disseminate a directory of officers of all banks/Financial Institutions (FI) responsible for reporting of Frauds etc. All banks/Financial Institutions should furnish to Department of Banking Supervision, Central Fraud Monitoring Cell, Bengaluru any changes in the names of officials that will be necessary for inclusion in the directory on priority basis as and when called for.
3.2.1 Report on Frauds Outstanding – FMR 2
3.2.2 The total number and amount of fraud cases reported during the quarter as shown in Parts B and C of the return should tally with the totals of columns 4 and 5 in Part – A of the report.
3.2.3 Banks should furnish a certificate, as part of the above report, to the effect that all individual fraud cases of ₹ 0.1 million and above reported to the Reserve Bank in FMR 1 during the quarter have also been put up to the bank’s Board and have been incorporated in Part – A (columns 4 and 5) and Parts B and C of FMR 2. A ‘Nil’ report should be submitted if there are no frauds outstanding at the end of a quarter.
3.2.4 Progress Report on Frauds – FMR 3.
3.2.5. A list of cases of frauds where there are no developments during a quarter with a brief description including name of branch and date of reporting may be furnished in Part – B of FMR 3. A ‘Nil’ report should be submitted if there are no frauds above ₹ 0.1 million outstanding.
3.3.1 Banks should ensure that the reporting system is suitably streamlined so that delays in reporting of frauds, submission of delayed and incomplete fraud reports are avoided. Banks must fix staff accountability in respect of delays in reporting fraud cases to RBI.
3.3.2 Delay in reporting of frauds and the consequent delay in alerting other banks about the modus operandi and dissemination of information through caution advices / CFR against unscrupulous borrowers could result in similar frauds being perpetrated elsewhere. Banks should therefore, strictly adhere to the timeframe fixed in this circular for reporting of fraud cases to RBI failing which they would be liable for penal action prescribed under Section 47(A) of the Banking Regulation Act, 1949.
Banks should ensure that all frauds of ₹ 0.1 million and above are reported to their Boards promptly on their detection. Such reports should, among other things, take note of the failure on the part of the concerned branch officials and controlling authorities, and give details of action initiated against the officials responsible for the fraud.
4.2.1 Information relating to frauds for the quarters ending June, September and December shall be placed before the Audit Committee of the Board of Directors during the month following the quarter to which it pertains.
4.2.2 These should be accompanied by supplementary material analysing statistical information and details of each fraud so that the Audit Committee of the Board would have adequate material to contribute effectively in regard to the punitive or preventive aspects of frauds.
A separate review for the quarter ending March is not required in view of the Annual Review for the year-ending March prescribed at para 6.3 below.
4.3.1 Banks should conduct an annual review of the frauds and place a note before the Board of Directors/Local Advisory Board for information. The reviews for the year-ended March shall be put up to the Board before the end of the next quarter i.e. quarter ended June 30th. Such reviews need not be sent to RBI but may be preserved for verification by the Reserve Bank’s inspecting officers.
4.3.2 The main aspects to be taken into account while making such a review shall, inter alia, include the following:
- Whether the systems in the bank are adequate to detect frauds, once they have taken place, within the shortest possible time.
- Whether frauds are examined from staff angle and, wherever necessary, the cases are reported to the Vigilance Cell for further action in the case of public sector banks.
- Whether deterrent punishment is meted out, wherever warranted, to the persons found responsible.
- Whether frauds have taken place because of laxity in following the systems and procedures and, if so, whether effective action has been taken to ensure that the systems and procedures are scrupulously followed by the staff concerned.
- Whether frauds are reported to local Police or CBI, as the case may be, for investigation, as per the guidelines issued in this regard to public sector banks by Government of India.
4.3.3 The annual reviews should also, among other things, include the following details:
- Total number of frauds detected during the year and the amount involved as compared to the previous two years.
- Analysis of frauds according to different categories detailed in Paragraph 2.1 and also the different business areas indicated in the Quarterly Report on Frauds Outstanding (vide FMR 2).
- Modus operandi of major frauds reported during the year along with their present position.
- Detailed analysis of frauds of ₹ 0.1 million and above.
- Estimated loss to the bank during the year on account of frauds, amount recovered and provisions made.
- Number of cases (with amounts) where staff are involved and the action taken against staff.
- Region-wise/Zone-wise/State-wise break-up of frauds and amount involved.
- Time taken to detect frauds (number of cases detected within three months, six months and one year of their taking place).
- Position with regard to frauds reported to CBI/Police.
- Number of frauds where final action has been taken by the bank and cases disposed of.
- Preventive/punitive steps taken by the bank during the year to reduce/minimise the incidence of frauds.
4.3.4 Banks shall place the copy of the circular on modus-operandi of fraud issued by them for alerting their branches/controlling offices etc., on specific frauds before the Audit Committee of Board (ACB) in its periodical meetings.
4.4.1 While Audit Committee of the Board (ACB) shall monitor all the cases of frauds in general, banks are required to constitute a Special Committee of the Board for monitoring and follow up of cases of frauds (SCBF) involving amounts of ₹ 10 million and above exclusively. The Special Committee is to be constituted with five members of the Board of Directors, consisting of MD & CEO in case of public sector banks and MD in case of SBI, its Associates and private sector banks, two members from ACB and two other members from the Board excluding RBI nominee. The periodicity of the meetings of the Special Committee may be decided according to the number of cases involved. In addition, the Committee should meet and review as and when a fraud involving an amount of ₹ 10 million and above comes to light.
4.4.2 The major functions of the Special Committee would be to monitor and review all the frauds of ₹ 10 million and above so as to:
- Identify the systemic lacunae if any that facilitated perpetration of the fraud and put in place measures to plug the same.
- Identify the reasons for delay in detection, if any, reporting to top management of the bank and RBI.
- Monitor progress of CBI/Police investigation and recovery position.
- Ensure that staff accountability is examined at all levels in all the cases of frauds and staff side action, if required, is completed quickly without loss of time.
- Review the efficacy of the remedial action taken to prevent recurrence of frauds, such as strengthening of internal controls.
4.4.3 The banks shall delineate in a policy document the processes for implementation of the Committee’s directions and enable a dedicated outfit of the bank to implement the directions in this regard.
4.4.4 To align the vigilance function in Private sector and Foreign Banks to that of the Public Sector Banks the existing vigilance functions of a few private sector and foreign banks were mapped with the existing guidelines in the matter and it was observed that the practices vary widely among the banks. The detailed guidelines for private sector and foreign banks were issued on May 26, 2011 to address all issues arising out of lapses in the functioning of the private sector and foreign banks especially relating to corruption, malpractices, frauds etc. for timely and appropriate action. The detailed guidelines are aimed at bringing uniformity and rationalization in the function of internal vigilance. Private sector banks (including foreign banks operating in India) were advised to put in place a system of internal vigilance machinery as per the guidelines.
4.5.1 Banks need not report cases of attempted frauds of ₹ 10 million and above to Reserve Bank of India. However, banks should continue to place the report on individual cases of attempted fraud involving an amount of ₹ 10 million and above before the Audit Committee of its Board. The report should cover the following viz.
- The modus operandi of the attempted fraud.
- How the attempt did not materialize into fraud or how the attempt failed/ was foiled.
- The measures taken by the bank to strengthen the existing systems and controls.
- New systems and controls put in place in the area where fraud was attempted.
4.5.2 Further, a consolidated review of such cases detected during the year containing information such as area of operations where such attempts were made, effectiveness of new processes and procedures put in place during the year, trend of such cases during the last three years, need for further change in processes and procedures, if any, etc. as on March 31 every year should be put up to the ACB within three months of the end of the relative year.
5.1 Banks shall report to CFMC, RBI and the respective Regional offices of the DBS/SSM, the details of fraud cases of ₹ 0.1 million and above closed along with reasons for the closure after completing the process as given below.
5.2 Fraud cases closed during the quarter are required to be reported quarterly through FMR 3 return and cross checked with relevant column in FMR 2 return before sending to RBI.
5.3 Banks should report only such cases as closed where the actions as stated below are complete and prior approval is obtained from the respective Regional Offices of DBS/SSM/SBMD.
- The fraud cases pending with CBI/Police/Court are finally disposed of.
- The examination of staff accountability has been completed
- The amount of fraud has been recovered or written off.
- Insurance claim wherever applicable has been settled.
- The bank has reviewed the systems and procedures, identified as the causative factors and plugged the lacunae and the fact of which has been certified by the appropriate authority (Board / Audit Committee of the Board)
5.4 Banks should also pursue vigorously with CBI for final disposal of pending fraud cases especially where the banks have completed staff side action. Similarly, banks may vigorously follow up with the police authorities and/or court for final disposal of fraud cases.
5.5 Banks are allowed, for limited statistical / reporting purposes, to close those fraud cases involving amounts up to ₹ 2.5 million, where:
- The investigation is on or challan/ charge sheet has not been filed in the Court for more than three years from the date of filing of First Information Report (FIR) by the CBI/Police or
- The trial in the courts, after filing of charge sheet/challan by CBI / Police, has not started or is in progress.
5.6 The banks are required to follow the guidelines relating to seeking prior approval for closure of such cases from the RO of DBS under whose jurisdiction the Head Office of the bank is located or the SSM and follow up of such cases after closure as mentioned below.
5.7 The banks shall have to submit their proposals, case wise, for closure to the Regional Office of RBI under whose jurisdiction their Head Offices are situated / SSM of the bank. The cases may be closed after getting the approval of the respective Regional Offices/SSM of RBI. The banks should maintain the record of details of such cases in a separate ledger. Even after closure of the fraud cases for limited statistical purposes, banks should vigorously follow up with the investigating agencies (CBI / Police) to ensure that the investigation process is taken to its logical conclusion. Similarly, the banks should continue to ensure that they are regularly and appropriately represented in the court proceedings as and when required. All the relevant records pertaining to such cases must be preserved till the cases are finally disposed of by CBI / Police or Courts, as the case may be.
5.8 The banks shall, with the approval of their respective Boards, frame their own internal policy for closure of fraud cases, incorporating the above norms and other internal procedures / controls as deemed necessary.
5.9 Notwithstanding the fact that banks may close cases of fraud even when Police / CBI investigation is in progress or cases are pending in the court of law, they should complete, within the prescribed time frame, the process of examination of staff accountability or conclude staff side actions.
6.1 In dealing with cases of fraud/embezzlement, banks should not merely be actuated by the necessity of recovering expeditiously the amount involved, but should also be motivated by public interest and the need for ensuring that the guilty persons do not go unpunished. Therefore, as a general rule, the following cases should invariably be referred to the State Police or to the CBI as detailed below:
|Category of bank||Amount involved in the fraud||Agency to whom complaint should be lodged||Remarks|
|Private Sector/ Foreign Banks||₹ 10000 and above||State Police||If committed by staff|
|₹ 0.1 million and above||State Police||If committed by outsiders on their own and/or with the connivance of bank staff/officers.|
|₹ 10 million and above||In addition to State Police, SFIO, Ministry of Corporate Affairs, Government of India. Second Floor, Paryavaran Bhavan, CGO Complex, Lodhi Road, New Delhi 110 003.||Details of the fraud are to be reported to SFIO in FMR 1 Format.|
|Public Sector Banks||Below ₹ 30 million|
1.Above ₹ 10,000/- but below ₹ 0.1 million
To the local police station
|To be lodged by the bank branch concerned|
|2. ₹ 0.1 million and above involving outsiders and bank staff||To the State CID/Economic Offences Wing of the State concerned||To be lodged by the Regional Head of the bank concerned|
|₹ 30 million and above and up to ₹ 250 million||CBI||To be lodged with Anti Corruption Branch of CBI (where staff involvement is prima facie evident)|
Economic Offences Wing of CBI (where staff involvement is prima facie not evident)
|More than ₹ 250 million and up to ₹ 500 million||CBI||To be lodged with Banking Security and Fraud Cell (BSFC) of CBI (irrespective of the involvement of a public servant)|
|More than ₹ 500 million||CBI||To be lodged with the Joint Director (Policy) CBI, HQ New Delhi|
6.2 All fraud cases of value below ₹ 10,000/- involving bank officials, should be referred to the Regional Head of the bank, who would scrutinize each case and direct the bank branch concerned on whether it should be reported to the local police station for further legal action.
7.1 In view of the rise in the number of cheque related fraud cases banks were advised to review and strengthen the controls in the cheque presenting/passing and account monitoring processes and to ensure that all procedural guidelines including preventive measures are followed meticulously by the dealing staff/officials. (DBS.CO.CFMC.BC.006/23.04.001/ 2014-15 dated November 5, 2014). Banks were also given an illustrative list of some of the preventive measures they may follow in this regard viz.
- Ensuring the use of 100% CTS – 2010 compliant cheques.
- Strengthening the infrastructure at the cheque handling Service Branches and bestowing special attention on the quality of equipment and personnel posted for CTS based clearing, so that it is not merely a mechanical process.
- Ensuring that the beneficiary is KYC compliant so that the bank has recourse to him/her as long as he/she remains a customer of the bank.
- Examination under UV lamp for all cheques beyond a threshold of say, ₹ 0.2 million.
- Checking at multiple levels, of cheques above a threshold of say, ₹ 0.5 million.
- Close monitoring of credits and debits in newly opened transaction accounts based on risk categorization.
- Sending an SMS alert to payer/drawer when cheques are received in clearing.
Banks shall reduce or increase the threshold limits mentioned above with the approval of the Board depending on the volume of cheques handled by the bank or it’s risk appetite.
7.2 Banks may also consider the following preventive measures for dealing with suspicious or large value cheques (in relation to an account’s normal level of operations):
- Alerting the customer by a phone call and getting the confirmation from the payer/drawer.
- Contacting base branch in case of non-home cheques.
The above may be resorted to selectively if not found feasible to be implemented systematically.
7.3 It has been reported that in some cases even though the original cheques were in the custody of the customer, cheques with the same series had been presented and encashed by fraudsters. In this connection, banks are advised to take appropriate precautionary measures to ensure that the confidential information viz., customer name / account number / signature, cheque serial numbers and other related information are neither compromised nor misused either from the bank or from the vendors’ (printers, couriers etc.) side. Due care and secure handling is also to be exercised in the movement of cheques from the time they are tendered over the counters or dropped in the collection boxes by customers.
7.4 To ensure uniformity and to avoid duplication, reporting of frauds involving forged instruments including fake/forged instruments sent in clearing in respect of truncated instruments will continue to be done by the paying banker and not by the collecting banker. In such cases the presenting bank shall immediately hand over the underlying instrument to drawee/paying bank as and when demanded to enable it to file an FIR with the police authorities and report the fraud to RBI. It is the paying banker who has to file the police complaint and not the collecting banker.
7.5 However, in the case of collection of an instrument which is genuine but the amount is collected fraudulently by a person who is not the true owner or where the amount has been credited before realisation and subsequently the instrument is found to be fake/forged and returned by the paying bank, the collecting bank, which is defrauded or is at loss by paying the amount before realisation of the instrument, shall file both the fraud report with the RBI and complaint with the police.
7.6 In case of collection of altered/fake cheque involving two or more branches of the same bank, the branch where the altered/fake cheque has been encashed, should report the fraud to its Head Office. Similarly in the event of an altered/fake cheque having been paid / encashed involving two or more branches of a bank under Core Banking Solution (CBS), the branch which has released the payment should report the fraud to the Head Office. Thereafter, Head Office of the bank will file the fraud report with RBI and also file the Police complaint.
Based on the recommendations of an Internal Working Group constituted by the Bank , a framework for dealing with loan frauds was put in place vide circular DBS.CO.CFMC.BC.No.007/23.04.001/2014-15 dated May 7, 2015.
The objective of the framework is to direct the focus of banks on the aspects relating to prevention, early detection, prompt reporting to the RBI (for system level aggregation, monitoring & dissemination) and the investigative agencies (for instituting criminal proceedings against the fraudulent borrowers) and timely initiation of the staff accountability proceedings (for determining negligence or connivance, if any) while ensuring that the normal conduct of business of the banks and their risk taking ability is not adversely impacted and no new and onerous responsibilities are placed on the banks. In order to achieve this objective, the framework has stipulated time lines with the action incumbent on a bank. The time lines / stage wise actions in the loan life-cycle are expected to compress the total time taken by a bank to identify a fraud and aid more effective action by the law enforcement agencies. The early detection of Fraud and the necessary corrective action are important to reduce the quantum of loss which the continuance of the Fraud may entail.
8.3.1 A Red Flagged Account (RFA) is one where a suspicion of fraudulent activity is thrown up by the presence of one or more Early Warning Signals (EWS). These signals in a loan account should immediately put the bank on alert regarding a weakness or wrong doing which may ultimately turn out to be fraudulent. A bank cannot afford to ignore such EWS but must instead use them as a trigger to launch a detailed investigation into a RFA.
8.3.2 An illustrative list of some EWS is given for the guidance of banks in Annex I to this circular. Banks may choose to adopt or adapt the relevant signals from this list and also include other alerts/signals based on their experience, client profile and business models. The EWS so compiled by a bank would form the basis for classifying an account as a RFA.
8.3.3 The threshold for EWS and RFA is an exposure of ₹ 500 million or more at the level of a bank irrespective of the lending arrangement (whether solo banking, multiple banking or consortium). All accounts beyond ₹ 500 million classified as RFA or ‘Frauds’ must also be reported on the CRILC data platform together with the dates on which the accounts were classified as such. As of now, this requirement is in addition to the extant requirements of reporting to RBI as mentioned in Para 3 above.
8.3.4 The modalities for monitoring of loan frauds below ₹ 500 million threshold is left to the discretion of banks. However, banks shall continue to report all identified accounts to CFMC, RBI as per the existing cut-offs.
8.3.5 The tracking of EWS in loan accounts should not be seen as an additional task but must be integrated with the credit monitoring process in the bank so that it becomes a continuous activity and also acts as a trigger for any possible credit impairment in the loan accounts, given the interplay between credit risks and fraud risks. In respect of large accounts it is necessary that banks undertake a detailed study of the Annual Report as a whole and not merely of the financial statements, noting particularly the Board Report and the Managements’ Discussion and Analysis Statement as also the details of related party transactions in the notes to accounts. The officer responsible for the operations in the account, by whatever designation called, should be sensitised to observe and report any manifestation of the EWS promptly to the Fraud Monitoring Group (FMG) or any other group constituted by the bank for the purpose immediately. To ensure that the exercise remains meaningful, such officers may be held responsible for non-reporting or delays in reporting.
8.3.6 The FMG or any such designated committee shall classify the account as RFA and the details of RFA accounts shall be put up to the CMD/CEO every month.
8.3.7 A report on the RFA accounts shall be put up to the Special Committee of the Board for monitoring and follow-up of Frauds (SCBF) providing, inter alia, a synopsis of the remedial action taken together with their current status.
8.4.1 At present the detection of frauds takes an unusually long time. Banks tend to report an account as fraud only when they exhaust the chances of further recovery. Among other things, delays in reporting of frauds also delays the alerting of other banks about the modus operandi through caution advices / CFR by RBI that may result in similar frauds being perpetrated elsewhere. More importantly, it delays action against the unscrupulous borrowers by the law enforcement agencies which impact the recoverability aspects to a great degree and also increases the loss arising out of the fraud.
8.4.2 The most effective way of preventing frauds in loan accounts is for banks to have a robust appraisal and an effective credit monitoring mechanism during the entire life-cycle of the loan account. Any weakness that may have escaped attention at the appraisal stage can often be mitigated in case the post disbursement monitoring remains effective. In order to strengthen the monitoring processes, based on an analysis of the collective experience of the banks, inclusion of the following checks / investigations during the different stages of the loan life-cycle should be carried out:
- Pre-sanction: As part of the credit process, the checks being applied during the stage of pre-sanction may consist of the Risk Management Group (RMG) or any other appropriate group of the bank collecting independent information and market intelligence on the potential borrowers from the public domain on their track record, involvement in legal disputes, raids conducted on their businesses, if any, strictures passed against them by Government agencies, validation of submitted information/data from other sources like the ROC, gleaning from the defaulters list of RBI/other Government agencies, etc., which could be used as an input by the sanctioning authority. Banks shall keep the record of such pre-sanction checks as part of the sanction documentation.
- Disbursement: Checks by RMG during the disbursement stage, shall among others, focus on the adherence to the terms and conditions of sanction, rationale for allowing dilution of these terms and conditions, level at which such dilutions were allowed, etc. The dilutions should strictly conform to the broad framework laid down by the Board in this regard. As a matter of good practice, the sanctioning authority may specify certain terms and conditions as ‘core’ which should not be diluted. The RMG may immediately flag the non-adherence of core stipulations to the sanctioning authority.
- Annual review: While the continuous monitoring of an account through the tracking of EWS is important, banks also need to be vigilant from the fraud perspective at the time of annual review of accounts. Among other things, the aspects of diversion of funds in an account, adequacy of stock vis-a-vis stock statements, stress in group accounts, etc., must also be commented upon at the time of review. Besides, the RMG should have capability to track market developments relating to the major clients of the bank and provide inputs to the credit officers. This would involve collecting information from the grapevine, following up stock market movements, subscribing to a press clipping service, monitoring databases on a continuous basis and not confining the exercise only to the borrowing entity but to the group as a whole.
Employees should be encouraged to report fraudulent activity in an account, along with the reasons in support of their views, to the appropriately constituted authority, under the Whistle Blower Policy of the bank, who may institute a scrutiny through the FMG. The FMG may ‘hear’ the concerned employee in order to obtain necessary clarifications. Protection should be available to such employees under the whistle blower policy of the bank so that the fear of victimisation does not act as a deterrent.
During the course of the audit, auditors may come across instances where the transactions in the account or the documents point to the possibility of fraudulent transactions in the account. In such a situation, the auditor should immediately bring it to the notice of the top management and if necessary to the Audit Committee of the Board (ACB) for appropriate action.
In case of accounts classified as ‘fraud’, banks are required to make provisions to the full extent immediately, irrespective of the value of security. However, in case a bank is unable to make the entire provision in one go, it may now do so over four quarters provided there is no delay in reporting (cf. Circular DBR.No.BP.BC.83/21.04.048/2014-15 dated April 01, 2015). In case of delays, the banks under Multiple Banking Arrangements (MBA) or member banks in the consortium are required to make the provision in one go in terms of the said circular. Delay, for the purpose of this circular, would mean that the fraud was not flashed to CFMC, RBI or reported on the CRILC platform, RBI within a period of one week from its (i) classification as a fraud through the RFA route which has a maximum time line of six months or (ii) detection/declaration as a fraud ab initio by the bank as hitherto.
8.8.1 In cases where the bank is the sole lender, the FMG will take a call on whether an account in which EWS are observed should be classified as RFA or not. This exercise should be completed as soon as possible and in any case within a month of the EWS being noticed. In case the account is classified as RFA, the FMG will stipulate the nature and level of further investigations or remedial measures necessary to protect the bank’s interest within a stipulated time which cannot exceed six months.
8.8.2 The bank may use external auditors, including forensic experts or an internal team for investigations before taking a final view on the RFA. At the end of this time line, which cannot be more than six months, banks should either lift the RFA status or classify the account as a fraud.
8.8.3 A report on the RFA accounts should be put up to the SCBF with the observations/decision of the FMG. The report should list the EWS/ irregularities observed in the account and provide a synopsis of the investigations ordered / remedial action proposed by the FMG together with their current status.
8.9.1 Certain unscrupulous borrowers enjoying credit facilities under “multiple banking arrangement” after defrauding one of the financing banks, continue to enjoy the facilities with other financing banks and in some cases avail even higher limits at those banks. In certain cases the borrowers use the accounts maintained at other financing banks to siphon off funds by diverting from the bank on which the fraud is being perpetrated. This is due to lack of a formal arrangement for exchange of information among various lending banks/FIs. In some of the fraud cases, the securities offered by the borrowers to different banks are the same.
8.9.2 In view of this, all the banks which have financed a borrower under ‘multiple banking’ arrangement should take co-ordinated action, based on commonly agreed strategy, for legal / criminal actions, follow up for recovery, exchange of details on modus operandi, achieving consistency in data / information on frauds reported to Reserve Bank of India. Therefore, the bank which detects a fraud is required to immediately share the details with all other banks in the multiple banking arrangements.
8.9.3 In case of consortium arrangements, individual banks must conduct their own due diligence before taking any credit exposure and also independently monitor the end use of funds rather than depend fully on the consortium leader. However, as regards monitoring of Escrow Accounts, the details may be worked out by the consortium and duly documented so that accountability can be fixed easily at a later stage. Besides, any major concerns from the fraud perspective noticed at the time of annual reviews or through the tracking of early warning signals should be shared with other consortium / multiple banking lenders immediately as hitherto. While some of the due diligence measures have been illustrated in paragraph 8.4.2 above, due diligence broadly encompasses all measures to be taken by a bank to understand the nature of business of the borrower, identifying and assessing any risks associated in the financial, commercial, legal and operational aspects of the business and also the measures taken to mitigate the risks found after such exercise . Due diligence also includes but is not limited to developing Standard Operating Procedures, with checklists to be followed by the operating functionaries, updating any manual that has been written and sensitizing staff for strict adherence to such procedures.
8.9.4 The initial decision to classify any standard or NPA account as RFA or Fraud will be at the individual bank level and it would be the responsibility of this bank to report the RFA or Fraud status of the account on the CRILC platform so that other banks are alerted. In case it is decided at the individual bank level to classify the account as fraud straightaway at this stage itself, the bank shall then report the fraud to RBI within 21 days of detection and also report the case to CBI/Police, as is being done hitherto. Further within 15 days of RFA/Fraud classification, the bank which has red flagged the account or detected the fraud would ask the consortium leader or the largest lender under MBA to convene a meeting of the JLF to discuss the issue. The meeting of the JLF so requisitioned must be convened within 15 days of such a request being received. In case there is a broad agreement, the account should be classified as a fraud; else based on the majority rule of agreement amongst banks with at least 60% share in the total lending, the account should be red flagged by all the banks and subjected to a forensic audit commissioned or initiated by the consortium leader or the largest lender under MBA. All banks, as part of the consortium or multiple banking arrangement, shall share the costs and provide the necessary support for such an investigation.
8.9.5 The forensic audit must be completed within a maximum period of three months from the date of the JLF meeting authorizing the audit. Within 15 days of the completion of the forensic audit, the JLF shall reconvene and decide on the status of the account, either by consensus or the majority rule as specified above. In case the decision is to classify the account as a fraud, the RFA status shall be changed to Fraud in all banks and reported to RBI and on the CRILC platform within a week of the said decision. Besides, within 30 days of the RBI reporting, the bank commissioning/ initiating the forensic audit should lodge a complaint with the CBI on behalf of all banks in the consortium/MBA. For this purpose, if the bank initiating the forensic audit is a private sector bank, the complaint shall be lodged with the CBI by the PSU bank with the largest exposure to the account in the consortium/MBA. If there is no PSU bank in the consortium / MBA or it is a solo bank lending by a private sector bank/foreign bank, the private bank/foreign bank shall report to the Police as per extant instructions. This would be in addition to the complaint already lodged by the first bank which had detected the fraud and informed the consortium/MBA.
8.9.6 It may be noted that the overall time allowed for the entire exercise to be completed is six months from the date when the first member bank reported the account as RFA or Fraud on the CRILC platform.
8.10.1 As in the case of accounts categorised as NPAs, banks must initiate and complete a staff accountability exercise within six months from the date of classification as a Fraud. Wherever felt necessary or warranted, the role of sanctioning official(s) may also be covered under this exercise. The completion of the staff accountability exercise for frauds and the action taken shall be placed before the SCBF and intimated to the RBI at quarterly intervals as hitherto.
8.10.2 Banks may bifurcate all fraud cases into vigilance and non-vigilance. Only vigilance cases should be referred to the investigative authorities. Non-vigilance cases may be investigated and dealt with at the bank level within a period of six months. It is emphasised that banks should strive to complete the staff accountability exercise within six months as clearing the air on the staff members concerned in a shorter time frame is appropriate and desirable.
8.10.3 In cases involving very senior executives of the bank, the Board / ACB/ SCBF may initiate the process of fixing staff accountability. It is clarified that very senior executives include the EDs and MD & CEOs of banks.
8.10.4 Staff accountability should not be held up on account of the case being filed with law enforcement agencies. Both the criminal and domestic enquiry should be conducted simultaneously.
8.11.1 Banks are required to lodge the complaint with the law enforcement agencies immediately on detection of fraud. There should ideally not be any delay in filing of the complaints with the law enforcement agencies since delays may result in the loss of relevant ‘relied upon’ documents, non-availability of witnesses, absconding of borrowers and also the money trail getting cold in addition to asset stripping by the fraudulent borrower.
8.11.2 It is observed that banks do not have a focal point for filing CBI / Police complaints. This results in a non-uniform approach to complaint filing by banks and the investigative agency has to deal with dispersed levels of authorities in banks. This is among the most important reasons for delay in conversion of complaints to FIRs. It is, therefore, enjoined on banks to establish a nodal point / officer for filing all complaints with the CBI on behalf of the bank and serve as the single point for coordination and redressal of infirmities in the complaints.
8.11.3 The complaint lodged by the bank with the law enforcement agencies should be drafted properly and invariably be vetted by a legal officer. It is also observed that banks sometimes file complaints with CBI / Police on the grounds of cheating, misappropriation of funds, diversion of funds etc., by borrowers without classifying the accounts as fraud and/or reporting the accounts as fraud to RBI. Since such grounds automatically constitute the basis for classifying an account as a fraudulent one, banks should invariably classify such accounts as frauds and report the same to RBI.
8.12.1 In general, the penal provisions as applicable to wilful defaulters would apply to the fraudulent borrower including the promoter director(s) and other whole time directors of the company insofar as raising of funds from the banking system or from the capital markets by companies with which they are associated is concerned, etc. In particular, borrowers who have defaulted and have also committed a fraud in the account would be debarred from availing bank finance from Scheduled Commercial Banks, Development Financial Institutions, Government owned NBFCs, Investment Institutions, etc., for a period of five years from the date of full payment of the defrauded amount. After this period, it is for individual institutions to take a call on whether to lend to such a borrower. The penal provisions would apply to non-whole time directors (like nominee directors and independent directors) only in rarest of cases based on conclusive proof of their complicity.
8.12.2 No restructuring or grant of additional facilities may be made in the case of RFA or fraud accounts. However, in cases of fraud/malfeasance where the existing promoters are replaced by new promoters and the borrower company is totally delinked from such erstwhile promoters/management, banks and JLF may take a view on restructuring of such accounts based on their viability, without prejudice to the continuance of criminal action against the erstwhile promoters/management.
8.12.3 No compromise settlement involving a fraudulent borrower is allowed unless the conditions stipulate that the criminal complaint will be continued.
8.12.4 In addition to above borrower- fraudsters, third parties such as builders, warehouse/cold storage owners, motor vehicle/tractor dealers, travel agents, etc. and professionals such as architects, valuers, chartered accountants, advocates, etc. are also to be held accountable if they have played a vital role in credit sanction/disbursement or facilitated the perpetration of frauds. Banks are advised to report to Indian Banks Association (IBA) the details of such third parties involved in frauds.
8.12.5 Before reporting to IBA, banks have to satisfy themselves of the involvement of third parties concerned and also provide them with an opportunity of being heard. In this regard the banks should follow normal procedures and the processes followed should be suitably recorded. On the basis of such information, IBA would, in turn, prepare caution lists of such third parties for circulation among the banks.
9.1.1 Banks should subject the title deeds and other documents in respect of all credit exposures of ₹ 5 crore and above to periodic legal audit and re-verification of title deeds with relevant authorities as part of regular audit exercise till the loan stands fully repaid.
9.1.2 Banks shall furnish a review note to their Board / Audit Committee of the Board at quarterly intervals on an ongoing basis giving therein the information in respect of such legal audits which should cover aspects, inter alia, like number of loan accounts due for legal audit for the quarter, how many accounts covered, list of deficiencies observed by the auditors, steps taken to rectify the deficiencies, number of accounts in which the rectification could not take place, course of action to safeguard the interest of bank in such cases, action taken on issues pending from earlier quarters.
9.2.1 It is noticed that certain non-performing or performing loans of questionable standards had been packaged by some banks and sold to Securitization Companies / Reconstruction Companies (SC / RC). These loans were subsequently found to have been originated fraudulently.
9.2.2 It is therefore advised that banks should ensure that while packaging and selling performing or non-performing assets, it is properly ascertained that the pool of assets being sold does not contain any loan originated fraudulently or has been classified as fraud as on the date of sale.
10.1 Banks should arrange to report by fax / e-mail instances of bank robberies, dacoities, thefts and burglaries to the following authorities immediately on their occurrence.
- CFMC, Bengaluru
- RO of DBS/SSM under whose jurisdiction the Head Office of the bank falls.
- RO of DBS under whose jurisdiction the affected bank branch is located to enable the Regional Office to take up the issues regarding security arrangements in affected branch/es during the State Level Security Meetings with the concerned authorities.
- The Security Adviser, Central Security Cell, Reserve Bank of India, Central Office Building, Mumbai – 400 001.
- Ministry of Finance, Department of Financial Services Government of India, Jeevan Deep, Parliament Street, New Delhi-110 001.
The report should include details of modus operandi and other information as at columns 1 to 11 of FMR 4.
10.2 Banks should also submit to CFMC, Bengaluru a quarterly consolidated statement in the format given in FMR 4 (soft copy) covering all cases pertaining to the quarter. This may be submitted within 15 days of the end of the quarter to which it relates.
10.3 Banks which do not have any instances of theft, burglary, dacoity and / or robbery to report during the quarter, may submit a nil report.
A list of circulars that stand repealed with the issue of these Directions is given in Annex IV
Some Early Warning Signals (EWS) which should alert the bank officials about some wrongdoings in the loan accounts which may turn out to be fraudulent
1 a) Default in undisputed payment to the statutory bodies as declared in the Annual report.
b) Bouncing of high value cheques
2 Frequent change in the scope of the project to be undertaken by the borrower
3 Foreign bills remaining outstanding with the bank for a long time and tendency for bills to remain overdue.
4 Delay observed in payment of outstanding dues.
5 Frequent invocation of BGs and devolvement of LCs.
6 Under insured or over insured inventory.
7 Invoices devoid of TAN and other details.
8 Dispute on title of collateral securities.
9 Funds coming from other banks to liquidate the outstanding loan amount unless in normal course.
10 In merchanting trade, import leg not revealed to the bank.
11 Request received from the borrower to postpone the inspection of the godown for flimsy reasons.
12 Funding of the interest by sanctioning additional facilities.
13 Exclusive collateral charged to a number of lenders without NOC of existing charge holders.
14 Concealment of certain vital documents like master agreement, insurance coverage.
15 Floating front / associate companies by investing borrowed money
16 Critical issues highlighted in the stock audit report.
17 Liabilities appearing in ROC search report, not reported by the borrower in its annual report
18 Frequent request for general purpose loans.
19 Frequent ad hoc sanctions.
20 Not routing of sales proceeds through consortium I member bank/ lenders to the company.
21 LCs issued for local trade I related party transactions without underlying trade transaction
22 High value RTGS payment to unrelated parties.
23 Heavy cash withdrawal in loan accounts.
24 Non production of original bills for verification upon request.
25 Significant movements in inventory, disproportionately differing vis-a-vis change in the turnover.
26 Significant movements in receivables, disproportionately differing vis-à-vis change in the turnover and/or increase in ageing of the receivables
27 Disproportionate change in other current assets
28 Significant increase in working capital borrowing as percentage of turnover
29 Increase in Fixed Assets, without corresponding increase in long term sources (when project is implemented).
30 Increase in borrowings, despite huge cash and cash equivalents in the borrower’s balance sheet
31 Frequent change in accounting period and/or accounting policies
32 Costing of the project which is in wide variance with standard cost of installation of the project
33 Claims not acknowledged as debt high
34 Substantial increase in unbilled revenue year after year.
35 Large number of transactions with inter-connected companies and large outstanding from such companies
36 Substantial related party transactions
37 Material discrepancies in the annual report
38 Significant inconsistencies within the annual report (between various sections)
39 Poor disclosure of materially adverse information and no qualification by the statutory auditors
40 Raid by Income tax /sales tax/ central excise duty officials
41 Significant reduction in the stake of promoter /director or increase in the encumbered shares of promoter/director.
42 Resignation of the key personnel and frequent changes in the management
|Sl No||Circular No.||Circular Date||Subject|
|1||DBS.CO.CFMC.BC.No.007/23.04.001/2014-15||May 7, 2015||Framework for dealing with loan frauds|
|2||DBS.FrMC.BC.No.7/23.04.001/2012-13||June 7, 2013||Legal Audit of Title Documents in Respect of Large Value Loan Accounts|
|3||DBS.CO.FrMC.No.13877/ 23.04.001/2010-11||April 5, 2011||Sale of Financial Assets of Doubtful Standard/Fraudulent Origin to Securitization Company (SC)/ Reconstruction Company (RC) – Reporting Requirements|
|4||DBS.CO.FrMC.BC.No.7/23.04.001/2008-09||June 05, 2009||Closure of fraud cases – relaxation in the existing norms|
|5||DBS.FrMC.BC.No.04/23.04.001/2012-13||November 15, 2012||Frauds – Classification and Reporting|
|6||DBS.CO.CFMC.BC.006/23.04.001/2014-15||November 5, 2014||Cheque related fraud cases – preventive measures|