Tag Archives: compliance

penalty on Apna Sahakari Bank

https://www.rbi.org.in/Scripts/BS_PressReleaseDisplay.aspx?prid=52291

The Reserve Bank of India (RBI) has, by an order dated September 23, 2021, imposed a monetary penalty of ₹79.00 lakh (Rupees seventy-nine lakh only) on Apna Sahakari Bank Ltd., Mumbai (the bank) for non-compliance with directions issued by RBI on ‘Income Recognition, Asset Classification, Provisioning and other related matters (IRAC norms)’, ‘Interest Rate on Deposits’ and ‘Maintenance of Deposit Accounts’. This penalty has been imposed in exercise of powers vested in RBI conferred under section 47 A (1) (c) read with sections 46 (4) (i) and 56 of the Banking Regulation Act, 1949, taking into account failure of the bank to adhere to the aforesaid directions issued by RBI.

This action is based on deficiency in regulatory compliance and is not intended to pronounce upon the validity of any transaction or agreement entered into by the bank with its customers.

Background

The statutory inspection of the bank conducted by the RBI with reference to the bank’s financial position as on March 31, 2019, the Inspection Report pertaining thereto, and examination of all related correspondence revealed, inter alia, that the bank had not complied with the directions issued by RBI on NPA classification, payment of interest on deposits lying in current accounts of deceased individual depositors or sole proprietorship concerns while settling the claims and levying of penal charges in savings bank accounts for non-maintenance of minimum balances. In furtherance to the same, a notice was issued to the bank advising it to show cause as to why penalty should not be imposed for contravention of aforesaid directions.

After considering the bank’s reply to the notice, additional submissions and oral submissions made during the personal hearing, RBI came to the conclusion that the charge of non-compliance with the aforesaid RBI directions were substantiated and warranted imposition of monetary penalty, to the extent of non-compliance with the aforesaid directions.

AUTHORS NOTE: We have seen this kind of press releases almost every day, where RBI imposes monetary penalties on banks and FIs for non compliance with the extant regulations. Wondering why these banks are so lax in complying with the regulations. They should appoint Company Secretaries to handle their compliance functions either in house or outsourced to PCS.

Leave a comment

Filed under Uncategorized

investment advisors

SEBI has brought in a concept of an Investment Advisor Administration and Supervisory Body which will regulate the registered investment advisors in the country under the SEBI (Investment Advisors) Regulations. For that purpose they have granted recognition to BSE Administration & Supervision Limited as an Investment Advisor Supervisory Body. This body i.e. BASL, shall have the following responsibilities, viz.

i. Supervision of IAs including both on-site and offsite
ii. Grievance redressal of clients and IAs
iii. Administrative action including issuing warning and referring to SEBI for enforcement action
iv. Monitoring activities of IAs by obtaining periodical reports
v. Submission of periodical reports to SEBI
vi. Maintenance of database of IAs

SEBI shall also concurrently administer and supervise the RIAs (registered investment advisors) and shall be subject to periodic inspection by SEBI. So there will be a dual supervisor body for RIAs going forward.

Pursuant to this grant of recognition to BASL, all RIAs are required to ensure compliance with the following:
i. Membership of IAASB – they have to take membership of BASL within 3 months of the recognition of BASL, which has been recognized from 1st June, 2021. So all RIAs have to perforce take membership of BASL by end August, 2021
ii. Payment of fees: All RIAs have to pay the membership fees to BASL. The fee structure is given below:

SEBI has also modified its fee structure w.e.f. 1st April, 2021 vide its amendment notification dated 11th January, 2021. It appears that fees to SEBI has been discontinued, instead the fees have to be paid to BASL.

Detailed SOPs and FAQs have been issued by BASL with respect to the membership of BASL and other incidental matters. That can be found here.

https://www.sebi.gov.in/media/press-releases/jun-2021/bse-administration-and-supervision-limited-granted-recognition-for-administration-and-supervision-of-investment-advisers_50540.html

Get ready for increased supervision and more compliances – RIAs


Leave a comment

Filed under Uncategorized

AGM by video conferencing

MCA has issued a very confusing circular no. 2/2021 dated 13/1/2021 wherein they have allowed companies to hold their annual general meetings of their shareholders via video conferencing means upto end of 2021 i.e. upto 31st December 2021.

In the same breath they also say that this does not confer any extension of time to hold AGM for companies and they remain liable to be prosecuted for any compliances on that count.

Its a very confusing circular worded very badly, one needs to read it half a dozen times to understand what it means.

Its a pity that MCA officers do not understand the ground reality – that many companies and their office staff are still held back due to the covid pandemic and are not attending their offices, ditto for auditors staff. The local trains of Mumbai which is the lifeline of Mumbai has not been opened for the general public. In absence of that commuting becomes extremely difficult.

Government could very well have extended the time to hold the AGM for companies having march 2020 as their annual closing date, despite the section allowing only 3 months extension, what prevented the government from passing an ordinance to that effect.

Copy of the above circular can be found at the MCA site.

Leave a comment

Filed under company law

perpetual validity to PSOs

RBI circular dated 4th December, 2020 announcing perpetual validity to Payment System Operators subject to them fulfilling some compliance conditions. Read on.

Perpetual Validity for Certificate of Authorisation (CoA) issued to Payment System Operators (PSOs) under Payment and Settlement Systems Act, 2007 (PSS Act)

This has reference to the Statement on Developmental and Regulatory Policies dated October 9, 2020 wherein Reserve Bank of India (RBI) had announced granting of authorisation for all PSOs under PSS Act on a perpetual basis, subject to certain conditions.

2. Currently, RBI grants authorisation to new entities desirous of operating a payment system for specified periods up to five years. Similar approach is adopted for renewal of validity of authorisation to existing entities. To reduce licensing uncertainties and enable PSOs to focus on their business as also to optimise utilisation of regulatory resources, it has been decided to, hereafter, grant authorisation for all PSOs (both new and existing) on a perpetual basis, subject to the usual conditions.

3. For existing authorised PSOs, grant of perpetual validity shall be examined as and when the CoA becomes due for renewal subject to their adherence to the following:

  1. Full compliance with the terms and conditions subject to which authorisation was granted;
  2. Fulfilment of entry norms such as capital, networth requirements, etc.;
  3. No major regulatory or supervisory concerns related to operations of the PSO, as observed during onsite and / or offsite monitoring;
  4. Efficacy of customer grievance redressal mechanism;
  5. No adverse reports from other departments of RBI / regulators / statutory bodies, etc.

4. Existing PSOs who do not satisfy all conditions will be given one-year renewals to enable them to comply; if any entity fails to do so in a reasonable time, its authorisation may be withdrawn.

5. If an entity becomes non-compliant with any of the conditions of authorisation, RBI may undertake action as deemed fit under the provisions of PSS Act, including imposition of restrictions on payment system operations and / or revocation of CoA.

6. This directive is issued under Section 10(2) read with Section 18 of Payment and Settlement Systems Act, 2007 (Act 51 of 2007).

Leave a comment

Filed under banking laws

SaaS for GRC functions

SEBI advisory dated 3rd November, 2020 regarding advisory for financial sector organisations in respect of software as a solutions (SaaS) for their Governance, Risk & Compliance (GRC) functions especially from the point of view of cyber security. Gist of guidance given below.

https://www.sebi.gov.in/legal/circulars/nov-2020/advisory-for-financial-sector-organizations-regarding-software-as-a-service-saas-based-solutions_48081.html

  1. Ministry of Electronics & Information Technology, Govt. of India (MoE&IT), has informed SEBI that the financial sector institutions are availing or thinking of availing Software as a Service (SaaS) based solution for managing their Governance, Risk & Compliance (GRC) functions so as to improve their cyber Security Posture. As observed by MoE&IT, though SaaS may provide ease of doing business and quick turnaround, but it may bring significant risk to health of
    financial sector as many a time risk and compliance data of the institution moves beyond the legal and jurisdictional boundary of India due to nature of shared cloud SaaS, thereby posing risk to the data safety and security.
  2. In this regard, Indian Computer Emergency Response Team (CERT-in) has issued an advisory for Financial Sector organizations. The advisory has been forwarded to SEBI for bringing the same to the notice of financial sector organization. The advisory is enclosed at Annexure A of this circular.
  3. It is advised to ensure complete protection and seamless control over the critical systems at your organizations by continuous monitoring through direct control and supervision protocol mechanisms while keeping the critical data within the legal boundary of India.
  4. The compliance of the advisory shall be reported in the half yearly report by stock brokers and DP to stock exchanges and depositories respectively and by direct intermediaries to SEBI with an undertaking, “Compliance of the SEBI circular for Advisory for Financial Sector Organizations regarding Software as a Service (SaaS) based solutions has been made.”
  5. The advisory annexed with this circular shall be effective with immediate effect.

Leave a comment

Filed under securities laws

one resident director

Under section 149 of the Companies Act, 2013 every company in India should have at least one director who is a resident in India, i.e. he has been in India in the financial year for at least 182 days in a year. This has been brought out by the Companies Act, 2013 w.e.f. 1st April, 2014.

Now in view of the covid pandemic, this requirement is relaxed for the financial year 2020-21. So even if a company does not or is not able to comply with the said provisions during the financial year 2020-21 it shall NOT be treated as non compliance.

MCA has clarified this vide their circular no. 36/2020 dated 20th October, 2020, which is available on the MCA site. i.e. http://www.mca.gov.in

Leave a comment

Filed under company law

compliance function in banks

RBI circular dated 11th September 2020 outlining the procedure for selection of chief compliance officer in banks and the role of chief compliance officer. Gist of RBI circular follows:

Please refer to the guidelines on compliance functions vide our circulars DBS.CO.PP.BC.6/11.01.005/2006-07 dated April 20, 2007 and DBS.CO.PPD.10946/11.01.005/2014-15 dated March 04, 2015.

2. As part of robust compliance system, banks are required, inter-alia, to have an effective compliance culture, independent corporate compliance function and a strong compliance risk management programme at bank and group level. Such an independent compliance function is required to be headed by a designated Chief Compliance Officer (CCO) selected through a suitable process with an appropriate ‘fit and proper’ evaluation/selection criteria to manage compliance risk effectively.

However, it is observed that the banks follow diverse practices in this regard. The following guidelines are meant to bring uniformity in approach followed by banks, as also to align the supervisory expectations on CCOs with best practices.

2.1 Policy – A bank shall lay down a Board-approved compliance policy clearly spelling out its compliance philosophy, expectations on compliance culture covering Tone from the Top, Accountability, Incentive Structure and Effective Communication & Challenges thereof, structure and role of the compliance function, role of CCO, processes for identifying, assessing, monitoring, managing and reporting on compliance risk throughout the bank. This shall, inter-alia, adequately reflect the size, complexity and compliance risk profile of the bank, expectations on ensuring compliance to all applicable statutory provisions, rules and regulations, various codes of conducts (including the voluntary ones) and the bank’s own internal rules, policies and procedures, and creating a disincentive structure for compliance breaches. The bank shall also develop and maintain a quality assurance and improvement program covering all aspects of the compliance function. The quality assurance and improvement program shall be subject to independent external review periodically (at least once in three years). The policy should lay special thrust on building up compliance culture; vetting of the quality of supervisory / regulatory compliance reports to RBI by the top executives, non-executive Chairman / Chairman and ACB of the bank, as the case may be. The policy shall be reviewed at least once a year;

2.2 Tenor for appointment of CCO – The CCO shall be appointed for a minimum fixed tenure of not less than 3 years. The Audit Committee of the Board (ACB) / Managing Director (MD) & CEO should factor this requirement while appointing CCO;

2.3 Transfer / Removal of CCO – The CCO may be transferred / removed before completion of the tenure only in exceptional circumstances with the explicit prior approval of the Board after following a well-defined and transparent internal administrative procedure;

2.4 Eligibility Criteria for appointment as CCO –

Rank – The CCO shall be a senior executive of the bank, preferably in the rank of a General Manager or an equivalent position (not below two levels from the CEO). The CCO could also be recruited from market;

Age – Not more than 55 years;

Experience – The CCO shall have an overall experience of at least 15 years in the banking or financial services, out of which minimum 5 years shall be in the Audit / Finance / Compliance / Legal / Risk Management functions;

Skills – The CCO shall have good understanding of industry and risk management, knowledge of regulations, legal framework and sensitivity to supervisors’ expectations;

Stature – The CCO shall have the ability to independently exercise judgement. He should have the freedom and sufficient authority to interact with regulators/supervisors directly and ensure compliance;

Others – No vigilance case or adverse observation from RBI, shall be pending against the candidate identified for appointment as the CCO.

2.5 Selection Process – Selection of the candidate for the post of the CCO shall be done on the basis of a well-defined selection process and recommendations made by the senior executive level selection committee constituted by the Board for the purpose. The selection committee shall recommend the names of candidates suitable for the post of the CCO as per the rank in order of merit and Board shall take final decision in the appointment of CCO;

2.6 Reporting Requirements – A prior intimation to the Department of Supervision, Reserve Bank of India, Central Office, Mumbai, shall be provided before appointment, premature transfer/removal of the CCO. Such information should be supported by a detailed profile of the candidate along with the fit and proper certification by the MD & CEO of the bank, confirming that the person meets the above supervisory requirements, and detailed rationale for changes, if any;

2.7 Reporting Line – The CCO shall have direct reporting lines to the MD & CEO and/or Board/Board Committee (ACB) of the bank. In case the CCO reports to the MD & CEO, the Audit Committee of the Board shall meet the CCO quarterly on one-to-one basis, without the presence of the senior management including MD & CEO. The CCO shall not have any reporting relationship with the business verticals of the bank and shall not be given any business targets. Further, the performance appraisal of the CCO shall be reviewed by the Board/ACB;

2.8 Authority – The CCO and compliance function shall have the authority to communicate with any staff member and have access to all records or files that are necessary to enable him/her to carry out entrusted responsibilities in respect of compliance issues. This authority should flow from the compliance policy of the bank;

2.9 The duties and responsibilities of the compliance function – These shall include at least the following activities:

  1. To apprise the Board and senior management on regulations, rules and standards and any further developments.
  2. To provide clarification on any compliance related issues.
  3. To conduct assessment of the compliance risk (at least once a year) and to develop a risk-oriented activity plan for compliance assessment. The activity plan should be submitted to the ACB for approval and be made available to the internal audit.
  4. To report promptly to the Board / ACB / MD & CEO about any major changes / observations relating to the compliance risk.
  5. To periodically report on compliance failures/breaches to the Board/ACB and circulating to the concerned functional heads.
  6. To monitor and periodically test compliance by performing sufficient and representative compliance testing. The results of the compliance testing should be placed to Board/ACB/MD & CEO.
  7. To examine sustenance of compliance as an integral part of compliance testing and annual compliance assessment exercise.
  8. To ensure compliance of Supervisory observations made by RBI and/or any other directions in both letter and spirit in a time bound and sustainable manner.

2.10 Internal Audit – The compliance function shall be subject to internal audit;

2.11 Dual Hatting – There shall not be any ‘dual hatting’ i.e. the CCO shall not be given any responsibility which brings elements of conflict of interest, especially the role relating to business. Roles which do not attract direct conflict of interest like role of anti-money laundering officer, etc. can be performed by the CCO in those banks where principle of proportionality in terms of bank’s size, complexity, risk management strategy and structures justify that;

2.12 The CCO shall not be member of any committee which brings his/her role in conflict with responsibility as member of the committee, including any committee dealing with purchases / sanctions. In case the CCO is member of a committee, he/she may have only advisory role;

2.13 Typical core elements of the mandate of CCO must include the design and maintenance of compliance framework, training on the regulatory and conduct risks, and effective communication of compliance expectations, etc.;

2.14 The bank’s Board of Directors shall be overall responsible for overseeing the effective management of the bank’s compliance function and compliance risk. The MD & CEO shall ensure the presence of independent compliance function and adherence to the compliance policy of the bank.

3. The instructions contained in the circular would come into effect immediately from the date of this circular and any new appointment shall be governed by the instructions contained herein. In respect of banks already having a CCO, they may follow the indicated processes for selection of CCO within a period of six months and are free to reappoint the current incumbent as the CCO if she/he meets all the requirements.

4. This circular supplements the guidelines issued by Reserve Bank of India on April 20, 2007 and March 04, 2015 and for any common areas of guidance, the prescription of this circular shall be followed.

Leave a comment

Filed under banking laws

ITR filing compliance check

Income tax press release dated 2nd September, 2020

Central Board of Direct Taxes in exercise of powers conferred under section 138(1)(a) of Income Tax Act, 1961, has issued Order inF.No. 225/136/2020/ITA.II dated 31.08.2020, for furnishing information about IT Return Filing Status to Scheduled Commercial Banks, notified vide notification No. 71/2020 dated 31.08.2020 under sub-clause (ii) of clause (a) of sub-section (1) of section 138 of the Act.

The data on cash withdrawal indicated that huge amount of cash is being withdrawn by the persons who have never filed income-tax returns. To ensure filing of return by these persons and to keep track on cash withdrawals by the non-filers, and to curb black money, the Finance Act, 2020 w.e.f. 1st July, 2020 further amended Income-tax Act, 1961 to lower the threshold of cash withdrawal to Rs. 20 lakh for the applicability of TDS for the non-filers and also mandated TDS at the higher rate of 5% on cash withdrawal exceeding Rs. 1 crore by the non-filers.

Income Tax Department has already provided a functionality “Verification of applicability u/s 194N” on http://www.incometaxindiaefiling.gov.in for Banks and Post offices since 1st July, 2020.  Through this functionality, Bank/Post Office can get the applicable rate of TDS under section 194N of the Income-tax Act, 1961 by entering the PAN of the person who is withdrawing cash.

The Department has now released a new functionality “ITR Filing Compliance Check” which will be available to Scheduled Commercial Banks (SCBs) to check the IT Return filing status of PANs in bulk mode. The Principal Director General of Income-tax (Systems) has notified the procedure and format for providing notified information to the Scheduled Commercial Banks. The salient features of the using functionality are as under:

  1. Accessing “ITR Filing Compliance Check”:The Principal Officer & Designated Director of SCBs, which are registered with the Reporting Portal  of Income-tax Department (https://report.insight.gov.in) shall be able to use the functionality after logging into the Reporting Portal using their credentials. After successfully logging in, link to the functionality “ITR Filing Compliance Check” will appear on the home page of the Reporting Portal.
  2. Preparing request (input) file containing PANs: The CSV Template to enter PAN details can be downloaded by clicking on “Download CSV template” button on the “ITR Filing Compliance Check” page. PANs, for which IT Return filing status is required, are required to be entered in the downloaded CSV template. The current limit of PANs in one file is 10,000.
  3. Uploading the input CSV file: Input CSV file may be uploaded by clicking on Upload CSV button. While uploading, “Reference Financial Year” is required to be selected. Reference Financial Year is the year for which results are required. If selected Reference Financial Year is 2020-21 then results will be available for Assessment years 2017-18, 2018-19 and 2019-20. Uploaded file will start reflecting with Uploaded status.
  4. Downloading the output CSV file: After processing, CSV file containing IT Return Filing Status of the entered PANs will be available for download and “Status” will change to Available.  Output CSV file will have PAN, Name of the PAN holder (masked), IT Return Filing Status for last three Assessment Years. After downloading of the file, the status will change to Downloaded and after 24 hours of availability of the file, download link will expire and status will change to Expired.

Scheduled Commercial Banks can also use API based exchange to automate and integrate the process with the Bank’s core banking solution. Scheduled Commercial Banks are required to document and implement appropriate information security policies and procedures with clearly defined roles and responsibilities to ensure security of information.

Leave a comment

Filed under tax laws

annual return

MCA has vide its notification dated 28th August, 2020 amended the relevant provisions of Companies (Management & Administration) Rules, 2014 by directing that where a company has posted its annual return in form MGT-9 on its website, then it need not attach the same annual return as part of its Board report on the financials of the company.

Hitherto, every company was required to attach a form MGT-9 which gives details of the company promoters, principal business activities, particulars of holding, subsidiary, associate companies, shareholding pattern of promoters, directors, key managerial personnel, indebtedness, remuneration of directors, key managerial personnel, penalties, compounding of offences if any by the company during the relevant financial year.

Every year, the company was required to make this annual return in form MGT-9 and attach it to the Board report. Now the MCA has given an option to companies to post this data on their website and give only a weblink, where the shareholders can access the same to view it.

If the company posts the annual return on its website and attaches the web link on its board report, then it will be considered as compliant with the provisions of the Act & the rules.

Leave a comment

Filed under company law

digital lending platforms

RBI has issued circular dated 24th June, 2020 to ensure that all digital lending platforms and their backing banks/ NBFCs/ financial institutions observe proper governance in view of the increasing level of frauds noticed in these platforms and the customer dissatisfaction with the same.

The gist of RBI circular is given below:

It has been observed that many digital platforms have emerged in the financial sector claiming to offer hassle free loans to retail individuals, small traders, and other borrowers. Banks and NBFCs are also seen to be engaging digital platforms to provide loans to their customers. In addition, some NBFCs have been registered with Reserve Bank as ‘digital-only’ lending entities while some NBFCs are registered to work both on digital and brick-mortar channels of credit delivery. Thus banks and NBFCs are observed to lend either directly through their own digital platforms or through a digital lending platform under an outsourcing arrangement.

2. It has further been observed that the lending platforms tend to portray themselves as lenders without disclosing the name of the bank/ NBFC at the backend, as a consequence of which, customers are not able to access grievance redressal avenues available under the regulatory framework. Of late, there are several complaints against the lending platforms which primarily relate to exorbitant interest rates, non-transparent methods to calculate interest, harsh recovery measures, unauthorised use of personal data and bad behavior.

3. Although digital delivery in credit intermediation is a welcome development, concerns emanate from non-transparency of transactions and violation of extant guidelines on outsourcing of financial services and Fair Practices Code, etc. issued to banks and NBFCs, a reference to which is drawn in the Annex. It is, therefore, reiterated that banks and NBFCs, irrespective of whether they lend through their own digital lending platform or through an outsourced lending platform, must adhere to the Fair Practices Code guidelines in letter and spirit. They must also meticulously follow regulatory instructions on outsourcing of financial services and IT services.

4. It must be noted that outsourcing of any activity by banks/ NBFCs does not diminish their obligations, as the onus of compliance with regulatory instructions rests solely with them. Wherever banks and NBFCs engage digital lending platforms as their agents to source borrowers and/ or to recover dues, they must follow the following instructions:

a) Names of digital lending platforms engaged as agents shall be disclosed on the website of banks/ NBFCs.

b) Digital lending platforms engaged as agents shall be directed to disclose upfront to the customer, the name of the bank/ NBFC on whose behalf they are interacting with him.

c) Immediately after sanction but before execution of the loan agreement, the sanction letter shall be issued to the borrower on the letter head of the bank/ NBFC concerned.

d) A copy of the loan agreement along with a copy each of all enclosures quoted in the loan agreement shall be furnished to all borrowers at the time of sanction/ disbursement of loans.

e) Effective oversight and monitoring shall be ensured over the digital lending platforms engaged by the banks/ NBFCs.

f) Adequate efforts shall be made towards creation of awareness about the grievance redressal mechanism.

5. Any violation in this regard by banks and NBFCs (including NBFCs registered to operate on ‘digital-only’ or on digital and brick-mortar channels of delivery of credit) will be viewed seriously.

Copy of RBI circular can be found here

Leave a comment

Filed under banking laws

Companies Fresh Start Scheme 2020

MCA has issued a circular dated 30th March, 2020 wherein it has given companies a one time opportunity to file old forms without any additional filing fee between 1st April 2020 and 30th September, 2020. Immunity from launch of prosecution or proceedings for imposing penalty shall be provided only to the extent of delay in filings and not with substantive violation of law. Any other consequential proceedings including proceedings involved interest of shareholders vis-a-vis the company concerned shall not be covered by the immunity.

Where the company has filed an appeal against a notice issued by the ROC for violation of the provisions of the Act with respect to delay in filings, then the company should first withdraw the appeal before filing for immunity under this Scheme. But this is applicable only with respect to statutory filing under the Act and will not apply in cases where company has filed a petition before the NCLT where the company has been struck off under the provisions of section 248 of the Act, due to non conduct of any business activities for two years consecutively, for revival of the company. Also it is not clear where companies have been under strike off due to non filings and their directors DIN disqualified – whether the disqualifications would be removed so that they can do the filings. Ideally that should happen so that companies in the fault can then revive their companies with little cost involved. There are many such companies in that category and it would be great if MCA can redress that aspect.

Where orders have been passed against the company for non filings and penalties levied but the appeals could not be lodged and if the last date for filing appeal falls between March to May 2020 then a period of 120 additional days shall be provided to that company to file its appeal to the relevant authorities. During that 120 days additional period no action shall be taken against the company concerned in so far as it pertains to delay in filing

Companies who have taken advantage of this fresh start scheme have to further file an immunity form called CFSS-2020. This is required to be filed only after closure of the Scheme AND after all the forms have been taken on record or approved by the MCA but not before 6 months from the closure of the scheme. There shall be no immunity in case of appeal pending before any court of law or in respect of management disputes in the company before any court or tribunal. Also there is no immunity where the court has already ordered conviction OR an order imposing penalty has been passed and no appeal has been preferred against such orders before the Scheme has come into force.

This Scheme will not apply in following cases

a) company against which final notice for strike off has already been initiated u/s 248 of the Act;

b) where strike off application has already been made by the company;

c) companies which have been amalgamated under a scheme of amalgamation or compromise under the Act;

d) where company has filed application for obtaining Dormant status for the company under section 455 of the Act;

e) to vanishing companies;

f) to forms for increase in authorised share capital (SH-7) or charge related documents

After the immunity is granted, the ROC/ RD shall withdraw the prosecution proceedings, if any, pending before the concerned court and prosecution for adjudication of penalties u/s 454 of the Act, other than those where the court has already ordered conviction or penalty has been imposed by the court/ tribunal or adjudicating authority.

Further the defaulting inactive companies can, after all the filings have been made uptodate, take advantage of the dormant company provisions or strike off company provisions under the Act.

Click to access Circular12_30032020.pdf

 

 

 

Simultaneously a LLP settlement scheme is also running for delayed filings of form 3 & 4

1 Comment

Filed under company law

Payment Aggregators & Gateways

https://www.rbi.org.in/scripts/NotificationUser.aspx?Id=11822&Mode=0

This has reference to Reserve Bank of India (RBI) circular DPSS.CO.PD.No.1102/02.14.08/2009-10 dated November 24, 2009 on ‘directions for opening and operation of accounts and settlement of payments for electronic payment transactions involving intermediaries’.

2. A reference is also invited to the discussion paper placed on the RBI website on guidelines for regulation of Payment Aggregators (PAs) and Payment Gateways (PGs). Based on the feedback received and taking into account the important functions of these intermediaries in the online payments space as also keeping in view their role vis-à-vis handling funds, it has been decided to (a) regulate in entirety the activities of PAs as per the guidelines in Annex 1, and (b) provide baseline technology-related recommendations to PGs as per Annex 2.

3. Detailed guidelines to this end are appended. It may be noted that these guidelines are issued under Section 18 read with Section 10(2) of the Payment and Settlement Systems Act, 2007 and shall come into effect from April 1, 2020 other than for activities for which specific timelines are mentioned.

Yours faithfully,

(P. Vasudevan)
Chief General Manager

Encl. : As above


Annex 1

Guidelines on Regulation of Payment Aggregators and Payment Gateways
(DPSS.CO.PD.No.1810/02.14.008/2019-20 dated March 17, 2020)

Payment Aggregators (PAs) and Payment Gateways (PGs) are intermediaries playing an important function in facilitating payments in the online space.

1. Definitions

1.1. For the purpose of this circular, the PAs and PGs are defined as under:

1.1.1. PAs are entities that facilitate e-commerce sites and merchants to accept various payment instruments from the customers for completion of their payment obligations without the need for merchants to create a separate payment integration system of their own. PAs facilitate merchants to connect with acquirers. In the process, they receive payments from customers, pool and transfer them on to the merchants after a time period.

1.1.2. PGs are entities that provide technology infrastructure to route and facilitate processing of an online payment transaction without any involvement in handling of funds.

1.2. In the processing of an online transaction the following timelines are involved:

  • ‘Tp’ – date of charge / debit to the customer’s account against the purchase of goods / services.
  • ‘Ts’ – date of intimation by the merchant to the intermediary about shipment of goods.
  • ‘Td’ – date of confirmation by the merchant to the intermediary about delivery of goods to the customer.
  • ‘Tr’ – date of expiry of refund period as fixed by the merchant.

2. Applicability

2.1. The guidelines shall be applicable to PAs. PAs shall also adopt the technology-related recommendations provided in Annex 2. As a measure of good practice, the PGs may adhere to these baseline technology-related recommendations.

2.2. Domestic leg of import and export related payments facilitated by PAs shall also be governed by these instructions.

2.3. The guidelines are not applicable to Cash on Delivery (CoD) e-commerce model.

3. Authorisation

3.1. The criteria of authorisation has been arrived at based on the role of the intermediary in handling of funds.

3.2. Bank and non-bank PAs handle funds as part of their activities. Banks, however, provide PA services as part of their normal banking relationship and do not therefore require a separate authorisation from RBI. Non-bank PAs shall require authorisation from RBI under the Payment and Settlement Systems Act, 2007 (PSSA).

3.3. PA shall be a company incorporated in India under the Companies Act, 1956 / 2013. The Memorandum of Association (MoA) of the applicant entity must cover the proposed activity of operating as a PA.

3.4. Existing non-bank entities offering PA services shall apply for authorisation on or before June 30, 2021. They shall be allowed to continue their operations till they receive communication from RBI regarding the fate of their application.

3.5. Entities seeking authorisation as PA from the RBI under the PSS Act, shall apply in Form A to the Department of Payment and Settlement Systems (DPSS), RBI, Central Office, Mumbai. Entities regulated by any of the financial sector regulators shall apply along with a ‘No Objection Certificate’ from their respective regulator, within 45 days of obtaining such a clearance.

3.6. E-commerce marketplaces providing PA services shall not continue this activity beyond the deadline prescribed at clause 3.4 above. If they desire to pursue this activity, it shall be separated from the marketplace business and they shall apply for authorisation on or before June 30, 2021.

3.7. PGs shall be considered as ‘technology providers’ or ‘outsourcing partners’ of banks or non-banks, as the case may be. In case of a bank PG, the guidelines issued by Reserve Bank of India, Department of Regulation (DoR) vide circular No.DBOD.NO.BP.40/21.04.158/2006-07 dated November 3, 2006 on “Managing Risks and Code of Conduct in Outsourcing of Financial Services by banks” and other follow up circular(s) shall also be applicable.

4. Capital Requirements

4.1. PAs existing as on the date of this circular shall achieve a net-worth of ₹15 crore by March 31, 2021 and a net-worth of ₹25 crore by the end of third financial year, i.e., on or before March 31, 2023. The net-worth of ₹25 crore shall be maintained at all times thereafter.

4.2. New PAs shall have a minimum net-worth of ₹15 crore at the time of application for authorisation and shall attain a net-worth of ₹25 crore by the end of third financial year of grant of authorisation. The net-worth of ₹25 crore shall be maintained at all times thereafter.

4.3. Illustratively,

Non-bank Entity Date of Application / Authorisation Date of Achieving ₹ 15 Cr. Net-worth Date of Achieving ₹ 25 Cr. Net-worth
Existing PAs Up to 30/06/2021 Date of application or 31/03/2021 whichever is earlier 31/03/2023
New PAs 20/03/2020
01/04/2020
01/03/2021
01/04/2021
On date of application 31/03/2022
31/03/2023
31/03/2023
31/03/2024

4.4. Net-worth shall consist of paid-up equity capital, preference shares that are compulsorily convertible to equity, free reserves, balance in share premium account and capital reserves representing surplus arising out of sale proceeds of assets but not reserves created by revaluation of assets adjusted for accumulated loss balance, book value of intangible assets and deferred revenue expenditure, if any. Compulsorily convertible preference shares can be either non-cumulative or cumulative, and they should be compulsorily convertible into equity shares and the shareholder agreements should specifically prohibit any withdrawal of this preference capital at any time.

4.5. Entities having Foreign Direct Investment (FDI) shall be guided by the Consolidated Foreign Direct Investment policy of the Government of India and the relevant foreign exchange management regulations on this subject.

4.6. PAs shall submit a certificate in the enclosed format from their Chartered Accountants (CA) to evidence compliance with the applicable net-worth requirement while submitting the application for authorisation. Newly incorporated non-bank entities which may not have an audited statement of financial accounts shall submit a certificate in the enclosed format from their Chartered Accountants regarding the current net-worth along with provisional balance sheet.

4.7. PAs that are not able to comply with the net-worth requirement within the stipulated time frame (as given at clauses 4.1 & 4.2) shall wind-up payment aggregation business. The banks maintaining nodal / escrow accounts of such entities shall monitor and report compliance in this regard.

5. Governance

5.1. PAs shall be professionally managed. The promoters of the entity shall satisfy the fit and proper criteria prescribed by RBI. The directors of the applicant entity shall submit a declaration in the enclosed format. RBI shall also check ‘fit and proper’ status of the applicant entity and management by obtaining inputs from other regulators, government departments, etc., as deemed fit. Applications of those entities not meeting the eligibility criteria, or those which are incomplete / not in the prescribed form with all details, shall be returned.

5.2. Any takeover or acquisition of control or change in management of a non-bank PA shall be communicated by way of a letter to the Chief General Manager, Department of Payment and Settlement Systems (DPSS), RBI, Central Office, Mumbai within 15 days with complete details, including ‘Declaration and Undertaking’ by each of the new directors, if any. RBI shall examine the ‘fit and proper’ status of the management and, if required, may place suitable restrictions on such changes.

5.3. Agreements between PAs, merchants, acquiring banks, and all other stake holders shall clearly delineate the roles and responsibilities of the involved parties in sorting / handling complaints, refund / failed transactions, return policy, customer grievance redressal (including turnaround time for resolving queries), dispute resolution mechanism, reconciliation, etc.

5.4. PAs shall disclose comprehensive information regarding merchant policies, customer grievances, privacy policy and other terms and conditions on the website and / or their mobile application.

5.5. PAs shall have a Board approved policy for disposal of complaints / dispute resolution mechanism / time-lines for processing refunds, etc., in such a manner that the RBI instructions on Turn Around Time (TAT) for resolution of failed transactions issued vide DPSS.CO.PD No.629/02.01.014/2019-20 dated September 20, 2019 are adequately taken care of. Any future instructions in this regard shall also be adhered to by PAs.

5.6. PAs shall appoint a Nodal Officer responsible for regulatory and customer grievance handling functions. PAs shall prominently display details of the nodal officer on their website.

6. Safeguards against Money Laundering (KYC / AML / CFT) Provisions

6.1. The Know Your Customer (KYC) / Anti-Money Laundering (AML) / Combating Financing of Terrorism (CFT) guidelines issued by the Department of Regulation, RBI, in their “Master Direction – Know Your Customer (KYC) Directions” updated from time to time, shall apply mutatis mutandis to all entities.

6.2. Provisions of Prevention of Money Laundering Act, 2002 and Rules framed thereunder, as amended from time to time, shall also be applicable.

7. Merchant On-boarding

7.1. PAs shall have a Board approved policy for merchant on-boarding.

7.2. PAs shall undertake background and antecedent check of the merchants, to ensure that such merchants do not have any malafide intention of duping customers, do not sell fake / counterfeit / prohibited products, etc. The merchant’s website shall clearly indicate the terms and conditions of the service and time-line for processing returns and refunds.

7.3. PAs shall be responsible to check Payment Card Industry-Data Security Standard (PCI-DSS) and Payment Application-Data Security Standard (PA-DSS) compliance of the infrastructure of the merchants on-boarded.

7.4. Merchant site shall not save customer card and such related data. A security audit of the merchant may be carried out to check compliance, as and when required.

7.5. Agreement with merchant shall have provision for security / privacy of customer data. PAs agreement with merchants shall include compliance to PA-DSS and incident reporting obligations. The PAs shall obtain periodic security assessment reports either based on the risk assessment (large or small merchants) and / or at the time of renewal of contracts.

8. Settlement and Escrow Account Management

8.1. Non-bank PAs shall maintain the amount collected by them in an escrow account with any scheduled commercial bank. For the purpose of maintenance of the escrow account, the operations of PAs shall be deemed to be ‘designated payment systems’ under Section 23A of the PSSA (as amended in 2015).

8.2. Escrow account balance shall be maintained with only one scheduled commercial bank at any point of time. In case there is a need to shift the escrow account from one bank to another, the same shall be effected in a time-bound manner without impacting the payment cycle to the merchants under advise to RBI.

8.3. Amounts deducted from the customer’s account shall be remitted to the escrow account maintaining bank on Tp+0 / Tp+1 basis. The same rules shall apply to the non-bank entities where wallets are used as a payment instrument.

8.4. Final settlement with the merchant by the PA shall be effected as under:

8.4.1. Where PA is responsible for delivery of goods / services the payment to the merchant shall be not later than on Ts + 1 basis.

8.4.2. Where merchant is responsible for delivery, the payment to the merchant shall be not later than on Td + 1 basis.

8.4.3. Where the agreement with the merchant provides for keeping the amount by the PA till expiry of refund period, the payment to the merchant shall be not later than on Tr + 1 basis.

8.5. Credits towards reversed transactions (where funds are received by PA) and refund transactions shall be routed back through the escrow account unless as per contract the refund is directly managed by the merchant and the customer has been made aware of the same.

8.6. At the end of the day, the amount in escrow account shall not be less than the amount already collected from customer as per ‘Tp’ or the amount due to the merchant.

8.7. PAs shall be permitted to pre-fund the escrow account with own / merchant’s funds. However, in the latter scenario, merchant’s beneficial interest shall be created on the pre-funded portion.

8.8. The escrow account shall not be operated for ‘Cash-on-Delivery’ transactions.

8.9. Permitted credits / debits to the escrow account shall be as set out below:

8.9.1.1. Credits

a) Payment from various customers towards purchase of goods / services.

b) Pre-funding by merchants / PAs.

c) Transfer representing refunds for failed / disputed / returned / cancelled transactions.

d) Payment received for onward transfer to merchants under promotional activities, incentives, cash-backs etc.

8.9.1.2. Debits

a) Payment to various merchants / service providers.

b) Payment to any other account on specific directions from the merchant.

c) Transfer representing refunds for failed / disputed transactions.

d) Payment of commission to the intermediaries. This amount shall be at pre-determined rates / frequency.

e) Payment of amount received under promotional activities, incentives, cash-backs, etc.

8.10. For banks the outstanding balance in the escrow account shall be part of the ‘net demand and time liabilities’ (NDTL) for the purpose of maintenance of reserve requirements. This position shall be computed on the basis of the balances appearing in the books of the bank as on the date of reporting.

8.11. The entity and the escrow account banker shall be responsible for compliance with RBI instructions issued from time to time. The decision of RBI in this regard shall be final and binding.

8.12. Settlement of funds with merchants shall not be co-mingled with other business, if any, handled by the PA.

8.13. A certificate signed by the auditor(s), shall be submitted by the authorised entities to the respective Regional Office of DPSS, RBI, where the registered office of the PA is situated, certifying that the entity has been maintaining balance in the escrow account in compliance with these instructions, as per the periodicity prescribed in Annex 3.

8.14. PAs shall submit the list of merchants acquired by them to the bank where they are maintaining the escrow account and update the same from time to time. The bank shall ensure that payments are made only to eligible merchants / purposes. There shall be an exclusive clause in the agreement signed between the PA and the bank maintaining escrow account towards usage of balance in escrow account only for the purposes mentioned above.

8.15. No interest shall be payable by the bank on balances maintained in the escrow account, except when the PA enters into an agreement with the bank maintaining the escrow account, to transfer “core portion” of the amount, in the escrow account, to a separate account on which interest is payable, subject to the following:

8.15.1. The bank shall satisfy itself that the amount deposited represents the “core portion” after due verification of necessary documents.

8.15.2. The amount shall be linked to the escrow account, i.e. the amounts held in the interest-bearing account shall be available to the bank, to meet payment requirements of the entity, in case of any shortfall in the escrow account.

8.15.3. This facility shall be permissible to entities who have been in business for 26 fortnights and whose accounts have been duly audited for the full accounting year. For this purpose, the period of 26 fortnights shall be calculated from the actual business operation in the account.

8.15.4. No loan is permissible against such deposits. Banks shall not issue any deposit receipts or mark any lien on the amount held in such form of deposits.

8.15.5. Core portion as calculated below shall remain linked to the escrow account. The escrow account balance and core portion maintained shall be clearly disclosed in the auditors’ certificates submitted to RBI on quarterly and annual basis.

Note: For the purpose of this regulation, “Core Portion” shall be computed as under:

Step 1: Compute lowest daily outstanding balance (LB) in the escrow account on a fortnightly (FN) basis, for 26 fortnights from the preceding month.

Step 2: Calculate the average of the lowest fortnightly outstanding balances [(LB1 of FN1+ LB2 of FN2+ ……..+ LB26 of FN26) divided by26].

Step 3: The average balance so computed represents the “Core Portion” eligible to earn interest.

9. Customer Grievance Redressal and Dispute Management Framework

9.1. PAs shall put in place a formal, publicly disclosed customer grievance redressal and dispute management framework, including designating a nodal officer to handle the customer complaints / grievances and the escalation matrix. The complaint facility, if made available on website / mobile, shall be clearly and easily accessible.

9.2. PAs shall appoint a Nodal Officer responsible for regulatory and customer grievance handling functions. Details of the nodal officer for customer grievance shall be prominently displayed on their website.

9.3. PAs shall have a dispute resolution mechanism binding on all the participants which shall contain transaction life cycle, detailed explanation of types of disputes, process of dealing with them, compliance, responsibilities of all the parties, documentation, reason codes, procedure for addressing the grievance, turn-around-time for each stage, etc.

10. Security, Fraud Prevention and Risk Management Framework

10.1. A strong risk management system is necessary to meet the challenges of fraud and ensure customer protection. PAs shall put in place adequate information and data security infrastructure and systems for prevention and detection of frauds.

10.2. PAs shall put in place Board approved information security policy for the safety and security of the payment systems operated by them and implement security measures in accordance with this policy to mitigate identified risks. Baseline technology-related recommendations for adoption by the PAs are provided in Annex 2. The PGs may also adopt them as best practices.

10.3. PAs shall establish a mechanism for monitoring, handling and follow-up of cyber security incidents and breaches. The same shall be reported immediately to the DPSS, RBI, Central Office, Mumbai. They shall also be reported to CERT-In (Indian Computer Emergency Response Team) as per the details notified by CERT-In.

10.4. PAs shall not store the customer card credentials within their database or the server accessed by the merchant. They shall comply with data storage requirements as applicable to Payment System Operators (PSOs).

10.5. PAs shall submit the System Audit Report, including cyber security audit conducted by CERT-In empanelled auditors, within two months of the close of their financial year to the respective Regional Office of DPSS, RBI.

11. Reports

11.1. The reports to be submitted by authorised PAs are listed in Annex 3.

12. General Instructions

12.1. PAs shall ensure that the extant instructions with regard to Merchant Discount Rate (MDR) are followed. Information on other charges such as convenience fee, handling fee, etc., if any, being levied shall also be displayed upfront by the PA.

12.2. PAs shall not place limits on transaction amount for a particular payment mode. The responsibility therefor shall lie with the issuing bank / entity; for instance, the card issuing bank shall be responsible for placing amount limits on cards issued by it based on the customer’s credit worthiness, spending nature, profile, etc.

12.3. PAs shall not give an option for ATM PIN as a factor of authentication for card-not-present transactions.

12.4. All refunds shall be made to the original method of payment unless specifically agreed by the customer to credit to an alternate mode.


Annex 2

Baseline Technology-related Recommendations

Indicative baseline technology-related recommendations for adoption by the PAs (mandatory) and PGs (recommended) are:

1. Security-related Recommendations

The requirements for the entities in respect of IT systems and security are presented below:

1.1. Information Security Governance: The entities at a minimum shall carry out comprehensive security risk assessment of their people, IT, business process environment, etc., to identify risk exposures with remedial measures and residual risks. These can be an internal security audit or an annual security audit by an independent security auditor or a CERT-In empanelled auditor. Reports on risk assessment, security compliance posture, security audit reports and security incidents shall be presented to the Board.

1.2. Data Security Standards: Data security standards and best practices like PCI-DSS, PA-DSS, latest encryption standards, transport channel security, etc., shall be implemented.

1.3. Security Incident Reporting: The entities shall report security incidents / card holder data breaches to RBI within the stipulated timeframe to RBI. Monthly cyber security incident reports with root cause analysis and preventive actions undertaken shall be submitted to RBI.

1.4. Merchant Onboarding: The entities shall undertake comprehensive security assessment during merchant onboarding process to ensure these minimal baseline security controls are adhered to by the merchants.

1.5. Cyber Security Audit and Reports: The entities shall carry out and submit to the IT Committee quarterly internal and annual external audit reports; bi-annual Vulnerability Assessment / Penetration Test (VAPT) reports; PCI-DSS including Attestation of Compliance (AOC) and Report of Compliance (ROC) compliance report with observations noted if any including corrective / preventive actions planned with action closure date; inventory of applications which store or process or transmit customer sensitive data; PA-DSS compliance status of payment applications which stores or processes card holder data.

1.6. Information Security: Board approved information security policy shall be reviewed atleast annually. The policy shall consider aspects like: alignment with business objectives; the objectives, scope, ownership and responsibility for the policy; information security organisational structure; information security roles and responsibilities; maintenance of asset inventory and registers; data classification; authorisation; exceptions; knowledge and skill sets required; periodic training and continuous professional education; compliance review and penal measures for non-compliance of policies.

1.7. IT Governance: An IT policy shall be framed for regular management of IT functions and ensure that detailed documentation in terms of procedures and guidelines exists and are implemented. The strategic plan and policy shall be reviewed annually. The Board level IT Governance framework shall have-

1.7.1. Involvement of Board: The major role of the Board / Top Management shall involve approving information security policies, establishing necessary organisational processes / functions for information security and providing necessary resources.

1.7.2. IT Steering Committee: An IT Steering Committee shall be created with representations from various business functions as appropriate. The Committee shall assist the Executive Management in implementation of the IT strategy approved by the Board. It shall have well defined objectives and actions.

1.7.3. Enterprise Information Model: The entities shall establish and maintain an enterprise information model to enable applications development and decision-supporting activities, consistent with board approved IT strategy. The model shall facilitate optimal creation, use and sharing of information by a business, in a way that it maintains integrity, and is flexible, functional, timely, secure and resilient to failure.

1.7.4. Cyber Crisis Management Plan: The entities shall prepare a comprehensive Cyber Crisis Management Plan approved by the IT strategic committee and shall include components such as Detection, Containment, Response and Recovery.

1.8. Enterprise Data Dictionary: The entities shall maintain an “enterprise data dictionary” incorporating the organisation’s data syntax rules. This shall enable sharing of data across applications and systems, promote a common understanding of data across IT and business users and prevent creation of incompatible data elements.

1.9. Risk Assessment: The risk assessment shall, for each asset within its scope, identify the threat / vulnerability combinations and likelihood of impact on confidentiality, availability or integrity of that asset – from a business, compliance and / or contractual perspective.

1.10. Access to Application: There shall be documented standards / procedures for administering an application system, which are approved by the application owner and kept up-to-date. Access to the application shall be based on the principle of least privilege and “need to know” commensurate with the job responsibilities.

1.11. Competency of Staff: Requirements for trained resources with requisite skill sets for the IT function need to be understood and assessed appropriately with a periodic assessment of the training requirements for human resources.

1.12. Vendor Risk Management: The Service Level Agreements (SLAs) for technology support, including BCP-DR and data management shall categorically include clauses permitting regulatory access to these set-ups.

1.13. Maturity and Roadmap: The entities shall consider assessing their IT maturity level, based on well-known international standards, design an action plan and implement the plan to reach the target maturity level.

1.14. Cryptographic Requirement: The entities shall select encryption algorithms which are well established international standards and which have been subjected to rigorous scrutiny by an international community of cryptographers or approved by authoritative professional bodies, reputable security vendors or government agencies.

1.15. Forensic Readiness: All security events from the entities infrastructure including but not limited to application, servers, middleware, endpoint, network, authentication events, database, web services, cryptographic events and log files shall be collected, investigated and analysed for proactive identification of security alerts.

1.16. Data Sovereignty: The entities shall take preventive measures to ensure storing data in infrastructure that do not belong to external jurisdictions. Appropriate controls shall be considered to prevent unauthorised access to the data.

1.17. Data Security in Outsourcing: There shall be an outsourcing agreement providing ‘right to audit’ clause to enable the entities / their appointed agencies and regulators to conduct security audits. Alternatively, third parties shall submit annual independent security audit reports to the entities.

1.18. Payment Application Security: Payment applications shall be developed as per PA-DSS guidelines and complied with as required. The entities shall review PCI-DSS compliance status as part of merchant onboarding process.

2. Other Recommendations

2.1 The customer card credentials shall not be stored within the database or the server accessed by the merchant.

2.2 Option for ATM PIN as a factor of authentication for card not present transactions shall not be given.

2.3 Instructions on storage of payment system data, as applicable to PSOs, shall apply.

2.4 All refunds shall be made to original method of payment unless specifically agreed by the customer to credit an alternate mode.


Annex 3

Reports to be submitted by Authorised Payment Aggregators

Annual

1. Net-worth Certificate – Audited Annual report with CA certificate on Net-worth – by September 30th (Annex 3.1).

2. IS Audit Report and Cyber Security Audit Report with observations noted, if any, including corrective / preventive action planned with closure date – Externally Audited – by May 31st. The scope of audit shall encompass all relevant areas of information system processes and applications.

Quarterly

1. Auditors’ Certificate on Maintenance of Balance in Escrow Account – by 15th of the month following the quarter end. (Annex 3.2).

2. Bankers’ Certificate on Escrow Account Debits and Credits – Internally Audited – by 15th of the month following the quarter end.

Monthly

1. Statistics of Transactions Handled – by 7th of next month (Annex 3.3).

Non-periodic

1. Declaration and Undertaking by the Director – Changes in Board of Directors – as and when happens (Annex 3.4).

2. Report from Banks in Compliance with para 3.6 of Annex 1 – One time report to be sent by April 15th, 2021.

3. Cyber Security Incident Reports – with root cause analysis and preventive action undertaken – by 7th of next month of incidence month.

Leave a comment

Filed under Uncategorized

SEBI relaxations – SAST

https://www.sebi.gov.in/legal/circulars/mar-2020/relaxation-from-compliance-with-certain-provisions-of-the-sast-regulations-2011-due-to-the-covid-19-pandemic_46442.html

SEBI has vide its circular dated 27th march, 2020 relaxed certain requirements of compliance under its Takeover code otherwise known as SEBI (Substantial Acquisition and Takeover) REgulations 2011. The disclosure filings u/r 30(1), 30(2) and 31(4) of the said regulations which were supposed to have filed by 15th april 2020 is now extended to be filed by 30th june, 2020

 

Leave a comment

Filed under Uncategorized

SEBI relaxations – covid

SEBI has on 23rd March, 2020 announced a second set of relaxations for compliances due to the covid crisis.

https://www.sebi.gov.in/legal/circulars/mar-2020/relaxation-from-compliance-with-certain-provisions-of-the-sebi-listing-obligations-and-disclosure-requirements-regulations-2015-and-certain-sebi-circulars-due-to-the-covid-19-virus-pandemic-cont-_46395.html

These relaxations cover primary issues in debt market/ commercial papers, some LODR compliances, some NCD compliances/ commercial papers etc. and some municipal debt compliances.

Earlier some relaxations were made on 19th March, 2020 regarding compliances under LODR

https://www.sebi.gov.in/legal/circulars/mar-2020/relaxation-from-compliance-with-certain-provisions-of-the-sebi-listing-obligations-and-disclosure-requirements-regulations-2015-due-to-the-covid-19-virus-pandemic_46360.html

Still SEBI in both of these circulars not mentioned about the reconciliation of share capital under the SEBI (Depositories) Regulations and certificate u/r 40(9) of the LODR both of which go in April 2020 in respect of the March 2020 period. Half baked and incomplete circulars being issued by SEBI in this regard.

Meanwhile there is no news from MCA regarding extension in their deadlines – payment of challan dates, due dates for various forms which come into force for the March 2020 period, extension of the resubmission due dates, Spice+ dates etc.

Government departments seems to be working in utter disaster

Leave a comment

Filed under compliance, Uncategorized

Indian accounting standards

RBI circular dated 13th March, 2020 addressed to NBFCs and ARCs.

Implementation of Indian Accounting Standards

Non-Banking Financial Companies (NBFCs) covered by Rule 4 of the Companies (Indian Accounting Standards) Rules, 2015 are required to comply with Indian Accounting Standards (Ind AS) for the preparation of their financial statements. In order to promote a high quality and consistent implementation as well as facilitate comparison and better supervision, the Reserve Bank has framed regulatory guidance on Ind AS given in the Annex which will be applicable on Ind AS implementing NBFCs and Asset Reconstruction Companies (ARCs) for preparation of their financial statements from financial year 2019-20 onwards.

2. The annexed instructions and guidelines relate to specific prudential aspects of Ind AS implementation by NBFCs/ARCs and are not meant to provide a comprehensive commentary on the accounting standards or comprehensive technical interpretation of the standards, nor intended to cover all possible situations. Accordingly, with respect to matters not dealt with in the Annex, NBFCs/ARCs are required to refer to the notified accounting standards, application guidance, educational material and other clarifications issued by the Institute of Chartered Accountants of India (ICAI).

Annex

Implementation of Indian Accounting Standards by
Non-Banking Financial Companies and Asset Reconstruction Companies1

The responsibility of preparing and ensuring fair presentation of the financial statements of a Non-Banking Financial Company (NBFC) / Asset Reconstruction Company (ARC) vests primarily with its Board of Directors. The Reserve Bank, expects a high quality implementation of Ind AS which will require detailed analysis, application of judgment and detailed documentation to support judgments. These guidelines focus on the need to ensure consistency in the application of the accounting standards in specific areas, including asset classification and provisioning, and provide clarifications on regulatory capital in the light of Ind AS implementation.

1. Governance Framework

  1. In view of the criticality of the nature of the business model in determining the classification of financial assets and restrictions on subsequent reclassification, NBFCs/ARCs are advised to put in place Board approved policies that clearly articulate and document their business models and portfolios. NBFCs/ARCs shall also articulate the objectives for managing each portfolio.
  2. NBFCs/ARCs shall frame their policy for sales out of amortised cost business model portfolios and disclose the same in their notes to financial statements.
  3. The Reserve Bank expects the Board of Directors to approve sound methodologies2 for computation of Expected Credit Losses(ECL) that address policies, procedures and controls for assessing and measuring credit risk on all lending exposures, commensurate with the size, complexity and risk profile specific to the NBFC/ARC. The parameters and assumptions considered as well as their sensitivity to the ECL output should be documented. NBFCs/ARCs are advised to not make changes in the parameters, assumptions and other aspects of their ECL model for the purposes of profit smoothening. The rationale and justification for any change in the ECL model should be documented and approved by the Board. Similarly, any adjustments to the model output (i.e. a management overlay) should be approved by the Audit Committee of the Board (ACB) and its rationale and basis should be clearly documented.
  4. Ind AS 109 does not explicitly define default3, but requires entities to define default in a manner consistent with that used for internal credit risk management. It is recommended that the definition of default adopted for accounting purposes is guided by the definition used for regulatory purposes. The ACB should approve the classification of accounts that are past due beyond 90 days but not treated as impaired, with the rationale for the same clearly documented. Further, the number of such accounts and the total amount outstanding and the overdue amounts should be disclosed in the notes to the financial statements.
  5. Regardless of the way in which NBFC/ARC assesses significant increase in credit risk, there is a rebuttable presumption under Ind AS 109 that the credit risk on a financial asset has increased significantly since initial recognition when contractual payments are more than 30 days past due. Ind AS 109 also permits that an NBFC/ARC can rebut this presumption if it has reasonable and supportable information that demonstrates that the credit risk has not increased significantly since initial recognition even though the contractual payments are more than 30 days past due. NBFCs/ARCs should educate their customers on the need to make payments in a timely manner. However, in limited circumstances, where NBFCs/ARCs do rebut the presumption, it should be done only with clear documentation of the justification for doing so. All such cases shall be placed before the ACB. NBFCs/ARCs shall not defer the recognition of significant increase in credit risk for any exposure that is overdue beyond 60 days.

2. Prudential Floor for ECL

  1. NBFCs/ ARCs shall hold impairment allowances as required by Ind AS. In parallel NBFCs/ARCs shall also maintain the asset classification and compute provisions as per extant prudential norms on Income Recognition, Asset Classification and Provisioning (IRACP) including borrower/beneficiary wise classification, provisioning for standard as well as restructured assets, NPA ageing, etc. A comparison (as per the template in Appendix) between provisions required under IRACP and impairment allowances made under Ind AS 109 should be disclosed by NBFCs/ARCs in the notes to their financial statements to provide a benchmark to their Boards, RBI supervisors and other stakeholders, on the adequacy of provisioning for credit losses.
  2. Where impairment allowance under Ind AS 109 is lower than the provisioning required under IRACP (including standard asset provisioning), NBFCs/ARCs shall appropriate the difference from their net profit or loss after tax to a separate ‘Impairment Reserve’. The balance in the ‘Impairment Reserve’ shall not be reckoned for regulatory capital. Further, no withdrawals shall be permitted from this reserve without prior permission from the Department of Supervision, RBI.
  3. The requirement for ‘Impairment Reserve’ shall be reviewed, going forward.

3. Computation of Regulatory Capital and Regulatory Ratios

(a) In determining ‘owned funds’, ‘net owned funds’ and ‘regulatory capital’, NBFCs and ARCs shall be guided by the following:

i) Any net unrealised gains arising on fair valuation of financial instruments, including such gains arising on transition to Ind AS, should not be included in owned funds whereas all such net losses should be considered. In determining the net unrealised gains for reduction from owned funds, NBFCs should categorise financial assets measured at fair value into two categories viz.

  1. Investments in shares of other NBFCs and in shares, debentures, bonds, etc. in Group companies that are required to be reduced while determining Tier I Capital as defined in paragraph 2(xxxii) of the Non-Banking Financial Company-Systemically Important Non-Deposit taking Company and Deposit taking Company (Reserve Bank) Directions, 2016; and
  2. Others

While netting may be done within the aforementioned categories, net gains from one category should not be offset against losses in the other category.

ii) Any unrealised gains or losses recognised in equity due to (a) own credit risk and (b) cash flow hedge reserve shall be derecognised while determining owned funds.

iii) Since unrealised gains on category A have been excluded in computation of owned fund, NBFCs shall reduce the lower of acquisition cost or fair value of investments/advances in subsidiaries/other group companies and other NBFCs while determining Tier I capital as specified in paragraph 2(xxxii) of the aforementioned Master Directions. Net unrealised gains on Category B (i.e. ‘Others’) to the extent they have been excluded in regulatory capital, shall also be reduced from risk weighted assets.

iv) ARCs shall apply the guidelines specified in sub-paragraph (i) to (iii) above mutatis mutandis while determining net owned funds.

v) Where NBFCs/ARCs use fair value as deemed cost at the date of transition with respect to Property, Plant and Equipment (PPE) in terms of Ind AS 101, and the difference between the deemed cost and the current carrying cost is adjusted directly in retained earnings, any fair value gains upon such transition shall be reckoned as Tier II capital for NBFCs/ net owned funds for ARCs at a discount of 55 percent.

vi) 12 month expected credit loss (ECL) allowances for financial instruments i.e. where the credit risk has not increased significantly since initial recognition, shall be included under general provisions and loss reserves in Tier II capital within the limits specified by extant regulations. Lifetime ECL shall not be reckoned for regulatory capital (numerator) while it shall be reduced from the risk weighted assets.

vii) Securitised assets not qualifying for de-recognition under Ind AS due to credit enhancement given by the originating NBFC on such assets shall be risk weighted at zero percent. However, the NBFC shall reduce 50 per cent of the amount of credit enhancement given from Tier I capital and the balance from Tier II capital.

(b) Regulatory ratios, limits and disclosures shall be based on Ind AS figures. Impaired assets and restructured assets shall be considered as non-performing assets (NPA) for calculation of NPA ratios.


1NBFCs/ARCs that are required to implement Ind AS in terms of Companies (Indian Accounting Standards) Rules, 2015 as amended from time to time

2NBFCs/ARCs may draw reference to Guidance on Credit Risk and Accounting for Expected Credit Losses issued by Basel Committee on Banking Supervision (BCBS) in December 2015, which is structured around 11 principles out of which first eight principles deal with supervisory guidance and inter-alia cover Board/Senior Management’s responsibilities, adoption of sound methodologies for credit risk measurement, disclosure requirements etc.

3Para B5.5.37 of Ind AS 109 states that “…an entity shall apply a default definition that is consistent with the definition used for internal credit risk management purposes for the relevant financial instrument and consider qualitative indicators (for example, financial covenants) when appropriate. However, there is a rebuttable presumption that default does not occur later than when a financial asset is 90 days past due unless an entity has reasonable and supportable information to demonstrate that a more lagging default criterion is more appropriate. The definition of default used for these purposes shall be applied consistently to all financial instruments unless information becomes available that demonstrates that another default definition is more appropriate for a particular financial instrument.”

 

 

Leave a comment

Filed under Uncategorized