Standard Operating Procedure: NBFC Operations & Compliance

This Standard Operating Procedure (SOP) outlines the mandatory operational framework for a Non-Banking Financial Company (NBFC). The objective is to ensure robust regulatory compliance with central bank guidelines, mitigate credit and operational risks, and maintain the integrity of financial reporting. Adherence to this document is mandatory for all personnel involved in loan origination, underwriting, disbursement, and collection processes.

1. Customer Onboarding & KYC Documentation

• Customer Identification: Collect officially valid documents (OVDs) as per the current regulatory list (e.g., PAN, Aadhaar, Voter ID).
• Verification: Perform video-KYC or physical verification of original documents. Cross-verify against the issuing authority’s database.
• AML/CFT Check: Screen all applicants against global and local sanction lists (UNSC, OFAC, and internal blacklists).
• CIBIL/Credit Bureau Check: Pull credit reports to verify repayment history and current debt-to-income (DTI) ratios.

2. Loan Underwriting & Approval

• Credit Assessment: Conduct a thorough analysis of income documents (ITR, bank statements, salary slips) to determine repayment capacity.
• Collateral Valuation: For secured loans, obtain a valuation report from an empaneled surveyor. Validate title deeds and legal clearances.
• Internal Credit Rating: Assign a risk grade to the borrower based on the defined credit scorecard.
• Approval Authority: Ensure the loan file is approved by the designated sanctioning authority based on the delegation of power (DOP) matrix.

3. Disbursement Protocols

• Agreement Execution: Ensure loan agreements are stamped as per state stamp duty regulations and signed by all authorized parties.
• Mandate Setup: Configure NACH/e-Mandate for automated EMI collections.
• Disbursement Mode: Direct funds only to the customer’s verified bank account (Nodal account/Core account) via NEFT/RTGS/IMPS. Cash disbursements are strictly prohibited per regulatory caps.
• Documentation Archival: Digitally scan and physically store all security instruments in a fire-proof, restricted-access vault.

4. Collection & Asset Quality Management

• Monitoring: Track EMI bounces on a T+1 basis.
• Follow-up Sequence: Initiate communication (SMS, email, calls) for delayed payments starting from day 1 post-due date.
• Field Collections: Deploy trained recovery teams for accounts exceeding 30+ Days Past Due (DPD). Ensure all recovery activities comply with the Fair Practices Code.
• Provisioning: Review the loan portfolio monthly to calculate Expected Credit Loss (ECL) in accordance with accounting standards (Ind-AS 109).

5. Reporting & Regulatory Compliance

• Statutory Returns: Submit periodic returns (NBS-series) to the regulator via the dedicated portal.
• Internal Audit: Conduct quarterly audits to check for compliance gaps in documentation and process deviations.
• Grievance Redressal: Maintain a dedicated register for customer complaints and ensure resolution within the mandated turnaround time (TAT).

Pro Tips & Pitfalls

• Pro Tip: Implement a centralized Loan Management System (LMS) that auto-triggers alerts for KYC expiry and regulatory reporting deadlines.
• Pro Tip: Conduct surprise branch audits to verify that physical loan files match the data in the LMS.
• Pitfall: Treating "KYC renewal" as a low priority. Expired KYC is a major audit observation that can lead to heavy regulatory penalties.
• Pitfall: Relying solely on third-party collection agencies without proper oversight; you are ultimately responsible for their conduct under Fair Practices.

Frequently Asked Questions (FAQ)

Q1: How frequently should KYC documents be updated for high-risk customers? A: As per regulatory guidelines, KYC for high-risk customers must be updated at least once every two years, whereas medium-risk customers require updates every eight years.

Q2: What is the primary indicator of a potential money-laundering activity? A: Unusual patterns such as multiple cash deposits just below the reporting threshold, sudden prepayment of loans via third-party accounts, or refusal to provide proof of income.

Q3: Can the company outsource the underwriting process? A: While you may use third-party tools for credit scoring, the final responsibility of credit underwriting and the decision to sanction rests entirely with the NBFC; this cannot be outsourced to a third party.