RBI/DoS/2026-27/XX
DoS.CO.PPG.XX/11.01.005/2026-27 XXXX XX, 2026 Reserve Bank of India (Commercial Banks – Miscellaneous) Supervisory Directions, 2026 In exercise of the powers conferred by Section 35A of the Banking Regulation Act, 1949, and all other provisions / laws enabling the Reserve Bank of India (‘RBI’) in this regard, RBI being satisfied that it is necessary and expedient in the public interest so to do, hereby, issues these Directions hereinafter specified. Chapter I - Preliminary A. Short Title and Commencement 1. These Directions shall be called the Reserve Bank of India (Commercial Banks – Miscellaneous) Supervisory Directions, 2026. 2. These Directions shall come into effect immediately upon issuance. B. Applicability 3. These Directions shall be applicable to Commercial Banks (hereinafter collectively referred to as 'banks' and individually as 'bank'). For the purpose of these Directions, ‘Commercial Banks’ means banking companies (other than Small Finance Banks, Payments Banks and Local Area Banks), corresponding new banks, and the State Bank of India, as defined respectively under clauses (c), (da), and (nc) of Section 5 of the Banking Regulation Act, 1949. Provided that provisions of Chapter IX and Chapter X of these Directions shall be applicable only to Private Sector Banks and Foreign Banks, while the provisions of Chapter XI of these Directions shall be applicable only to Public Sector Banks. C. Definitions 4. All expressions herein shall have the same meaning as have been assigned to them under the Reserve Bank of India Act, 1934, or the Banking Regulation Act, 1949, or the Companies Act, 2013, or any statutory modification or re-enactment thereto, or other regulations issued by the RBI or the Glossary of Terms published by the RBI, or as used in commercial parlance, as the case may be. Chapter II - Access to IT Systems 5. The bank shall provide the highest level of 'read only' access to its IT systems and manpower assistance, if required, to RBI’s officers. Chapter III - Monitoring of End Use of Funds 6. The bank shall evaluate the efficacy of its machinery for post-sanction monitoring and follow-up of advances and make it robust, wherever considered necessary, for preventing diversion of funds through practices such as crediting of term loan disbursements to the current / cash credit accounts of borrowers and utilisation thereof for day-to-day operations, and exclusive reliance on Chartered Accountants’ certification both in regard to infusion of promoters' contribution and deployment of bank’s funds. For this purpose, the systems and procedures of the bank may broadly include the following within the overall regulatory guidelines: (1) meaningful scrutiny of the periodical progress reports and operating / financial statements of the borrowers; (2) regular visits to the assisted units and inspection of securities charged / hypothecated to the bank; (3) periodical scrutiny of the books of accounts of the borrowers; (4) stock audits depending upon the extent of exposure; (5) obtention of certificates from the borrowers that the funds have been utilised for the purposes approved and in case of incorrect certification, initiation of prompt action as may be warranted, which may include withdrawal of the facilities sanctioned and legal recourse as well. In case a specific certification regarding diversion / siphoning of funds is desired from the auditors of the borrowers, a separate mandate may be awarded to them and appropriate covenants incorporated in the loan agreements; and (6) examination of all aspects of diversion of funds during internal audit / inspection of the branches and at the time of periodical reviews. Chapter IV - Prompt Corrective Action Framework 7. The objective of the Prompt Corrective Action (PCA) Framework is to enable supervisory intervention at appropriate time and require the bank to initiate and implement remedial measures in a timely manner, so as to restore its financial health. The PCA Framework is also intended to act as a tool for effective market discipline. The PCA Framework does not preclude RBI from taking any other action as it deems fit at any time, in addition to the corrective actions prescribed in the Framework. 8. Capital, Asset Quality and Leverage will be the key areas for monitoring in the Framework. Indicators to be tracked for Capital, Asset Quality and Leverage shall be Capital to Risk-weighted Assets Ratio (CRAR) / Common Equity Tier 1 (CET 1) Ratio (the percentage of common equity capital, net of regulatory adjustments, to total risk weighted assets as prescribed in Reserve Bank of India (Commercial Banks- Prudential Norms on Capital Adequacy) Directions, 2025), Net Non-Performing Asset (NPA) Ratio (the percentage of net NPAs to net advances) and Tier I Leverage Ratio (the percentage of the capital measure to the exposure measure as prescribed in Reserve Bank of India (Commercial Banks- Prudential Norms on Capital Adequacy) Directions, 2025) respectively. Breach of any of the following risk threshold may result in invocation of PCA: | PCA Matrix – Parameters, Indicators and Risk Thresholds | | Parameter | Indicator | Risk Threshold 1 | Risk Threshold 2 | Risk Threshold 3 | | (1) | (2) | (3) | (4) | (5) | Capital
(Breach of either CRAR or CET 1 ratio) | CRAR - Minimum regulatory prescription for Capital to Risk Assets Ratio + applicable Capital Conservation Buffer (CCB)
and/or
Regulatory Pre-Specified Trigger of Common Equity Tier 1 Ratio (CET 1 PST) + applicable Capital Conservation Buffer (CCB) | Upto 250 basis points (bps) below the Indicator prescribed at column (2)
Upto 162.50 bps below the Indicator prescribed at column (2) | More than 250 bps but not exceeding 400 bps below the Indicator prescribed at column (2)
More than 162.50 bps below but not exceeding 312.50 bps below the Indicator prescribed at column (2) | In excess of 400 bps below the Indicator prescribed at column (2)
In excess of 312.50 bps below the Indicator prescribed at column (2) | | | Breach of either CRAR or CET 1 ratio to trigger PCA | | | | | Asset Quality | Net Non-Performing Advances (NNPA) ratio | >=6.0 per cent but <9.0 per cent | >=9.0 per cent but < 12.0 per cent | >=12.0 per cent | | Leverage | Regulatory minimum Tier 1 Leverage Ratio | Upto 50 bps below the regulatory minimum | More than 50 bps but not exceeding 100 bps below the regulatory minimum | More than 100 bps below the regulatory minimum | 9. A bank will generally be placed under PCA Framework based on the Audited Annual Financial Results and the ongoing Supervisory Assessment made by RBI. RBI may impose PCA on any bank during the course of a year (including migration from one threshold to another) in case the circumstances so warrant. 10. Once a bank is placed under PCA, taking the bank out of PCA Framework and / or withdrawal of restrictions imposed under the PCA Framework will be considered: (1) if no breaches in risk thresholds in any of the parameters are observed as per four continuous quarterly financial statements, one of which should be Audited Annual Financial Statement (subject to assessment by RBI); and (2) based on Supervisory comfort of the RBI, including an assessment on sustainability of profitability of the bank. 11. When a bank is placed under PCA, one or more of the following corrective actions may be prescribed: | Mandatory and Discretionary Actions | | Specifications | Mandatory Actions | Discretionary Actions | | Risk Threshold 1 | i. Restriction on dividend distribution / remittance of profits.
ii. Promoters / Owners / Parent (in the case of foreign banks) to bring in capital | Common Menu
i. Special Supervisory Actions
ii. Strategy related
iii. Governance related
iv. Capital related
v. Credit risk related
vi. Market risk related
vii. HR related
viii. Profitability related
ix. Operations / Business related
x. Any other | | Risk Threshold 2 | In addition to mandatory actions of Threshold 1,
i. Restriction on branch expansion; domestic and/or overseas | | Risk Threshold 3 | In addition to mandatory actions of Threshold 1 & 2,
i. Appropriate restrictions on capital expenditure, other than for technological upgradation within Board approved limits | 12. Details on the common menu for selection of Discretionary Corrective Actions are as hereunder: (1) Special Supervisory Actions (i) Special Supervisory Monitoring Meetings (SSMMs) at quarterly or other identified frequency. (ii) Special inspections / targeted scrutiny of the bank. (iii) Cause a special audit of the bank by the extant Supervisory mechanism and / or through external auditors. (iv) Resolution of the bank by Amalgamation or Reconstruction [Reference Section 45 of Banking Regulation Act 1949 (BR Act)]. (2) Strategy related Actions RBI to advise the bank’s Board to: (i) Activate the Recovery Plan that has been duly approved by the Supervisor. (ii) Undertake a detailed review of business model in terms of sustainability of the business model, profitability of business lines and activities, medium and long-term viability, etc. (iii) Review short term strategy focusing on addressing immediate concerns. (iv) Review medium term business plans, identify achievable targets, and set concrete milestones for progress and achievement. (v) Undertake business process reengineering as appropriate. (vi) Undertake restructuring of operations as appropriate. (3) Governance related Actions (i) RBI to actively engage with the bank’s Board on various aspects as considered appropriate. (ii) RBI to recommend to Owners (Government / Promoters / Parent of foreign bank branch) to bring in new Management / Board. (iii) RBI to remove managerial persons under Section 36AA of the BR Act as applicable. (iv) RBI to supersede the Board under Section 36ACA of the BR Act / recommend supersession of the Board as applicable. (v) RBI to require bank to invoke claw back and malus clauses and other actions as available in regulatory guidelines and impose other restrictions or conditions permissible under the BR Act. (vi) Impose restrictions on directors’ or management compensation, as applicable. (4) Capital related Actions (i) Detailed Board level review of capital planning. (ii) Submission of plans and proposals for raising additional capital. (iii) Requiring the bank to bolster reserves through retained profits. (iv) Restriction on investment in subsidiaries / associates. (v) Restriction in expansion of high risk-weighted assets to conserve capital. (vi) Reduction in exposure to high-risk sectors to conserve capital. (vii) Restrictions on increasing stake in subsidiaries and other group companies. (5) Credit Risk related Actions (i) Preparation of time bound plan and commitment for reduction of stock of NPAs. (ii) Preparation of and commitment to plan for containing generation of fresh NPAs. (iii) Higher provisions for NPAs / Non-Performing Investments (NPIs) and as part of the coverage regime. (iv) Strengthening of loan review mechanism. (v) Restrictions / reduction in total credit risk weight density (example: restriction / reduction in credit for borrowers below certain rating grades, restriction / reduction in unsecured exposures, etc.). (vi) Reduction in loan concentrations; in identified sectors, industries or borrowers. (vii) Sale of assets. (viii) Action plan for recovery of assets through identification of areas (geography wise, industry segment-wise, borrower-wise, etc.) and setting up of dedicated Recovery Task Forces, Adalats, etc. (ix) Prohibition on expansion of credit / investment portfolios other than investment in government securities / other High-Quality Liquid Investments. (6) Market Risk related Actions (i) Restrictions on / reduction in borrowings from the inter-bank market. (ii) Restrictions on accessing / renewing wholesale deposits / costly deposits / certificates of deposits. (iii) Restrictions on derivative activities, derivatives that permit collateral substitution. (iv) Restriction on excess maintenance of collateral held that could contractually be called any time by the counterparty. (7) HR related Actions (i) Restriction on staff expansion. (ii) Review of specialized training needs of existing staff. (8) Profitability related Actions (i) Restrictions on capital expenditure, other than for technological upgradation within Board approved limits. (ii) Restrictions / reduction in variable operating costs. (9) Operations related Actions (i) Restrictions on branch expansion plans; domestic or overseas. (ii) Reduction in business at overseas branches / subsidiaries / in other entities. (iii) Restrictions on entering into new lines of business. (iv) Reduction in leverage through reduction in non-fund-based business. (v) Reduction in risky assets. (vi) Restrictions on non-credit asset creation. (vii) Restrictions on undertaking businesses as specified. (viii) Restriction / reduction of outsourcing activities. (ix) Restrictions on new borrowings. (10) Other Actions (i) Any other specific action that RBI may deem fit considering specific circumstances of the bank. Chapter V - Fair Practices Code - Charging of Interest 13. The bank, in the interest of fairness and transparency, shall review its practices regarding mode of disbursal of loans, application of interest and other charges and take corrective action, including system level changes, as may be necessary, to address unfair practices, some of which are briefly explained below: (1) Charging of interest from the date of sanction of loan or execution of loan agreement and not from the date of actual disbursement of funds to the customer. For loans disbursed by cheque, charging interest from the cheque date while handing over the cheque to the customer several days later. (2) In case of disbursal or repayment of loans during a month, charging interest for the entire month rather than charging interest only for the period for which the loan was outstanding. (3) Collecting one or more instalments in advance but reckoning the full loan amount for charging interest. 14. These and other such non-standard practices of charging interest are not in consonance with the spirit of fairness and transparency while dealing with customers. These are matters of serious concern to RBI. 15. The bank may use online account transfers in lieu of cheques for loan disbursal. Chapter VI - Inoperative Accounts / Unclaimed Deposits / Frozen Accounts 16. The bank shall take necessary steps to reduce the number of inoperative accounts and frozen accounts [due to pending updation / periodic updation of ‘Know Your Customer’ (KYC)] and make the process of activation of such accounts smoother and hassle free, including by enabling seamless updation of KYC through mobile / internet banking, non-home branches, Video Customer Identification Process, etc., in accordance with the relevant provisions of the Reserve Bank of India (Commercial Banks - Responsible Business Conduct) Directions, 2025. 17. The bank may facilitate the process of activation of accounts of beneficiaries of various Central / State government schemes like Direct Benefit Transfer (DBT) / Electronic Benefit Transfer (EBT) etc., frozen due to factors such as pending updation / periodic updation of KYC, by taking an empathetic view in such cases, since these accounts mostly pertain to the people from the underprivileged sections of the society. 18. The bank may organise special campaigns for facilitating activation of inoperative / frozen accounts. 19. The bank may also facilitate Aadhaar updation for its customers through its branches providing Aadhaar related services. 20. The progress in reduction of inoperative / frozen accounts and the special efforts made by the bank in this regard, may be monitored by the Customer Service Committee of the Board. 21. The bank shall report the progress on reduction of inoperative / frozen accounts on a quarterly basis to the Senior Supervisory Manager (SSM), RBI through DAKSH portal. Chapter VII - Nomination Facility 22. The bank shall obtain nomination in case of all existing and new eligible customers having deposit accounts, safe custody articles, and safety lockers, as the case may be, to avoid inconvenience and undue hardship to survivors / family members of deceased depositors, in accordance with relevant provisions of the Reserve Bank of India (Commercial Banks - Responsible Business Conduct) Directions, 2025. 23. The Board of Directors / Customer Service Committee (CSC) of the Board of the bank shall review, on a periodic basis, the achievement of nomination coverage. 24. The bank shall also report the progress on nomination coverage to the SSM, RBI through DAKSH portal on a quarterly basis. 25. The bank may suitably sensitise its frontline staff in the branches for obtaining nomination as well as appropriate handling of claims of deceased constituents and dealing with nominees / legal heirs. The Account Opening Forms may be modified suitably (if not already done) with provision for the customers to avail or opt out of nomination facility. 26. The bank, in addition to directly notifying the customers, shall publicise the benefits of using the nomination facility through various media, including launching periodical drives towards achieving a full coverage of all eligible customer accounts. Chapter VIII – Fraud Prevention Measures From time to time, RBI has constituted various committees such as the Ghosh Committee, Gilani Committee, and Narang Committee, to examine different aspects relating to frauds and malpractices in banks and to recommend measures for their prevention and early detection. Based on the recommendations of these committees, RBI has, over the years, issued several guidelines to banks aimed at strengthening internal controls, enhanced monitoring in sensitive areas of banking operations, and curbing the occurrence of frauds. The key fraud preventive measures covered under these guidelines are outlined below. A. Frauds due to Collusion of the bank Officials 27. In order to prevent / detect frauds due to collusion of the bank officials, the bank shall take the following measures: (1) ensure balancing of books at the stipulated intervals; (2) interact with the concurrent auditors and enquire about the problems faced by them in auditing certain branches and indicate to them in clear terms the expectations of the management from the auditors while auditing branches; and (3) immediately examine staff accountability and take appropriate action for the lapses / irregularities noticed. B. Large Value Frauds 28. The bank shall take the following measures for prevention / detection of large value frauds: (1) Safeguards in respect of Letters of Credit and Bank Guarantee; (2) Management Audit System and its emphasis on analysis of existing control system, its adequacy, scope and need for periodical review; (3) Safe custody of critical items of bank stationery; and (4) A scheme to honour alert bank staff for timely detection of frauds. C. Retail Loans - Sanction of Bulk Proposals 29. The bank shall put in place, an appropriate loan policy with suitable risk management mechanism to deal with bulk loan proposals. The loan policy may broadly incorporate the following: (1) In all cases of bulk loan proposals received from the employees of a company / firm / organisation, the status of the employee should be confirmed from the concerned company / firm / organisation by stringent application of key KYC norms. (2) Documents submitted by the employees such as salary slips, Income Tax returns, etc., should be independently verified through banks' own staff. Further, on-site visit should be carried out at the residence of the applicant so as to verify the genuineness of the residential address furnished by the applicant. All the applicants / employees should be individually called in person for pre-sanction discussion to ensure discreet verification of personal details with reference to their documents and photograph submitted by them. (3) Applications submitted by the promoters / directors of the company, builders / developers etc., in bulk, should not be accepted in normal circumstances with the sole purpose of portfolio enhancement or predatory lending considerations. (4) The market reports on builders / developers should be obtained and loans should be sanctioned in respect of projects being undertaken by reputed builders / developers only. The documents to the title of property mortgaged with the bank should be verified with regard to their genuineness at the time of their acceptance and not deferred till the time of initiation of recovery proceedings. (5) The written undertaking from the authorised drawing / disbursing officer to provide check off facility and also an undertaking to obtain No-Objection Certificate from the loan disbursing branch of the bank before releasing the terminal / superannuation benefits of the employee and to advise the disbursing branch of any transfer / re-location of the employee or before shifting the employee's salary credit to another bank or mode of payment should be obtained. The concurrent audit / regular internal inspection / vigilance inspection, statutory audit should bestow particular attention on bulk proposals for early detection of disquieting features in the portfolio. (6) The controlling offices of the bank should review the position of retail loan portfolio of the branches on an ongoing basis with focused attention on bulk proposals to avoid their quick mortality or signs of delinquency. D. Frauds by Deposit of Fake Title Deeds of Property 30. The bank officials shall follow the laid down procedures for verifying the genuineness of the documents submitted by the borrowers independently through their own advocates / solicitors. The documents sought to be submitted for creation of equitable mortgage / deposit as collateral security should be original and be verified through searches in the appropriate records of the Sub-Registrar of Assurances and Revenue and Municipal records up to or as near to the date of creation of security in the bank's favour as possible. The bank should obtain a certificate from the advocate / solicitor certifying the title to concerned property being original and not duplicate or fake and that the title is clear, marketable and free from encumbrances. 31. The bank shall be extra cautious while accepting sale deeds and other documents of properties as collateral securities. Necessary steps in this regard, may be detailed by the bank, in consultation with its Legal Department. 32. Furthermore, the bank may take the following measures: (1) The bank may insist on opening of bank accounts by owners of properties who offer the same as collateral security against loans given to third parties. (2) The bank should communicate with the owners of the property through registered letter to confirm proof of residence and their willingness to offer the security as collateral. E. Frauds in Non-resident Accounts 33. The bank shall take the following precautions in opening and operations of Non-Resident Indian (NRI) deposit accounts: (1) The bank shall take utmost care when non-resident deposit accounts are sought to be opened / loans sanctioned against such deposits in remote branches / places where the depositors may not have any interest, or the branches may not be having adequate expertise in dealing with such accounts. (2) If such a deposit is being solicited by the branch and its officers as part of their deposit mobilisation efforts, the concerned Branch Manager shall take responsibility for having identified the depositor and the genuineness of the documents produced. (3) Apart from the usual precautions, wherever such accounts are opened through a Power of Attorney, the bank may consider verifying the identity of the depositor, inter alia, by contacting the depositor over telephone and e-mail at the number and address mentioned in the application, verifying address through internet, etc. 34. In order to facilitate legitimate transactions and to reduce the possibility of frauds while sanctioning loans against NRI deposits, the bank may follow the following procedure: (1) The application may be forwarded through a bank branch situated in the country where the NRI deposit holder resides. It would be preferable if such requests are routed through the bank branch at which the concerned NRI is maintaining their accounts since this would presuppose due diligence / compliance with KYC norms by that branch. (2) A copy of the passport of NRI may also be called for, along with the application for loan against NRI deposits. F. Safe custody of Critical Documents 35. The bank shall exercise safeguards like maintenance of proper records, dual control, periodical balancing of books / verification, submission of control returns, etc., and ensure their observations. 36. Blank Demand Drafts / Pay Orders and Mail Transfer forms should be treated as security items and the branches should take adequate safeguards against their pilferage. They should be held in joint custody and balanced daily. 37. The bank shall ensure that no unauthorised person has access to security items like blank cheques, drafts, fixed deposit receipts, pay orders, account opening forms, specimen signature cards / books, loose ledger sheets, blank Letter of Credit forms, etc. 38. The ledgers and other books of accounts, voucher bundles, and other items of Stationery should be stored properly. G. Accounts opened by Employees 39. The bank shall make it incumbent on the part of the staff members to intimate in writing about the accounts opened by them with another branch of the bank or another bank. Accordingly, necessary amendments to the Officers' Conduct Regulations as also the Standing Orders to the workmen employees may be issued in consultation with Indian Banks Association (IBA). H. Legal Compliance Certificate 40. The bank shall establish an in-house legal compliance certification process to be enforced from each desk, specially from each management category staff for making them accountable. A legal compliance certificate shall be mandated in all transactions exceeding a cut-off limit (may be decided by the banks). In case of exercise of discretionary power, an explanation shall be given indicating the circumstances warranting the exercise of discretionary power and whether all due diligence has been taken or not. I. Legal Compliance Audit 41. The bank should conduct a legal compliance and due diligence audit annually and submit the report to the Chairman/ Managing Director & Chief Executive Officer (MD & CEO) and the SSM, RBI. 42. In all banking transactions, such as opening of different types of accounts, sanctioning of overdraft facilities, opening of letters of credit, opening and operations of FCNR accounts, project finance through consortium arrangements, etc., if the transaction exceeds a cut off amount the concerned staff should certify that all stipulated conditions are complied with and during the internal audit, such certificate shall be checked by the internal auditor and report to the Chairman/ (MD & CEO) and the SSM, RBI. J. Forensic Scrutiny 43. The bank shall build a database of officers / staff identified as those having aptitude for investigation, data analysis, forensic analysis, etc., and provide them appropriate training in investigations and forensic audit. For investigation of frauds, only such officers / staff should be deployed through the ‘Fraud Investigation Unit / Outfit’. K. Exercise of Discretionary Power 44. The bank shall build a database its management and staff exercising discretionary power, recording all reasons for such exercise and the consequences. A close monitoring of such exercise of discretionary power is required. Discretionary power shall be exercised in circumstances only when it is essentially needed and there is no other method left. L. Best Practices Code in banks 45. The bank shall reiterate the need for strict adherence to the laid down systems and procedures, to its branches / controlling offices. The bank may organize training programmes / seminars / workshops, etc., for creating awareness among the field level functionaries on an ongoing basis. 46. The procedures for entering into transactional relationship, especially those in the fraud-prone areas, should be well documented in the BPC, compared with the best national and international practices, experimented with, and improved upon in the light of the experience gained. 47. Preparation of the BPC should involve examination of all procedures, processes, products, activities, and systems, existing and future (as and when a new product / process is introduced). 48. The BPC should be integrated with the overall risk management strategy of the bank. Apart from it being viewed in the context of prevention of frauds, it should also be considered as a part of the strategy to mitigate all possible operational risk losses. 49. The bank shall consider the following while compiling the BPC: (1) The BPC should be a comprehensive and homogenous document. (2) While the manual of instructions / circulars issued by the bank from time to time could be consolidated and incorporated, this by itself would not constitute BPC. (3) The BPC should take into account the instructions relating to the common fraud prone areas and their prevention issued to banks by RBI from time to time. (4) The BPC should also highlight the recommendations of the various committees constituted by the RBI for prevention of frauds, banking sector reforms, etc. (5) The BPC should also take into account the instructions of the Central Vigilance Commission (CVC), if any, issued from time to time. (6) The BPC should, at a minimum, cover all the functional areas like cash, safe custody of other valuables (Demand Draft / Telegraphic Transfer / Letter of Credit / Guarantee forms, etc.), deposit accounts, investment portfolio, credit portfolio, foreign exchange transactions, treasury operations, bills portfolio, remittances, cash receipts and payments, issue / payment of demand drafts, clearing transactions, government transactions, Letters of Credit / Guarantees, etc. (7) The BPC may also incorporate practices that would help prevention of losses to its customers and include suitable guidance to such customers. The bank shall codify the precautions to be taken by customers and the same should be publicised by placing on its website or through any other medium. (8) The BPC should be periodically revised and updated in the light of the experience gained, fresh instructions from the RBI and suggestions made by internal / external auditors. M. Other Instructions 50. The bank shall strengthen its internal control system from detection and prevention of frauds. 51. The concurrent / internal / statutory auditors of the bank shall specifically report to the Chairman / (MD & CEO) of the bank and the SSM, RBI, about anything susceptible to be a fraud or fraudulent activity or any foul play in any transaction. 52. The bank shall adhere strictly to the time frame fixed for reporting fraud cases to RBI as per Reserve Bank of India (Commercial Banks – Fraud Risk Management) Directions, 2026. 53. The bank shall invariably initiate departmental action against officials involved in bank frauds simultaneously with criminal action to ensure that internal fraudsters are immediately punished even if criminal cases against them continue. 54. Wherever there is a prima-facie case against the loan dealing officials of the bank, appropriate action in terms of Central Vigilance Commission guidelines, for their inclusion in the list of officers with doubtful integrity, should be initiated by the bank in consultation with the Central Bureau of Investigation. 55. The officers posted in the Vigilance Department of the bank, preferably at the Head Office, should hold meetings with the investigating authorities at periodical intervals which should be minutised and action be taken within a time frame agreed to at the meetings. Chapter IX - Protected Disclosure Scheme 56. The bank shall take necessary action for implementing the Protected Disclosures Scheme. The salient features of the Scheme are as under: A. Scope and Coverage 57. The complaints under the Scheme would cover the areas such as corruption, misuse of office, criminal offences, suspected / actual fraud, failure to comply with existing rules and regulations such as the Reserve Bank of India Act, 1934, the Banking Regulation Act 1949, etc., and acts resulting in financial loss / operational risk, loss of reputation, etc., detrimental to depositors' interest / public interest. 58. Under the Scheme, employees of the bank, customers, stake holders, NGOs and members of public can lodge complaints. 59. Anonymous / pseudonymous complaints will not be covered under the Scheme and such complaints will not be entertained. 60. RBI will be the Nodal Agency to receive complaints under the Scheme. RBI would keep the identity of the complainant secret, except in cases where complaint turns out to be vexatious or frivolous and action has to be initiated against the complainant as mentioned below: (1) The institution against which complaint has been made can take action against complainants in cases where motivated / vexatious complaints are made under the Scheme, after being advised by RBI. An opportunity of hearing will, however, be given by the bank to the complainant before taking such action. (2) Final action taken by RBI on the complaint will be intimated to the complainant. B. Procedure for Lodging the Complaint under the Scheme 61. The complaint should be sent in a closed / secured envelope. 62. The envelope should be addressed to The Chief General Manager, Reserve Bank of India, Department of Supervision, Fraud Monitoring Group, 2nd Floor, Maker Tower-E, Cuffe Parade, Mumbai 400 005. The envelope should be superscribed ‘Complaint under Protected Disclosures Scheme for Banks’. 63. The complainant should give his / her name and address in the beginning or end of the complaint or in an attached letter. In case of an employee making such complaint, details such as name, designation, department, institution and place of posting etc. should be furnished. 64. Complaints can also be made through e-mail also giving full details as specified above. 65. The complainant should ensure that the issue raised by him involves dishonest intention / moral angle. They should study all the relevant facts and understand their significance. They should also make an effort, if possible, to resolve the issue through internal channels in order to avoid making the complaint. 66. The text of the complaint should be carefully drafted so as not to give any details or clue to complainant's identity. The details of the complaint should be specific and verifiable. 67. In order to protect the identity of the complainant, RBI will not issue any acknowledgement of receipt of the complaint and the complainants are advised not to enter into any further correspondence with the RBI in their own interest. RBI assures that, subject to the facts of the case being verifiable, it would take necessary action, as provided under the scheme. If any further clarification is required, RBI will get in touch with the complainant. 68. If the complaint is accompanied by particulars of the person making the complaint, the RBI shall take the following steps: (1) If necessary, it would ascertain from the complainant whether they were the person who made the complaint or not. (2) The identity of the complainant will not be revealed unless the complainant himself has made the details of the complaint either public or disclosed his identity to any other authority. (3) The identity of the complainant will be concealed, RBI will make discreet inquiries to ascertain if there is any basis for proceeding further with the complaint. (4) Either as a result of the discreet enquiry, or on the basis of complaint itself without any enquiry, if RBI is of the opinion that the matter requires to be investigated further, RBI may consider calling for the comments / response from the Chairman / (MD & CEO) of the concerned bank. (5) After obtaining the response of the concerned bank and / or on the basis of an independent scrutiny conducted / ordered by RBI, if RBI is of the opinion that the allegations are substantiated, then RBI shall recommend appropriate action to the concerned bank. These shall, inter alia, include the following: (i) Appropriate action to be initiated against the concerned official. (ii) Appropriate administrative steps for recovery of the loss caused to the bank as a result of the corrupt act or mis-use of office, or any other offence covered by the Scheme. (iii) Recommend to the appropriate authority / agency for initiation of criminal proceedings, if warranted by the facts and circumstances of the cases. (iv) Recommend taking corrective measures to prevent recurrence of such events in future. (v) Consider initiating any other action that it deems fit keeping in view the facts of the case. (6) If any person is aggrieved by any action on the ground that he is victimized due to filing of the complaint or disclosure, he may file an application before the RBI seeking redressal in the matter. RBI will take such action, as deemed fit. In case the complainant is an employee of the bank, RBI may give suitable directions to the concerned bank, preventing initiation of any adverse personnel action against the complainant. (7) Either on the basis of application of the complainant or on the basis of information gathered, if the RBI is of the opinion that either the complainant or the witnesses in the case need protection, the RBI shall issue appropriate directions to the concerned bank. (8) The system described herein shall be in addition to the existing grievances redressal mechanism in place. However, secrecy of identity shall be observed, only if the complaint is received under the scheme. (9) In case RBI finds that the complaint is motivated or vexatious, RBI shall be at liberty to take appropriate steps. (10) In the event of the identity of the informant being disclosed in spite of RBI's directions to the contrary, then RBI shall be authorised to initiate appropriate action as per extant regulations against the person or agency making such disclosure. RBI may also direct such person or agency to suitably compensate the complainant. C. Protected Disclosure Policy 69. The bank may frame a 'Protected Disclosures Scheme' duly approved by its Board, keeping in view the broad framework given above. The policy should clearly lay down norms for protection of identity of employees making disclosures under the scheme and safeguarding them from any adverse personnel action. The role and responsibilities of the Board may also be well defined in dealing with the complaints received under the scheme. The Board, or a Board Committee may be made responsible for monitoring the implementation of the scheme. The bank may factor suggestions of the unions / associations of officers / employees before framing such a policy. Suitable mechanism should be put in place to make newly recruited employees of the bank aware of the existence of such a scheme in the bank. Chapter X – Vigilance 70. The bank shall put in place a system of internal vigilance machinery as per the guidelines furnished below with the approval of the Board, in order to uniformly address issues arising out of lapses in the functioning of the bank especially relating to corruption, malpractices, frauds, etc., for timely and appropriate action: A. Preamble 71. Vigilance is an inseparable part of management. It promotes clean business transactions, professionalism, productivity, promptness and transparent practices and ensures putting in place systems and procedures to curb opportunities for corruption which results in improving efficiency and effectiveness of the personnel as well as the organization. These factors make it mandatory to have a dedicated vigilance setup in the banking industry. The following guidelines aim at structuring efficient and effective vigilance system in banks in the larger interest of all concerned stakeholders. B. Introduction 72. Anti-corruption measures taken by the bank are a responsibility of the disciplinary authority identified in the bank and it has the over-all responsibility of looking into the acts of misconduct alleged against, or committed by, the employees within its control and to take appropriate punitive action. It is also required to take appropriate preventive measures so as to prevent commission of misconducts / malpractices by the employees under its control and jurisdiction. The designated Officer (similar to Chief Vigilance Officers in case of Public Sector Banks) acts as a Special Assistant / Advisor to the CEO of the bank in the discharge of these functions. They also act as a liaison officer between the bank and the Police / Serious Fraud Investigation Officer / other law enforcement authorities. C. Vigilance Angle 73. Vigilance angle will be applicable in case of following acts: (1) Demanding and / or accepting gratification other than legal remuneration in respect of an official act or for using his influence with any other official; (2) Obtaining valuable thing, without consideration or with inadequate consideration from a person with whom he has or is likely to have official dealings or his subordinates have official dealings or where he can exert influence; (3) Obtaining for himself or for any other person any valuable thing or pecuniary advantage by corrupt or illegal means or by abusing his position as an employee; (4) Possession of assets disproportionate to their known sources of income; and (5) Cases of misappropriation, forgery or cheating or other similar criminal offences. 74. In case of other irregularities like gross or wilful negligence; recklessness in decision making; blatant violations of systems and procedures; exercise of discretion in excess, where no ostensible organisational interest is evident; failure to keep the controlling authority / superiors informed in time; the disciplinary authority with the help of the CIV should carefully study the case and weigh the circumstances to arrive at a conclusion whether there is reasonable ground to doubt the integrity of the officer concerned. D. Chief of Internal Vigilance 75. The bank shall designate an officer of suitable seniority as Chief of Internal Vigilance (CIV) who will head the Internal Vigilance Division of the bank. Vigilance functions to be performed by the CIV would be wide ranging and include collecting intelligence about the corrupt practices committed, or likely to be committed, by the employees of the bank; investigating or causing an investigation to be made into verifiable allegations reported to him; processing investigation reports for further consideration of the disciplinary authority concerned; referring the matters to the CEO of the bank for advice wherever necessary, taking steps to prevent commission of improper practices / misconducts, etc. Thus, the CIVs' functions can broadly be divided into three parts, viz. (i) Preventive vigilance; (ii) Punitive vigilance; and (iii) Surveillance and detection. D.1 Appointment 76. The basis for appointment of CIV should be experience, track record, proven integrity, and ability to inspire confidence among personnel in the bank. D.2 Tenure 77. The normal tenure of a CIV should be three years extendable up to a further period of two years. But if a CIV has to shift from one bank to another without completing the approved tenure in the previous bank, the principle of overall tenure of six years will apply. D.3 Association with Sensitive Matters 78. The vigilance functionaries should not be a party to processing and decision-making processes or be involved in other administrative transactions of such nature, which are likely to have clear vigilance sensitivity. While it may not be difficult for full-time vigilance functionaries to comply with this requirement, the compliance of these instructions could be achieved in respect of part-time vigilance functionaries by confining their duties, other than those connected with vigilance work, as far as possible, to such items of work that are either free from vigilance angle or preferably serve as input to vigilance activities such as inspection, audit, etc. D.4 Submission of Reports and Returns - Review 79. CIV should invariably review all pending matters, such as investigation reports, disciplinary cases, and other vigilance complaints / cases in the first week of every month and take necessary steps for expediting action on those matters. The CIV would arrange periodic meetings to be taken by the CEO for reviewing the vigilance activities undertaken by the bank. CIV would also be required to furnish a report on the vigilance activities in the bank to the Board / Local Governing Council on a periodic basis. E. Preventive Vigilance 80. The CIV may take the following measures on preventive vigilance: (1) undertake a study of existing procedure and practices prevailing in the bank with a view to modifying those procedures or practices which provide a scope for corruption, and also to find out the causes of delay, the points at which it occurs and devise suitable steps to minimize delays at different stages; (2) undertake a review of the regulatory functions with a view to see whether all of them are strictly necessary and whether the manner of discharge of those functions and exercise of powers of control are capable of improvement; (3) devise adequate methods of control over exercise of discretion so as to ensure that discretionary powers are not exercised arbitrarily but in a transparent and fair manner; and (4) identify the areas in his organisation which are prone to corruption and to ensure that the officers of proven integrity only are posted in those areas; F. Staff Rotation and Mandatory Leave 81. The bank should identify sensitive positions and frame specific Board approved internal policy on staff matters such as rotation of staff in general and in respect of sensitive desks in particular. The bank may, while framing such policy, include the minimum period for staff rotation and mandatory leave that would apply to the staff at all levels. The minimum period of mandatory leave in each category of staff, including the CEO, may also be indicated. G. Complaints 82. Receipt of information about corruption, malpractice or misconduct on the part of employees, from whatever source, would be termed as a complaint. Information about corruption, malpractice or misconduct on the part of employees may flow to the administrative authority / the Police / Serious Fraud Investigation Officer / RBI from any of the following sources: (1) Complaints received from employees of the bank or from the public; (2) Departmental inspection reports and stock verification surveys; (3) Scrutiny of annual property statements; (4) Scrutiny of transactions reported under the Conduct Rules; (5) Reports of irregularities in accounts detected in the routine audit of accounts, e.g., tampering with records, over-payments, misappropriation of money or materials etc; (6) Audit reports of the accounts of the bank; (7) Complaints and allegations appearing in the press etc; (8) Source information, if received verbally from an identifiable source, to be reduced in writing; and (9) Intelligence gathered by agencies like Central Bureau of Investigation, local bodies etc. 83. In addition, the CIV may also devise and adopt appropriate methods to collect information about any malpractice and misconduct among the employees. Anonymous / pseudonymous complaints received by the CIV may be dealt with on merit. H. Investigation Agency for Conducting Investigations 84. As soon as a decision has been taken to investigate the allegations contained in a complaint, the bank shall decide whether the allegations should be inquired into departmentally or whether a police investigation is necessary. Instructions as to with which agency the complaint is to be lodged, are contained in the Reserve Bank of India (Commercial Banks – Fraud Risk Management) Directions, 2026. I. Review of Cases entrusted to Investigating Agencies 85. No review should ordinarily be made by the administrative authority of a case registered by the Police. If, however, there are special reasons for discussion / review, the Police should invariably be associated with it. J. Action against Persons making False Complaints 86. If a complaint against an employee is found to be malicious, vexatious or unfounded, it should be seriously considered whether action should be taken against the complainant for making a false complaint. K. Liaison with Agencies 87. The CIV should closely liaise and co-operate with the Police / SFIO during the course of an inquiry and investigation and the processing of individual cases, as both the Police / SFIO and the CIV, receive information about the activities of the officer from diverse sources. Such information may be cross checked at appropriate intervals to keep Police / SFIO fully appraised with the latest developments through periodical meetings between the CIV and Police / SFIO. Chapter XI - Vigilance Monitoring Return 88. The bank shall, on quarterly basis, furnish the information on action plan on anti-corruption measures, through Vigilance Monitoring Return - I (VMR-I), as per the format and through the online portal as available on RBI website. Note: The format consists of five parts. While part-I lays down quarterly targets for the year, part-II to V pertain to statistical information relating to preventive surveillance, detection aspects and deterrent punitive action. Chapter XII - Repeal and Other Provisions A. Repeal and Saving 89. With the issue of these Directions, the existing Directions, instructions, and guidelines relating to areas covered in these Directions as applicable to Commercial Banks stand repealed, as communicated vide as communicated vide circular no. XX dated XXXX XX, 2026. The directions, instructions, and guidelines already repealed vide any of the directions, instructions, and guidelines listed in the above circular shall continue to remain repealed. 90. Notwithstanding such repeal, any action taken or purported to have been taken, or initiated under the repealed directions, instructions, or guidelines shall continue to be governed by the provisions thereof. All approvals or acknowledgments granted under these repealed lists shall be deemed as governed by these Directions. Further, the repeal of these directions, instructions, or guidelines shall not in any way prejudicially affect: (1) any right, obligation or liability acquired, accrued, or incurred thereunder; (2) any penalty, forfeiture, or punishment incurred in respect of any contravention committed thereunder; (3) any investigation, legal proceeding, or remedy in respect of any such right, privilege, obligation, liability, penalty, forfeiture, or punishment as aforesaid; and any such investigation, legal proceedings or remedy may be instituted, continued, or enforced and any such penalty, forfeiture or punishment may be imposed as if those directions, instructions, or guidelines had not been repealed. B. Application of Other Laws Not Barred 91. The provisions of these Directions shall be in addition to, and not in derogation of the provisions of any other laws, rules, regulations, or directions, for the time being in force. C. Interpretations 92. For giving effect to the provisions of these Directions or to remove any difficulties in the application or interpretation of the provisions of these Directions, RBI may, if it considers necessary, issue necessary clarifications in respect of any matter covered herein and the interpretation of any provision of these Directions given by the RBI shall be final and binding. (Tarun Singh)
Chief General Manager |