All about NBFC Annual Compliance in India

Kiran Malik

28 Feb, 2023

Non-Banking Financial Companies (NBFCs) are a crucial part of the Indian financial system. They provide an essential source of credit to businesses and individuals who are otherwise unable to access financing through traditional banking channels. As per the Reserve Bank of India (RBI), an NBFC is defined as a company registered under the Companies Act, 2013, which is primarily engaged in the business of lending, investments, or both. NBFCs are required to comply with various regulatory norms and guidelines laid down by the RBI, including annual compliance requirements.

Annual compliance is a crucial aspect of maintaining an NBFC’s legal and financial integrity. It involves a comprehensive review of the company’s financial statements^[1], internal controls, and regulatory compliance. The process can be complex and time-consuming, requiring significant resources and expertise.

A guide to the key annual compliance requirements for NBFCs in India

Following is the guide to the key annual compliance requirements for NBFCs in India that must adhere to:

• Filing of Annual Returns: NBFCs are required to file their annual returns with the RBI within 90 days from the close of their financial year. The annual return contains details of the company’s financial performance, including its balance sheet, profit and loss account, and cash flow statement.
• Audited Financial Statements: NBFCs are required to prepare audited financial statements in accordance with the Companies Act, 2013. The audited financial statements must be prepared by a qualified Chartered Accountant and submitted to the RBI along with the annual return.
• KYC Compliance: NBFCs are required to conduct regular Know Your Customer (KYC) checks on their customers to comply with Anti-Money Laundering (AML) regulations. This includes verifying the identity of customers and ensuring that they are not on any watchlists or sanctioned lists.
• Internal Controls: NBFCs must establish and maintain robust internal control systems to ensure compliance with regulatory norms and prevent fraud. The internal controls should cover all aspects of the company’s operations, including financial reporting, risk management, and compliance.
• Net Owned Fund (NOF) Compliance: NBFCs are required to maintain a minimum level of Net Owned Fund (NOF) to ensure adequate capitalization. The minimum NOF requirement varies depending on the type of NBFC and is updated periodically by the RBI.
• Asset Classification and Provisioning: NBFCs are required to classify their assets into different categories based on their credit quality and make adequate provisions against non-performing assets (NPAs). The asset classification and provisioning norms are prescribed by the RBI and updated from time to time.
• Statutory Audit: NBFCs are required to conduct a statutory audit of their financial statements every year. The statutory audit is conducted by an external auditor to provide an independent opinion on the company’s financial statements.
• Corporate Governance: NBFCs must adhere to good corporate governance practices, including the appointment of independent directors, establishment of audit committees, and maintenance of proper records and documentation.
• Regulatory Reporting: NBFCs are required to submit various regulatory reports to the RBI, including the Prudential Norms Return (PNR), the CRILC report, and the FLA return. These reports provide critical information on the company’s financial performance, risk management, and regulatory compliance.
• Compliance with Other Laws: In addition to RBI regulations, NBFCs must comply with various other laws and regulations, including tax laws, labor laws, environmental laws, and data protection laws.
• Board Meetings: NBFCs must hold regular board meetings to review the company’s financial performance, discuss strategic initiatives, and ensure compliance with regulatory requirements. The board meetings should be documented and minuted to provide a clear record of the decisions taken.
• Capital Adequacy: NBFCs must maintain adequate capital to ensure their financial stability and ability to absorb losses. The capital adequacy norms are prescribed by the RBI and require NBFCs to maintain a minimum level of Tier 1 and Tier 2 capital.
• External Rating: NBFCs may opt to obtain an external credit rating from a recognized rating agency. The rating provides an independent assessment of the company’s creditworthiness and can be useful in accessing funding from investors and lenders.
• Compliance Training: NBFCs must ensure that their employees are trained on regulatory compliance requirements and best practices. The training should cover areas such as KYC/AML, data protection, and fraud prevention.
• Compliance Audit: NBFCs may opt to conduct a compliance audit to assess their compliance with regulatory requirements and identify areas for improvement. The compliance audit can be conducted by an internal team or an external auditor.
• Anti-Money Laundering (AML): NBFCs must comply with AML regulations, which require the identification and verification of customers, monitoring of transactions, and reporting of suspicious activities to the authorities. Failure to comply with AML regulations can result in penalties and fines.
• Information Technology (IT) Systems: NBFCs must maintain robust IT systems to ensure the integrity, confidentiality, and availability of data. IT systems must comply with data protection regulations and be regularly tested for vulnerabilities.
• Whistleblower Policy: NBFCs must establish a whistleblower policy to enable employees to report any concerns or suspected violations of regulatory requirements or ethical standards. The policy must ensure confidentiality and protection from retaliation for whistleblowers.
• Related Party Transactions: NBFCs must disclose and obtain prior approval for any related party transactions, which are transactions between the company and its directors, key management personnel, or their relatives. The related party transactions must be conducted at arm’s length and comply with RBI guidelines.
• Penalty: Non-compliance with NBFC annual compliance requirements can result in penalties and fines levied by the RBI. The penalty can range from Rs. 5,000 to Rs. 5 lakhs, depending on the severity of the non-compliance.

Conclusion

NBFC annual compliance is a critical aspect of the regulatory framework for non-banking financial companies in India. NBFCs must comply with various requirements set out by the RBI to maintain their legal and financial integrity, ensure the trust of stakeholders, and enable sustainable growth. These requirements include filing annual returns, conducting KYC checks, maintaining internal controls, and complying with regulatory reporting requirements. In addition to the basic compliance requirements, NBFCs must also comply with prudential norms, maintain strong IT systems, establish whistleblower policies, and disclose and obtain prior approval for any related party transactions. These requirements are in place to prevent fraud, ensure fair business practices, and promote transparency in the financial sector.

Non-compliance with annual compliance requirements can result in penalties and fines levied by the RBI, which can have severe financial implications for the company. Therefore, NBFCs must prioritize annual compliance and establish processes to ensure that they meet the regulatory requirements set out by the RBI. Overall, NBFCs play a critical role in the Indian financial sector and are subject to stringent regulatory oversight. Annual compliance is an essential component of this oversight and is necessary for maintaining the integrity of the financial system. By complying with the various annual compliance requirements, NBFCs can ensure sustainable growth and maintain the trust of their stakeholders.

Also Read:
All About NBFC Prudential Norms & NBFC Compliances
Statutory Audit Checklist for NBFCs – Complete OverviewCompliance by Non Banking Financial Companies under RBI Regulations – Different Returns and Intimations