Is it becoming a routine affair, like being fined by the traffic police for jumping the red light or by a TTE for travelling without a ticket on a Mumbai local?
Last week, the Reserve Bank of India (RBI) slapped a Rs 1-crore penalty on the State Bank of India for delay in reporting fraud in one account.
On the same day, the banking regulator also penalised Standard Chartered Bank-India Rs 1.95 crore for not complying with its directions on multiple issues, including customer protection in regard to unauthorised electronic banking transactions, cybersecurity and credit card operations.
Interestingly, a decade ago, in April 2011, as many as 19 banks were penalised Rs 1.95 crore for violating norms for derivatives transactions. Six banks were penalised Rs 15 lakh each, while eight were slapped with a Rs 10-lakh penalty each. The fine for five others was Rs 5 lakh each. Banks sell derivatives to help companies hedge risks against fluctuations in foreign exchange value and interest rates, and earn a fee on this.
Similarly, in March 2019, the RBI imposed a penalty on 36 banks for non-compliance with various directions on time-bound implementation and strengthening of SWIFT-related operational controls. Five of them were penalised Rs 40 lakh each; seven Rs 30 lakh each; eight Rs 20 lakh each; and 16 Rs 10 lakh each. SWIFT, or Society for Worldwide Interbank Financial Telecommunication, is a global network that connects banks for communicating messages on activities such as safe and secure transfer of money using a code.
In the current financial year, so far, penalty to the tune of around Rs 60 crore has been imposed on banks, non-banking financial companies (NBFCs) and entities operating in the payments space.
One wonders on what basis the RBI penalises banks and how it decides the penalty amount.
The RBI has the powers to impose penalties under six Acts — the Banking Regulation Act, 1949; Reserve Bank of India Act, 1934; Payment and Settlement Systems Act, 2007; Securitisation and Reconstruction of Financial Assets and Enforcement of Security Interest Act, 2002; Factoring Regulation Act, 2011; and Credit Information Companies (Regulation) Act, 2005.
Till the Enforcement Department (EFD) was set up in April 2017, different supervisory and regulatory departments of the central bank were taking such actions. There was no unified enforcement policy. Driven by events, it was discretionary — certainly not in line with the international best practice of separating enforcement action from the regulatory/supervisory process.
The developments in national and international economic and regulatory environment in the 21st century had led to a better compliance culture and the enforcement process was made uniform, transparent and predictable.
That’s the story behind the formation of EFD. Its job is to separate enforcement action from supervisory process and follow a structured, rule-based approach to identify the violations committed by the regulated entities, and enforce it consistently across the financial sector.
In the new penalty regime, the EFD first focused on the scheduled commercial banks as they are systemically more important than others and pose the highest reputational risk to RBI in case of any regulatory non-compliance. It did so using the provisions of the Banking Regulation Act.
Subsequently, it took up the transfer of enforcement work related to cooperative banks and NBFCs in October 2018, under the provisions of other Acts.
The new framework lays down the underlying policy and the broad process for identification and enforcement. This includes approach to enforcement, guiding principles of the policy, types of violations to be considered, process of identifying violations, adjudication process, quantum of penalties, recovery and, finally, the disclosure requirements.
The EFD identifies violations from inspection reports, risk assessment reports, scrutiny reports and observations of the central bank’s supervisory and regulatory departments. Market intelligence and customer complaints are also considered before a show cause notice is issued based on the nature of violation, its frequency and seriousness.
In the next stage, an adjudication committee takes a call and determines the quantum of penalty after giving an opportunity to the entity concerned for personal hearing, and issues the “speaking order” — one for which the adjudicating authority gives reasons to support its decision.
Finally, the RBI discloses the penalty in the form of a press release. The penalised entity needs to follow the disclosure norms of the RBI and listing agreement with stock exchanges, wherever applicable. The order outlines the time frame by which the penalty must be paid.
All this is fine but does such a penalty serve the purpose? Almost every week the RBI penalises banks and NBFCs — big, medium and small, well-known and not-so-well-known. Is their reputation at stake? Does the amount of penalty hurt them? Or, is it becoming a routine affair, like being fined by the traffic police for jumping the red light or by a TTE for travelling without a ticket on a Mumbai local?
The 2014 settlement by BNP Paribas in the US sanctions case for $8.9 billion is probably the biggest penalty paid by a bank since the early 2000s for an action not related to the 2008 financial crisis. In 2012, Wells Fargo & Co, JP Morgan Chase & Co, Citigroup Inc, Bank of America Corp and Ally Financial Inc agreed to pay at least $25 billion in penalties and borrower relief over alleged foreclosure processing abuses. In the first two decades of this century, the US banks have paid around $200 billion in fines and penalties.
Compared with such cases, what banks in India have coughed up as penalty is not even peanuts. Till 2013, the amount of penalty was capped at Rs 20 lakh for each violation; it has since been raised to a maximum of Rs 1 crore. This is for violations of norms where no value can be attached. For violations where a specific value can be determined, the penalty could be twice the amount. For instance, if a bank is involved in a Rs 100-crore derivative scandal, the penalty could be as much as Rs 200 crore. But the FED has not used the provision as yet.
Is the banking system ready for a much higher penalty? The scale of US banks is far bigger and transaction value is typically so high that they can stomach high penalties but banks in India, particularly many of the foreign banks operating in small scale, may go belly up if the penalty is raised substantially.
One way of tackling this could be linking the penalty to the profits of the entities, depending on the gravity of the violation. Also, to make it more effective and force the penalised entity to care for its reputation, the RBI can think of making the full contour of the violations public instead of issuing a sanitised press release. The market regulator makes full text of such orders public.
Penalty must act as a deterrent. If it is too low, it could encourage the regulated entities to lap up penalty instead of complying with the norms.The writer, a consulting editor with Business Standard, is an author and senior adviser to Jana Small Finance Bank Ltd
His latest book: Pandemonium: The Great Indian Banking Story
To read his previous columns, please log on to http://www.bankerstrust.in