Clipped from: https://www.business-standard.com/article/opinion/a-good-night-s-sleep-both-for-banks-and-reserve-bank-123031200509_1.html
Believe it or not, the regulator is even stretching its arm to identify stressed borrowers and gauge the “distance to default” as a measure of a particular bank’s fragility
Banks have always been adept at hiding bad loans. Even though they had the so-called core banking solutions in place by 2011, they were reluctant to use technology to identify bad loans. They preferred the human touch at different levels, from the branch to the headquarters. A lot depended on тАЬinterpretationтАЭ.
The┬аReserve Bank of India┬а(RBI), over the past few years, has goaded them to shift to the system of automated recognition of bad┬аloans┬аin contrast to a manually-driven process. This helped reduce the divergence between the bad loan figures reported by a bank and the RBIтАЩs assessment. Financial reports are more credible now.
Today, a bank can intervene only selectively, and that too under the eyes of the boardтАЩs audit committee. It was not easy to convince the banks. The┬аRBI┬аhad to slap penalties of hundreds of crores of rupees on a few banks. This тАЬpenaltyтАЭ is not in the public domain as it was handed out in the form of higher provisioning.
There had been rampant evergreening of bad loans by many banks, using what they called тАЬinternal accountsтАЭ. Many such accounts existed solely for the transfer of funds to make bad loans look good. Many banks had thousands of such accounts, and branches misused them to hide bad loans.
The┬аRBI┬аgot banks to follow a board-approved policy to rationalise the opening of such accounts and ensure their use only for a genuine purpose. Here, too, the regulator had to take aggressive disciplinary action against some delinquent banks.
The┬аRBI┬аis now keeping the auditors too on their toes. Its supervisors meet the statutory auditors of banks every quarter.
And, believe it or not, the regulator is even stretching its arm to identify the stressed borrowers and gauge the so-called тАЬdistance to defaultтАЭ as a measure of a particular bankтАЩs fragility.
Using the data from the Central Repository of Information on Large Credits (CRILC), the RBI periodically scans the vital statistics of the top 200 borrowers of the┬аbanking┬аsystem тАФ from ratings, interest coverage and debt-equity ratio to leverage, profits and also whether one bankтАЩs bad asset is good on another bankтАЩs books. The idea is proactive identification of risk build-up and to check whether a bank can absorb the risks.
The regulatorтАЩs involvement doesnтАЩt end here. It is keeping the senior management of a bank engaged in a continuous dialogue. If the management of a bank does not keep its board posted about the regulatorтАЩs concerns, an RBI executive director invites himself to a board meeting of the bank!
It has also made a beginning in tapping market intelligence properly. Until recently, the RBIтАЩs market intelligence was limited to keeping paper clippings and reading the banksтАЩ regulatory filings. Now, it keeps close tabs on social media, news services, and regional media, besides interacting with rating agencies and analysing brokerage reports. ItтАЩs a sort of sentiment index designed to ring alarm bells.
The focus is also on technology. The regulator ensures that a bankтАЩs IT architecture is resilient and can handle outages so that customers get uninterrupted services. It checks if a bank can scale up its technology platform to meet customer needs, upgrade obsolete hardware, and integrate the system and business continuity and disaster recovery plans, which has forever been a тАЬwork in progressтАЭ for some banks.
It runs phishing exercises to check a bankтАЩs firewall, and drills to identify vulnerabilities in public-facing applications to alert a bank if there is any lacuna.
Technology is also used extensively to detect fraud. The banks have been told to put in place early warning systems and alert the authorities without delay when fraud is detected.
How does it work? The regulator is asking banks to classify suspicious accounts as red-flagged accounts (RFA) and decide on their status тАФ fraud or otherwise тАФ within six months. Once a bank pinpoints a fraud, the RBI informs other banks.
The other part of the story is that the RBI itself is changing. It is learning how to use data. Until recently, the offsite monitoring mechanism was using only 20 per cent of the available data. Now, the RBI is going deeper and creating a dashboard.
The regulator assesses every bank quarterly, identifies laggards and puts them on a тАЬheat mapтАЭ for intense scrutiny. It dissects key business parameters such as capital, bad loans, collection efficiency, net interest margin, return on assets, return on equity, net profit, and cost-to-income ratio, among others.
The Indian central bank is taking a deep dive into artificial intelligence and machine learning to track the banks. Its College of Supervision is educating the supervisors on how to connect the dots and also building capacity, using the e-learning model.
The prime focus of supervision now is onsite, being supplemented by offsite data. The plan seems to be reversing this тАФ offsite analysis combined with onsite validation.
There seems to be nothing wrong with the RBIтАЩs approach. Why, then, do some of the bankers vent their unhappiness in private about the regulatorтАЩs тАЬmicromanagementтАЭ?
The RBI is taking a close look at the business model, strategy and risk appetite of each bank. ThatтАЩs the cause of the industryтАЩs discomfort. Can the regulator teach a bank how to run its business? ThatтАЩs not the regulatorтАЩs job, they say in private.
The RBI has its own logic. If a bank is moving away from corporate loans to finance retail, agriculture and micro, small and medium enterprises, does it have the credit monitoring and underwriting capability in place? And, if it gets buried under a heap of bad loans, does it have enough capital to come out of the mess?
This is why the RBI is not only keeping close tabs on the banks but also on the health of their borrowers. Risk management, risk pricing, audit and compliance тАФ all are in the regulatorтАЩs surveillance parameters.
It is taking the assurance functions in banks seriously тАФ for creating value for a financial institution, strengthening public confidence, preserving and enhancing its reputation, and maintaining the integrity of its business and management.
Here are some examples of what the RBI has done in the recent past.
A commercial bank was following a high-risk, high-return business model disbursing high-priced unsecured loans and supporting the loan book with bulk deposits. The regulator forced it to change the model.
Another bank was experiencing frequent outages in its digital┬аbanking┬аand mobile banking service, inconveniencing consumers. The RBI forced it to stop acquiring customers till it fixed the system.
In the case of yet another bank, eight directors and seven senior executives, including the chief executive officer and chief financial officer, resigned over two years. The RBI red-flagged this and got into action.
In the banking industry, the regulator is the fifth in the line of defence тАФ after business, risk and compliance, internal audit and central/statutory audit. But the new RBI doesnтАЩt want to wait till the end to do post-mortems. It will never be the first line of defence, but it wants to be proactive to ensure financial sector stability.
If the тАЬmovementтАЭ succeeds, investors will be able to take the banksтАЩ balance sheets at face value and the regulator as well as the regulated entities can have a good nightтАЩs sleep.(This is the last of a two-part series)The writer, a consulting editor of Business Standard, is an author and senior adviser to Jana Small Finance Bank Ltd
His latest book is Roller Coaster: An Affair with Banking
To read his previous columns, log on to https://bankerstrust.in
Twitter: TamalBandyo
aniltikotekar4sme.com 