RBI wants NBFCs to have `chief risk officer’ to improve risk-management
17 May 2019
The Reserve Bank of India (RBI) has asked non-banking finance companies (NBFCs) with asset size of more than Rs5,000 crore to appoint a chief risk officer (CRO) with clearly specified role and responsibilities,
RBI’s move to tighten regulations comes in the backdrop of the increasing role of NBFCs in direct credit intermediation, especially in view of the IL&FS imbroglio and its ripple effects on the financial sector.
Reserve Bank of India said on Thursday that non banking financial companies (NBFCs) with asset size of more than Rs 5,000 crore should appoint a chief risk officer in a move to tighten regulation after
A series of defaults at top lender Infrastructure Leasing & Financial Services' (IL&FS) have necessitated the need for more stringent controls on the functioning of NBFCs, especially the systemically important ones..
Emphasising that there is a need for NBFCs to augment risk-management practices, the central bank said the CRO is required to function independently to ensure highest standards of risk management.
In its directive to NBFCs – Investment and Credit Companies, Infrastructure Finance Companies, Micro Finance Institutions, Factors and Infrastructure Debt Funds – the RBI said the CRO should be a senior official in the hierarchy of an NBFC. The CRO should possess adequate professional qualification/ experience in the area of risk management.
The CRO can be appointed for a fixed tenure with the approval of the board. A CRO can be transferred/removed from the post before completion of tenure only with the approval of the board, and such premature transfer/removal should be reported to the Department of Non-Banking Supervision of the RBI’s regional office, under whose jurisdiction the NBFC is registered.
In case the NBFC is listed, any change in incumbency of the CRO should also be reported to the stock exchanges. The RBI said NBFCs should put in place policies to safeguard the independence of the CRO. In this regard, the CRO should have direct reporting lines to the MD and CEO/ Risk Management Committee (RMC) of the board.
In case the CRO reports to the MD and CEO, the RMC/board should meet the CRO without the presence of the MD and CEO, at least on a quarterly basis.
The CRO should not have any reporting relationship with the business verticals of the NBFC, and should not be given any business targets. Further, there should not be any ‘dual hatting’ – the CRO should not be given any other responsibility.
The CRO will be involved in the process of identification, measurement and mitigation of risks. All credit products (retail or wholesale) will be vetted by the CRO from the angle of inherent and control risks. The CRO’s role in deciding credit proposals will be limited to being an advisor.