Axis Inspection Report FY12-13

RESERVE BANK OF INDIA
Axis Bank Limited

Assessment as on March 31, 2013
Risk Assessment Report (RAR)
Findings on Capital and Earnings
Major Areas of Non-compliance

Table of Contents
I. Risk Assessment Report .......................................................................................... 2
II. Findings on Capital and Earnings ........................................................................... 29
III. Major Areas of Non-Compliance (Regulatory Guidelines) …………………………..36
Page 1 of 52
Risk Assessment Report
INTRODUCTION
The Risk Assessment of Axis Bank for 2012-13 under the Supervisory Program for
Assessment of Risk and Capital (SPARC) was completed with March 31, 2013 as the
reference date. The assessment has been made based on the off-site analysis of the
data and information furnished by the bank as well as the findings of the on-site
Inspection for Supervisory Evaluation (ISE) which was undertaken from September 10,
2013 to October 17, 2013. Based on the off-site and on-site evaluation, Preliminary Risk
Assessment Report was issued to the bank on November 22, 2013 and the issues
therein were discussed with the bank’s top management on November 26, December
04 and December 06, 2013. (The bank’s submissions were taken into account and the
Revised RAR was issued on December 13, 2013). Deputy Governor discussed the
major supervisory issues with the MD & CEO on December 17, 2013.
Part I of this Risk Assessment Report highlights the quality of governance and oversight
at the bank level; risks inherent to the operations of the bank in different business areas
and the gaps observed in various controls put in place to manage those risks. Part II of
the report details the findings on Capital and Earnings. Part III of the report captures the
Major Areas of Non-Compliance.
Page 2 of 52
PART I
A. Summary of Aggregate Risk
Inherent Risk Control Gap Aggregate Risk
Risk Category
A (1-4) B (1-4) 0.7*A +0.3*B
Board 2.200
Senior Management 2.289
Risk Governance 2.380
Internal Audit 1.993
Credit Risk 2.490 2.056 2.360

Market Risk 2.595 2.454 2.553
Liquidity Risk 1.997 2.497 2.147
Operational (non-IT) Risk 2.390 2.499 2.423
Operational (IT) Risk 2.230 2.087 2.187
Other Pillar II Risk 1.558 1.730 1.610
2.301
BANK LEVEL AGGREGATE RISK
(High Risk)
The bank level aggregate risk was assessed at 2.301, indicative of ‘High Risk’. The
supervisory stance pointed to ‘Active Oversight’.
Page 3 of 52
B. Findings and conclusions
1. Governance & Oversight (Aggregate Score: 2.21)
Major findings/ observations

1.1 Board Score: 2.200
1.1.1 One director had attained the age of 70 years when re-nominated (after
retirement by rotation) to the Board in July 2013 and he was not eligible to
continue as director as per the norms prescribed by RBI; the bank did not have
formal succession planning for the members of the Board; there was no charter
for the Board (though charter was contemplated in October 2012) and no
evaluation process (though contemplated in April 2012) for Board members;
the bank was yet to comply with RBI instructions issued on May 17, 2013 for
adhering to Ministry of Corporate Affairs (Government of India) norms for non-
Board level designation to one of its Executive Directors.
1.1.2 The minutes of the Board and the committees were not properly prepared, to
capture as action points the directions, wherever given, by the
Board/Committees so as to follow up through Action Taken Reports (ATRs).
The commitments made/timelines specified by the business/control
departments in their agenda notes were also not part of ATRs. Wherever action
points were noted, the action was closed in some cases even though the
compliance remained inconclusive. Many committees did not have cumulative
ATRs.
1.1.3 The Board did not review working of its Committees and the main committees
did not review the working of their sub-committees. There was delay in review
of some of the policies. There were 13 policies which were overdue for review
as on March 31, 2013 (11 were reviewed with a delay but 2 policies viz. Policy
on Oversight of Subsidiaries and Policy on Outsourced Activities, were still
pending); there were 43 policies which needed to be reviewed as and when due
and as a result, some of the policies were not reviewed for the last three years
whereas there were adequate triggers to do so. AML policies of the bank for
Hongkong and Singapore branches were reviewed with a delay of app. 6
Page 4 of 52
months which is fraught with risk from foreign regulators. The bank did not have
policies on some critical aspects of working of the bank (like for use of bank’s
name and logo by other entities in the group and in third party advertisements,
Group Compliance, Group AML, Avoidance of Conflict of Interest). There were
deficiencies in some of the policies like HR Policy, Corporate Credit Policy, NPA
Management and Recovery Policy, Country Risk Management Policy, Policy on
Outsourced Activities, etc.
1.1.4 Timeline given by the bank for corrective action on 51 observations of AFI-2011
and 2012 was not adhered to (there was a delay ranging from 3 to 12 months)
but there was no review by Audit Committee of Board (ACB). The Board / ACB
did not review compliance with observations in the bank’s KYC related special
scrutiny by RBI, forensic audit report by KPMG and opinion received, if any,
from the law firm engaged by the bank on the forensic audit findings.
1.1.5 Four MAP points from AFI-2012 were not complied with by the bank viz., (a) To
protect the customers while promoting the use of card/ mobile/ internet banking,
and to review and simplify the structure of financial charges to ensure that the
same are based on the services rendered only. (b) BCP of all core IT
applications from DR site. (c) To strengthen measures to identify and manage
risks commensurate with the growth of the bank so as to improve compliance
culture in regard to all the products and operations of the bank. Violations of the
Regulations have to be corrected and the accountability is to be fixed and action
taken. (d) Pricing of both assets and liabilities should be reasonable and
transparent.
1.2 Senior Management Score: 2.289
1.2.1 There were deficiencies in initiating action on some of the directions of the
Board / Committees, reporting of action taken, monitoring of the timelines given
for various compliances, systemic rectification of the irregularities observed in
different audits, timely review and framing of policies, timely and corrective
action on Management Audit Reports, utilisation of stock audit reports for the
intended purposes, etc. Further, deficiencies were also observed in ensuring
approval of the products or changes in the products by appropriate committees,
Page 5 of 52
compliance of products with RBI instructions, analysing the reasons for long
delays in detection of frauds and filing of FIRs and fixation of staff
accountability, taking steps for preventing frauds recurring with the same modus
operandi, etc.
1.2.2 There were 4 schedules of customer charges but these were not approved by
Customer Service Committee. Credit balance account of depositors was being
washed out, despite RBI instructions not to do so for non-service activities, by
levy of Minimum Average Balance (MAB) charges. There was delay of 18
months in completing the implementation of Board approved corrective action
for conversion of motorized card readers into dip card readers on the bank’s
ATMs. Besides, other serious deficiencies pertained to classification of borrowal
accounts as NPAs from a back date in case the account was downgraded due
to failure of restructuring, exit and compromise policy, review of unhedged
exposure under foreign currency loans to corporate including that to SMEs,
mechanism of haircut on collaterals for the purpose of recovery, timely up-
gradation of NPA accounts, classification of Special Mention Accounts (SMAs)
in consumer lending portfolio, hedging forex swaps on matched maturity basis
for liquidity purpose, appropriate Contingency Funding Plan (CFP), credit of
interest to savings bank accounts on the last working day of each quarter,
oversight of outsourcing agencies, permitting staff to undertake foreign visits
funded by third party product providers, etc.
1.2.3 The bank reported failure in compliance test in respect of the 20 major
regulatory guidelines (obtention of NOC from the lending banks in case of
opening of current accounts for its patron customers, loans against shares and
many related to FEMA regulations) and second testing, after taking corrective
measures, if any, was yet to be done. Further, the present inspection had also
observed 21 major violations of RBI instructions. All these non-compliances
have added to the compliance risk and have been listed in Para IV (Part A and
B). Besides, there were serious observations in respect of management of
Market Risk and Operational Risks, in particular, apart from other risks.
Page 6 of 52
1.3 Risk Governance Score: 2.380
1.3.1 Enterprise Governance, Risk and Compliance (EGRC) project has been under
implementation since May 2010; the minutes of RMC/Board did not reflect
deliberations, if any, on the high stress levels (e. g. CAR impacted by 204 bps in
Q4 FY-13 as against 160 bps in Q3 FY-13) in credit and market risks and on
operational risk (as listed under each risk in this report separately). The list of all
the new products or changes therein was being put up before the RMC in a
bunch and it was being routinely noted; there was no observation on any of the
products though there were inherent deficiencies in some of the products (zero
percent EMIs on credit cards for Samsung mobiles in violation of RBI
instructions, 15% cash back on Samsung mobiles without assessing the credit
risk in exposure to Samsung, 80:20 scheme of Advance Disbursement Scheme
where some of the builders were chosen on the basis of their reputation, PoA
based opening of accounts for benefit of NBFCs and their broking firms,
CACOB scheme for opening of current account for cooperative banks for issue
of “at par” cheques (correspondent banking) with regard to access to KYC
records of customers of UCBs/DCCBs when required, etc.).
1.3.2 The working of Group Risk Management (GRM) Committee, Operational Risk
Management Committee, Core Crisis Management Committee, Product
Management Committee/ Change Management Committee, Outsourcing
Committee, Business Continuity Committee, Credit Risk Management
Committee, etc. needed to be toned up. There was no formal review of the
reputational risk faced by the bank. The heads of business and control
departments did not ensure that issues were brought before the relevant
committee/s for their granular examination and appropriate guidance/ directions.
1.3.3 Gaps were observed in liquidity risk identification process and forecasts for the
funding plan exhibited major swings. The appetite of the bank for market and
liquidity risks was determined by the RMC instead of by the Board. There were
other serious concerns relating to lack of convergence between the defined
objectives of market risk management and the actual practices, absence of
functional separation between the reporting lines for HFT portfolio and the
Page 7 of 52
interest rate derivatives portfolio, fixation and monitoring of stop loss limit by
Treasury itself, not having rate scan for equity deals, day end updation of intra-
day forex exposure limit positions instead of on real time basis, back testing of
VaR showed 21 failures in the derivatives, the repetitive breaches of risk limits
and lack of efforts to avoid recurrences.
1.3.4 There were concerns from derivative transactions, allocation of incentives,
control deficiencies and gaps which indicated that risk governance in treasury
function was weak. Key Result Areas (KRAs) of the business heads insofar as
risk governance practices were concerned, were not commented upon by the
Chief Risk Officer and the regulatory and audit compliances were not factored
into KRAs of the business heads while deciding their bonus and ESOPs. The
Compliance Department was relying on a back to back certificate issued by
Governance Risk Compliance Coordinator of Treasury in respect of derivatives
transactions (the current RBI inspection pointed out irregularities in this activity).
1.4 Internal Audit Score: 1.993
1.4.1 A perusal of the quarterly reviews on performance of internal audit by the ACB
revealed that only the data on number of audits planned / completed, rating-
wise number of auditee units, improvements in ratings, number of audit reports
pending/closed, etc. was being placed before the ACB. The audit issues and
quality of compliance were not aggregated and put up till FY-13 (only one
thematic study was conducted); the bank needs to step up pace and widen
coverage of its thematic studies (only five conducted in FY-14) on audit findings
keeping in view the high level of compliance risk.
1.4.2 (i) Management Audit Reports were received with a delay of app. 3 months and
the recommendations were yet to be reviewed by the concerned committee/s,
(ii) the bank's present classification of auditee units into 5 scale rating (AAA,
AA, A, BB, BBB) was not in tune with the perception and significance of the
audit findings, (iii) in FY-13, the bank did not conduct any snap or forensic audit
of any auditee unit or activity despite many triggers including KYC related
irregularities in the branches, (iv) there were repetitive adverse features and
inordinate delays in submitting compliance by many auditee units; the
Page 8 of 52
compliance by units was still lax as not only false compliances were detected by
Internal Audit itself, routine compliance was also accepted from the auditee
units, (v) the bank had identified 20 audit issues which were not yet rectified and
it had not initiated corrective action regarding compliance failure in respect of 20
major regulatory guidelines admitted by the bank in its compliance self-
assessment report given to RBI, (vi) follow up of findings of audit of outsourcing
agents was delayed and neither the irregularities were rectified by the target
dates nor the status of the action points was reported to ACB in its next
meeting.
2. Credit Risk (Aggregate Score: 2.360)

2.1 Inherent Risk Score: 2.490
Major findings/ observations: The above risk score represented the following:
2.1.1 (a) The bank's top three credit exposures were to Power (7.93%), Banking &
Finance (5.96%) and Infrastructure (5.25%) industries. The ratio of exposures
to top 10 borrower groups as a proportion of total exposures stood at 15.56%.
(b) In terms of industry, the bank’s exposure to top three stressed sectors viz.
Aviation, Power and Telecom as a percentage of its total exposure stood at
9.51%. The exposure to Power sector increased by 29% during the year, the
exposure to Telecom, however, decreased by 41% by way of recovery but the
exposure to Aviation sector decreased by 34% by write off.
(c) The direct and indirect exposure to medium or worse risk countries (as rated
by ECGC) as a percentage of the bank’s net worth stood at 17.09%.
(d) The bank’s exposure (geographical concentration) in real estate sector with
Maharashtra itself constituted 46.95% (with Mumbai more than 34% and Pune
more than 11%) of the total exposure in this segment.
2.1.2 (a) Bank’s total standard exposure around the hurdle rate stood at 68.96%.
(b) In terms of rating transition, the downgrade of rated exposures to total rated
exposure stood at 21.16%. These trends reflected a need for closer monitoring.
2.1.3 The proportion of unhedged exposure of the bank constituted 45.76% of its total
foreign currency loans. There was a need for closer monitoring from risk
Page 9 of 52
perspective.
2.1.4 The weighted average residual maturity of the bank’s exposures at 4.12 years
mainly on account of project loan exposures which constituted 11.77% of its
total loan exposure.
2.1.5 The readily liquefiable financial collaterals stood at just 2.08% of total exposure
whereas under-collateralised loans formed 34.81% percent of its total secured
loans.
2.1.6 Analysis of credit portfolio reflected some areas requiring attention from risk
perspective (a) accretion to the stock of NPAs/NPIs, (b) incremental NPAs +
non SLR NPIs during the year constituted 83.11% of the total NPAs + non SLR
NPIs outstanding at the end of the year, (c) exposures in SMAs constituted
4.22% of the total fund based standard credit exposure, (d) sacrifices made in
compromise cases at 33.38% of exposure and waiver of 94.44% of the
unapplied interest.
2.1.7 The increasing incidences of frauds in retail segment, particularly in home loan
segment ( 90 mn in 36 home loan cases during April-July, 2013 itself as
against 122 mn in 32 home loan cases during FY 12-13) indicated that the
controls for minimizing frauds in retail credit segment were not commensurate
with the bank's strategy of growing fast in this segment (yoy growth of retail
credit portfolio being 43.62% against 16.03% growth in overall credit portfolio
together with the fact that retail loans constituted 27.40% of the bank’s total
advances as on 31st March 2013 compared to 22.13% last year). The bank had
not internalized the risks involved in Advanced Disbursement Facility (ADF –
since discontinued after RBI instructions on September 3, 2013) providing full
disbursement of loan to builders at the request of the borrower, irrespective of
the stage of construction. Moreover, some of the builders under this scheme
were chosen based on their reputation; such credit decisions are highly prone
to risk.
2.1.8 The stock audit reports were not utilized, in many cases, as a tool for credit
supervision; these were used mainly at the time of review/renewal of limits even
if these reports were old (5 to 6 months) and the issues (including steep decline
Page 10 of 52
in DP) pointed out therein were not attended to/resolved.
2.1.9 NPA Management and Recovery policy of the bank provided for unfair
measures to exit a problem account inasmuch as (a) Interest rate may be
increased to force the client to look for an alternative banker (b) Exit may be
approved with a sacrifice of interest and/ or part of the principal even though the
asset is classified as standard. While the clause at (a) was violative of the RBI
instructions against excessive rate of interest, the clause at (b) was not only
discriminatory but was also violative of the rights of other borrowers; such
settlements have also been objected to by DRTs.
2.1.10 (a) The bank followed discriminatory pricing for same rated borrowers in several
cases in SME sector. (b) In many accounts taken over from other banks (430
out of 685 cases in SME segment and 84 out of 151 cases in Agri segment),
the bank did not obtain the credit information report.
2.2 Control Gap Score: 2.056

2.2.1 Many weaknesses were observed in the quality of credit appraisal signifying
unsatisfactory credit intermediation system prevailing in the bank. (a) Diminished
value of securities accepted at the time of compromise settlements in
comparison to the values brought on book at the time of sanction pointed
towards laxity in collateral management at the time of origination. (b) Though the
bank had prescribed a matrix of pricing on the basis of internal rating of
borrowers, the same was being followed more in breaches/ deviation allowed at
the beginning of the relationship. (c) The credit appraisal system was not
adequately capturing unhedged foreign currency exposure of borrowers at the
time of sanction and there was no evidence to suggest that the credit risk
emanating from unhedged exposure above a threshold limit was factored into
credit risk assessment.
2.2.2 (a) Bank's policy of rating override upto 3 notch points covered a select list of
borrowers which indicated top borrower bias and / or strong parent bias; rating
over-ride gave sweeping powers and was not linked to rating of certain specific
Page 11 of 52
parameters to ensure judiciousness and transparency. Such high range of
override with power of allowing interest concession (between 1 and 2%) was
fraught with possibility of deviation from rating-pricing model. (b) Board review of
analysis of overall rating distribution did not contain analysis of rating
downgrades (with underlying reasons). (c) The bank did not have any residual
maturity-wise exposure limits.
2.2.3 The bank violated RBI guidelines relating to (a) loans against security of shares
(in 16 out of 20 such cases reported by bank itself as part of its compliance
testing), the outstandings exceeded 2 Mn each as on March 31, 2013 in
violation of the limit of 1 Mn as per extant RBI instructions, (b) review, on a
monthly basis, the unhedged portion of the foreign currency exposures of clients
with high forex exposure and (c) review of unhedged exposure for SMEs.
2.2.4 (a) Total recovery as a percentage of gross NPA at the beginning of the year and
slippages was only 6.66% during 2012-13 as against 6.52% in 2011-12 and
9.76% during 2010-11. (b) There was no system of assigning any haircut on
collaterals at the time of sanction. (c) The bank was seen to be bypassing the
restructuring mechanism by sanctioning new facilities to regularize overdues in
some large borrowal accounts. (d) The policy on write off did not provide for
consideration for value of collaterals at the time of compromise/settlement.
During last three years, the bank had technically written off approx 50% of the
opening balance of NPAs as may be seen from the following table:
Mar-13 Mar-12 Mar-11 Mar-10 Mar-09
NPA at the start 1720 1587 1295 890 495
Total W/Off 800 666 668 1031 344
% 46.49% 41.96% 51.56% 115.75% 69.61%
(e) The Consumer Lending Department did not classify any account under SMA,
though eligible, thus violating RBI instructions in this regard. Absence of such
monitoring mechanism in consumer credit segment particularly in view of bank’s
recent thrust in retail and consumer segments resulted in lax Top Management
oversight on this sector. (f) The parameters set by the bank for identification of
SMAs in accounts under Large Corporate and Infrastructure did not include
Page 12 of 52
default in repayment, over-drawings, delay in DCCO, etc.
2.2.5 The bank was not classifying restructured loans as NPA from back date (as per
RBI norms) in case the account turned NPA due to failure of restructuring.
2.2.6 Loans given for repairs under Housing segment in multiple accounts to a single
customer exceeding the limit were misclassified as PSLs.
3. Market Risk (Aggregate Score: 2.553)

3.1.1 The investment portfolio of the bank countenanced risks from a) interest rate
sensitivity of securities with residual maturity of more than 5 years; and (b)
interest rate sensitivity of the HTM portfolio.
3.1.2 The equity portfolio of the bank also showed vulnerability emanating from (a)
portfolio beta; (b) investments in convertible instruments; and (c) equity
collaterals arising out of loan book.
3.1.3 The FX portfolio exhibited volatility in the daily VaR. The impact of average
aggregate gap on the networth of the bank pointed to enhanced risk during
times of stress in the FX portfolio as per stress impact assessment.
3.1.4 The IRRBB of the bank as measured through Earnings perspective and
Economic Value perspective indicated susceptibility in the case of 200 bps
interest rate shock. The bank was also vulnerable to basis risk in its Balance
Sheet as also embedded optionality risk which could cause mismatches in the
maturity buckets.
3.1.5 The bank had submitted regulatory return incorrectly in respect of total HTM
book value; the bank had used different figures ( 460910 Mn) for regulatory
reporting and for internal operations ( 484612 Mn); there was no reconciliation
of the figures being used for business operations and the figures being reported
for regulatory purposes.
3.1.6 (a) The Board approval for shifting securities to HTM portfolio on September 30,
2013 as part of special regulatory forbearance had been modified by Treasury
without giving any reason. (b) Treasury had internally earmarked 20 Mn as
Page 13 of 52
stop loss in violation of its Board approved FX VaR limit of 15 Mn. (c) The stop
loss allocation to individual dealers was done by Treasury itself; this was not
captured anywhere in the system nor was it intimated to Risk Department.
Consequently, there was no independent monitoring of dealers’ individual stop
loss limits.
3.1.7 For investment portfolio, the policy did not provide the list of approved products.
For derivatives, there were no guidelines regarding day one P&L. Hence, the
same was neither identified nor monitored by Risk Department.
3.1.8 As per bank’s own data, the Treasury had incurred operating losses on a
standalone basis in four out of last five years. Its profitability had been shored
up on the back of transfer pricing income. Under the current mechanism, it was
not possible to separately identify the income generated by Treasury from
market and that from internal customers through transfer pricing. There was no
independent verification of achievement of targets by Treasury dealers.
3.1.9 The bank did not calculate and monitor dealer wise P&L. Since the individual
dealers’ business targets were not shared with control departments, there was
no validation of allocation of incentives to dealers by the Head, Treasury based
on the actual performance of individual dealer. Moreover, the bank didn’t
incorporate the disciplinary record of the dealers in terms of risk limit breaches,
etc. into their overall performance evaluation.
3.1.10 Ratification of limit breaches was done routinely by the ALCO sub-committee.
3.1.11 The portfolio performance evaluation didn’t take into account the effects of
active management of positions. For instance, while borrowing through FX
swaps or MTN, the hedging strategy adopted was dynamic which could impact
the total cost vis-a-vis domestic funding. For example: the bank had issued
USD 250 mn MTN in August 2012. It had undertaken hedge transactions with
three different banks viz. ANZ Bank USD 75 mn, Barclays Bank USD 25 mn
and Standard Chartered Bank USD 150 mn and there were a total of eight
transactions. The hedge deals were transacted during September and October
2012 for different amounts. However, seven of these hedge transactions
amounting to USD 225 mn were unwound in June 2013. This illustrates that the
Page 14 of 52
hedges have also been unwound mid-term, which establishes the active
management of the portfolio.
3.1.12 The bank had not revised the base rate (10%) in FY-13 (since revised to
10.25% on August 16, 2013) whereas during the same period, retail term
deposit rates had been revised 33 times and the bulk deposit ( 50 Mn and
above) rates were revised 223 times during FY-13. Moreover, the Quarterly
Review Note for Base Rate was approved by circulation among ALCO
members and it did not contain information on revision in deposit rates.
3.1.13 (a) There were 20,167 deleted/ cancelled/ modified deals, and the bank had not
analysed the reasons for the same from the angle of avoiding their recurrence
(b) The dealers widely used, apart from other tools, the Reuters Messenger
(RM) which had no audit trail and no independent oversight. The bank didn’t
have any policy regarding use of RM chat facilities in dealing operations as this
represented another mode of communication with external customers for
negotiation of pricing, and regarding primary record of the transactions for such
facilities, in violation of RBI instructions. (c) There was a scope for dealers to
have direct access to voice recordings without having to lodge any formal
request for such access. (d) It was observed that ID of one dealer on Reuters
dealing system continued to exist even after the dealer had quit the bank. (e)
The bank used several systems on its FX desk such as Citi Velocity, BARX,
etc. for which there were concerns regarding order management. (f) Non-
performing investments were being marked in the system via manual
intervention.
3.1.14 There was no separation between inter-bank desk and customer desk in
derivatives resulting in inter-bank dealers communicating directly with corporate
customers. In FX desk as well, the reporting lines for inter-bank desk and
corporate desk were the same. Similarly, the trading book and the derivatives
book were headed by the same person. The transfer pricing mechanism in the
bank was based on centralized pooling of funds, the management of which in
terms of deployment and return generation was handled by the Treasury. This
blurred the transparency desired between management of funds emanating out
Page 15 of 52
of the centralized pool and the investments of the Treasury. The demarcation
between the two separate objectives was also not possible i.e. whether market
access was on account of funds from the centralized pool or investment/money
market portfolio requirements. Therefore, the centralized pool related decisions
were also taken by Treasury whereas Treasury should focus on market related
performance alone.
3.1.15 a) In terms of circular DBOD.No.BP.BC.44/21.04.157/2011-12 dated November
2, 2011 banks were required to obtain Board Resolutions (BRs) from corporate
customers in a prescribed format w.e.f. January 1, 2012. The bank had not
examined whether the ISDAs, based on BRs prior to January 2012, were valid
and enforceable after new BRs were submitted by the corporates. (b) The bank
wasn’t capturing the limit allotted by the corporates to the bank in its internal
systems; hence, limit monitoring wasn’t appropriate. (c) There was no
independent monitoring to ensure that dealers were actually transacting only
with authorised persons of the corpoarates.
3.1.16 Total income from FxConnect transactions (Merchant) during FY 2012-13 was
Rs. 1523 mn. In this context, independent oversight over FxConnect was
considered inadequate/lacking.

3.2.1 The risk limit breaches were repetitive and the reasons were not examined, the
limits were monitored on day end basis instead of on real time basis. The bank
had not documented a definition of "illiquid assets" in the context of investments
for the purpose of transfer of securities from HFT to AFS after 90 days holding
on the basis of illiquidity. There was no independent verification of the basis of
such transfers.
3.2.2 The equity portfolio of the bank registered 26 percent depreciation on March 31,
2013. Further, there were 20-30 scrips every month that breached the internal
stop loss limits on a recurring basis, these breaches were routinely ratified
without any analysis as to whether there were additions to these losing positions,
Page 16 of 52
and whether stop loss limits were getting triggered for investments in new
securities as well; there was no rate scan for equity positions and the price
verification for oversight purpose was based merely on broker confirmations;
equity investments outside the permitted universe had also been observed.
3.2.3 (a) The Past Performance limits were fixed and monitored by Treasury (Front
Office) and not by Middle/Back Office, the bank didn’t have list of approved
currencies. (b) The RBI approved NOPL ( 3000 Mn) allocated internally by the
bank (for domestic branches at 2400 Mn and for overseas branches at 600
Mn equivalent to USD 12 Mn) was exceeded due to USD-INR rate moving
beyond 50, though it had not fully utilized the limit upto USD 12 Mn; this was
avoidable if the NOPL allocation among overseas branches was reviewed in time
and revised downwards. Moreover, it also resulted into an additional capital
charge of 4.63 Mn for extra NOPL allocation. Further, the bullion consignment
details were still maintained in excel sheets.
3.2.4 The internal limit of EaR 3000 Mn was exceeded from June 29 to July 17, 2012
(due to revision in RBI guidelines relating to Duration Gap Analysis) when it was
revised upwards to 4000 Mn. The bank had defined its internal EaR limit as a
fixed number instead of linking it to NII.
4. Liquidity Risk (Aggregate Score: 2.147)

4.1.1 The year-end CASA deposits and average of the quarter end CASA for the last
three years indicated volatility. The bulk deposits vis-a-vis total deposits and
outside liabilities indicated the bank’s vulnerability to liquidity risk. The bank did
not display card rates for bulk deposits ( 50 Mn and above) on its web-site; the
bank was still bidding for such deposits. There was high level of deviation of
some term deposit rates from the average rate on deposits. Further, deviation
was indicated by greater variance in the rates on some borrowings as compared
to the average cost of borrowings.
4.1.2 The bank countenanced liquidity risk because of (a) Volatile liabilities (b) market
Page 17 of 52
liabilities, (c) the bank being a net borrower for 144 out of total 250 market days,
and (d) average borrowings vis-a-vis the average liquid assets, etc.

4.2.1 For behavioural studies, the bank was using 2-years data for term deposits as
compared to requirement of at least three years data. The variance analysis
conducted by the bank to review behavioural studies had the following
deficiencies: (a) Conclusion presented in the analysis followed fixed format (b)
No established follow-up action plans (c) Didn’t have proper attribution analysis.
4.2.2 Though the bank was a pretty active user of Forex Swap for liquidity purpose,
the additional risk arising out of active management of positions was not
covered/ taken cognizance of in the bank at any stage including evaluation of
portfolio performance or assessment of actual cost of funding (cf para 3.1.11
also).
4.2.3 The liquidity risk scenarios as accepted in review dated December 5, 2011 were
kept unchanged in the last such review dated June 1, 2013. This resulted in
same scenarios being used in each stress test for the entire duration,
4.2.4 The bank did not have CFP during FY 2012-13; the CFP of the bank devised in
September 2013 was not diversified appropriately. The haircuts mentioned by
the bank are not reflected in the banks' latest CFP. The forecasts for the funding
plan exhibited major swings and weren’t accurate.
4.2.5 There were several breaches in liquidity risk limits [(a) IRS Gap Breaches -
Several breaches in Dubai, Hongkong and Singapore (b) Structural Liquidity
Gap Breaches - Several breaches in Dubai and Hongkong and in first four
buckets, which indicate possible liquidity stress (c) EaR - Several breaches in
Dubai] which indicated that the bank was not monitoring the limits effectively and
efficiently.
4.2.6 The Board had not set any guideline for intra-day limits/facilities for bank’s
customers in any credit related policy. There were 11 instances of intraday limits
allowed to various corporates converted into overdrafts; there was no
Page 18 of 52
mechanism or strategy to avoid the event of such a facility getting rolled over.
4.2.7 The bank had breached CRR requirement on March 31, 2012 and April 01, 2013
when it’s CRR fell below the mandatory daily requirement of 70% of NDTL. This
had resulted in RBI levying penal interest on the bank for default in maintenance
of CRR.
5. Operational (Non- IT) Risk (Aggregate Score: 2.423)
5.1 Inherent Risk Score : 2.390

5.1.1 The bank was issued two Show Cause Notices by RBI for non-adherence to
KYC/AML guidelines. A warning letter was also issued by RBI to the bank for
constant misclassification of Priority Sector loans. A penalty of 0.2 Mn was
levied by NSDL and other Government Authorities for certain violations of their
instructions.
5.1.2 While the bank recruited 15217 employees on one hand, 9033 employees had
also quit the bank. The turnover at base level was high. The attrition rate of the
Sales and Front Officers increased significantly during FY-2013.
5.1.3 The employee training expenditure vis-à-vis total operating expenditure was
very low and it declined during FY-13.
5.1.4 The compliance audit had detected 95 cases of false compliance by branches
with respect to the deficiencies pointed out by Internal Audit.
5.1.5 Number of legal cases by the customers against the bank increased from 157
(FY- 12) to 262 (FY-13).
5.1.6 Internal Audit had identified 6119 cases of KYC/AML non-compliance during
the FY-2012-13 which reflects that the bank was still not following the extant
guidelines in letter and spirit.
5.1.7 The amount involved in number of internal frauds, had increased from 99 Mn
(32 cases in FY-12) to 107 Mn (35 cases in FY-13).
5.1.8 The number of external frauds by non-customers had jumped from 168 (FY-12)
to 831 (FY-13). Similarly number of external frauds by customers also
increased significantly from 65 (FY-12) to 102 (FY -13).
Page 19 of 52
5.1.9 The bank had made a repository of internal loss data since the year 2006 only,
as against the earlier plan to compile such data from 2001 onwards thereby
delaying its preparedness to move to Advanced Measurement Approach (AMA)
and hence, the bank was using Basic Indicator Approach for calculation of
capital charge for Operational Risk. In order to move to AMA approach, the
bank was working on SAS-EGRC project since May 2010 which was much
delayed. Further, the bank was using only the internal loss data and external
loss data was not yet used.
5.1.10 Monitoring of high value transactions continued to be outside the AMLOCK
system despite being pointed out by AFI-2012.
5.1.11 There was no mechanism/system available with the bank to monitor the alerts
during the mid-night hours when Finacle goes off-line.
5.1.12 The half yearly reviews of the outsourcing activities were conducted with a
delay of more than six months during FY-13. There was also undue delay in
instituting rectification measures to comply with their audit findings.
5.1.13 There was no separate review of the IT related frauds by the IT Strategy
Committee for advice, if any, on corrective action.

5.2.1 There was undue delay in submission of replies (36 cases) to RBI, review of
policies and submission of returns and issue of internal circulars on regulatory/
supervisory matters (up-to 8 months).
5.2.2 The alerts were closed without ascribing reasons. There was no defined
process/framework for closure of the alerts. AML Cell had not examined many
of the cases referred to by COSMOS cell for the purpose of filing STRs.
5.2.3 There was no scenario designed for alert generation for monitoring of newly
opened accounts and immediate withdrawal after deposits therein, though it
was advised by RBI vide its Circular dated September 13, 2012, on Fictitious
Offers of Cheap Funds from Abroad - Monitoring of Transactions. While all the
new accounts were opened after passing through de-dupe check, the bank had
Page 20 of 52
not carried out any quality check to assess the efficacy of the newly installed
de-duplication process. Incidentally, de-dupe process was in progress for
legacy accounts and the bank was hopeful that it would complete it by February
2014 i.e. prior to the regulatory prescription of March 2014.
5.2.4 There was no defined policy for rotation of employees posted in sensitive desks
at the corporate office. There were 2727 employees eligible for rotation but
continuing in the same role for more than 3 years including 455 employees for
more than 5 years. There were 8020 employees who had not availed
mandatory leave.
5.2.5 Retail Banking, Consumer Lending, IT&RBO, MC&SME, Treasury and
Wholesale Banking Operations got more than 98% of the total training hours
provided by the bank during FY-13 and other departments (HR, IAD, Legal,
Compliance, Risk and F& A) got hardly 2%.
5.2.6 The Head of Internal Audit and Internal Vigilance was one and the same
person. Ideally, these two functions may be headed by separate officers
keeping in view the extent of audit universe to be attended to by the Audit
Department and the attention required by Vigilance Function owing to
increasing number of internal and external (by customers) frauds, delay in
detection of frauds, delay in fixing staff accountability, etc.
5.2.7 Caution/warning letters were issued to 58 employees and 13 employees were
terminated from service for involvement in the fraud cases. There were 80
employees suspected of having perpetrated frauds in last three years.
Withholding of increments/revision of pay / withholding of promotion, reduction
to lower grade or salary as measures of penal action were also provided for in
the HR policy but these penal measures were not put to use till FY -13.
5.2.8 There was undue delay in taking remedial measures suggested by the Special
Committee on Monitoring of Large Value Frauds with regard to re-audit of Burra
Bazar (Kolkata) branch and ASC Chennai. There was no review of the reasons,
if any, for delay ranging between 3 to 24 months in detection of frauds.
5.2.9 The Annual review of BCP was delayed from scheduled date of January 2013
to August 2013. In many of the critical activities, BCP drill was either partially
Page 21 of 52
completed or pending. The bank had elaborated the Recovery Strategy in its
BCP but the testing for Emergency Response Plan and Functional Recovery
Plan had not been carried out. The bank was not having any technological
solution/software for monitoring/ tracking/reviewing the process of BCP/DR
drills and initiating action on points emerging out of testing. The bank had not
completed the testing for all the activities outsourced at vendor level. Vendors’
BCPs were not integrated with respective departments'/unit's BCP.
5.2.10 The bank earned an income of 21217 Mn out of non-service activities in FY-
13. In December 2012, the bank was advised as part of MAP point to ensure
that the charges are based on the services rendered only. However, the bank
continued to clean up available balance in 2.3 Mn accounts by levying MAB
charges to the extent of 494 Mn over the last 18 months of which 1.2 Mn
accounts accounted for 268 Mn over 9 months since January 2013 i.e. after
the issue of RBI instructions. The bank had received 1078 complaints against
MAB during FY-13. In respect of 601 complaints, no money was refunded.
However, there was no policy for refund of such charges.
5.2.11 There were 4 schedules for bank charges; two were approved by Committee of
Directors, third by ED (CB) and fourth by MD & CEO. The schedule of bank
charges for retail customers and liability products was not put up to Customer
Service Committee for its approval.
5.2.12 The bank was not carrying out the root cause analysis of complaints received
from customers. In some cases, the bank took longer than projected time in
redressal of grievances.
5.2.13 During FY-13, the bank had launched 30 products and in case of only 3
products, Self-Risk Assessment was submitted by the owner departments of
the products to Process Quality (PQ) Department and that too with delay of
more than 6 months. Further, the Compliance Department did not comply with
the bank’s policy of monitoring of the newly launched products for the first 6
months after their launch.
5.2.14 In last FY, Risk Control and Self Assessment was conducted for all the
departments. But this year, it was done for selective departments only. ORMC
Page 22 of 52
had identified 1207 Action Points related to Control Gaps. In case of 296 Action
Points, the action was not completed and it was overdue in respect of some of
them. The process of using RCSA findings to identify Key Risk Indicators has
not been fully implemented for defining the risk profile of the bank. In case of 45
Risk Titles, no controls were defined.
5.2.15 Presently, the process for identification of loss data and reporting thereof was
done by three units - (i) Centralised Accounts Payment Hub (CAP-Hub) (ii)
Fraud Control Unit (FCU) and (iii) Operational Risk Vertical. There was a lot of
manual intervention and subjectivity involved in identification, reporting and
recording of loss data at CAP-Hub.
5.2.16 The annual review of outsourcing activities was completed with delay; the
Policy on Outsourced Activities or the Outsourcing Committee did not prescribe
any time line for such a review. There were 21 activities which were outsourced
without seeking permission from the Outsourcing Committee.
6. Operational (IT) Risk (Aggregate Score: 2.187)

6.1.1 There were claims involving 1028 mn related to deficiencies in IT based
services vis-a-vis total claims of 1154 mn.
6.1.2 Average ATM down-time of the bank at 45.17 minutes, total CBS down-time at
1224 minutes in which longest single CBS down-time was 200 minutes and total
internet banking downtime at 1177 minutes with single longest internet banking
down-time at 397 minutes were high.
6.1.3 There were 12653 instances during the period when data records were
changed/updated/modified through the back-end of the bank’s IT systems
(manually or through batch uploads).
6.1.4 The bank had comparatively higher number of interfaces with Upstream and
Downstream systems to a core system of independent reconciliation processes
between subsidiary systems and main accounting systems (3) to total such
systems (8).
Page 23 of 52
6.1.5 Lack of initiatives and deviations from best market practices were evident e.g.
(a) A dummy field i.e. ‘abc’ in use as one of the verification agencies in Prime
software for credit card operations. (b) An alphabet 'Y' in the user name field for
user id ASL41265 instead of actual name (c) 'DISABLED' description for role
‘L_PUN_01’ was wrongly created and the same was not in use. (d) Reactivation
of a debit card (blocked at customer’s request) with the same compromised PIN
could result into the risk of access by an unauthorised user (e) The frauds
perpetrated in loan and deposit accounts by using the IT platforms were not
included in the reporting of IT related frauds. Moreover, causative factors of the
IT related frauds were not placed before the IT Strategy Committee for its review
and direction, if any. (f) STP functionality was pending between critical
applications i.e. Finacle and Finnone. (g) There was no cap on amount of
transfer through net banking for individual beneficiary as a fraud control
measure. (h) No SMS confirmation was provided to the customer on blocking of
debit card. (i) User rights to required application (e.g. Finacle) were not
amended, in some cases of transfer of an employee from branch to Central
Office. (j) Use of Generic ID for system administrator was seen for SWIFT,
SFMS/ NEFT and Retail & Corporate iConnect (i.e. login ID like Administrator,
dbadmin, sysadmin, swiftadmin, etc). (k) In LMS application, instances were
found where ‘Maker’ and ‘Checker’ (termed as ‘Author’) were same. (l) In internet
banking, for beneficiary addition, ‘account field’ as well as ‘account confirmation
field’ were in readable text format. The best market practice is to have ‘account
field’ masked so that the customer should not copy the ‘account confirmation
field’ from ‘account field’. (m) Out of 129 legacy applications for security testing,
only 61 legacy applications were tested till September 15, 2013 and 68
applications were still pending, including platinum applications like SFMS/ NEFT,
SWIFT, etc.
6.2 Control Gap Score : 2.087

6.2.1 (a) In the Vulnerability Assessment and Penetration Testing (VAPT) excel sheets
Page 24 of 52
for a number of servers, there were high severity issues related to insecure
configuration, non-essential services running on the server, user rights policy
violation and missing service packs. Status of these issues was shown as
“Open” even after a year of opening. There was no evidence of regular review of
the closure status on the above findings in the VAPT reports. (b) The 'Software
Development Policy' covered aspects only for software development and not for
issue identification, reporting, escalation and fixing bugs in various IT
applications of the bank. (c) The financial impact of the revenue leakages, if any,
detected owing to IT bugs was tracked only through failed payments; the bank
did not have any set methodology to define the financial impact (potential costs)
of errors/ exceptions noted. (d) Patch management activity for operating systems
and databases was not performed as per the bank’s own Patch Management
Policy (ISSP - 21). (e) The roles and responsibilities were not being formally
assigned/ counter singed by the employees.
6.2.2 (a) There was critical delay in rectification of an observation by IS Auditors
regarding installation of CCTV camera. (b) The bank would be unable to monitor
the activity of employees forwarding official mails to personal email ids till the
new Data Leakage Prevention (DLP) software becomes fully operational. (c) The
bank was taking long time to be compliant with PCI standards, as against the
deadline of September 30, 2013 given by RBI. (d) On the DB servers, login
names like 'pwyadm', 'crppwyadm' and 'CLSAdmin' were still found despite the
bank’s policy of not giving any indication of user’s privilege level. (e) Some cases
of skimming of debit cards at PoS were observed but the desired preventive
steps hadn’t been taken as yet. (f) There was no linkage between the changes
initiated by business and those initiated by IT as all the changes initiated by
business had 2 different CR number sets making it tedious to track changes from
its initiation to finish. (g) Though the bank had formalized the Data Archival
Policy as per observation in AFI – 2012, the process for data archival was
delayed (scheduled for March 2014). (h) The backup activity log sheet did not
contain all the databases for backup needs and no action was taken if backup
activity was skipped for any database. (i) Standard operating procedure
Page 25 of 52
document was not available with IT teams for administration and maintenance
activities performed by their teams. (j) AV server hosted at Bangalore DMZ (IP
address: 192.168.107.100) was accessed by Wipro staff with generic admin id
“SEPMADMIN” and the same user id was used by Wipro staff to access
Symantec AV console. (k) System administration team creates user ids on
servers for application support team and the initial password set by system
administrator was the same for all user ids created in system. (l) The bank was
yet to implement the measures to increase employee and customer awareness
as per recommendations made in the RBI Report of “Working Group on
Information Security”. (m) The code in respect of Internet Banking application
(Infosys's proprietary product) was not available to the bank and there were no
software escrow arrangements. (n) Operating systems and databases used for
many of the servers were at the end of life and no technical support was
provided by vendor for these products and the in-house development of
applications within the bank was minimal.
7. Pillar II Risk (Aggregate Score: 1.610)

7.1.1 There was an increase in the number of fresh customer litigations indicated
deterioration in the customer relations.
7.1.2 The aggregate value of collaterals at the time of default vis-a-vis aggregate value
of collaterals (for exposures > 10 mn) at the time of sale (for accounts where the
collaterals was sold) indicated poor management of collaterals by the bank.
7.1.3 The amount invested in group entities indicated higher exposure to group risk.
Further, there was no evidence of assessment for infusion of additional capital in
one of the subsidiaries.
7.2 Control Gap Score : 1.730

7.2.1 The bank did not have a documented Strategy Risk Policy. However, the bank
was preparing a Strategic Plan but target of market share in the industry within
Page 26 of 52
peer group was not part of the bank's Strategy Plan. No department had been
defined as owner for strategic risk; therefore, no responsibilities have been
defined as well.
7.2.2 The bank did not have a policy / defined framework for assessment of
reputation risk, though the bank responded to specific events reported in the
media in the recent past e.g. - Skimming of Cards, media reports about
complaints from an international squash player, NSEL fraud related parties
having current accounts with the bank, etc.
7.2.3 Communication Policy was restricted to 'Media Contact Policy' only and it did
not include the communication during disasters. The Core Crisis Management
Committee had not met formally despite triggers to do so. The bank had not
documented the discussions, if any, and action taken by the committee to help
it in reviewing and improving the measures in case of crisis/disaster or in any
other event of a need in future.
7.2.4 There was delay in taking appropriate steps for compliance with the RBI
observations in the area of legal audit.
7.2.5 KYC requirement was not clearly spelt out in the approval note of the portfolio
purchased by the bank. The format of approval note was varying in each and
every case. The Securitization Policy of the bank did not specify the on-going
monitoring of the performance information on the exposures underlying the
securitization positions.
7.2.6 The bank did not have policy with regard to the conflict of interest in Intra-group
Transactions and Exposures (ITEs). No analysis of ITEs regarding (a) adverse
impact, if any, on the bank and (b) impact on solvency, liquidity and profitability
of individual entities within the group was carried out.
7.2.7 The bank did not have policy on use of its name and logo by subsidiaries or any
third party entity, despite Board direction to do so.
7.2.8 The bank did not monitor the redressal/status of complaints against its
subsidiaries. It did not assess the reputational risk arising out of activities of its
subsidiaries. Subsidiaries were not submitting to the bank various quarterly
reports like (a) Quick Mortality and NPA and (b) Legal Cases Filed/Pending as
Page 27 of 52
mandated in the GRM Policy. The GRM Policy did not include the audit and
inspection of the subsidiaries. Minutes of GRM Committee were not put up to
Board. Minutes of RMCs of subsidiaries not furnished to GRM Committee. All
the subsidiaries did not have "Internal Control Guidelines” in respect of
Operational Risk. The bank did not assess the Other Pillar -II risk of the
subsidiaries.
xxx
Page 28 of 52
Part II
Findings on Capital and Earnings
1. Capital & CRAR (Basel II)
Capital (in Billion)
Particulars Reported Assessed
Tier I 316 315
Tier II 123 123
CRAR (in %)
Tier I 12.23% 12.18%
Tier II 4.77% 4.77%
2. Major areas of financial divergence

(a). Divergence
( in mn)
Credit Risk – RWA 2198363 2202618

Market Risk – RWA 204612 204663
Total Priority Sector 502188 501928
(b). Divergence in Provisioning

( in mn)
Details Provision
Held Required Shortfall
Other Assets Nil 45 45
Claims Not Acknowledged as Debt Nil 30 30
Non Performing Assets 260 1051 791
Page 29 of 52
3. Major observations on the Assessment of Capital Management and
Planning:
(a) Capital planning, Internal Capital Ratio, Quality of ICAAP and user test:
(i) Bank’s Capital Planning and Business Projections: Capital planning exercise
was carried out by the bank for regulatory capital requirement for FY 13 as well
as for growth in FY 14 (under planned growth and under high stress). In the
internal assessment of capital, estimated loss of capital under stress condition
due to higher provisioning, market Risk and liquidity Risk are taken into
consideration. The bank had assessed the capital requirements of its ten direct
and step-down subsidiaries w.r.t. their business requirements.
(ii) Internal Capital Ratio (ICR): In view of the assessed capital (after covering pillar
II risk) being lower than the actual level of capital maintained as per standardised
approach, no additional capital was proposed by the bank’s ICAAP.
(iii) Quality of ICAAP and User Test: A scrutiny of the ICAAP document revealed
certain deficiencies listed as under:
i. The bank has set no limit for geographical concentrations.
ii. In case of a borrower contributing to multiple limit breaches (i.e. single
borrower cap as well as internal cap on industry exposure) concentration
risk is computed for industry net of the exposure to the borrower. This is
done apparently to avoid duplicity in risk computation but this premise was
flawed as industry, geographical, country exposure, etc. should not be
seen from borrower wise granularity.
iii. In the risk appetite metrics, no target level was prescribed for earning
sensitivity including RoA and RoE.
iv. Target level for CRAR (including capital conservation buffer) was kept at
the lowest level at 11.5%. The transition period of phasing-in of regulatory
adjustments under Basel III in India has already started. The modified
version of the post March 31, 2017 template was already applicable from
September 30, 2013 as per which banks are to report institution specific
buffer requirement. Hence, the bank’s setting of the default level of CRAR
as target level was not futuristic.
Page 30 of 52
v. High risk areas which needed to be factored into in the future capital
planning of the bank were concentration of exposure to top three stressed
sectors and to worse risk countries, herding of exposures around risk
rating categories, un-reckoned intra-day exposures, foreign currency
exposure to unhedged corporate, weighted average residual maturity of
exposures at 4.12 years, project loan exposures at 11.77% of total loan
exposure, uncollateralised loans at 34.81% and sacrifice of 33.38% of
exposure in compromise cases.
vi. In many compromise cases, the value of collaterals was accepted at a
much lower levels than originally accepted. In large number of working
capital exposures, as per industry experience, current assets were seen to
be deteriorating fast in value terms, once the account was NPA. As during
normal circumstances, such security value provided capital comfort to the
bank, a deterioration of security value, during stress, should have been
considered under residual credit risk, which was not done.
vii. The ICAAP document did not provide for reputational risk assessment
framework from outsourcing activities, e-banking and from non contractual
obligations and the bank had rated itself as ‘low risk’ in an arbitrary
manner. The bank while acknowledging that reputational risk had
worsened compared to the previous period, had not prescribed any capital
for the same.
viii. Without any benchmarking, it was concluded by the bank that it faced no
material geographical concentration in real estate sector, whereas, the
geographic concentration analysis carried out by RBI inspection observed
that for real estate loans, Maharashtra region constituted more than half of
the portfolio (Mumbai 34.60%, Pune 11.60% and others 11.74%). The
inferences drawn by the bank were faulty and exposed it to significant
geographical concentration risk under stress scenarios.
ix. The equity portfolio of the bank exhibited serious qualitative deficiencies
and diminution in portfolio value was a regular feature even under
standard conditions. Under stress conditions, the consumption of capital
was higher.
Page 31 of 52
x. The bank had technically breached NOPL due to adverse currency rate
resulting into allocation of higher than its approved limit ( 3000 Mn), which
necessitated additional capital provision.
xi. The bank had invested in corporate securities rated BB and below in
violation of its internal investment policy.
xii. The bank had breached its internal EaR limit for more than a fortnight. The
Bank had internally earmarked FX stop loss limit that was 33% higher than
the Board approved limit.
xiii. The ICAAP did not adequately capture the increasing operational risk
exemplified by increase in incidence of internal and external frauds,
pending technology related issues, non compliance with KYC/AML norms,
HR/Legal/ Compliance risks, BCP, etc. As observed during the inspection,
the bank has to strengthen internal system to minimize people’s risk,
outsourcing risk, process risk, technology risk, reputation risk, event risk,
etc. The ICAAP was found to be deficient in addressing to these risk
areas.
xiv. Compliance risk in the bank was increasing considering the gaps pointed
out by RBI in adherence to KYC/ AML guidelines and violations observed
during the current inspection, besides the failed compliances noticed by
the bank itself. There was a need to capture these areas in the internal
capital assessment by the bank.
(b) Sustainability of internal sources to generate capital by way of assessment

of quality of earnings:
Assessed Pillar I Capital: The assessed Pillar I capital stood at 438,445 mn as

against the reported capital of 439,311 mn, as on March 31, 2013.
(c) Scope and ability to raise additional capital:
i. The bank had headroom (difference between Paid up capital and Authorised
Capital) of 3,820.46mn to infuse additional equity. Headroom to raise Tier II
capital was to the extent of 161,727 mn. Further, subordinate debt was at the
Page 32 of 52
level of 100,367mn having headroom upto 57,184 mn as these are eligible for
inclusion in Lower Tier II upto 50% of Tier I capital.
ii. The bank is well capitalised with assessed CRAR at 16.95% as on March
31, 2013. The bank had not projected any increase in paid up capital
during 2014-16. Going ahead in medium term, minimum common equity
and capital conservation buffer needs as per Basel III norms would require
the bank to raise its capital. It is expected that the bank would face tough
competition in raising capital in view of similar demand from the entire
industry.
(d) Leverage ratio and Stress Testing:
Assessment of Leverage Ratio: The leverage ratio of the bank stood at 6.65%
as reported by the bank. On adjustment of additional provisioning suggested by
the present inspection, the leverage ratio is assessed at 6.63%.
Results of Stress Testing:
i. For Credit Risk, based on the stress scenarios, the capital adequacy ratio is
impacted by 204 basis points at the highest stress level (160 bps Q3FY2013).
The Tier I capital adequacy ratio is impacted by 155 basis points at the
highest stress level (115 bps in Q3FY2013). Under highest stress, in which
incremental NPAs grow by 100% compared to previous 12 months, the
incremental provision would be 20234 mn and CAR and Tier I CAR would
reduce by 78 basis points.
ii. From the banking book perspective, under the EVA, the downward shock of
200 bps had a net impact of (-) 34550 mn (7.86% of capital). The negative
impact on capital on account of the trading book under Market Risk was
observed to be at a maximum of 35 bps under given stress scenarios.
iii. For liquidity stress, the increased funding costs as well as loss on sale of
assets would impact the capital through current period’s profits. The NII
impact under combined liquidity stress scenario is 5472 mn (4 quarter
trailing NII of 96663 mn) compared to 5704 mn in the previous quarter
Page 33 of 52
iv. The impact of simultaneous stress on the Credit and Market Risk assets at
the highest stress level is assessed at 252 bps as of March 31, 2013 (191 bps
in Q3FY2013) on the CRAR and 205 bps (148 bps in Q3FY2013) on the Tier-
I ratio.
Adequacy of stress testing was lacking in the following areas

i. A memorandum is placed before the board at periodical intervals on the
bank's initiatives towards risk management including results of stress testing.
A perusal of minutes of 6 meetings (FY-13 and FY-14) of the Board or the
meetings of Risk Management Committee did not reveal any action point
emerging from any of these meetings.
ii. The liquidity risk scenarios were not subjected to review and modification
every year taking into account the changing macro-economic conditions and
changes in the bank's business profile or strategy.
iii. In Contingency Funding Plan of the bank, the scenarios under 'bank specific
stress' are generic and are not commensurate with bank's complexity, risk
profile and scope of operations.
2. Internal Generation of Capital
i. Increasing trend was observed in stable income and net stable profit in last
three years. Growth in gross stable income was 22.26% whereas net stable
profit increased by 25.24% during the period.
( in mn)
Contribution from Core banking FY13 FY12 FY11
operations
Gross stable income 322224 263563 185199
Net Stable profit 54184 43263 34008
ii. The present inspection identified additional provisioning requirement due to

claims not acknowledged as debt ( 30 mn), other assets under ATM cash
shortage ( 41 mn) and other items under claims against bank for frauds and
others ( 4 mn). Non compliance with provisioning norms posed a risk of
overestimation of profits which needed to be addressed by the bank.
Page 34 of 52
Increasing provision on account of loan losses led to rapidly increasingly
erosion of gross volatile income.
iii. During last three years, dividend payout ratio remained stable at sub 20%.
xxx
Page 35 of 52
Part III
Major Areas of Non-Compliance (Regulatory Guidelines)
Part A: Non-Compliance Identified During Course of Inspection (FY 2013)
Sl. Regulation
Action to be
No Reference Regulation area/ focus / Current State of
taken by
(Para & circular Compliance
the bank
No.)
1 Annex 4 of RBI’s I. One account i.e. Mawana Sugars Ltd was not Bank to
circular ref. considered NPA by the bank although it was NPA comply with
DBOD.No.BP.BC. since June 25, 2012. A few of the accounts were extant
No. 37 / 21.04.132 / downgraded by the present inspection from sub guideline
2008-09 dated standard to doubtful-II and doubtful-III, the same
August 27, 2008 on was not considered by the bank. Hence shortfall in
Prudential Guidelines provision was found to be 791 mn.
on Restructuring of
II. The bank was not classifying restructured loans
advances
as NPA from back date (as per RBI norms) in
case the account turned NPA due to failure of
restructuring.
2 Para 5.8.1 of Master Wrong risk weights were applied to two corporate Bank to
Circular no. accounts w.r.t. their credit rating. Extra RWA on comply with
DBOD.No.BP.BC.16 account of applied wrong risk weight was found to extant
/21.06.001/2012-13 be 4672 mn guideline
on Prudential
Corporate Applied Actual
Guidelines on Capital
Essar Steel India 50% 100%
Adequacy Limited
and Market Orchid Chemicals and 100% 150%
Pharmaceutical
Discipline- New Limited
Capital Adequacy
Additional Risk Weights applied on account of
Framework (NCAF)
Market Risk and fresh NPAs were 51 mn and
Page 36 of 52
419 mn respectively.
3 Para 8.5 of Master a) As per regulatory guidelines, while calculating The bank to
Circular no. capital charge for market risk, the open position of immediately
DBOD.No.BP.BC.16 FX and Gold has to be taken on the basis of revise the
/21.06.001/2012-13 higher of limits or actual utilization. internal
on Prudential allocation of
b) The bank had been allotted NOPL of 3000 mn.
Guidelines on Capital NOPL. The
The internal allocation of NOPL was 2400 mn for
Adequacy bank is also
domestic operations and USD 12 mn for its four
and Market advised to
overseas branches. Applying the revaluation rate
Discipline- New review
of 54.285 applicable for March 31, 2013, the
Capital Adequacy periodically
NOPL allocation for the bank becomes 3051.42
Framework (NCAF) its NOPL
mn i.e. an excess of 51.42 mn. The bank,
allocation in
therefore, has to make capital provision at the rate
order to
of 9% for the excess i.e. 51420000 X 0.09, which
ensure that
amounts to 4.63 mn.
its stays
within the
approved
limits.
4 Part II and Para 3, The bank had misclassified 259.47 mn as priority Bank to
4(ii), 6 of Part III of sector lending on account of comply with
Master Circular No. i) Wrong classification of some MSE accounts as extant
RPCD. CO. Plan. BC priority sector ( 43.95 mn). guideline
13/04.09.01/ 2012-13
ii) Multiple accounts of single customer exceeding
dated July 20, 2012
limit of loans given for repairs of damaged house
( 142.71 mn) and 1.74mn declassified as loan
given to staff
iii) Prescribed limit exceeded for various

parameters i.e. Micro credit, Small MSME,
Page 37 of 52
Education and others ( 71.07 mn)
5 Fit & Proper criteria – One director had attained the age of 70 years The bank to
Para C (i) (b) of the when re-nominated (after retirement by rotation) to ensure
Annexure of RBI cir the Board in July 2013 and he was not eligible to immediate
Ref DBOD continue as director as per the norms prescribed compliance
No.BC.8/08.139. by RBI.
001/ 2003-04 dated
August 1, 2003.
6 RBI’s guidelines on As per the NPA Management and Recovery Policy The bank to
not charging of of the bank, in the Mid Corporate, SME and revise the
excessive interest Agriculture segments, the following measures policy
rates as laid down in were suggested: (Exit Strategy Point 10) “to exit a
Para 2.11 of DBOD’s problem account: Interest rate may be increased
Master Circular on to force the client to look for an alternative
interest rate on banker”. This clause/ provision was in violation of
advances. RBI’s guidelines
7 RBI circular The above policy mentioned that exit may be The bank to
DBOD.BP. BC. No. approved with a sacrifice of interest and/ or part of revise the
112/ 21.04.048/ the principal even though the asset is classified as policy
2009-10 dated June standard. Such concession amounted to
10, 2010 on discriminatory compromise settlement, thus being
compromise in violation of the rights of the other borrowers.
settlement of NPAs Such settlements have been objected to by DRTs.
8 Para 4.2.5 of Master The NPA Management policy was deficient in Policy to be
Circular No. respect of timely upgradation of NPA accounts. It revised
DBOD.No.BP.BC.9/2 provided for upgradation of NPAs on 'quarterly accordingly
1.04.048/2012-13 basis' by the Stressed Asset Department, instead
dated July 2, of as and when overdues are cleared.
2012 on IRAC Norms
for Advances.
Page 38 of 52
9 Para 7 of RBI's The bank had not put in place appropriate The bank to
circular dated systems to move over to internal assessment of develop
February 19, 2003 country risk as required in terms of RBI guidelines. internal
on Risk Management Instead, the country risk classification was as per assessment
Systems in banks. ECGC classification and rating was as per capacity
International rating agency Dun and Bradstreet.
10 Para 2.2.1.2 of There was no system to monitor and review on a The bank to
Master Circular monthly basis the unhedged portion of the foreign initiate the
DBOD. currency exposures of clients with high forex required
No.Dir.BC.3/13.03.00 exposure and SMEs through a suitable reporting monitoring
/2012-13 dated July system. In all other cases, banks are required to and reporting
02, 2012 on put in place a system to monitor and review such system.
Exposure norms. position on a quarterly basis, which was also not
being done.
11 Para 2.3.7 of Master Though the Investment Policy of the bank had Policy be
Circular DBOD. provided guidelines to monitor its intra-day revised
No.Dir.BC.3/13.03.00 exposure to the capital market, the Credit Policy accordingly
/2012-13 dated July had not included any guidelines in this regard.
02, 2012 on
Exposure norms.
12 RBI circular The bank is yet to put in place system of quarterly Bank to
DBS.FrMC.BC.No.7/ review on legal audit. comply with
23.04.001/2012-13 extant
dated June 7, 2013 guidelines
on Legal Audit
13 Para 1 (e) of RBI’s The Consumer Lending Department did not SMA list to
guidelines on classify any account under SMA, though eligible. be prepared
preventing slippage Absence of such monitoring mechanism in by all the
of NPA accounts Consumer Credit segment, particularly in view of business
vide our circular bank’s recent thrust in retail and consumer segments.
Page 39 of 52
DBS.CO. segments, resulted in poor management oversight
OSMOS/BC/4/ on this sector.
33.04.006/ 2002-03
dated September 12,
2002
14 AP(Dir Series) All cash/tom/spot transactions by the ADs on The bank to

Circular No. 58 dated behalf of clients will be undertaken for actual ensure
December 15, 2011 remittances/ delivery only and cannot be compliance
cancelled/ cash settled.
During the year, 20167 deals were

deleted/modified/replaced. Such cancellations
represent violation of RBI norms as well.
15 RBI Circular DBOD. Compliance Head is required to submit a monthly A system of

No. certificate certifying that there were no compliance independent
BP.BC.44/21.04.157/ failures in respect of derivatives. While this verification
2011-12 dated certificate is being given every month, the may be
November 2, 2011 certification was based on back to back introduced by
certification from the business unit. This deviates the
from the spirit of such certification as it needs to compliance
be based on independent verification of department
adherence to guidelines.
16 RBI circular The bank needed to have a formal Contingency The
'DBOD.BP. No. Funding Plan (CFP) clearly setting out the deficiencies
56/21.04.098/ 2012- strategies for addressing liquidity shortfalls in in CFP may
13' dated Nov 07, emergency situations. The bank did not have CFP be urgently
2012 during year FY 2012-13. The bank devised formal addressed.
CFP only recently (dated Sep 16, 2013) but the
CFP still has many deficiencies such as:
(i) Scenarios under 'bank specific stress' are
generic and are not commensurate with bank's
Page 40 of 52
complexity, risk profile and scope of operations.
(ii) The sources of contingency funds indicated by
the bank largely included market access (such as
IBPC, deposits of various types including inter-
bank, bulk, retail term deposits, CASA etc.) during
stress conditions (whether bank specific or market
related), which may not be available in required
quantum during such times. (iii) The CFP did not
provide specific and focused details regarding: (a)
Funding sources- Available/ Potential (b) Amount
or Estimated Amount that could be drawn from
each contingency source. (c) Lead Time required
tapping additional funds from each contingency
source. (d) When and how each of the
contingency actions can be activated (iv). The
CFP does not address issues over different time
horizons particularly intra-day (v). The CFP does
not ensure diversification in the sources and tenor
of funding through line of credit arrangements with
different banks. (vi). The designation of alternates
for key roles isn't provided in the CFP (vii).The
CFP doesn't have provision for review by Board.
17 Para 5.2 of DBS. Analysis of frauds to be put up to ACB on Bank to

FrMC.BC.No.1/23.04 quarterly basis. Banks are required to constitute comply with
.001/2012 dated 13 special committee for monitoring and follow up of extant
July 2, 2012 cases involving frauds of 10 mn and above guideline
The bank has failed in the test. Action

recommended by the Special Committee on
Monitoring of Large Value Frauds in March 2013
for re-audit of Burra Bazar Branch had not been
Page 41 of 52
taken up, mitigants recommended by the
committee in the case of frauds at ASC, Chennai
had not been put in place, there is no review by
the committee of the staff accountability in respect
of large value frauds. The committee reviewed the
old cases of 10 mn and above only where some
tangible development was there.
18 Para 5.3 of Annual Review of frauds to be put up to BOD Bank to

DBS.FrMC.BC.No.1/ comply with
There were 39 cases of 0.1 mn and above in
23.04.001/2012 extant
which FIR was yet to be filed and the delay ranges
dated 13 July 2, guideline
between 3 to 15 months. There was no
2012
information in the board notes about the reporting
of all fraud cases of 10 mn and above to SFIO.
The number of fraud cases being detected after a
delay of 3 months and above was increasing
every year (65 in FY-11, 70 in FY-12 and 624 in
FY - 13) and no causative or correction action had
been reported to the ACB/Board. There were no
observations from any of the committees in the
above matter.
19 Para 8.2 of The banks policies did not define the overall Bank to
DBOD.No.BP.BC. framework within which derivatives activities comply with
86/21.04.157/2006- should be conducted and the risks controlled. extant
07 dated April 20, The policy was approved by the Committee of guideline
2007 Directors and not by the Board as required in
terms of Para 8.2 of Comprehensive Guidelines
on Derivatives.
The Derivative Policy of the bank dated 06 Nov

2012 did not fully adhere to the requirements
Page 42 of 52
outlined in Comprehensive Guidelines on
Derivatives. For instance, the risk appetite was not
defined in the internal Derivative Policy but could
be derived from the Market Risk Management
Policy which again was approved only at RMC
level. The derivative policy also did not cover the
areas pertaining to management responsibilities,
MIS reports to Board or its committees, staffing
for front office as well as risk control functions, etc.
20 Para 6.2 of Master Banks may implement the recommendations of Bank to

Circular the Working Group on making available the basic comply with
DBOD.No.Leg.BC.22 banking services at reasonable prices / charges extant
/09.07.006/2013-14 and towards this, delivering the basic services guideline
dated 01-07-13 outside the scope of the bundled products.
(i) Only one cash withdrawal was permitted in
Savings account for Youth and any cash
withdrawal from branch beyond one transaction
attracted charges @ 4/- per 1000/- or 100/-
whichever is less; this was found to be unfair.
(ii) The bank was still cleaning up the credit
balance in accounts in inactive accounts by levy of
MAB charges despite RBI directions through MAP
after AFI 2012.
21. Para 7.2 (b) of The bank should also lay down clear guidelines Bank to
FE.CO. regarding use of other communication comply with
FMD.No.18380/02.0 equipments, if permitted, such as mobiles, chat extant
3.137/2010-11 dated facility on internet, etc., for dealing after office guidelines.
February 3, 2011 hours, and regarding primary record of the
transaction.
Page 43 of 52
Part B: Non-Compliance identified by the Bank itself in Compliance Testing
Exercise in May/June 2013 (results of corrective action taken by the bank, if any,
were yet to be tested)
Sl. Regulation Reference Regulation area/ focus Proposed

No (Para & circular no.) action for the
bank
1 Part 1 (A) (iii) (e) of NGOs engaged in micro finance activities and Bank to
RBI/2012-13/12 Micro Finance Institutions (MFIs) can raise ECB comply with
Master Circular up to USD 10 million or its equivalent during a extant
No.12/2012-13 on financial year. Designated AD bank has to ensure guideline
External Commercial that at the time of drawdown, the forex exposure
Borrowings and Trade of the borrower is fully hedged.
Credits
2 Part A Section 1 The maturity of the hedge should not exceed the Bank to
(A.)(1) operational maturity of the underlying transaction. Where the comply with
guidelines terms and currency of hedge is different from the currency extant
conditions (a)of of the underlying exposure, the risk management guideline
RBI/2012-13/5 MC policy of the corporate, approved by the Board
No.5 /2012-13 dated should permit such type of hedging.
July 2, 2012 on Risk
At times it was observed that Forward bookings
Management and
done without proper underlying in place or the
Inter-Bank Dealings
maturity / tenor of contract exceeded the
maturity/ tenor of the underlying
3 Para 2.3 (a) (ii) Risk categorisation of customers into low, Bank to
2.3(b) of circular medium & high. To prepare profile for each new comply with
DBOD.AML.BC.No.11 customer based on risk categorisation. extant
/14.01.001/2012-13 guideline
System enablement for risk profiling in line with
dated July 2, 2012 on
RBI guidelines is underway and yet to be
Know Your Customer
completed.
(KYC) Norms / Anti-
Money Laundering
Page 44 of 52
(AML)
4 Para 8.iii of Master Foreign nationals of non-Indian origin who had Bank to
Circular No.4 /2012- acquired immovable property in India by way of comply with
13 dated July 02, inheritance with the specific approval of the extant
2012 on Acquisition Reserve Bank or had purchased the immovable guideline
and Transfer of property with the specific approval of the Reserve
Immovable Property in Bank cannot transfer such property without the
India by prior permission of the Reserve Bank.
NRIs/PIOs/Foreign
Insistence of RBI approval copy has not been
Nationals of Non-
covered in the product policy wherein the seller is
Indian Origin
a Foreign National of non Indian origin as
stipulated.
5 Para 2.4 of In case of legal entity, banks should identify the Bank to
DBOD.AML.BC.No.11 beneficial owners and verify their identities. comply with
/14.01.001/2012-13 extant
The bank had issued the circular to the branches
dated July 2, 2012 on guideline
but the testing was yet to be done.
Know Your Customer
(KYC) Norms / Anti-
Money Laundering
(AML)
6 Para 2.14 of circular Before opening new account, banks to ensure Bank to
DBOD.AML.BC.No.11 that no account is held or linked to any of the comply with
/14.01.001/2012-13 entities/individuals included in the negative list. extant
dated July 2, 2012 on Banks also should scan all existing accounts guideline
Know Your Customer when a new list is received.
(KYC) Norms / Anti-
The ongoing scrubbing lists of accounts against
Money Laundering
the negative lists takes place in AMLOCK as and
(AML)
when the lists are revised by RBI. The scrubbing
was undertaken after the account is opened and
Page 45 of 52
not before.
7 Para C.15 (i) of AD Category – I banks should closely watch Bank to

RBI/2012-13/14 realization of bills and in cases where bills remain comply with
Master Circular No. 14 outstanding, beyond the due date or 12 months extant
/2012-13 on Export of from the date of export, the matter should be guideline
Goods and Services taken up with the exporter. If the exporter fails to
(Updated as on arrange for delivery of the proceeds within 12
October 18, 2012) months or seek extension of time beyond 12
months, the matter should be reported to the
Reserve Bank stating the reason for the delay in
realizing the proceeds.
There is no separate reporting by the Bank for

non-realisation of export proceeds as prescribed
in the concerned paragraph.
8 Section – V (i) of The bank should report the actual inflows on Bank to
Master Circular account of fresh issuance of shares and the comply with
No.15/2012-13 dated Indian company receiving investment under FDI extant
July 02, 2012 on scheme should report the details of consideration guideline
Foreign investment in to RBI through its AD Category bank, not later
India than 30 days from the date of receipt.
In a few of the instances, it was observed that
Annexure - 6 is pending to be filed
9 Para 12.(iii) of Master The resident Power of Attorney holder is not Bank to
Circular on Non- permitted to repatriate outside India funds held in comply with
Resident Ordinary the account other than to the non-resident extant
Rupee (NRO) individual account holder nor to make payment guideline
Account: MC by way of gift to a resident on behalf of the non-
No.2/2012-13 July 2, resident account holder or transfer funds from the
2012 account to another NRO account.
Page 46 of 52
In a few instances, there were discrepancies
which were observed in the Form 15 CA / CB.
10 Para 2.3 (c ) of Accounts of jewelers/ bullion dealers, NRIs, Bank to

DBOD.AML.BC.No.11 HNIs, trusts, charities, NGOs, PEPS, non-face to comply with
/14.01.001/2012-13 face persons to be categorised as high risk extant
dated July 2, 2012 on requiring enhanced due diligence. guideline
Know Your Customer
(KYC) Norms / Anti-
Money Laundering
(AML)
11 Part 1 B.8 (1) of In terms of Regulation 16 of Notification No. Bank to

RBI/2012-13/14 FEMA 23/2000-RB dated May 3, 2000, where an comply with
Master Circular No. 14 exporter receives advance payment (with or extant
/2012-13 on Export of without interest), from a buyer outside India, the guideline
Goods and Services exporter shall be under an obligation to ensure
(Updated as on that –
October 18, 2012) 1. The shipment of goods is made within one
year from the date of receipt of advance
payment;
2. The rate of interest, if any, payable on the
advance payment does not exceed London Inter-
Bank Offered Rate (LIBOR) + 100 basis points;
and
3. The documents covering the shipment are
routed through the AD Category – I bank through
whom the advance payment is received.
In the event of the exporter’s inability to make the
shipment, partly or fully, within one year from the
date of receipt of advance payment, no
remittance towards refund of unutilized portion of
Page 47 of 52
advance payment or towards payment of interest,
shall be made after the expiry of the staid period
of one year, without the prior approval of the
Reserve Bank. Instances have been observed
where in number of cases where the advance
remittances received against exports is yet to be
adjusted against the export bills.
12 Part A Section 1 Residents in India, engaged in import and export Bank to

(A.)(6) of RBI/2012- trade or as otherwise approved by the Reserve comply with
13/5 MC No.5 /2012- Bank from time to time, are permitted to hedge extant
13 dated July 2, 2012 the price risk of permitted commodities in the guideline
on Risk Management international commodity exchanges/ markets.
and Inter-Bank This facility must not be used in conjunction with
Dealings any other derivative product. The role of
Authorized Dealer banks here is primarily to
provide facilities for remitting foreign currency
amounts towards margin requirements from time
to time, subject to verification of the underlying
exposure.
13 Part A Section 1 AD banks may allow entities in the Special Bank to

(A.)(6) (III) of Economic Zones (SEZ) to undertake hedging comply with
RBI/2012-13/5 MC transactions in the overseas commodity extant
No.5 /2012-13 dated exchanges/markets to hedge their commodity guideline
July 2, 2012 on Risk prices on export/import, subject to the condition
Management and that such contract is entered into on a stand-
Inter-Bank Dealings alone basis.
14 Section B –B.1 .1 (a) Corporate guarantee extended by the Indian Bank to

of Master Circular No. Promoter on behalf of the first generation step comply with
11/2012-13 (Updated down operating company under the Automatic extant
as on September 26, Route, within the prevailing limit for overseas guideline
2012) dated July 02, direct investment need to be reported to Reserve
Page 48 of 52
2012 on Direct Bank in Form ODI through the designated AD
Investment by Category – I bank concerned.
Residents in Joint
In a few cases there were instances of
Venture (JV)/Wholly
discrepancies in the Form ODI.
Owned Subsidiary
(WOS) Abroad
15 Internal Vigilance in Banks should put in place controls and Bank to

Private Sector Banks: disincentives in their HR processes and internal comply with
DBS.CO.FrMC.BC.No inspection / audit processes as part of their fraud extant
.10/23.04.001/2010- risk management framework such as posting guideline
11dated May 31, officers who satisfy fit and proper criteria to
2011 sensitive / key posts, putting in place staff
rotation and mandatory leave policy and
examination of implementation of these policies
by concurrent / internal auditors. 8020 employees
did not avail mandatory leave. 2727 employees
continued in the same role for more than 3 years
of which 455 employees for more than 5 years.
16 Para 5.8 of Banks to ensure that its service providers Bank to

Outsourcing of develop and establish a robust framework for comply with
financial services: documenting, maintaining and testing business extant
DBOD.No.BP.40/21.0 continuity and recovery procedures and guideline
4.158/2006-07 dated periodically test the same
November 3, 2006
BCP was found not being performed by a few
sample vendors. Units BCP was not formally
integrated with the corresponding vendors BCP
to ensure clear communication and smooth
business recovery
Page 49 of 52
17 Para 5.5 of Master The outsourcing agreement should contain vital Bank to
Circular No.15/2012- clauses such as confidentiality, termination and comply with
13 dated July 02, right of RBI to cause an inspection to be made of extant
2012 on Foreign a service provider of the bank etc. guideline
investment in India
Few of the mandatory points were missing from
the sample checking.
18 Section – V(ii) of The equity instruments should be issued within Bank to

Foreign investment in 180 days from the date of receipt of the inward comply with
India: Master Circular remittance or by debit to the NRE/FCNR (B) extant
No.15/2012-13 dated /Escrow account of the non-resident investor. If guideline
July 02, 2012 not, the amount of consideration so received
should be refunded immediately to the non-
resident investor.
In a few cases, it was observed that filing of

share certificate was pending for quite some
time.
19 Para 5.11 of Master Banks should scrupulously ensure that their Bank to
Circular on Customer branches do not open current accounts of entities comply with
Service in Banks: which enjoy credit facilities (fund based or non- extant
DBOD No. Leg. BC. fund based) from the banking system without guideline
21 /09.07.006/2012- specifically obtaining a No-Objection Certificate
13 from the lending bank(s). Banks should note that
non-adherence to the above discipline could be
perceived to be abetting the siphoning of funds
and such violations which are either reported to
RBI or noticed during our inspection would make
the concerned banks liable for penalty under
Banking Regulation Act, 1949.
It was observed that in some of the forms,
Page 50 of 52
customer sign the declaration, however, the bank
failed to get the clause filled which states that
customer does/does not enjoy the credit facility
with other banks. In one of the cases, customer
has stated that the credit facility has been availed
with another bank, but NOC has not been
obtained.
20 Para 2.4.1 of Master Loans against security of shares, convertible Bank to

Circular – Exposure bonds, convertible debentures and units of equity comply with
Norms: DBOD. oriented mutual funds to individuals from the extant
No.Dir.BC.3/13.03.00/ banking system should not exceed the limit of 1 guideline
2012-13 dated July 2, mn per individual if the securities are held in
2012 physical form and 2 mn per individual if the
securities are held in demat form.
Outstanding in 16 (out of 20 tested) cases of

loans against security of shares etc. exceeded 2
mn each as on March 31, 2013. Such loans were
brought down within 2 mn each by virtue of
credits received after March 31, 2013. The
overall limit in an Overdraft account sanctioned
against for loan against shares / mutual funds
have been restricted to 2 mn. However, it was
observed that within the same customer ID, two
OD accounts have been created in the
combination of same scheme or a separate
scheme code exceeding the limit prescribed by
RBI for one customer. List of such customer IDs
identified is appended below: 832531387,
014092275, 848344939, 832805267 and
424006784.
Page 51 of 52

Axis Inspection Report FY12-13

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Axis Inspection Report FY12-13

Uploaded by

Copyright:

Available Formats

RESERVE BANK OF INDIA

Axis Bank Limited

Findings on Capital and Earnings

Major Areas of Non-compliance

Credit Risk 2.490 2.056 2.360

1. Governance & Oversight (Aggregate Score: 2.21)

Major findings/ observations

2. Credit Risk (Aggregate Score: 2.360)

2.2 Control Gap Score: 2.056

3. Market Risk (Aggregate Score: 2.553)

3.1 Inherent Risk Score: 2.595

3.2 Control Gap Score: 2.454

4. Liquidity Risk (Aggregate Score: 2.147)

4.2 Control Gap Score: 2.497

5. Operational (Non- IT) Risk (Aggregate Score: 2.423)

5.1 Inherent Risk Score : 2.390

5.2 Control Gap Score: 2.499

6. Operational (IT) Risk (Aggregate Score: 2.187)

6.1 Inherent Risk Score : 2.230

6.2 Control Gap Score : 2.087

7. Pillar II Risk (Aggregate Score: 1.610)

7.2 Control Gap Score : 1.730

1. Capital & CRAR (Basel II)

Capital (in Billion)

Particulars Reported Assessed

Tier I 316 315

Tier II 123 123

Particulars Reported Assessed

Tier I 12.23% 12.18%

Tier II 4.77% 4.77%

2. Major areas of financial divergence

Credit Risk – RWA 2198363 2202618

(b). Divergence in Provisioning

(b) Sustainability of internal sources to generate capital by way of assessment

Assessed Pillar I Capital: The assessed Pillar I capital stood at 438,445 mn as

(c) Scope and ability to raise additional capital:

Results of Stress Testing:

Adequacy of stress testing was lacking in the following areas

2. Internal Generation of Capital

ii. The present inspection identified additional provisioning requirement due to

Major Areas of Non-Compliance (Regulatory Guidelines)

Part A: Non-Compliance Identified During Course of Inspection (FY 2013)

iii) Prescribed limit exceeded for various

14 AP(Dir Series) All cash/tom/spot transactions by the ADs on The bank to

During the year, 20167 deals were

15 RBI Circular DBOD. Compliance Head is required to submit a monthly A system of

17 Para 5.2 of DBS. Analysis of frauds to be put up to ACB on Bank to

The bank has failed in the test. Action

18 Para 5.3 of Annual Review of frauds to be put up to BOD Bank to

The Derivative Policy of the bank dated 06 Nov

20 Para 6.2 of Master Banks may implement the recommendations of Bank to

Sl. Regulation Reference Regulation area/ focus Proposed

7 Para C.15 (i) of AD Category – I banks should closely watch Bank to

There is no separate reporting by the Bank for

10 Para 2.3 (c ) of Accounts of jewelers/ bullion dealers, NRIs, Bank to

11 Part 1 B.8 (1) of In terms of Regulation 16 of Notification No. Bank to

12 Part A Section 1 Residents in India, engaged in import and export Bank to

13 Part A Section 1 AD banks may allow entities in the Special Bank to

14 Section B –B.1 .1 (a) Corporate guarantee extended by the Indian Bank to

15 Internal Vigilance in Banks should put in place controls and Bank to

16 Para 5.8 of Banks to ensure that its service providers Bank to

18 Section – V(ii) of The equity instruments should be issued within Bank to

In a few cases, it was observed that filing of