RESERVE BANK OF INDIA

Axis Bank Limited

Risk Assessment Report
(Financial position as on March 31, 2015)
 Table of Contents

Introduction………………………………………………………………… 3
Part I: Preliminary Risk Assessment Report………………………… 4
Summary of Aggregate Risk at Bank Level………………………….. 4
Supervisory Evaluation of Risks and Control Gaps.......................... 4
Governance & Oversight………………………………………………. 4
Credit Risk………………………………………………………………. 8
Market Risk……………………………………………………………… 12
Liquidity Risk……………………………………………………………. 14
Operational (Non-IT) Risk ……………………………………………... 16
Operational (IT) Risk …………………………………………………... 22
Other Pillar II Risks…………………………………………………….. 24
Part II: Major Areas of Financial Divergence……………………… 26
Part III: Assessment of Capital and Earnings……………………… 27
Pillar I Capital & CRAR………………………………………………… 27
Capital Management, ICAAP and Stress Tests ............................… 27

Assessment of Internal Generation of Capital………………………. 29

Scope & Ability to Infuse Capital……………………………………….. 30

Assessment of Leverage Ratio………………………………………... 30

Part IV: Major Areas of Non-Compliance……………………………... 31
Part V: Annex………………………………………………………………. 1-15
Annex-1: Major Areas of Financial Divergence……………………… 1
Annex-2: Computation of Outside Liabilities…………………………. 6
Annex-3: Assessed Net Worth…………………………………………. 7
Annex-4: Computation of Assessed Capital…………………………. 8
Annex-5: Assessment of Internal Generation of Capital……………. 11
Annex-6: Leverage Ratio……………………………………………….. 15

Note : All figures in the report refer to position of the bank as on March 31, 2015 or for the period April 1, 2014 to
March 31, 2015 and figures in parenthesis refer to corresponding previous year position unless otherwise specified.

Confidential Page 2 of 31
 INTRODUCTION
The Preliminary Risk Assessment of Axis Bank Limited for 2014-15 under the
Supervisory Program for Assessment of Risk and Capital (SPARC) was completed with
March 31, 2015 as the reference date. The assessment has been made based on the
off-site analysis of the data and information furnished by the bank as well as the results
of the on-site Inspection for Supervisory Evaluation (ISE) undertaken from September
07, 2015 to October 30, 2015 and various explanations offered by the bank in course of
inspection.
A separate exercise of Asset Quality Review (AQR), 2015 was conducted during the
current supervisory cycle with specific focus on compliance with regulatory guidelines on
IRACP norms. The review covered, inter alia, deficiencies in the systems and processes
in the bank which led to improper / incorrect classification of assets. The report
containing findings of the AQR were shared with the bank and, after discussion, the
bank has been advised to take a review of the accounts covered under AQR by
following a proactive approach with regard to classification and provisioning by strictly
applying the IRACP norms in letter and spirit, by March 31, 2016. Further, with a view to
putting the viable assets back on track in case of failed CDR restructuring cases, the
bank was given time up to March 31, 2017 to take a review of these cases. However, in
the interregnum, the bank will be required to build up prudential provision of 15%
(including 5% regulatory provision for restructured standard assets as on March 31,
2016) for failed CDR restructuring cases by March 31, 2017.

In view of the above, the full impact of AQR on the bank’s profitability, capital, earnings,
risk scores etc. is not determinable in the current supervisory cycle. The impact of AQR,
therefore, has not been included while presenting the assessment in this Inspection
report.

As per the SPARC process, the aggregate Risk Score of the bank is arrived at 2.151,
which is indicative of medium risk. On applying the assessed CRAR (15.09%) to the
aggregate risk score, the Risk of Failure score of the bank is arrived at 1.996.

Confidential Page 3 of 31
 PART I: PRELIMINARY RISK ASSESSMENT REPORT

Summary of Aggregate Risk at Bank Level

Inherent Risk Control Gap Aggregate Risk

Risk Category
A (1-4) B (1-4) [A + B] (1-4)

Board 1.732

Senior Management 1.984

Risk Governance 2.021

Internal Audit 1.902

Governance & Oversight Risk 1.910

Credit Risk 2.472 2.155 2.377

Market Risk 2.106 1.959 2.062

Liquidity Risk 2.213 2.136 2.190

Operational (non-IT) Risk 2.322 2.194 2.283

Operational (IT) Risk 1.596 2.103 1.748

Other Pillar II Risk 1.382 1.607 1.449

Business Risk 2.194

BANK LEVEL AGGREGATE RISK 2.151

SUPERVISORY EVALUATION OF RISKS AND CONTROL GAPS

1. Governance & Oversight - Aggregate Score: 1.910
Assessment and Major observations
1.1 Board Score: 1.732
1.1.1 Board Composition and its Functioning
(i) As on March 31, 2015, there were 13 directors (out of 15) on the Board; of
which three were nominated by promoters and three were whole time directors.
The remaining seven were independent directors.
(ii) The Specified Undertaking of Unit Trust of India (SUUTI) had, as per the
bank's articles, the powers for nominating four directors (including the
Chairman) on the Board; however, one director was conventionally being

Confidential Page 4 of 31
 nominated by LIC in its capacity as a co-promoter. The powers of SUUTI need
to be reviewed in the light of present holding of SUUTI (11.59% of shareholding
as on March 31, 2015 as compared to 87.0% at the time of promotion of the
bank). Moreover, LIC’s rights for nomination of a Board member were not
substantiated by any legal document. The bank may consider broad basing the
Board.
1.1.2 Constitution of Board Level Committees
The performance of various committees (COD, ACB, RMC, N&RC etc.) of the
Board was reviewed by the Board through the minutes of those committees
submitted to it. Also, constitution of various committees was revised, whenever
a vacancy occurred in the committees, by inducting new members. However,
there was no agenda taken up by the Board during the year that discussed
functioning of various committees and issuing of any revised mandates to these
committees based on any changes in macro / regulatory / business
environment. Other than inducting new members, no directions to these
committees were observed in the minutes recorded.
1.1.3 Other Issues
The organizational reporting structure was modified in recent years and the
Business and Operational wings of various departments (Corporate Banking,
Treasury, and Retail Banking) were brought under one top executive which
were earlier reporting to two different top executives. Many control gaps were
observed during ISE as the business level executives did not give much
importance to control aspects of the product (ex: prepaid card issued through
Amazon, value added SMS Charges, Travel Cards issued with multiple user IDs
etc.). Though the present arrangement may give operational synergy to the
bank, the KPIs of the top executives should be looked into by the Board afresh,
so that appropriate weightage is given for the control / compliance issues.
1.2 Senior Management Score: 1.984
1.2.1 Delegation of Oversight Functions
The bank had prescribed zero tolerance for regulatory compliance breaches.
During 2014–15, the oversight functional heads such as Risk, Compliance and
Audit submitted dash-boards covering various functional parameters to senior
management. However, no sustenance review from time to time in the areas of

Confidential Page 5 of 31
 supervisory / regulatory breaches was undertaken to ensure that systemic
corrections put in place were effective. A few RAR 2014 observations such as
identification of NPA and deficiencies in KYC were found to be persistent during
the period under review.
1.2.2 Effectiveness of Senior Management
(i) The agenda notes submitted by various departments to the Board during
2014-15 did not contain any recommendations on the strategy of the bank.
(ii) Repeated audit observations were noticed in the audit of KYC/AML
processes. The senior management may look into these audit observations and
initiate necessary action.
1.2.3 Formulation of plan & Fixation of Targets
The bank had a system of preparing annual plan and the targets were reviewed
quarterly. In the minutes of the Board meetings it was mentioned that the Board
reviewed and noted the contents. However, no specific directions / dissent
views of the Board members were noticed during 2014 – 15 in the Board
minutes.
1.3 Risk Governance Score: 2.021
1.3.1 Enterprise-wide Risk Appetite
The RMC had approved the Risk Appetite Statement (RAS) in terms of
quantitative targets and the same was also available in the ICAAP document.
The cascading of the RAS to business heads and business units was not there
during 2014-15 and was completed only in March 2015 and June 2015,
respectively. Different dimensions of RAS included Capital Adequacy, Sufficient
Liquidity, Stable Earnings, Credit Risk, Market Risk, Operational Excellence,
Reputation, Compliance and Risk Culture. RAS was reviewed annually and
there was no threshold fixed by the bank for review of RAS before the annual
review.
1.3.2 Adequacy of Risk Management Functions
The risk management function had inadequacies as MIS on some issues such
as rating migration; deviation from credit policy etc. was not submitted to senior
management.
1.3.3 Effectiveness of Risk Management Functions
Chief Risk Officer (CRO) was a member of the credit sanctioning committees. In

Confidential Page 6 of 31
 some review / sanction notes it was observed that responses to some of the
CRO queries were not recorded anywhere.
1.3.4 The Market Risk Limits (Stop-loss, VaR, Intraday, PV01, Equity Portfolio etc.)
were breached around 151 times from April 2014 to August 2015. The large
number of continuing breaches meant that the systems, procedures and its
governance at the bank was poor.
1.4 Internal Audit Score: 1.902
1.4.1 Internal Audit Policy
(a) Selection of branches for inspection – The bank's policy with respect to
classification of branches into the various risk categories may be reviewed.
(b) In spite of several triggers, Internal Audit Department (IAD) carried out the
audit of Andheri West, Lokhandwala (Mumbai) branch only after RBI carried out
the scrutiny of the branch to find out deficiencies in the advance remittances
against imports.
1.4.2 Quality of Internal Audit
(a) Audit of Legal Department - The repository of the legal cases maintained
by the Legal Department was not updated on a regular basis by the bank. The
Legal Department was not able to provide the latest status of several cases.
The branches were not updating the repository and there was no mechanism by
which legal team at Central Office would follow up these cases. This posed high
legal as well as reputational risk for the bank. Though, the Management Audit
of Legal Department was carried out by KPMG, the bank may also explore the
possibilities of carrying out internal audit of Legal Department.
(b) Overdue Reports pending for Closure - As on March 2015, 28 audit
reports were overdue for closure. There were many repeat observations of IAD
indicating that the auditee departments did not adhere to the recommendations
of IAD or the controls in place were not effective enough to mitigate the risk.
(c) During 2014-15, delay was observed in the submission of 302 concurrent
audit reports.
1.4.3 Review of Internal Audit Function
The Audit Management System was not automated wherein the plan approval,
audit calendars, audit reports and closure of open observations etc. could be
tracked through system.

Confidential Page 7 of 31
2. Credit Risk -Aggregate Score: 2.377
Assessment and Major observations
2.1 Inherent Risk Score: 2.472
2.1.1 Default Risk: There were signs of increasing stress in the credit portfolio during
the year as reflected in the increased accounts under restructuring (CY: ₹ 1198
mn; PY: ₹ 828 mn); increased slippages from restructured accounts (CY: ₹
7007 mn; PY: ₹ 3140 mn); increased slippages overall (CY: ₹ 38992 mn; PY:
30985 mn); increased write-offs from the slippages (CY: ₹ 2645 mn; PY: ₹ 1268
mn); reduced up-gradations from sub-standard assets (CY:₹ 424 mn; PY:₹ 641
mn); increased SMA1 & SMA2 exposure (CY: ₹ 186998 mn; PY: ₹ 124669 mn)
and high volume of rating downgrades (CY: ₹ 303481 mn; PY: ₹ 186318 mn).
2.1.2 Exposure & Tenor Risk: There was no major shift in the exposure of the bank
to different industries / sectors. As on March 31, 2015, about 70.32% of the
exposure towards project finance was to projects under implementation and
with slow pace of progress in these projects, the viability of these projects was
doubtful. The weighted average maturity of the bank’s exposure was also high
at 4.6 years. It was observed that most of the corporates were un-willing to
hedge their FCY exposure, which may pose risk to the bank.
2.1.3 Recovery Risk: Of the total exposure of the bank, 1/5th was unsecured.
Further, the quality of security may pose challenge to the bank during recovery
process as the proportion of financial collaterals covering the exposure was
less. Moreover, under-collateralized exposure had increased by 46.69% as on
March 31, 2015 compared to March 31, 2014. This was also evident from the
sacrifice and waiver the bank had to undertake while negotiating compromise
settlements. The bank had not recovered unapplied interest in almost all the
OTS transactions during the period. Charge on security was not created for
exposure aggregating to ₹ 320,747 mn, even after one year of originating
exposure which may impact enforceability of the security during recovery. This
aspect may be looked into closely by the bank.
2.2 Control Gap Score: 2.155
2.2.1 Policy Environment
(1) Policy Review – The bank was reviewing the corporate credit policy (CCP)
annually. The policy was prepared by Corporate Relationship Group (CRG)

Confidential Page 8 of 31
 after getting feedback of all the concerned departments, including compliance
department and placed it before RMC for approval. It was observed that at the
time of review of CCP during the year, compliance department had
recommended certain changes in CCP but RMD had incorporated only a few
recommendations of compliance department without ascribing any reason for
the same.
(2) Corporate Credit Policy - The CCP had not prescribed any specific
threshold for financial parameters like FACR, DER, DSCR etc.
2.2.2 Risk Identification & Assessment
(1) NPA Identification System - The bank was using CrisMac system for
identification of NPAs as well as irregular accounts. However, it was not fully
automated. A few other deficiencies observed in the NPA Identification system /
process of the bank were as under:
(a) The CrisMac was used to generate irregular reports only for the domestic
book.
(b) The bank was mapping borrower level NPA data for the domestic operations
only which was mapped with the borrower date of other geographies manually.
(c) The CrisMac did not reckon Investment exposure for arriving at the final
NPA exposure in case of a particular borrower.
(d) In a few accounts the bank had sanctioned additional facilities with a sole
purpose to keep the account regular. Further, there were instances of multiple
roll-over of STLs too in order to keep the account regular.
(e) There were instances when bank had manually altered the NPA status of
the accounts due to technical inefficiencies of the Finacle system.
(2) Fixation of Drawing Power (DP) - In some accounts facing liquidity stress,
the bank was increasing the debtor’s period even up to 365 days to provide
maximum possible DP to such borrowers. This had increased the bank’s
exposure to weak borrowers.
(3) Restructuring - In a couple of cases the bank had, instead of approaching
RBI for restructuring of ECB loans had sanctioned Rupee Term Loans as part of
restructuring package to repay the instalments and interest of ECBs.
(4) Credit Risk Rating – (a) Though the external rating of the borrower was
part of each and every review proposal, the bank was not considering the

Confidential Page 9 of 31
 external rating in decision making process. In spite of wide variations in the
internal and external ratings, decisions were taken on the basis of internal risk
ratings. (b) As the bank was not reporting rating migration to RMC or Board, it
was not used as a tool for risk assessment.
2.2.3 Controls
(1) Short Term Loans (STL) – At the time of roll-over of STLs, the bank was
opening a new account in Finacle without any reference to the original STL in
the Finacle. There was no module / procedure in the Finacle to check the roll-
over status of STLs. The bank was also allowing the modification in Terms &
Conditions like tenor etc. at the time to roll-over of STLs without treating it as
'Restructuring'.
(2) Collateral Management – As per the bank’s policy, the security creation
and perfection in most of the cases was to be completed within six months of
the loan disbursement, but it was observed that bank was frequently extending
the deadline for security creation.
(3) Credit Assessment – (a) As per bank’s policy each and every review /
sanction note of Corporate Relation Group (CRG) was to be sent to compliance
department for their comments related to compliance with regulatory guidelines.
However, some of the credit proposals were approved without remarks of the
compliance department. (b) In each and every review / sanction proposal, credit
audit related observations in the account along with the business reply were
annexed. But the note was not capturing whether the audit department had
accepted the compliance submitted by the business and whether the audit
report was closed or not.
(4) JLF Mechanism – (a) In many cases JLF had decided rectification as CAP
but it was not implemented due to reasons like “promoters not able to infuse
funds to clear the overdue” or “the banks didn’t release additional funds”. In
such cases JLF decided to restructure the accounts subsequently. (b) In
addition, there were also accounts wherein the JLF went for rectification and the
account came out of SMA2 momentarily but JLF went for restructuring later on.
(c)There was no mention of cash-flow analysis and timelines during which
rectification was to be implemented in almost all the JLF minutes. (d) In none of
the cases strategic investor was included as part of rectification. (e) The bank

Confidential Page 10 of 31
 was leader in case of 29 accounts and in some of the SMA2 accounts there
was delay in formation of JLF.
(5) Project / Infrastructure Loans - The bank was not monitoring the status of
DCCO of project loans. Moreover, in case of extension of DCCO, Finacle was
not keeping the trail of earlier DCCOs.
(6) Co-related Sectors – The bank had not identified any co-related sectors
and was not analyzing the performance of co-related sectors while sanctioning /
reviewing the accounts in a specific sector.
2.2.4 Monitoring & Review
(1) Unhedged Foreign Currency Exposures (UFCE) - The bank was not
reporting UFCE to Senior Management Committee or Board. During the year
ended March 31, 2015 the bank had made incremental provision of ₹ 1,337 mn
and held incremental capital of ₹ 3,262 mn towards borrowers having un-
hedged foreign currency exposures.
(2) Pre-Disbursement Conditions – (a) There were a few instances where the
bank had disbursed loans before the borrower got all the required clearances /
approvals. (b) In some cases, the bank had disbursed the loans before the tie-
up of remaining amount by the borrower. (c) In many cases the bank had
disbursed loan pending compliance to terms and conditions of the sanction.
(3) Post-Disbursement Monitoring – (a) The important financial covenants
like FACR, DER, DSCR, TOL / TNW etc. were calculated and monitored only at
the time of review and were not monitored more frequently, at least for
problematic accounts or accounts with large exposure. (b) There were many
accounts where stock statements were not submitted in time; insurance of
collateral was not done, security was not created within stipulated time,
Financial Follow Up Report (FFRS) was not received, renewal / review of
accounts were overdue, unit visits were not done etc. The above deficiencies
were not reported to the top management.
(4) End-use of Funds – (a) The bank needed to strengthen the mechanism to
ensure end use of funds. There were instances when Term Loans were
disbursed in Current Account and utilized for working capital purposes. There
were other instances where the borrower was making payment of Capex LCs
by debit to CC Account instead of debit to Term Loan Account, of which Capex

Confidential Page 11 of 31
 LCs were opened as a sub-limit. Thus the bank was allowing the borrower to
make use of short term funds for long term. (b) The bank had not done excess
due-diligence in case of projects wherein a group company was acting as EPC
contractor which has resulted in diversion of funds. (c)The bank did not monitor
the movement of funds between the group companies. In couple of cases the
borrower had diverted the funds for making payment due to other group
companies.
(5) Restructured Accounts - There was no separate monitoring mechanism in
place for restructured accounts such as frequent unit visits, ensuring timely
receipt of stock / financial statements, regular covenant monitoring, monitoring
of flow of funds to group companies, frequent credit audit etc.
2.2.5 Reporting
SMA-2 Reporting - There was no automated system to get the borrower-wise
data on exposure / irregularity / SMA 2 status in the bank. Few instances of
delayed submission of SMA2 data were also observed.

3. Market Risk -Aggregate Score: 2.062

Assessment and Major observations
3.1 Inherent Risk Score: 2.106
3.1.1 Trading Book Risk
(a) The Interest Rate Risk in the trading book was high due to high Net PV01
with major contributions coming from large holdings in Corporate Bonds and
Cross Currency Swaps (CCS) which constituted roughly 60% of the PV01. Also,
the trading book exhibited high tenor risk on account of (PV01) tenor
concentration build up in 7.3 to 9.3 year tenor, mainly on account of Corporate
Bonds and Cross Currency Swaps.
(b) Equity Risk was also high due to relatively large portfolio of unlisted equity.
Of the total book value of ₹7,390 mn investment in equity shares, ₹2,470 mn
were invested in unlisted securities under AFS category, of which 34% was
invested in a single security. The bank had fixed a VaR limit of ₹400 mn and the
average utilization was around ₹150 mn with maximum being at ₹230 mn.
(c) The other areas adding to the market risk at the bank were high forex risk on
account of high utilization of Fx VaR on a few days, high embedded optionality

Confidential Page 12 of 31
 risk on account of customer term deposits withdrawn prematurely and the
relatively high impact of 200 bps shock on Earnings at Risk (EaR) up to 1 year.
3.2 Control Gap Score: 1.959
3.2.1 Policy Environment
The bank undertook derivative deals with the clients based on one-time
scorecard based assessment of client’s suitability and appropriateness. The
bank had not ensured the receipt of the confirmations of the term sheets in time
in a few cases. This was not commented upon by the concurrent auditors also.
Further, in the term sheet there was no clause included to the effect that
numerous other factors (e.g., ‘decay rate’, interest rate, and second order
sensitivities) could influence the valuations other than the major ones
highlighted in the term sheet.
3.2.2 Risk Identification & Assessment
(a) The bank reported high level of prepayment of fixed tenor loans even though
it did not include the partial prepayments. The bank reported that the system
could not identify partial prepayments due to its constraints. For the purpose of
reporting ‘data point’, the bank had to manually compute the figures. This was a
major gap in prepayment data reporting and its subsequent management.
(b) The bank’s trading book predominantly comprised of Corporate Bonds,
followed by CPs/CDs/MFs/PTCs which had pockets of embedded illiquidity.
Within Corporate Bond portfolio (₹250,680 mn as of March 31, 2015) around
31% of the bonds were rated below AA- with 8% of the bonds rated at ‘D’ or
‘unrated'. There was no Board approved policy for identifying the illiquid
investments and its impact on the bank.
3.2.3 Controls
(a)There were multiple instances of limit breaches under various categories of
market risk limits (led by intraday dealer-wise position limits, counterparty limit
and quarterly stop loss limits in CCS, LTFX, FCYIRS, and MIFOR). There were
several instances when dealers took positions beyond the permissible limits
without prior approvals. Higher number of breaches were reflective of higher
inherent risk and/or weaker controls.
(b) The bank had a Corporate Bond portfolio of ₹250,680 mn and during the
year it made an NPI provision of ₹2,430 mn of which ₹1,060 mn was fresh

Confidential Page 13 of 31
 addition. The bank used Treasury Operations module in the Credence system
for managing the interest/ redemptions/ payments received, overdue etc. It was
observed that all the payment related information, including the dates were
entered manually into the Credence system from Finacle. The system allowed
change in the date of payment received to any date/ back date. There was no
second level of authorization in the system. This permitted overdue position to
be manually overridden. The bank could not generate a complete Audit Log of
the Finacle system and the Treasury Operations system to demonstrate that the
overdue positions were not compromised in the past. The bank’s overdue/ NPI
monitoring and control system was observed to be inadequate and weak.

4. Liquidity Risk -Aggregate Score: 2.190

Assessment and Major observations
4.1 Inherent Risk Score: 2.213
4.1.1 Structural Liquidity
Overall undrawn exposure grew by 12% (YoY). The bank had high Cumulative
Mismatch Ratio for 6 months (Foreign currency) which adversely distorted its
consolidated (domestic and foreign) mismatch also. This cumulative mismatch
was primarily arising due to large mismatch in adjusted USD flows which could
pose higher liquidity risk. The committed lines/ LOCs/ LOUs/ MoUs etc. in
respect of group entities were also high.
4.1.2 Stress Liquidity
(a) The bank had a high component of volatile CASA deposits. Further, this
volatile CASA level was arrived at a lower confidence level and a higher
confidence level would only increase the volatile proportion.
(b) The volatile liabilities formed high percentage of Earnings Assets and the
proportion of unswapped foreign currency funds was low.
4.1.3 Concentration of funding sources
The funding concentration was high as the bank’s reliance on bulk deposits as
on March 31, 2015 stood at 52% of the total deposits. Further, the proportion of
loans other than demand loans was also high.
4.2 Control Gap Score: 2.136
4.2.1 Policy Environment

Confidential Page 14 of 31
 (a) As part of the behavioral analysis, the methodology followed by the bank
used 85% confidence level thus leaving out larger negative deviations. For
instance under Saving Bank (Salary), the 1 day net flows varied between (-)
16.2% to (+) 19.7% over a period of 5 year historical data. However, the method
gave a run off of 1.37% which was far lower than the actual run offs
experienced during the 5 year period. The bank may consider using a higher
confidence interval for all the behavioral studies under structural liquidity
management.
(b) The bank was doing variance analysis once a year to validate the
assumptions used in the behavioral analysis instead of mandatory requirement
of once every six months as per the Master Circular on Liquidity Risk
Management by Banks dated November 7, 2012.
4.2.2 Risk Identification & Assessment:
The liquidity stress test conducted by the bank used the 85 percentile values as
obtained from the behavioral studies which were scaled up with a multiplier of
1.5 times or 2 times (as per the scenario). This approach was erroneous as it
did not capture even the top 150/ 200 (during the historical 5 year period) actual
run offs experienced by the bank, leaving aside much worse stress scenarios.
The bank may review its stress test assumptions. Under combined stress
scenario (credit and market) the CRAR reduced from 14.85% to 11.18% and
Tier I CRAR from 11.51% to 8.16%. The NII impact under combined liquidity
stress scenario was ₹2530 mn (2.07% of the average NII). The bank’s
assumptions for stress liquidity scenarios needed fine tuning. eg. standard
assumptions for maximum run-off ( 13.9%) on savings deposits was based on
behavioral study for the prior period ( 5 yrs ) which did not witness any
significant stress situation on major parameters , also that the haircuts
assumed for AA[10%] & AAA[8%] were same for all three scenarios (bank
specific, market and combined) etc.
4.2.3 Monitoring & Review: The bank’s Liquidity Risk appetite was defined in
regulatory mandated terms of LCR (to be >60%) and NSFR (to be >100%), but
it did not clearly articulate a liquidity risk tolerance that was appropriate for its
business strategy.

Confidential Page 15 of 31
5. Operational (Non- IT) Risk -Aggregate Score: 2.283
Assessment and Major observations
5.1 Inherent Risk Score: 2.322
5.1.1 People Risk: The number of employees terminated due to unethical behavior
and the number of customer complaints increased over the last year which
posed a higher operational risk and reputational risk for the bank. The number
of internal frauds in the bank increased by 40% from 33 during 2013-14 to 46
during 2014-15. Further, the amount involved in internal frauds that took place
at the bank during the period increased by 461% from ₹ 33 mn to ₹ 185 mn
during the period under review, which indicated inadequacies in existing
systems and controls in the bank. Other issues relating to people risk were high
attrition rate at 5.4% and no repository of data for the outsourced employees
working for the bank.
5.1.2 Process Risk: The percentage of the number of treasury deals modified
/cancelled during the period due to errors to total number of treasury deals was
2.1%. Further, the customer complaints increased by 19.44% during the period
under review. Though the bank had reported that the number of identified KYC
non-compliance issues decreased from 5,896 to 2,633 during 2014-15, RBI
inspectors found many lapses in KYC/AML procedures in every scrutiny
conducted during the year viz. laxities in the process of address verification of
the entities and also in the field verification reports and profile sheet of the
customers.
5.1.3 External Risk: The bank did not maintain a separate database of the
complaints received against the outsourced employees/ agencies.
5.1.4 Compliance Risk: The number of cases of penalties/ warning letters/ show
cause notices had gone up from 14 during 2013-14 to 22 during 2014-15. Most
of the cases pertained to deficiencies in customer service apart from two
serious cases – one involving penalty being imposed by RBI in the case of
Deccan Chronicle and the other one involving fine imposed by FIU on account
of lack of due diligence and control failures in preventing multiple cards (TCDC)
of the same currency to the same customer.
5.2 Control Gap Score: 2.194
5.2.1 Policy Environment: The bank did not have a formal training policy in place.

Confidential Page 16 of 31
5.2.2 Risk Identification & Assessment:
(a) Risk of FEMA Violations - As per the extant guidelines, there was a limit on
the amount of foreign exchange that can be issued to a person during a year for
a particular purpose. The limits were linked to the passport number of the
customer. However, if the passport of a person was renewed in the middle of
the year, the system recognized only the new passport number for computing
the limit and the amount availed through the old passport number was not
added resulting in possible FEMA violations. Also, the travel cards issued by the
branches to the existing customers by debit to the customers’ account were not
mapped to the CIF ID of the customer.
(b) KRA Issues - KRAs were not prescribed by the bank for the completion of
mandatory trainings for the employees. In fact, the bank did not prescribe the
‘minimum training hours’ for the employees. Further, the knowledge updation
formed very small percentage in the KRAs of bank’s employees.
(c) Gift Cards on Amazon Portal - The bank was selling gift cards through the
online website portal - Amazon. Though the bank entered into an arrangement
with Amazon in this matter, there was no legal contract between the bank and
Amazon for the same. Further, the business department had not taken approval
from the Product Management Committee/ Change Management Committee or
the Compliance Department before approving the product. Moreover, even
though Amazon was acting as an advertiser for the bank, necessary approval
from the Outsourcing Committee was not obtained. This posed a serious legal
risk for the bank. Further, this also indicated that the laid down procedures for
approval of new products/ changes in the existing products were not followed by
the bank.
(d) Vendor Management
(i) Sharing of customer information with Vendors – Seclore / Uniken
(software to secure digital information from unauthorized access) was not
implemented for all the vendors, where customer’s personal information such as
customer name, address and contact details were shared with the vendors
conducting field verification and document verification related activities.
(ii) Non-payment of statuary dues by vendors - The bank did not have a
process in place to ensure whether all the statutory dues were paid by the

Confidential Page 17 of 31
 vendors or not. During the audit, IAD noticed non-payment of statutory dues by
11 vendors.
(iii) Dependency on a few vendors - There was dependency on a few vendors
for certain activities such as Authentication of Online Card Transactions, ATM
deployers, ECS Processing, Commodity Warehouse inspection, Cheque
Clearing under CTS and Merchant Acquiring Business. Over-reliance was also
observed on the outsourced staff for carrying out the field verification exercise
during sanctioning of the loans, without the bank officials carrying out surprise
checks/ audits on such outsourced employees. The bank did not have a
process of conducting field visits/ customer feedback survey for the activities
performed by Business Correspondents.
(iv) Vendor Management System - With respect to outsourcing of services, the
bank did not have any Vendor Management System, wherein all the details of
the vendors, business handled by them, complaints and legal cases against
them, the SLAs, reminders before the expiry of the agreements and other
relevant information were collected and managed.
(e) Technical Issues - The Credit Card Bill Payments data was required to be
uploaded in batches of 1000 in the system for making payments of credit card
bills. An instance was observed wherein out of 4773 utility bills to be uploaded,
only 3912 bills were uploaded and bills for 861 users were not uploaded. Out of
these 861 users, ‘Auto Pay’ mandate was enabled for 157 users for making
payment directly by debiting the customers’ account. But as the bills were not
uploaded, there was a possibility of late charges penalty etc. being levied on the
customers by their service providers. This may expose the bank to operational
and reputational risks arising out of deficiency in customer service.
(f) Issues in Finacle –
(i)Some of the fields such as Business Turn-Over/Income range of the
customers, occupation of the customers etc., which were mandatory in the
Account-Opening forms were not mandatory in the Finacle System resulting in
incorrect risk categorization of the customers.
(ii) Savings Bank (SB) deposits demonstrated a compounded Annual Growth
Rate (CAGR) of 21.13% over the last five years. It was observed that the bank
was paying varying interest rates (0%, 0.5%, 3.5%, 8.9%, 17.5%) in the SB

Confidential Page 18 of 31
 accounts. This was attributed to the migration exercise of CBS conducted in
2011 which did not uniformly apply the SB rate to all the accounts as per extant
guidelines. As a consequence the system encountered a rate anomaly resulting
in under / over paying in the corresponding liability accounts. The bank could
not quantify the under / over payment made since the migration. Moreover, the
bank also could not identify the closed accounts where proper interest rate was
not applied. The bank may expeditiously quantify the amount payable and pay
the customers or transfer the unclaimed/ closed accounts payable amount as
per extant rules.
(g) Customer Information File (CIF) Related Issues – It was observed that
many CIF IDs were still active despite the account being closed, leaving it for
potential misuse.
5.2.3 Controls
(a) Gaps in Training - The training coverage for the employees at the Head
Office was less as compared to that in the other zones. The bank did not have a
structured annual training calendar for employees across all functions/
departments on the basis of the training needs. Further, sufficient emphasis was
not given to knowledge updation of the employees and it reflected in the RBI
inspection findings on deviations/ lapses in the KYC/ AML procedures and the
de-duplication processes in customer accounts, Travel Currency Debit Cards
(TCDC), etc.
(b) Complaints Handling – The bank’s complaint handling mechanism was
deficient as it did not have any mechanism for extracting / capturing information
on the branches which have defaulted to report the complaints in the I-leverage
system used for complaints capturing.
(c) Field Verification Reports - The field verification procedure of the bank for
KYC was not adequate as discrepancies were observed in the Field Verification
Reports in the accounts checked on a sample basis such as the forms were
filled casually with occupation marked as ‘Others’ without specifying what
‘Others’ mean, telephone numbers not being captured etc.
(d) Issues in de-duplication procedure - The bank had a number of legacy
accounts wherein deviations were observed in de-duplication in some
instances, which warrants necessary corrective action. Further, contrary to the

Confidential Page 19 of 31
 bank's internal policy, PAN numbers/ Form 60 were not obtained in many
accounts, including high risk account.
(e) PAN cards not taken - Instances were observed wherein there were cash
deposits of more than ₹ 50,000 in the accounts of the customers of the bank but
the bank had not obtained the PAN/ Form 60 from the account-holder.
(f) Advance Remittance for Imports - Instances were observed wherein the
importers had not submitted the proof of imports i.e. Bills of Entry (BOE) for the
advance remittance sent to the exporters. As on September 30, 2015, there
were 1415 advance remittances of USD 100,000 and above for imports
amounting to USD 779 mn where the BOEs had not been obtained by the bank.
As per banks internal guidelines on advance remittance against imports, in case
the aggregate value of previous remittances made to a single beneficiary
exceeds USD 100,000 or its equivalent where the submission of BoE is
pending, Forex Operations staff should ensure to obtain prior approval from
Treasury Department for handling subsequent remittance and forward the
approval along with BoE outstanding report of the customer to Trade Finance
Center (TFC) for processing the transaction. It was observed that the bank had
generally not adhered to its own instructions.
(g) There were no automated controls in place to confirm whether the data from
all the different databases such as Finacle, Finone, Prime, Finlite etc. was
imported in the final database wherefrom all AML alerts were generated.
(h) Name Screening process - Deficiencies were observed in the name
screening process of the bank. The name screening of the customers at the on-
boarding stage was manually driven. Accordingly, there existed the risk of
committing errors while typing details, missing customers’ details etc. Further,
there was no maker-checker process for examining the 'No Action' matches.
5.2.4 Monitoring & Review
(a) Mandatory Leave Policy - Though, in its mandatory leave policy, the bank
had suggested 10 days of mandatory leave for its employees, the same was not
implemented properly. Only 77% of the employees had availed their mandatory
leave during 2014-15. Out of the 33 employees in the critical roles, four
employees did not avail mandatory leave during this period. Out of 136
employees in treasury department, who were supposed to take the mandatory

Confidential Page 20 of 31
 leave, 59 employees did not avail mandatory leave during 2014-15.
(b) System for insurance premiums - The bank did not have an automated
system to ensure that the insurance premiums were paid on time and it was
being monitored manually. This may pose risk to the bank if any insurance
policy lapses due to non-payment of the premium.
(c) MIS of complaints - From an examination of the dump of the complaints
received during 2014-15, it was observed that 210 complaints were pertaining to
harassment by collection agencies, 235 regarding excess EMI deducted and
460 regarding EMI not deducted. However, the note for the root cause analysis
of the same was not put up to the Top Management or its committee.
(d) Charges for SMS Alerts - The bank charged ₹ 15 per quarter for the value
added SMS alerts to the customers. In the account opening forms, the new
customers could opt for the same, if they wanted to avail the facility. However,
the legacy mobile banking customers were sent a message by the bank to
unsubscribe this service if they did not wish to receive the value added alerts.
The bank did not check the possibility of change in the mobile numbers of
customers before charging all those customers who did not revert to the
message.
(e) Non-transparency in deduction of charges – On a monthly basis, the
bank was debiting certain charges from the SB account of the customers under
the head "Consolidated Charges" with respect to Internet Banking. There was
no transparency, as the details of various charges/ reasons for the charges
were not disclosed to the customers.
(f) Overdue Alerts - As on March 31, 2015, 42,025 alerts, such as transactions
in high risk accounts; routing of funds through multiple accounts; high cash
activity inconsistent with the customer’s profile etc. were pending for more than
45 days. Further, the bank did not have any mechanism to close the alerts
pending for more than one year. The bank was only focusing on the current
alerts.
5.2.5 Reporting - (a) During 2014-15, there were 31 instances of delayed submission
of regulatory returns.
(b) There were 3852 false positive AML alerts that were suppressed during
2014-15 at lower level and without reporting through any MIS.

Confidential Page 21 of 31
6. Operational (IT) Risk -Aggregate Score: 1.748
Assessment and Major observations
6.1 Inherent Risk Score: 1.596
6.1.1 IT Financial Risk
(i) The cost on account of license / maintenance fees of captive software
packages had increased during the year.
(ii) Total amount of losses related to / involving IT systems or solutions had also
increased during 2014-15.
6.1.2 IT Operational Risk
The number of backend updates during 2014-15 was 17,982 which posed high
risk.
6.2 Control Gap Score: 2.103
6.2.1 Policy Environment
The bank had policies covering almost each and every IT related activity but the
implementation of policy needs to be strengthened due to various deficiencies
observed by the inspection team and also by the IS Auditor of the bank, some of
which are described in the following paragraphs.
6.2.2 Risk Identification & Assessment
(1) There was no process for identification of bugs. The bugs were generally
identified by the users / user departments and reported to application owners for
fixing / resolution. The financial implication of these bugs was not assessed.
(2) Straight Through Processing (STP) – There were many processes in
critical systems like Finacle, DCMS etc. which were manual. Files were
uploaded from back-end to perform many tasks, which was fraught with risk.
6.2.3 Controls
(1) Incident Management System – The bank was using a "Security Incident
Template" for reporting the security incidents. The incidents were recorded in
the template and mailed to Information Security Team but no timeline was
defined for completing the root cause analysis and preventive / corrective steps.
(2) Change Management System – (a) There was no online tool/work flow
system for monitoring changes at different stages in change request, ranging
from initiation to deployment and post implementation review. (b) Document
describing segregation of duties amongst business owner, application owner,

Confidential Page 22 of 31
 developer and team responsible for moving changes in production environment
was not defined, and practiced.
(3) DR Setup – (a) The bank was having DR Setup at BCC – Bengaluru. It was
observed that some of the applications at primary DC and DR were not same.
(b) The bank was not doing the comprehensive DR drill of all the applications of
the bank at the same time. Moreover, some of the applications like that of
treasury were tested on weekends without doing any live deal / transaction.
(4) Internet Banking - On testing the bank’s Internet Banking URL
www.axisbank.co.in for security configuration, using online available tools at
https://www.ssllabs.com/ssltest, a lot of vulnerabilities were thrown out like -
vulnerability to attacks against TLS servers; server using SSL3 which was
obsolete and insecure; server using weak signature for encryption; server not
supporting forward secrecy etc. This exposed the Internet Banking and other
critical servers to heightened risk.
(5) Security Operations Centre (SOC) – The bank had implemented SOC for
real time log monitoring of critical information systems. But all critical information
systems were not monitored by SOC in absence of which malicious activities
may not be detected for timely corrective action. Personnel with elevated system
access privileges to applications and database were also not reviewed /
monitored closely.
(6) Networking Connectivity – Out of 2,589 branches and extension counters
of the bank as on March 31, 2015, there were 509 branches with single link
connectivity and 181 having connectivity through VSAT. The bank may consider
taking steps to build redundancy in its branch networking so that operations in
branches are not disrupted due to problem in the network link.
6.2.4 Monitoring & Review
(a) There was no procedure in place for user review across the systems or to
check the desktops / laptops / servers etc. for any illegal or unauthorized
software and also to check the security configuration of the machines. (b) The
bank was using many “End of Life” software and databases which had no
technical support from the vendor.
6.2.5 Reporting
At the time of launch of Automatic Data Flow (ADF) discussion note, it was

Confidential Page 23 of 31
 envisaged that there would be one MIS Server and bank would be able to
generate all kinds of MIS from one ADF Server. But it was observed that all
reports were not available in ADF Server and some reports were generated from
respective servers. Moreover, in many cases ADF generated reports were not
being used for submission to regulator.

7. Pillar II Risk -Aggregate Score: 1.449

Assessment and Major observations
7.1 Inherent Risk Score: 1.382
7.1.1 Reputational Risk
Though the total number of customer litigations decreased during the period,
230 fresh customer litigations and increase in the number of customer
complaints posed reputational risk.
7.1.2 Residual Risk/Group Risk, etc.
The bank's total exposure to the group entities had increased substantially
during the year, which posed a higher group risk for the bank.
7.2 Control Gap Score: 1.607
7.2.1 Policy Environment
(a) Gaps in Formulation of Long Term and Short Term Strategy - The
business plan of the bank was deficient as following – (i) Though the bank was
not able to achieve its sub-targets in Priority Sector, the Business Plan or the
long term strategy document did not mention about the strategy of the bank to
achieve the sub-targets within the Priority Sector (ii) Though there has been a
surge in the frauds and NPAs in the bank, the strategy document or the
Business Plan did not mention about the bank's strategy for reducing the same
or the technological improvements to be brought about.
(b) Gaps in Reputational Risk Management Policy - Reputational Risk
Management Policy of the bank had not covered aspects related to reputational
risk arising out of the activities of the subsidiaries of the bank.
(c) Group Risk - The group risk of the bank as a whole was not a part of the
risk appetite policy/ framework of the bank, which included only the major risks
in the bank, and not those in the subsidiaries. Further, the stress testing
framework did not include group-wide scenario analysis.

Confidential Page 24 of 31
7.2.2 Controls
(a) Limits in Reputational Risk - The bank had not established any limits/
triggers to take corrective action for managing its reputational risk. In its
absence, it would be difficult to monitor if any event may pose a serious
reputational risk to the bank that requires immediate attention of the Top
Management / Board.
(b) Legal Risk - Delay was observed in the completion of legal audit for large
accounts and 416 such cases were pending as on March 31, 2015.
(c) Complaints against Subsidiaries - The bank was not monitoring TAT for
the complaints received by the subsidiaries. These complaints were not
factored in while analyzing the reputational risk of the bank. Any directions on
the resolution of the complaints by Customer Service Committee of the Board
were also not evidenced.

Confidential Page 25 of 31
 Part II: MAJOR AREAS OF FINANCIAL DIVERGENCE
The summary of major areas of financial divergence, including assessed risk weighted
assets, which determined assessed capital of the bank, is given below. Details are in
Annex1.
1. Divergences (shortfall) in Provisioning
Shortfall or
No. of Additional
Outstanding
Particulars@ borrowers / provision Remarks*
amounts
accounts required
(In mn)
Reclassification of
Standard Loans as - - -
Non- Performing
Non Performing
- - -
Investments
Sub-total (NPAs)
provisions /
- - -
accounts/
outstanding
Shortfall in Standard The bank had made provision for
Asset Provisioning standard restructured advances only
549
for restructured facilities and not for
all the facilities of borrower.
Claims Not There were 10 cases where
acknowledged as consumer forum / civil court had
debt passed the order against the bank,
and the bank had filed an appeal. As
3
the forum had initially passed the
judgement against bank, the bank
may make the additional provision of
₹ 3 mn for these 10 legal cases.
Total additional
provisions /
552
accounts/
outstanding

2. Divergence in Risk Weighted Assets (RWAs)

RWAs (In ₹ mn)
Risks Reported Assessed Divergence Remarks*

Credit Risk Overdraft-others shown at risk

weight of 75, instead of 100.
2932924 2933173 249
Personal loans added into
regulatory retail portfolio.
Market Risk 253418 253418 - -
Operational Risk 265662 265662 - -
Total RWAs 3452004 3452253 249

Confidential Page 26 of 31
 Part III: ASSESSMENT OF CAPITAL AND EARNINGS
1. Pillar I Capital & CRAR
The summary of reported and assessed capital position of the bank as on March 31,
2015 is given below. Details are in Annex4.
Basel III Capital under Basel III (In mn)

Particulars Reported Assessed Divergence Reasons for

divergence
Total capital (TC) 521048 521045 3 CET 1 reduced
on account of
Additional
Provisions for
Common Equity Tier 1 416810 416258 552 (i) Standard
(CET1)capital Assets: ₹ 549 mn;
Tier 1(T1) capital 416810 416258 552 (ii)Claims Not
acknowledged as
Tier 2 (T2) capital 104238 104787 (549) debt: ₹ 3 mn

Basel III CRAR under Basel III (in %)

Divergence(Difference Reasons for

Particulars Reported Assessed
in percentage points) divergence$
Total capital 15.09 15.09 0.00 TC reduced on
(TC) account of
Additional Provision
Common 12.07 12.06 0.01 for Standard Assets
Equity Tier 1 : ₹ 549 mn;
(CET1) Capital Claims Not
acknowledged as
Tier 1(T1) 12.07 12.06 0.01 debt: ₹ 3 mn
Capital

Tier 2 (T2) 3.02 3.03 (0.01)

Capital

2. Capital Management, ICR, ICAAP and Stress Tests

(a) Bank’s Capital Planning and Business Projections

The bank’s ICAAP process was reviewed and the corresponding benchmark references
were set that focused on the key risk areas. Capital planning exercise was carried out
by the bank for regulatory capital requirements for the FY15 and FY16 under the three
scenarios of high stress; moderate growth and moderate stress; and moderate growth.

Confidential Page 27 of 31
Business projection was done for the FY15, FY16, FY17 and FY18 which projected
around 16.21% (Actual: 20.53%),16%,15%,16% growth in the total assets / liabilities,
around 15.62% (Actual: 14.77%),15%,17%,17% growth in deposits and around 23%
(Actual: 22.17%), 22%,18%,19% growth in advances against the capital projections of
total CAR of 14.02%, 13.33% and 13.34% for FY16, FY17 & FY18 respectively. The
bank maintained acceptable overall capital positions with reference to major capital
indicators (up to June 15) like Tier I Capital at 11.06% as on June 30, 2015 (12.06% as
on March 31, 2015, risk increasing) against the required limit of 9.5%, LCR at 66.52%
(as on March 31, 2015: 88.05%, risk increasing) against the limit of 60% at the end of
FY16.

(b) Assessment of Pillar I & II Capital and Internal Capital Ratio

The bank assessed various risks under Pillar I such as Credit Risk through
Standardized Approach, Market Risk through Standardized Duration Approach and
Operational Risk through Basic Indicator Approach and computed the RWA as per
regulatory requirements. Capital requirement for Pillar II risks was assessed as part of
the Economic Capital. The bank assessed Economic Capital for Credit, Market and
Pillar II risks (Residual Credit Risk, Credit Concentration Risk and Liquidity Risk) at
99.9% confidence interval. The Economic Capital requirement worked out to ₹ 229840
mn as against the available regulatory capital of ₹ 310680 mn.
As the total available capital exceeded the Economic Capital and the regulatory
requirement, the bank did not maintain any capital add-on to the regulatory requirement
for Pillar II risks. During FY15, the bank raised Tier II capital of ₹ 8500 mn.
As on March 31, 2015 the bank’s assessed CRAR stood at 15.09% of which Tier I
contributed 12.06% and Tier II was 3.03% i.e. the total capital was above the regulatory
requirements.

c) ICAAP

The bank had submitted the ICAAP document to RBI at the end of July 2015 as against
the requirement of submitting it by June end.

While preparing the ICAAP document, inputs from various business units, Risk and
Accounts departments were obtained to assess the capital. The adequacy of the
available capital was assessed through the stress scenarios and Economic Capital. The
document approved by the Risk Management Committee was approved by the Board.

Confidential Page 28 of 31
The bank had not covered the quantification and concentration of UFCE in ICAAP and
also had not done any stress tests under various extreme but plausible exchange rate
scenarios as required under Para 9 of RBI Circular DBOD.No.BP.BC.85
/21.06.200/2013-14 dated January 15, 2014.

(d) Stress Testing

The stress testing was computed only for ‘Residential Mortgage Exposure’ asset class.
Stress assessment was not performed for other collateralized (financial collateral and
non-financial collaterals) asset class exposures e.g. commercial real estate, corporate
exposure backed by financial/ non-financial collateral, etc.

3. Assessment of Internal Generation of Capital

The details of the components of income contributing to the internal generation of capital
are given in Annex 5:

(i) The gross stable income and net stable income saw an increasing trend over the
past three years. The gross stable income grew by 15.44% and net stable
income grew by 17.28% over last year.

(ii) The non-interest income of the bank increased by 12.96% over the last financial
year. However, the net profit on exchange/ derivative transactions declined by
35.15% from ₹ 15,177 mn in 2013-14 to ₹ 9,841 in 2014-15 on account of loss of
₹ 1160 mn in 2014-15 compared to a profit of ₹ 620 mn in 2013-14 on account of
losses in INBMK portfolio and reduced exchange gain on repatriation of profit
from overseas branches.

(iii) The reported profit of the bank increased by 18.34% over last year.

(iv) Dividend payout ratio (excluding tax) was 14.86% for 2014-15. It stood at 16.30%
for 2012-13 and 15.14% for 2013-14.

(v) The bank projected a net profit of ₹ 73440 mn for the 2014-15 (a projected
growth of around 17%). The actual profit of ₹ 73578 mn was 0.19% over the
estimated profit.

(vi) The present inspection identified additional provisioning of ₹ 549 mn for shortfall
in standard restructured assets and ₹ 3 mn for claims not acknowledged as debt.

Confidential Page 29 of 31
4. Scope & ability to infuse capital

The bank had raised ₹416810 mn against the maximum limit of ₹526320 mn leaving a
scope of additional ₹109510 mn under Tier 1 (and ₹46140 mn under Tier 2). The bank’s
projected CRAR for 2015-16 under ‘base case business plans’ was 14.02% which
worked out to ₹ 606,540 mn (under stress 12.75%). The bank had plans to raise Tier 2
Capital of ₹ 25000 mn each during 2015-16 and 2017-18. The assessed CRAR for
2014-15 was 15.09%. Considering the present market positioning of the bank, the
capital raising plan for 2015-16 was considered adequate.

5. Assessment of Leverage Ratio

The assessed leverage ratio of the bank as on March 31, 2015 was 7.55% (PY 6.95%)
as against the reported leverage ratio of 7.56% which was above the minimum
regulatory requirement of 4.5%.

Confidential Page 30 of 31
PART IV: MAJOR AREAS OF NON-COMPLIANCE (REGULATORY GUIDELINES)
Regulation Area / Subject of Nature & Description of Non-
Reference (Para Non-Compliance Compliance
&Circular no.)
DBOD.BP.BC.No/51/ Housing Sector: The bank was disbursing loan amount
08.12.015/2013-2014 Innovative Housing upfront in cases of incomplete/under-
dated Sep 03,2013 Loan Products- construction housing projects and the
Upfront disbursal disbursed amount was not linked to the
of housing loans stages of construction of the housing
project/houses.
DBOD Prohibition to open The bank was maintaining savings bank
No.Dir.BC.15/13.03.0 a savings deposit accounts of government/ government
0/2014-15 dated July account in the related entities. Also, bank was paying
1, 2014 name of interest for some accounts as the bank
Government could not segregate accounts meant for
departments/bodie normal operations from accounts that
s were getting budgetary allocation.
DBOD.AML.BC.No.11 In case of legal Instances were found in the legacy
/14.01.001/2012-13 entity, banks accounts where the details of the
dated July 2, 2012 should identify the beneficial owners was not captured.
beneficial owners
and verify their
identities.
DBS.FrMC.BC.No.1/2 Frauds must be Instances were observed where the
3.04.001/2012 dated reported to Police / frauds were not reported to police/ CBI.
13 July 2, 2012 CBI
DBOD.No.BP.BC.9/2 Provision on The bank was computing the standard
1.04.048/2014-15 Restructured restructured provision only for the
dated July 01, 2014 Advances restructured facilities instead of
(Para 12.4.1) computing the provision on all the
facilities of the borrower
DBOD.AML.BC.No.29 Every person shall Instances were observed where the bank
/14.01.001/2013-14 quote his PAN did not obtain the PAN Number/ Form 60
dated July 12, 2013 number while of the account-holders where cash
depositing cash deposit transactions of more than ₹
aggregating fifty 50,000 took place.
thousand rupees or
more with a bank
during any one
day.

Confidential Page 31 of 31