RBI's New Directions on Credit Reporting: What it means for CICs and Lenders

On January 6, 2025, the RBI released its Master Direction on Credit Information Reporting—a move that mostly consolidates existing guidelines. On a first read, some of the provisions under the directions might seem new, however, after carrying out a detailed analysis, we found nothing really is new here!

Prime Focus: Data Accuracy and Quality

Data seems to be the key focus of the directions- as can be seen from various requirements on accuracy, data quality and periodic reviews. To ensure high standards of data accuracy, CICs must:

• Communicate data acceptance parameters to credit institutions.
• Conduct periodic checks to evaluate identifier inconsistencies in their database and share the findings with the respective credit institutions to confirm the accuracy of the data

Data Quality Index: Too granular?

CICs are now required to create a Data Quality Index (DQI) at both credit institution and industry levels for Consumer segment as well. They must:

• Update the index monthly.
• Explain score declines to credit institutions when scores drop compared to the previous month or below industry benchmarks.

While this is a significant step toward improving credit data, it raises practical concerns. With the massive datasets CICs handle, will this level of granularity become cumbersome? Could sampling instead of full data review be a feasible alternative?

The Often Overlooked Data Points

The directions also bring attention to some data points that are often disregarded or not given enough weightage in credit underwriting- the presence of co-borrowers or guarantors and disputed credit reporting. ?

Co-Borrowers and Guarantors: The presence of a co-borrower or guarantor significantly reduced the credit risk of the respective credit facility. Hence, while there may be a default at the borrower’s end, the lender can still recover the facility from the guarantor. The directions require the details of the same to be captured in the credit information report (CIR). This helps lenders assess a borrower’s complete financial exposure and reduces credit risk since guarantors provide an additional layer of recovery assurance.

Customer Disputes: Customers often struggle with incorrect reporting by credit institutions that end up impacting their credit scores negatively. Instances of a few hundreds in credit card fee showing outstanding despite being paid and settled are not uncommon!

The directions address this to some extent by allowing a provision for the customer to add comments in their CIR. Further, CIR must disclose details of information disputed by customers.

These measures could enhance transparency and fairness, but they will also increase operational responsibilities for CICs.

Careful with the ‘Authorised Representative Model’

While these requirements were communicated to CICs informally earlier, the directions now formalise these requirements.

Commonly known as the ‘authorised representative model’, the model of accessing credit information based on customer consent by entities that are not specified users is quite common. These entities are not regulated by the RBI or under the Credit Information Companies (Regulation) Act, 2005. The directions now require CICs to carry out due diligence of such entities before entering into an arrangement to share the credit information. However, the parameters provided by the directions for due diligence are quite subjective and may be open to various interpretations.

The directions also introduce the following additional safeguards, requiring the CICs to ensure:

• specific end-use, prohibit reselling and unauthorised use and access;
• that information is deleted within 6 months from the date of providing the same, or when the purpose is fulfilled or if the customer withdraws consent, whichever is earlier;
• that?credit information is shared with employees or agents on a ‘need to know basis’ only;
• credit information is processed and stored in India.

While safeguards are in place, monitoring implementation remains a challenge. Contractual obligations alone may not suffice, and CICs will need to innovate monitoring mechanisms. Interestingly, the directions require that the authorised representatives ought to carry out an Information Security audit and submit the report to the relevant CIC. The CIC may require the authorised representative to include the above requirements in the scope of the IS audit. This may help the CIC monitor implementation to some extent.

RBI Reporting

The directions impose various reporting requirements on CICs, including the following:

• Details of credit institutions that do not respond with accurate information on identifier inconsistencies on a half-yearly basis;
• List of credit institutions that do not adhere to the fortnightly data submission timelines;
• Monthly data of credit institution level and industry level data quality index; and
• List of credit institutions not adhering to the instructions on reporting of relationship segment data.

Way Forward: What Should CICs and Credit Institutions Do?

For CICs:

• Review policies and processes to align with the new directions.
• Strengthen arrangements with credit institutions and authorised representatives.
• Innovate monitoring frameworks for compliance with new safeguards.

For Credit Institutions- it has become important to ensure timely and accurate reporting of data to avoid regulator scrutiny. ??

Concerns that are Yet to be Addressed

While the directions address concerns such as data quality, duplication, and inconsistencies arising from disputed credit information, some practical challenges remain unresolved.

For instance, the shorter reporting timelines have made it increasingly difficult for financial institutions to upload accurate data in a timely manner. This highlights the pressing need for automation in credit information reporting, which has been a long-standing demand in the industry.

Additionally, the variation in credit scores issued by different CICs creates confusion for financial institutions. While the credit scoring models are propreitory and necessary for fair competition among CICs, greater transparency in the parameters and data aspects considered while scoring could provide lenders with a clearer understanding of the scores, enabling more informed and efficient lending decisions.

Final Thoughts

The new Directions underscore the RBI's heightened emphasis on consumer protection and data accuracy. While these guidelines existed previously, they often went unnoticed amidst the multitude of circulars and notifications issued over time. By consolidating these provisions, the Directions provide a unified framework, making it significantly easier for CICs and credit institutions to track and ensure compliance. Hoping for a more streamlined internal compliance framework for CICs and credit institutions now!