The Reserve Bank of India (RBI) issued the *Commercial Banks – Credit Risk Management (Amendment) Directions, 2026* on January 5, 2026, which will come into force from April 1, 2026. Commercial banks have also been given the flexibility to adopt these directions earlier, in full.
These amendments represent a significant step towards strengthening credit risk governance, particularly in the sensitive area of lending to related parties. By aligning banking regulations with the Companies Act, 2013 and the Insolvency and Bankruptcy Code, 2016, the RBI aims to reduce conflicts of interest, improve transparency, and reinforce prudential discipline in credit decision-making.
—
Key Objectives of the Amendments**
The amended framework seeks to:
* Introduce **uniform and comprehensive definitions** of related parties, control, promoters, key managerial personnel (KMPs), and specified employees.
* Mandate a **Board-approved Credit Risk Management Policy** covering critical risk areas, including related-party lending.
* Establish **clear approval, disclosure, monitoring, and enforcement mechanisms** to address governance risks.
* Replace fragmented and legacy provisions with a **principle-based and structured approach** to credit risk management.
—
Expanded Definition of ‘Related Party’
Under the amended Directions, a *related party* in relation to a bank includes:
* A related person or a reciprocally related person, and
* Any entity where such a person:
* Is a promoter, director, partner, manager, or KMP;
* Holds more than **10% of the paid-up equity capital**;
* Exercises control or more than **20% of voting rights**, directly or indirectly;
* Has the power to nominate a director;
* Acts as a guarantor or surety;
* Is associated through trusts, subsidiaries, holding companies, associates, or joint ventures.
Importantly, exclusions have been provided where:
* Director nomination rights arise purely from lending arrangements,
* Advice is given in a professional capacity, or
* Government-owned entities share common ownership with government-owned banks.
—
Who is a ‘Related Person’ and ‘Specified Employee’?
A *related person* includes a promoter, director, or KMP of the bank, or any individual who:
* Holds or controls more than **5% equity or voting rights**, or
* Exercises control over the bank, singly or jointly.
*Specified employees are defined as:
* Employees positioned up to two levels below the Board, and
* Any other employees designated as such under the bank’s internal policy.
—
Mandatory Credit Risk Management Policy
Banks are now required to put in place a comprehensive Board-approved Credit Risk Management Policy. At a minimum, the policy must cover:
* Lending to related parties and specified employees
* Country risk management
* Unhedged foreign currency exposures
* Property valuation norms and empanelment of valuers
* Opening and operation of current accounts and CC/OD accounts
This policy-based approach ensures that credit risks are addressed **systematically rather than transaction-wise**.
—
Lending to Related Parties: Governance Framework
General Principles
* The Board of Directors bears ultimate responsibility for oversight of related-party lending.
* Credit policies must incorporate additional safeguards to manage risks arising from such exposures.
* Aggregate limits and sub-limits for related-party lending must be clearly defined and remain within RBI’s prudential exposure norms.
* A whistle-blower mechanism must encourage reporting of unethical or irregular related-party transactions without fear of reprisal.
Regulatory Prohibitions
Banks are prohibited from having exposure to:
* Promoters, their relatives, and shareholders holding 10% or more equity in the bank, and
* Entities where such persons exercise significant influence or control.
Certain limited exemptions are permitted, such as:
* Loans granted before a director’s appointment (without renewal or enhancement),
* Fully secured personal loans to directors under staff-equivalent terms,
* Advances against government securities, insurance policies, or fixed deposits within prescribed LTV norms,
* Fully cash-collateralised non-fund based facilities.
—
Monitoring, Disclosure, and Audit
To ensure continuous oversight, banks must:
* Maintain and periodically update a centralised list of related persons and related parties.
* Report loans to specified employees and their relatives to the Board annually.
* Conduct **quarterly or more frequent internal audits** to verify compliance.
* Report any deviations from policy to the Audit Committee of the Board.
Any attempt to circumvent these directions through reciprocal lending or structured arrangements will be treated as related-party lending.
—
Enforcement and Supervisory Action
Non-compliance with the amended Directions may attract stringent supervisory action by the RBI, including:
* Monetary penalties
* Full provisioning requirements
* Staff accountability and disciplinary exercises
* Forensic audits
* Business or exposure restrictions
This underlines RBI’s zero-tolerance approach to governance lapses in related-party transactions.
—
Transition and Implementation
The amendments take effect from April 1, 2026. To ensure a non-disruptive transition:
* Existing non-compliant related-party exposures may run off till maturity.
* However, such facilities cannot be renewed, enhanced, or reviewed, even if contractually permitted, unless they fully comply with the amended Directions.
—
Conclusion
The RBI (Commercial Banks – Credit Risk Management) Amendment Directions, 2026 mark a decisive move towards stronger governance, transparency, and accountability in bank lending. By clearly defining related parties, tightening prohibitions, and reinforcing Board oversight, the RBI has provided commercial banks with a robust compliance framework to manage credit risks prudently while safeguarding depositor and systemic interests.
For banks, early adoption and effective internal alignment will be key to realising the full benefits of this enhanced regulatory regime.
