Credit information Companies and the Related Modified Norms from RBI

Credit Information Companies (CICs) are independent third-party financial entities that are formed and registered under the Companies Act and are regulated by RBI through NBFC registration and licensing procedure. This entity collects financial information related to loans, credit cards, and other such products and delivers it to the members.

These companies also have access to the customers’ financial history based on which they create credit reports and share them with NBFCs and banks. This comes in handy for these institutions while determining the eligibility of customers for loans. A Credit Information Company is licensed by the RBI and is governed by the norms of the Credit Information Companies Act, 2005.

Last year, RBI has modified the format to furnish credit information to CICs. The uniform credit reporting format, suggested by RBI, had two annexes, containing formats for credit reporting. Now, these are modified by the Reserve Bank of India. In this article, we shall take a glance at these modifications before learning in detail about the license requirements and functionality of Credit information companies.

License Requirements and Other Regulations for CICs

The type of services provided by CICs makes them an integral part of the decision-making process of the banks and NBFCs during the loan processing activities. Hence, the credit information shared by them must be accurate and trustworthy. Therefore, all the CICs in India are licensed by the Reserve Bank of India (RBI) and are governed by the provisions under Credit Information Companies Regulation Act (CIC Act), 2005 and other RBI regulations. 

As per Section 2 of the CIC Act, ‘Credit Information’ refers to any data concerning

• The total amount and nature of loan or advances remaining under credit cards and other similar credit facilities granted (or to be granted) by a Credit institution like bank or NBFC to any borrower.
• The type of the surety taken (or proposed to be taken) by the credit institutions from the borrower concerning the credit facilities being provided.
• The guarantee furnished by a credit institution to its borrowers regarding the safekeeping of their data.
• The creditworthiness of any borrower for applying to banks or NBFCs for a loan.
• Any other information which the RBI may consider to be necessary for inclusion in the Credit Information Report.

A credit report plays a key role within the application for a loan or even a credit card. The Credit institutions lay emphasis on the credit score of the borrower to work out the extent of the credit and to draw up the terms and conditions as per the credit score of the applicant. As per the RBI’s notification issued in 2016, each customer/individual should be provided one base-level credit line Information Report (CIR) free of cost per year by a Credit Information Company (CIC). This report should be one free full credit report (FFCR) including the credit score.

Credit Instructions required by members of any of the CICs depend upon the Credit Report provided by the CICs for lending loans. The report is provided to support the request received from the respective credit institution for processing the loan/credit card request of any individual applicant. A CIC can seek help from other CICs if the bank or NBFC concerning the financial history of the applicant isn’t their member.

The CIC Act, 2005 requires the CICs to come up with specific procedures to receive and supply information. Also, not only the member financial institutions but even the borrowers can check their credit scores from CICs. The CIC’s have their own procedure through which the individuals can apply for a credit report at a specified fee. A good credit score is perceived as a prerequisite for procuring a loan.

Privacy Norms for CICs 

One of the prime apprehensions regarding CICs is maintaining privacy while sharing customer’s information. However, this has been safeguarded through the privacy principles of the CIC Act 2005. Although, care needs to be exercised in reference to the gathering of Credit Information. CIC’s obligation includes rights to collection, recording, and storage of the info and ensuring that there’s no theft or loss of such information. Credit Institutions also take up the ownership of accuracy and security of the info by giving the data to the CICs within specified formats set by RBI and by updating the data regularly.

Security-related procedures need to be kept in situ by both CICs and Credit Institutions. The workers of both entities are required to sign a declaration of fidelity and secrecy. Procedures that must be followed in reference to the disclosure of data.

• The Data collected must be adequate and relevant.
• The use of information is restricted to specific users complying with the law, a borrower on basis of the request specified by RBI.
• The drawing of reports is restricted to specific users.
• All the CICs are needed to keep checks and balances as per the law to meet the privacy maintenance standards. 

Modification Notification by RBI for Reporting

On June 27, 2014, the Reserve Bank had begun a consistent Credit reporting Format for reporting credit information to CICs to maintain privacy in data sharing of customers. The uniform credit reporting format has two annexes. Annex-I, Which had two formats for credit reporting, i.e., consumer bureau and commercial bureau. In Annex-II, there’s a credit reporting format for the Micro-Finance Institution segment. The Reserve Bank recently modified the three formats.

Commercial Bureau

Under the commercial bureau, the prevailing field “major reason for restructuring” shall have a replacement catalogue value named – ‘restructured thanks to Covid-19’.

Consumer Bureau

Under the buyer Bureau, the label of the sector “written off and settled status” is modified as Credit facility Status, and it might even have a replacement catalogue value- ‘restructuring thanks to Covid-19’.

MFI (Micro Finance Institution) Bureau

Under the MFI (Micro Finance Institution) Bureau, the prevailing field ‘Account Status’ shall have a replacement catalogue value – ‘restructured thanks to Covid-19’. Lenders have already been reporting restructured accounts to CICs, and therefore, the modified format requires them to exactly identify the loans that are being restructured under the Covid relief scheme. The restructuring scheme has been used sparingly as most lenders said that they received only a couple of requests to avail the scheme. 

The RBI format to furnish credit information to CICs has been issued to the following entities:

• All commercial banks, including small finance banks (excluding payment banks), and regional rural banks;
• All India Financial Entities (Exim Bank, NABARD, NHB, and SIDBI);
• All-State Co-operative Banks, Primary (urban) co-operative Banks, and District Central Co-operative banks;
• All CICs.

As stated by RBI, these modifications are made to permit banks and other financial entities like NBFCs to report the information concerning the unstructured loans to CICs as envisaged within the RBI notification released in August 2020 on Resolution Framework for Covid-19 related stress.

Process of Registration as CIC

Section 4 of the CIC Act, 2005, specifies that any company which intends to start out a Credit Information sharing business must apply for registration to the RBI as per the required regulations. Even the prevailing companies that were dealing with Credit Information at the time of enactment of the Act were also required to get a Certificate of Registration. However, they were allowed to continue their business until receiving the certification or rejection from RBI. The conditions which must be satisfied by the businesses to receive the Certification of Registration from RBI are available in Section 5 of the CIC Act, 2005.

Once an application for registration is filed, RBI can either grant registration or reject it. However, the applicant company is provided with a chance to be heard, before rejecting its application. RBI reserves the right to work out the no. of Credit Information Companies that will be granted with the CoR to hold out the business of Credit Information. This is done by taking into consideration various factors just like the available business of Credit Information, the scope of expansion of existing CICs, etc. Furthermore, RBI has the right to cancel the registration certificate of any CIC as per the norms of Section 6, of the CIC Act 2005.

To Conclude

As stated above, Banks/All India financial institutions/NBFCs were required to implement these changes related to a modification in the format of information sharing within two months. These regulations and notifications are brought continuously by RBI to curb any malpractice in the financial sector that may arise during NBFC Collaboration. For example, earlier there were instances of Credit Institutions being involved in sharing the credit information with Fintech companies. These companies then let their platforms be used by other Credit Institutions to succeed in poaching customers and to process their requests. Later, RBI put curbs and asked the Credit Institutions to refrain from the practice of poaching customers.

Cases like this should not rise in coming years and hence, RBI is taking steps in filtering out any loophole in the regulatory system. Taking care of privacy while dealing with customer’s data is of utmost importance even for RBI. and considering that it released the notification regarding change in the format of credit sharing information. The format needs to be updated regularly to halt any possible privacy fraud.

Opening a credit information company in the current scenario could prove to be quite beneficial as they deal with mainly financial entities. with the right infrastructure to handle data and ensure privacy, any company can be a successful CIC. To get the registration for a CIC, the ideal practice would be to contact a financial consultancy and apply through them to RBI for easy registration.