The Reserve Bank of India (“RBI”), as part of its broader effort to strengthen governance standards for Non-Banking Financial Companies (“NBFCs”), had earlier issued the circular on “Compliance Function and Role of Chief Compliance Officer – NBFCs” dated April 11, 2022 (“2022 circular”). The circular mandated NBFCs in the Middle Layer and Upper Layer to establish an independent Compliance Function and appoint a Chief Compliance Officer (“CCO”).

Subsequently, RBI has now issued the Draft Reserve Bank of India (Non-Banking Financial Companies – Compliance Function) Directions, 2026 (“Draft Directions”), which seek to consolidate and formalise the earlier framework into a comprehensive regulatory structure.

The Draft Directions reflect RBI’s increasing supervisory focus on strengthening compliance culture, enhancing independence of the Compliance Function and integrating technology-driven compliance monitoring mechanisms within NBFCs. While the Draft Directions largely retain the principles prescribed under the 2022 Circular, certain important changes and enhancements have been proposed.

Key Changes under the Draft Directions, 2026

1. Dedicated Framework for Technology-Based Compliance Monitoring

A major addition under the Draft Directions is the introduction of a separate chapter on “Use of Technology for Monitoring.” Whereas the earlier 2022 Circular did not specifically prescribe any technology-enabled compliance monitoring framework.

The proposed framework signifies a shift from conventional paper-based and manual compliance processes towards a technology-driven and automated compliance management system. Such systems are expected to enhance regulatory oversight, improve audit trails, establish clearer accountability mechanisms, facilitate seamless flow of compliance-related information across functions and enable real-time compliance tracking for stakeholders including the Board, senior management, auditors and the other relevant stakeholders.

The Draft Directions require NBFCs to implement comprehensive and integrated compliance monitoring systems capable of:

• tracking compliance obligations,
• escalating instances of non-compliance,
• recording approvals for deviations or delays, and
• providing unified dashboard view to senior management on compliance position of the NBFC as a whole.

2. Enhanced Role of CCO in Product Governance

Under the 2022 Circular, the CCO was required to be part of the “new product” committee for reviewing compliance risks associated with new products. The Draft Directions further clarify that where no such committee exists, the CCO must independently evaluate all new products prior to launch. This strengthens the role of the Compliance Function in product approval and risk assessment processes.

3. RBI Inspection Compliance – Greater Supervisory Emphasis

While the 2022 Circular provided that unsatisfactory compliance with Risk Mitigation Plans (“RMPs”) and Monitorable Action Plans (“MAPs”) may invite penal action from RBI, the Draft Directions instead emphasise the requirement for NBFCs to establish an “effective Compliance Program” to ensure timely and sustainable compliance with all RMP/MAP points. This also strengthens the role of the CCO and Compliance Function in monitoring implementation of RBI inspection observations and ensuring timely closure of supervisory action points.

The shift indicates a move from an express penal warning framework towards a broader governance and supervisory compliance approach, while continuing to reflect RBI’s increased focus on timely implementation of inspection observations and corrective actions.

4. CCO – Authority to Access Records and Independence

Under the 2022 Circular, the authority of the CCO and the Compliance Function to communicate with staff members and access records or files necessary for discharge of compliance responsibilities specifically flowed from the Board-approved Compliance Policy of the NBFC.

However, under the Draft Directions, RBI has directly codified this authority by expressly providing that the CCO shall have the authority to communicate with any staff member and access all records or files necessary for examining compliance issues. Accordingly, such powers would no longer depend upon specific inclusion in the Compliance Policy, thereby strengthening the independence and authority of the Compliance Function.

5. Expanded Reporting Requirements to RBI

The Draft Directions expand the reporting obligations relating to the CCO. In addition to prior intimation regarding appointment, resignation, transfer or removal of the CCO, RBI has now proposed that any change in the terms and conditions relating to the tenure of the CCO, shall also require prior intimation to RBI.

This indicates RBI’s intent to ensure continuity, independence and stability of the Compliance Function.

Conclusion

The Draft RBI (NBFC – Compliance Function) Directions, 2026 represent a significant step towards strengthening the compliance governance framework for NBFCs. While the foundational principles of the 2022 Circular have largely been retained, the Draft Directions seek to formalise and expand the regulatory expectations relating to independence of the Compliance Function, authority of the CCO, supervisory compliance and technology-enabled monitoring mechanisms. The proposed framework reflects RBI’s increasing focus on proactive compliance culture, stronger Board oversight and enterprise-wide compliance management.

Once finalised, NBFCs may be required to reassess their existing compliance structures, reporting frameworks and monitoring systems to align with the enhanced supervisory expectations envisaged under the Draft Directions.