by The banking framework in India is a well-structured, multi-layered system that supports the country’s economic growth and financial stability. At the apex sits the Reserve Bank of India (RBI) , established in 1935 and fully nationalized in 1949, serving as the central bank, monetary authority, and regulator. The framework follows a dual banking structure comprising scheduled commercial banks (public sector, private sector, foreign, regional rural banks, and small finance/payment banks) and cooperative banks (urban and rural). This hierarchy ensures financial inclusion, credit flow to priority sectors, and adherence to prudential norms like Basel III. The framework is governed by key legislations including the Banking Regulation Act, 1949, the RBI Act, 1934, and the Negotiable Instruments Act, 1881. Recent reforms like bank consolidation, digital banking units, and the Insolvency and Bankruptcy Code (IBC) have modernized the framework, making it resilient, transparent, and globally competitive.
Banking Regulatory and Legal Framework in India:
1. Reserve Bank of India (RBI) – Apex Regulator
The Reserve Bank of India (RBI) is the supreme monetary and banking regulator in India, established in 1935 and fully nationalized in 1949. It derives its powers from the RBI Act, 1934, and the Banking Regulation Act, 1949. As a regulator, the RBI issues licenses for new banks, prescribes capital adequacy norms (Basel III), controls the money supply through monetary policy (repo rate, CRR, SLR, reverse repo), supervises banks via on-site and off-site inspections (using CAMELS framework), and manages foreign exchange under FEMA. It also acts as the lender of last resort, banker to the government, and overseer of payment and settlement systems. The RBI’s regulatory objective is to maintain public confidence, protect depositor interests, ensure financial stability, and promote a diversified, competitive banking system.
2. Banking Regulation Act, 1949
The Banking Regulation Act, 1949 (formerly known as the Banking Companies Act) is the foundational statute governing all banking operations in India. It applies to all scheduled commercial banks, cooperative banks, and certain other financial institutions. Key provisions include Section 6 (permissible banking business activities), Section 10 (management and board composition), Section 21 (control over lending policies), Section 22 (licensing requirement for new banks), Section 24 (maintenance of SLR), Section 35 (power of RBI to conduct inspections), and Section 45 (amalgamation and winding up of banks). The Act also restricts dividend distribution without prior regulatory approval, prescribes minimum capital requirements, and limits loans to directors and their interests. It gives RBI overriding powers to issue directions in the public interest, even superseding banks’ boards when necessary.
3. RBI Act, 1934
The Reserve Bank of India Act, 1934, provides the constitutional mandate for the existence, powers, and functions of the RBI. It establishes the RBI as the central bank and defines its key roles: issuer of currency notes (Section 22), banker to the government (Section 20), banker to banks (Section 42), and controller of credit (Section 46). The Act empowers RBI to fix the Bank Rate, prescribe Cash Reserve Ratio (CRR) for scheduled banks without any floor or ceiling (amended in 2006), and require banks to maintain assets in India. It also creates the Monetary Policy Committee (MPC) under Section 45ZB to target inflation. The Act imposes penalties for non-compliance, allows for the acquisition of bank management in crisis, and governs foreign exchange reserves management. It is the parent Act under which most monetary and regulatory powers flow to the RBI.
4. Deposit Insurance and Credit Guarantee Corporation (DICGC)
The DICGC is a wholly owned subsidiary of RBI, established under the DICGC Act, 1961, to provide deposit insurance to depositors in all commercial banks (including cooperative banks and NABARD). The objective is to protect small depositors from losing their savings if a bank fails. Each depositor is insured up to ₹5,00,000 (₹5 lakh) per bank across all accounts (savings, current, fixed deposits) held in the same right and capacity. The premium is paid entirely by the insured banks, not depositors. Upon bank liquidation or cancellation of license, the DICGC pays eligible depositors within 90 days. Claims are triggered when a bank’s license is cancelled or when it is placed under moratorium/amalgamation. This framework instills public confidence, prevents bank runs, and promotes financial stability by assuring depositors of safety.
5. Prevention of Money Laundering Act (PMLA), 2002
The Prevention of Money Laundering Act, 2002, applies to all banking institutions in India as part of the anti-money laundering (AML) regulatory framework. Banks are designated as “reporting entities” required to maintain Know Your Customer (KYC) records for ten years, verify customer identity, and report suspicious transactions to the Financial Intelligence Unit (FIU-IND). Key obligations include filing Cash Transaction Reports (CTRs) for transactions exceeding ₹10 lakh, Suspicious Transaction Reports (STRs) regardless of amount, and Counterfeit Currency Reports (CCRs). Banks must appoint a Principal Officer for AML compliance, conduct employee training, and operationalize board-approved AML policies. Non-compliance attracts fines up to ₹5 lakh and prosecution under PMLA. This framework complements RBI’s KYC/AML guidelines and helps combat terror financing, tax evasion, and corruption through banking channels.
6. Securitisation and Reconstruction of Financial Assets and Enforcement of Security Interest (SARFAESI) Act, 2002
The SARFAESI Act, 2002, empowers banks and financial institutions to enforce security interests (collateral) without court intervention, thereby reducing non-performing assets (NPAs). Under Section 13, a secured creditor can classify an account as NPA, issue a 60-day demand notice, and if the borrower fails to repay, take possession of secured assets, sell or lease them, appoint a manager, or take over the management of the borrower’s business. Banks must follow procedural fairness—valuation of assets, public auction with reserve price, and surplus return to the borrower. The Act applies to all scheduled commercial banks, certain cooperative banks, and asset reconstruction companies (ARCs). However, it does not apply to agricultural land and debts below 20% of loan principal. SARFAESI drastically reduced recovery time and improved banks’ bargaining power, complementing the IBC, 2016.
7. Foreign Exchange Management Act (FEMA), 1999
The Foreign Exchange Management Act, 1999 (replacing FERA, 1973), regulates all foreign exchange transactions in India and applies to banks dealing in forex. Under FEMA, RBI controls current account transactions (subject to reasonable limits) and capital account transactions (regulated with permission). Banks, as Authorized Dealer (AD) Category I banks, are licensed by RBI to buy/sell foreign currency, open foreign currency accounts, remit funds abroad, issue traveler’s cheques and forex cards, and finance international trade. Banks must comply with KYC/AML norms under FEMA, report transactions exceeding prescribed limits (e.g., ₹10 lakh for wire transfers), and ensure no unauthorized external commercial borrowings (ECBs) are facilitated. Violations attract penalties up to three times the sum involved or ₹2 lakh per day for continuing contravention. FEMA made forex transactions liberal, compliant with global standards, while giving RBI and banks enforcement teeth.
8. Insolvency and Bankruptcy Code (IBC), 2016
The Insolvency and Bankruptcy Code, 2016, provides a time-bound, creditor-driven resolution framework for corporate debtors, applying to banks as financial creditors. When a default occurs (minimum ₹1 crore for corporate debtors), banks can initiate Corporate Insolvency Resolution Process (CIRP) through the National Company Law Tribunal (NCLT). The process must be completed within 330 days (including litigation). A Resolution Professional appointed by banks (Committee of Creditors) invites resolution plans, and a 66% vote of creditors approves any plan. If no resolution occurs, the debtor goes into liquidation. IBC replaced fragmented recovery laws (SARFAESI, SICA, RDBA) and empowered banks to recover from wilful defaulters. As of 2024, banks have recovered over ₹3.5 lakh crore under IBC, significantly reducing NPAs from 11.2% (2018) to below 3% (2024).
9. Credit Information Companies (Regulation) Act, 2005
The Credit Information Companies (Regulation) Act, 2005, governs the establishment and operation of credit information companies (CICs) like CIBIL, Equifax, Experian, and CRIF High Mark. Commercial banks are mandatory members and data providers under this Act. Banks must submit accurate and timely credit data (loan amounts, repayments, defaults, credit card usage) of all borrowers to CICs at least monthly. In return, banks access credit scores and reports to assess borrower creditworthiness before sanctioning loans or credit cards. The Act mandates confidentiality (Section 17), dispute resolution mechanisms (Section 25), and penalties for data falsification (up to ₹1 crore fine and imprisonment). This framework prevents over-leveraging, reduces information asymmetry between borrower and lender, curbs NPAs, and encourages responsible lending. Banks cannot reject loans solely on credit score but must disclose reasons for rejection.
10. Legal Framework for Digital Banking
Digital banking in India is regulated by several overlapping frameworks, primarily the RBI’s “Guidelines on Digital Banking” (2021), the Information Technology Act, 2000, and the Payment and Settlement Systems Act, 2007. Banks offering internet banking, mobile banking, UPI, AePS (Aadhaar Enabled Payment System), and digital only accounts must comply with security standards: two-factor authentication (2FA), encryption of customer data, transaction limits for unregistered beneficiaries, and real-time fraud monitoring. The IT Act provides legal recognition to electronic records (Section 4) and digital signatures, while penalizing cybercrimes (Section 43, 66, 66D). Banks are liable for unauthorized electronic fund transfers if notified within 3 days (zero liability if notified immediately; limited liability after day 4-7). The framework also mandates a dedicated cyber cell at RBI, cyber insurance, and mandatory reporting of data breaches within 6 hours.
