DPNC Global

Compliance Function and Role of Chief Compliance Officer – NBFCs



The Reserve Bank of India (RBI) in continuation to the guidelines provided in the Scale Based Regulations: A Revised Regulatory Framework for NBFCs, has further issued a circular on April 11, 2022, re-highlighting the requirement of independent Compliance Functions and a Chief Compliance Officer by Non- Banking Financial Companies in the Upper Layer (NBFC -UL) and Middle Layer (NBFC -ML).


NBFCs in the Base Layer (NBFC-BL) shall continue to be governed under the existing guidelines.

NBFC -UL are required to put in place a Board approved policy and a Compliance function, including the appointment of a Chief Compliance Officer (CCO) based on the framework provided by RBI latest by April 01, 2023 and NBFC – ML are required to provide the same latest by October 01, 2023

Key highlights of the framework provided by RBI regarding Compliance Function and Role of Chief Compliance officer are as follows:

  1. Compliance function shall ensure strict observance of all statutory and regulatory requirements of the NBFC, including standards of market conduct, managing conflict of interest, treating customers fairly and ensuring the suitability of customer services.
  2. The Board/Audit Committee shall ensure that an appropriate Compliance policy is put in place and implemented.
  3. The framework also provides key responsibilities of Compliance function and senior management
  4. The NBFC shall lay down a Board – approved Compliance Policy clearly spelling out its Compliance philosophy, expectations on Compliance culture, structure and role of Compliance function, the role of CCO, processes for identifying, assessing, monitoring, managing and reporting on Compliance risk.
  5. The framework also provides for tenure, process of removal, rank, skills, conduct, selection process, reporting requirement and reporting line of CCO.
  6. The Compliance Department shall be headed by the Chief Compliance officer. There shall not be any dual hatting i.e. the CCO shall not be given any responsibility which brings elements of conflict of interest, especially any role relating to business.
  7. The NBFC shall carry out an annual Compliance risk assessment in order to identify and assess major Compliance risks faced by them and prepare a plan to manage the risks.
  8. Compliance risk shall be included on the risk assessment framework of the Internal Audit Function, and Compliance Function shall be subject to regular internal audit.
  9. A prior intimation to the Senior Supervisory Manager, Department of Supervision, Reserve Bank of India, shall be provided before appointment, premature transfer, resignation, early retirement or removal of the CCO. Such information shall be supported by a detailed profile of the candidate along with “Fit and Proper” certification by the MD & CEO of the NBFC, confirming that the person meets the prescribed supervisory requirements and rationale for changes, if any



The guidelines and framework provided by the RBI regarding Compliance Function and Role of Chief Compliance Officer (CCO) would ensure better corporate governance and better adherence to the regulatory framework by the NBFC

For further details or clarifications, please refer the circular at:




Upper Layer

The Upper Layer shall comprise of those NBFCs which are specifically identified by the Reserve Bank as warranting enhanced regulatory requirement based on a set of parameters and scoring methodology as provided in Circular – Scale Based Regulation (SBR): A Revised Regulatory Framework for NBFCs. The top ten eligible NBFCs in terms of their asset size shall always reside in the upper layer, irrespective of any other factor.


Middle Layer 

The Middle Layer shall consist of (a) all deposit taking NBFCs (NBFC-Ds), irrespective of asset size, (b) non-deposit taking NBFCs with asset size of ₹1000 crore and above and (c) NBFCs undertaking the following activities (i) Standalone Primary Dealers (SPDs), (ii) Infrastructure Debt Fund – Non-Banking Financial Companies (IDF-NBFCs), (iii) Core Investment Companies (CICs), (iv) Housing Finance Companies (HFCs) and (v) Infrastructure Finance Companies (NBFC-IFCs).


For details, please refer to the attached pdf:


About Our Regulatory Advisory & Support Services

DPNC Global LLP is a full service consulting firm providing multi-disciplinary services to clients ranging from MNCs, Indian Corporates from across industries to Family Offices and UHNIs, both in and outside India.


Our Regulatory Advisory & Support Services team consistently works towards providing simple and practical solutions to complex issues. Any entity operating in India would need to navigate the dynamic eco system and endeavor to ensure due regulatory compliance with the wide spectrum of applicable legislations. We advise & assist clients to be fully compliant with a wide spectrum of applicable regulations including Company Law, Limited Liability Partnerships (LLP) Act, SEBI Regulations, Non-Banking Financial Companies (NBFCs) Law etc. To know more about our services, visit https://dpncglobal.com/regulatory-advisory-support/




The information contained herein is based on the circular issued by Reserve Bank of India. While the information is believed to be accurate to the best of our knowledge, we do not make any representations or warranties, express or implied, as to the accuracy or completeness of this information. Reader should conduct and rely upon their own examination and analysis and are advised to seek their own professional advice. This note is not an offer, invitation, advice or solicitation of any kind. We accept no responsibility for any errors it may contain, whether caused by negligence or otherwise or for any loss, howsoever caused or sustained, by the person who relies upon it.