The RBI's co-lending framework — introduced through the Co-Lending Model (CLM) circular of November 2020, itself an evolution of the Co-Origination of Loans guidelines issued in 2018 — was one of the more structurally ambitious regulatory interventions of the past decade in Indian credit. The policy logic was coherent: banks have low-cost capital and PSL obligations; NBFCs and fintechs have distribution reach and technology-enabled underwriting capability in segments banks cannot serve efficiently. Co-lending was designed to combine both.
What has followed in practice is a market that is larger, more complex, and more analytically inconsistent than the 2020 circular anticipated. Bank-fintech co-lending portfolios across the system now run into several hundred thousand crore rupees of outstanding exposure. The compliance and analytical frameworks in many of those programmes have not kept pace with the volume.
Co-origination versus co-lending: a distinction that still matters
The 2018 RBI co-origination guidelines applied to Priority Sector Lending relationships between banks and NBFCs. The 2020 CLM circular expanded this to a wider set of lending relationships and introduced the term 'co-lending' as the governing framework. The two concepts are often used interchangeably in market practice, but they are not identical.
Under co-origination, the bank and NBFC jointly underwrite each loan from the outset, with both entities participating in the credit decision. Under the CLM framework, the NBFC may originate loans independently and subsequently assign a portion to the bank partner, or the two entities may jointly originate at the point of disbursement. The regulatory requirements for each approach differ at the margin — particularly in terms of documentation sequence, the point at which the bank's credit approval is required, and the capital treatment of the bank's exposure.
Programmes that operate on a de facto originate-then-assign basis — where the NBFC makes the credit decision and then offers the loan to the bank — need to be assessed against the full framework requirements for loan transfers, including the Transfer of Loan Exposures direction. Many programmes in the market that describe themselves as co-lending do not satisfy the definitional requirements of the CLM circular and are operating in a regulatory grey area that RBI has not yet formally addressed.
The 80:20 structure and its capital implications
The CLM framework prescribes an 80:20 split as the baseline: the bank takes 80% of each co-lent loan and the NBFC retains 20%. This structure is mandatory unless a different ratio is agreed with prior RBI approval. The 80:20 ratio is central to both the capital treatment and the PSL classification mechanics of the arrangement.
For the bank, the 80% co-lent share qualifies for PSL classification at the end-borrower level, subject to the loan meeting PSL eligibility criteria. The capital treatment for the bank's exposure is based on the risk weight of the underlying loan category — which for MSME and microfinance loans is typically 100% under the standardised approach, though SFBs and some banks apply sector-specific risk-weight reliefs in limited circumstances.
The capital implication for the NBFC is different and often underanalysed. The NBFC retains 20% of each loan on its books, plus it typically services the full loan and may be required to act as the first point of loss absorption depending on how the FLDG (First Loss Default Guarantee) or DLG arrangement is structured. If the NBFC's 20% retention is treated as a simple 20% proportionate exposure for capital purposes, the capital requirement is straightforward. If the NBFC has separately provided an FLDG or DLG that covers the first losses across the full co-lent portfolio, the effective capital requirement of the combined exposure — the 20% direct retention plus the DLG contingent liability — is substantially higher than the 20% figure implies.
FLDG, DLG, and the 2022–2023 regulatory clarifications
The First Loss Default Guarantee was the mechanism through which many early co-lending programmes managed the bank's credit risk tolerance. The NBFC effectively guaranteed a defined percentage of pool losses, giving the bank protection against underwriting risk while allowing the NBFC to retain origination economics. The challenge was that FLDG structures of this type were operating in a regulatory vacuum — neither explicitly permitted nor prohibited under the co-lending framework.
RBI's September 2022 digital lending guidelines and the subsequent clarifications of 2023 addressed DLG — the broader category that encompasses FLDG — directly. The framework now permits DLG arrangements between Regulated Entities and Lending Service Providers (LSPs), subject to conditions: the DLG must be capped at 5% of the loan portfolio covered by the guarantee, it must be backed by cash, fixed deposits, or bank guarantees (not undertakings), and it must be clearly disclosed in the loan agreement and reported to credit information companies.
The 5% cap is the binding constraint for many programmes. Co-lending arrangements where the bank's credit appetite was implicitly subsidised by an NBFC FLDG above 5% — which was common in 2020–2022 — are no longer permitted under the current framework. Programmes that have not been restructured to comply with the 5% DLG cap are in violation of the digital lending guidelines, even if the underlying co-lending structure predates those guidelines. RBI has not published enforcement statistics, but anecdotal evidence from the legal advisory community suggests that a significant number of programmes have not been fully brought into compliance.
Analytics challenges: the data ownership problem
The analytical complexity of co-lending programmes goes beyond the regulatory structure. The fundamental analytics challenge is that two institutions are sharing a loan book, and neither has complete information about what the other is seeing.
In a standard NBFC-originated, bank-funded co-lending structure, the NBFC typically holds the loan documentation, maintains the borrower relationship, and has access to the repayment and collection data at the individual loan level. The bank has the balance-sheet exposure and the capital requirement but typically receives only pool-level reporting — monthly statements of outstanding exposure, delinquency rates, and collection ratios, without loan-level granularity.
This creates a structural information asymmetry that has three direct consequences. The bank cannot conduct independent credit monitoring at the loan level. The bank's credit risk team cannot reconstruct the performance of individual cohorts within the portfolio or assess whether deterioration is concentrated in a particular origination vintage, geography, or product type. And when the bank attempts to assess the recoverability of impaired loans, it is dependent on the NBFC's cooperation to access the underlying documentation.
For securitisation transactions built on co-lent pools — where a portion of the co-lent loan book is subsequently pooled and issued as PTCs — the data adequacy problem is compounded. The rating agency conducting pool surveillance and the trustee monitoring CE compliance both need loan-level data that may reside with the NBFC rather than the originating bank. Programmes that have not established clear data-sharing protocols at inception frequently discover this problem only when a pool enters stress, at which point remediation is time-consuming and expensive.
Three types of failure in bank-fintech co-lending
Observed failures in bank-fintech co-lending programmes fall into three distinct categories, each with a different root cause.
The first category is regulatory misclassification — programmes structured as co-lending that do not satisfy the CLM framework's requirements, either because the bank's credit approval is not genuinely joint and contemporaneous with origination, or because the NBFC is acting as a loan service provider rather than a true co-origination partner. These programmes expose the bank to regulatory risk on PSL classification and the NBFC to risk on permissible business activities.
The second category is analytical failure at the portfolio level. This occurs when the bank's credit risk function does not independently model the co-lent portfolio's expected loss under stress scenarios, relying instead on the NBFC's representations about pool quality. The consequence is that provisioning requirements and capital allocation are understated relative to the portfolio's actual risk profile. This type of failure tends to be invisible during a benign credit environment and becomes visible only during a stress period, when the bank discovers that its loss expectation and the actual loss realisation are materially different.
The third category is operational and servicing failure, most common in programmes where the NBFC's servicing infrastructure was not adequately stress-tested. Co-lending programmes scaled rapidly in 2021–2023, and a number of NBFCs built co-lending portfolios that exceeded the capacity of their collection and recovery operations. When delinquencies rose in late 2023 and 2024, the operational gap became visible: collection teams that were sized for a steady-state portfolio were overwhelmed by a simultaneous increase in early delinquency across a large outstanding book, and recovery rates on non-performing loans were significantly below the levels modelled at programme inception.
What a sound co-lending programme looks like analytically
A co-lending programme that is analytically sound — as distinct from one that merely passes a regulatory minimum — has several features that are not required by the CLM circular but are necessary for effective risk management.
Joint credit underwriting should be genuinely joint, meaning the bank's credit team reviews and approves the NBFC's underwriting model and has visibility into the scoring criteria applied to individual borrower decisions. Pool reporting should be loan-level rather than pool-level, transmitted to the bank on at least a monthly basis, and structured in a format that allows the bank to conduct independent delinquency and cohort analysis. DLG structures should be explicitly sized against the bank's expected loss estimate for the portfolio under a defined stress scenario, not negotiated as a commercial concession without an underlying loss model.
Servicing transition protocols — the processes by which the bank would assume direct servicing of the co-lent book if the NBFC partner were to fail or exit — should be documented and tested. The assumption that NBFC partner continuity is a given is not supportable in a market where NBFC financial health is variable, and where RBI enforcement actions can remove a partner's ability to operate with limited notice.
The co-lending framework has real economic logic behind it. The analytical and operational gaps in current market practice are correctable. The risk is that they remain uncorrected until a systemic stress in the co-lent market makes the correction reactive rather than prospective.
For co-lending programme assessment, DLG compliance review, or pool-level analytics for bank-fintech structures, get in touch.
