## Wednesday, August 27, 2014

### Consumer protection in Indian finance: Going from ideas to action

by Renuka Sane and Ajay Shah.

Financial regulation in India, at present, is oriented towards product regulation. While protecting the interest of customers is part of the mandate of all existing financial agencies, the present regulatory strategy is weak. The evidence on mis-selling is building up. The main focus of policy discussions has been prevention (e.g. ban on entry loads) with little work on enforcement (where orders are issued that impose penalties upon firms that have misbehaved).

Many piecemeal changes of regulations are underway. The Reserve Bank of India (RBI), for example, has recently published a Draft Charter of Customer Rights, which include: the right to fair treatment, the right to transparency, fair and honest dealing, right to suitability, right to privacy, and the right to grievance redress and compensation. When compared with the draft Indian Financial Code and the FSLRC Handbook, many weaknesses in this draft are apparent. But writing in the Mint today, Monika Halan emphasises the importance of this document: She says that it represents a big shift for RBI, when compared with 80 years of indifference to the problems of consumers in finance. In this sense, this Charter may reflect the beginnings of improved knowledge at RBI in consumer protection. But it is unlikely, in and of itself, to induce the desired effects.

The situation in India today, is reminiscent of the UK in the 1980s, which went through a consumer protection crisis, even though conduct requirements were in place, on paper. We can gain perspective by looking back at that experience.

### An example of a consumer protection crisis: The personal pensions mis-selling scandal in the UK

In a paper  Personal Pensions Misselling: The Causes and Lessons of Regulatory Failure, Julia Black and Richard Nobles provide fascinating insights into the pensions mis-selling episode that rocked the UK in the late 1980s and early 1990s.

In 1985, the Government allowed employees to opt out of employer provided defined benefit pension schemes, known as Occupational Pension Schemes (OPS) and choose to buy personal pensions (PP). Given the differences in benefits between the OPS and the PP, it was not clear whether the shift was optimal for all employees. In fact, according to the authors, the PP was only beneficial to a few. The government was aware of the risk that wrong decisions could be made, and sought to rely on investor protection measures to prevent this.

This was a time when banks and building societies, life insurance companies and Independent Financial Advisors (IFAs) were regulated by the Securities and Investments Board Ltd (SIB), Life Assurance and Unit Trust Regulatory Organisation (Lautro) and Financial Intermediaries, Managers and Brokers Regulatory Association (Fimbra) respectively. The three regulators required distributors to obtain sufficient information on the customers financial circumstances, advise on products that were suitable to customers, recommend products that met the goals of the customers, disclose information regarding commissions received, and to provide detailed product information. Rules required agents to either tie up with one service provider, or advise on all products. And yet, a large number of people ended up giving up their rights in the OPSs for inferior PPs.

In comparison with where we are in India, it is important to see that the rules in place at a time, in the UK, were much more detailed when compared with what we have in India today. Yet, the desired outcome -- consumer protection -- was not obtained.

The authors suggest that the observed outcome was a result of a complex interaction of political ideology, product complexity, regulatory novelty and industry dynamics. Regulators themselves had limited knowledge of the product, and little experience of what kinds of standards should be imposed, and how. In a world where the only parameter of payments and promotions to the sales staff was commissions, compliance never became part of the business strategy. Regulators believed that general principles had been outlined, but firms argued that no guidance was ever given on what suitability meant.

The authors draw four lessons:

• Regulators need to have specialist knowledge of individual products and business areas, and the risks from each of the products from an investor protection point of view.
• Regulations can often themselves contribute to risk. Regulators, therefore, need to think through the potential impacts of current and proposed regulatory policies, and the preferred response should they arise.
• General principles, such as that of suitability, have to be supported by a shared understanding of what is it that they require.
• Firms need to provide a central place to regulation in their management strategy. Compliance with regulations must not be a side show; it must permeate the strategy formulation of the firm
at the board level.

### The way forward for India

It is important to trace the full arc from law to regulations to enforcement and jurisprudence, to the incentives of financial firms, in order to understand how the desired legal effect will be achieved. Improvements in consumer protection will only come about when financial firms internalise these principles, and treat customer protection as a core element of business strategy. Financial firms will behave in better ways only when (a) there is credible communication about what is expected under the law, and (b) there is tough enforcement when these expectations are not met.

The diagram above shows the story that must now unfold. The Indian Financial Code (IFC) writes down the foundations of consumer protection in the law at the level of timeless principles. At each financial agency, this would lead to drafting of regulations, through the formal regulation-making process of the IFC. Once this stage is set, some firms would inevitably violate the regulations. This would lead to enforcement actions and the issuance of reasoned orders. Some of these orders would be appealed and result in rulings in FSAT.

There has been too much emphasis on prevention in Indian work on consumer protection. As an example, entry loads of mutual funds were banned. The right strategy in public administration has to have a combination of prevention and enforcement [linklink]. As an example, consider suitability requirements. These will be dismissed as pious phrases by the industry until regulators show teeth in enforcing against violators. This will require considerable technical skills in supervision. The prosecution will need to demonstrate that suitability analysis was done in ways which violate the law and the regulations, beyond all reasonable doubt.

Consumer protection would come about when individuals inside financial agencies, and those inside financial firms, have a shared understanding of all four steps: of the law, the regulations, of the kinds of enforcement actions that get taken, and the stance of the judiciary on the standards of proof that are required and on contemporary interpretation of timeless principles from the IFC.

All four elements have to fall into place for the desired legal effect -- consumer protection -- to be achieved.

### What is to be done?

Until the IFC is enacted, we have sectoral regulators. As has been argued in the FSLRC report, sectoral regulators are particularly vulnerable to abuses of consumer protection, as each one tends to advocate the interests of their own industry. Even under the IFC, there is a pocket of sectoral regulation in the form of payments and banking being regulated at RBI, which will generate enhanced problems in public administration. Whether with two agencies in the future (RBI and UFA) or multiple agencies today (RBI, SEBI, IRDA, PFRDA, FMC), there is a need for a consistent perspective on consumer protection all across the Indian financial system. Otherwise, it is all too easy to set off a race to the bottom where parts of the industry co-opt their regulator and try to gain market share by hurting consumers.

As emphasised above, the key requirement is a shared body of knowledge and perspective. In this journey, there is value in a Consumer Protection Handbook

This Consumer Protection Handbook would utilise the timeless principles of the IFC, and help shape the drafting of regulations and the work of enforcement. It would only be an interpretative document and have no legal status. It would help individuals in financial agencies and financial firms understand the full picture of consumer protection in finance, that is now unfolding. It would improve coherence across the Indian financial system, and accelerate the construction of State capacity. An understanding of consumer protection in finance is now found in 10 people in India; this needs to turn into a shared understanding between 10,000 individuals spanning financial agencies and financial firms.

For this viewpoint, four elements of work are now required.
1. Enacting the Indian Financial Code. Consumer protection is at the heart of the draft Indian Financial Code (IFC). The IFC has given us the foundations for consumer protection, with a draft law which is at the global state of the art. The IFC also improves the financial regulatory architecture, thus reducing though not eliminating the problem of sectoral regulators in India that get captured by the interests of their industry.

2. A Consumer Protection Handbook. At present, the key document which elucidates consumer protection in the IFC is the FSLRC Handbook which was released in late 2013. While this is useful, it is not adequate. Much more needs to be done in the field of consumer protection, in creating a document, which we may term the Consumer Protection Handbook, which translates the principles-based IFC into a shared contemporary practical understanding. This work needs to take place through a collaborative process between all financial agencies, so as to ensure a consistent approach across the Indian financial system. Regulators and the industry need to achieve a shared understanding of what the principles of consumer protection in the IFC imply, and how these can get translated into clear regulations on the ground. What are the risks of the various products from a customer protection point of view? What do the customer rights, specially those of suitability, imply for the different products and circumstances? What kind of compliance reports should be designed so that firms and regulators can communicate with each other? What kind of enforcement actions will be taken against errant firms?

3. A new wave of regulations. The regulations that we ultimately desire under the IFC can be issued under present laws, hence the process of re-engineering financial agencies to come up to IFC quality consumer protection, embedded in regulations, can start once the Consumer Protection Handbook is in place. The immediate area of focus should be the achievement of a strong team with skills in consumer protection at one or two regulators, who produce a few high quality regulations.

4. Enforcement.  Considerable knowledge is required in enforcement for consumer protection: the enforcement team needs to understand the law, the  Consumer Protection Handbook, the regulations, the actions by a financial firm, and demonstrate before a quasi-judicial authority that there was guilt beyond all reasonable doubt.
This is ultimately about building State capacity in the legislative and executive arms of regulators, to draft a new wave of regulations on consumer protection that are grounded in the IFC, and then to enforce them.

## Sunday, August 24, 2014

### Shutting down Uber in India was unwise

by Suyash Rai and Ajay Shah.

When you finish a taxi ride, between two to ten minutes are wasted in dealing with the payment. You could pay cash, he might fumble on change, you could swipe a credit card, after an interminable delay the device does not work, and so on.

A few years ago, there was an important innovation in this business by a firm named Uber. Their process flow works like this. The customer goes to the Uber website and submits credit card details (as is done with any E-commerce website). Now he undertakes a ride in a taxi. At the destination, the customer steps out of the taxi and walks away without doing anything on the question of payment. The payment is effected using the pre-stored credit card details. A bill is sent to the customer by email. This saves two to ten minutes for customer(s) and the taxi drivers.

If you multiply millions of taxi rides per year by a saving of two to ten minutes, it adds up to GDP growth. It is estimated that there are 5 million taxi rides per day in India. If we're dealing with 3 persons per taxi ride including the driver, we save 91 million man-hours of time saved per year, for each one minute that is shaved off the payment step. This sort of process innovation is how, one small step at a time, the world achieves productivity growth.

Two days ago, RBI released an order which effectively requires Uber to shut down in India by 31 October.

#### The problem

RBI has issued multiple regulations imposing specific restrictions on card-based and card-not-present transactions. Instead of a signature, consumers are required to enter a PIN at merchant outlets. For online, card-not-present transactions, we are required to enter one time passwords or other authentication information. Uber was using a loophole in the RBI regulations, which allowed payment transactions with foreign exchange outflow to be exempt from the authentication requirement. The payment was flowing to Uber's bank outside India, and then Uber was sending payment to the taxi driver in India, even though the receipt was issued on behalf of the taxi driver in India. Competing taxi services were also considering such a method of routing payment through a gateway abroad, but it was harder for them to overcome India's capital controls, as they are based in India, unlike Uber which is a foreign company.

RBI's decision creates a level playing field between Uber and Indian taxi companies -- one in which all taxi companies are equally bad in their dealing with consumers, forcing two to ten minutes of time wasted with every ride.

The reason behind this and many other such steps can be found in RBI's overall approach towards regulation. It prefers paternalistic micro-management to market-based solutions.

#### Need for a composite strategy: prevention and law enforcement

Every month India is clocking about 100 million debit and credit card transactions on Point of Sale (POS) devices, with total value of about Rs.20,000 crore. This means an annual card-based transaction volume of 1.2 billion, with a value of Rs.240,000 crore, and growing fast. Over and above this, there are  "card-not-present" or online transactions. In calendar year 2012, the total money lost due to frauds relating to ATMs/Debit Cards/Internet Banking and Credit Card, amounted to about Rs.52 crore. This may seem like a very small number compared to the total value of payments, but each instance of fraud is a crime and must be dealt with. This raises questions about consumer protection and law enforcement.

The consumer protection objective in this context is: consumers' funds must be protected from fraud. The question is: how should this be done? There are basically two approaches to this: prevention and enforcement. Both are important in an overall anti-fraud strategy. The regulator can impose security requirements that make it difficult to defraud customers, but each requirement has costs. Law enforcement can also help the consumer recover the money lost to fraud, but this also has costs and the consumers may get their money with a time lag or not at all.

When it comes to prevention, it is important to consider who is best placed to develop and implement preventive steps. This responsibility can be substantially shared by service providers, who are often better placed to make the right preventive choices, as long as they are held accountable. Service providers, in any case, have an interest in maintaining trust in their systems, and in addition to that, they could be held accountable by the regulator.

#### What has India's approach been?

RBI has been writing regulations' to address this problem which have largely been paternalistic, micro-managing, and technology-specific. Earlier, one could make a card-based transaction by simply swiping a card and signing on the slip, but now one must enter PIN in the POS device. This has made every transaction more cumbersome, especially where the POS device is not present in the immediate vicinity of the transaction (e.g. at restaurants). Earlier, one could transact online (called "card not present" transactions), with one factor of authentication, but now two factors are required, one of which is often a one-time password, generated and sent over the mobile network or on email. Given the relatively low reliability of SMS in India, this often leads to delays and failed transactions. In the world of E-commerce, all over the world, customers link a credit card to a merchant website once, and transact at wish. This is not allowed in India. In addition, RBI has imposed several requirements on technological specifications for cards, POS devices, etc.

These measures have improved security of transactions. But were they optimal? Do they pass the test of cost-benefit analysis? Effectiveness of a measure is not the only consideration. Excessive regulation can be effective but not efficient. Regulators such as RBI have enormous powers, and they must always be asked to defend the use of these powers - on effectiveness, efficiency, and jurisdiction. This is essential to ensure accountability of these agencies.

All preventive measures impose costs on consumers, and, on the margins, create a preference for cash payments and contribute to the tendency to avoid online transactions and the white economy. On the other hand, they also increase robustness of transactions, thus increasing the trust in these systems, and encouraging greater participation in these systems. When we look closely we find that all payment transactions do not pose the same level of security risk. Systems can enable small-value transactions with minimal friction, and require significant authentication processes for higher value transactions. Some transactions might justify 3 factors of authentication, but some other transactions may require just 1 factor. Regulatory intervention at system level takes a one-size-fit-all approach, which is costly. So, preventive measures are crucial, but they need to be proportionate to risks. This proportionality cannot be achieved by regulatory diktat. It must come from innovative market practices. The incentive for such innovation is destroyed by RBI's paternalistic approach. The counter-factual world that we do not see is one where innovative firms in the business of payments invent improved methods of risk management.

Payment fraud is a crime, and it should be looked at from that lens. When it comes to crime, it is often easy to prevent it by imposing excessive restrictions on potential victims. It would be easier to prevent pickpocketing, if people are mandated to carry wallets attached with chains to their clothes. Does that mean we should mandate such costs to be incurred by the people? Most would laugh at the very suggestion. And yet, for crime prevention in electronic payments, we easily accept the entire country to spend a few extra minutes on every transaction, or to give up the enormous convenience of automatic transactions on linked cards.

Public choice theory teaches us that bureaucrats and politicians are self-interested actors, and work for themselves -- not for the people of India. It is always convenient for government agencies to ratchet up prevention because they then have to do less work on enforcement. As citizens, we must push back against such behaviour. Better enforcement generates deterrence and is hence an important tool for prevention. But it requires more work on the government, and all too often government agencies prefer the laziness of shutting down activities.

#### How to do better

1. The government must not hinder innovation in business models and technology. As Percy Mistry says: Elsewhere in the world, the government fits the needs of the economy, but in India, the economy is forced to fit the needs of the government. This must be turned upside down. In the long run, nothing matters as much to India as achieving higher productivity, which requires that organisations such as RBI need to stop blocking progress. The right attitude at RBI should have been: "Uber has come up with an interesting innovation, how do modify our rules and procedures so that everyone in India can utilise such innovative business models?".
2. The foundation of the regulatory strategy should be principles of responsibility: who will be held responsible under what circumstances. If the consumers has been excessively lax, then he should take responsibility for the failure, and if the payment service provider has not implemented adequate security measures, then it should be held accountable. Once Uber or Paypal know they are responsible, they have the best incentive to innovate on technologies of security. Clarity on consumer protection, as is done in the draft Indian Financial Code, should shape these principles of responsibility. This is the business of financial regulation.
3. Employees of the government almost always do not know enough to interfere in technology. How to produce' should be the exclusive preserve of the private sector. See Hrush Bhatt of Cleartrip responding to RBI's rules about two factor authentication.
4. The regulator should define a proportionality principle for security of payment transactions, and then leave it to the payment service providers to choose and implement risk-based security approaches. This will lead to innovation in payment security. For example, a payment service provider may choose to implement a minimal authentication process for low value transactions. Or, they could link it to the credit limit or available balance, so that the poor consumers are disproportionately protected.
5. Enforcement is hard work, and prevention is easy by shutting down complexity in the economy. Regulators must almost always avoid banning things, and work harder on developing State capacity in enforcement. In many instances, neither the consumer nor the provider would be responsible, and it would be a crime that could not have been reasonably prevented. In such instances, enforcement is the only option.
6. Two laws gave RBI the raw material to shut down Uber: the Foreign Exchange Management Act (which gives power to hamper all cross-border transactions) and the Payment and Settlement Systems Act (which gives power to hamper innovation in payments). These laws are incompatible with progress, as has been argued by the Financial Sector Legislative Reforms Commission (FSLRC).
7. The regulator should supply the public goods of data and foster research on payments and security and the performance of alternative authentication mechanisms.

The most important ingredient required for progress is humility. These are complex problems. The simplistic, overly prescriptive and paternalistic approach is harmful. In India, the costs of such an approach could keep people away from the financial system. The use of cash is even riskier than a relatively less secure electronic payment system. Cash is friendlier to money laundering, terrorism financing and fraud. That is the continuum of choices. A costly, one-size-fit-all, prescriptive approach may lead to high security for those in the electronic payment system, but may be leaving a large number of people out.

What Phil Libin, the CEO of Evernote, says about decision making in corporations is equally true of the world of public policy:
"We always try to ask whether a particular policy exists because it’s a default piece of corporate stupidity that everyone expects you to have, or does it actually help you accomplish something? And very often you realise that you don’t really know why you’re doing it this way, so we just stop doing it."

#### How to make RBI serve the needs of India?

Uber is just one company and taxi rides are only one place where payments are required and payments is only one sub-component of finance. The problems seen here are afflicting Indian finance all across the place. We have to look deeper and solve problems in how regulation is done.

RBI's intervention is problematic from a legal process perspective. Regulators are mini-states with legislative, executive and judicial powers. Such powers are easily misused, especially in name of doing good. Payments is just one area where productivity-enhancing innovations are being hampered in the name of security. In fact, many bad things are done with some noble objective serving as justification. Bad behaviour need not mean stereotypical corrupt behaviour. It could also mean other things, such as taking excessively restrictive steps, because the regulator wants to make its life easy. For example, giving two bank licenses per decade, just to reduce the amount of work required in supervision, is also bad behaviour. So, we must be a little more circumspect with agencies like RBI. They need to be held accountable. One good way of ensuring good behaviour is to mandate them to follow certain process of making and enforcing regulations.

The principle of proportionality, market-based innovations on security, and strong enforcement, are the magic ingredients for achieving optimal security in payment. Only careful analysis, and continuous review can reveal the right mix. Cost-benefit analysis of regulations will help choose the most efficient regulatory pathway to an objective. This analysis requires the regulator to list a few plausible regulatory alternatives, compute their costs and benefits for the entire economy, and choose the most efficient alternative. In case of payment security, at least two types of stylised choices are possible: those making specific prescriptions that payment services providers must follow, and those holding the service providers accountable for ensuring proportional security. Analysis would reveal which approach would work in what context. The world is changing rapidly, and the regulator must keep on learning. Hence, each such regulation must be subjected to periodic reviews, to understand what effect it had on the economy, and to make course corrections.

Such cost-benefit analysis and ex-post review are parts of the regulation making process in many good countries. They have also been recommended in the draft Indian Financial Code formulated by the Financial Sector Legislative Reforms Commission (FSLRC). Indeed, decades of observation of the blunders of financial agencies in India, of the sort being discussed here, is what has given the subtleties of the draft Indian Financial Code. You may like to see this talk on how to obtain progress on payments.

## Saturday, August 23, 2014

### NPAs processed by asset reconstruction companies -- where did we go wrong?

by Ajay Shah, Anjali Sharma, Susan Thomas.

### Background

Asset reconstruction companies (ARCs) in India came about after the SARFAESI Act of 2002 empowered banks and some financial institutions to seize collateral in secured loans, without the intervention of courts. This is about the in-sourcing vs. out-sourcing choice of banks. Some banks could choose to build internal distressed assets teams. Others could choose to sell distressed assets to specialised firms that have skills in dealing with distressed assets. This is a good thing because: (a) In general, specialisation is a good thing and (b) Processing distressed assets requires a certain kind of toughness that PSU banks are often unable to muster.

So far, this approach has not worked. Stressed assets at banks (NPAs + restructured loans) have increased from Rs. 0.7 trillion in 2003 to Rs. 5.3 trillion in 2013. In this period, the annual sale of assets by banks to ARCs has stagnated at Rs.0.05 to Rs.0.1 billion a year.

At the outset, the Indian approach to ARCs was better than that seen in many other countries, where specialised `asset management companies' (AMCs) were just a thinly disguised method for government recapitalisation of banks. But this clear thinking at the outset has not been translated into a well functioning private ARC industry.

In this post, we look at what went wrong with ARCs, recent developments and the way forward.

### What went wrong?

1. Excessive regulatory interference. The right way to think about an ARC is that the ARC is a buyer of distressed debt. After that, what the ARC does is the business of the ARC. The ARC might be an individual, or a private equity fund, or any other structure. The sale should be a clean transaction where distressed debt is sold and cash is paid to the lender. There are no problems with the working of the ARC on the counts of consumer protection, micro-prudential regulation or systemic risk, therefore the working of ARCs should be completely unregulated. This clarity of thought has been absent, and the working of ARCs has been riddled with poorly thought out RBI regulations.
2. Mistakes in regulations about how banks sell distressed assets. Micro-prudential regulators of banks are often keen to cover up the problems of bank fragility. This problem has hampered sound thinking about regulations governing provisioning and the sale of assets by banks to ARCs.
Provisioning norms by Indian banks, are driven by regulatory prescriptions rather than risk assessment. Even though an asset becomes non-performing after being overdue for 90 days, provisions for the loss associated with this are spread over a period of four years. This generates a perverse incentive to not sell NPAs: provisioning for an NPA has a gradual impact on the balance sheet of the bank while sale of the NPA has to be booked as an upfront loss. As a result banks either hold on to these assets for longer than it is economically sensible, or sell assets to ARCs only when the transaction is at or above book value. In addition, there are a variety of procedural problems with the process of banks selling NPAs including auctions that do not give adequate time for due diligence by ARCs, and auctions that are cancelled after bids are received.
A closely related issue is the approach that the sale of bad assets is not a true sale for hard cash. Banks would think in a sensible and commercial way when and only when: (a) Tough provisioning rules kick in the moment an asset is NPA and (b) The sale of distressed debt is a simple sale in return for cash. Neither of these conditions holds today, reflecting poor thinking in banking regulation.
The mistakes in regulation of banks interact with the HR practices of PSU banks. The typical CEO of a bank has a horizon of two years. On that horizon, it's been made preferable for him to hide bad news by not selling as compared with recognising bad news by selling. This peculiar situation represents a juxtaposition of mistakes at the Ministry of Finance in HR practices of PSU banks and mistakes at RBI in the regulation of banks.
3. Weak bankruptcy process. The ability of ARCs to realise value is defined by the bankruptcy process. The legal framework for recovery are the debt recovery tribunals (DRTs), set up under the RDDBFI Act, 1993, and the enforcement of security interest under the SARFAESI Act. Both these mechanisms have performed poorly in resolving NPAs. Recovery as a percentage of the outstanding amount for cases filed was at 17 percent and 14 percent for DRTs, in 2012 and 2013 respectively. The recovery percentages were 24 percent and 22 percent under SARFAESI, in the same period.
While RBI has allowed ARCs to takeover the management of the defaulting firm, restructuring under the provisions of the Companies Act is a time taking process. It requires specialised management skills and long term financing, both of which ARCs may not currently possess. Given the time and cost involved in this type of restructuring, only NPAs with very high recovery potential will be selected for this type of resolution.
4. Is insourcing vs. outsourcing of distressed asset management a level playing field? Ideally, the rules about resolution should be neutral to the identity of the debt holder. However, in India, at numerous points, the powers in processing distressed debt favour banks and do not give non-bank actors comparable powers. This creates incentives for insourcing of the distressed debt function.
SARFAESI provides for several mechanisms to enable ARCs to carry out recovery. These include taking possession of the collateral security, settlement or rescheduling of payments, sale or lease or takeover of the borrower's business and conversion of debt into equity. But the operational guidelines for many of these were issued by RBI much after 2002. For example, the guidelines for management takeover of the defaulting firm were issued in 2010, eight years after the Act was passed, with subsequent amendments in 2011, 2012, 2013 and 2014. The guideline allowing ARCs to sell assets to each other, which enables them to aggregate assets of a borrower for a management takeover, came in 2013. As a consequence, from 2002 to 2013, ARCs were handicapped.
Banks have been given additional mechanisms for dealing with stressed assets, that are not available to ARCs. These include loan restructuring for individual assets, and the corporate debt restructuring (CDR) mechanism for dealing with stressed consortium loans. Banks have greater restructuring flexibility, under the CDR process, than do ARCs. For example, both the CDR lenders and ARCs have been allowed to convert debt of the borrower firm to equity. SEBI guidelines on lock-in period for share issuance, have been relaxed for issuance under the CDR mechanism. Unlike the requirement in the Indian Takeover Code, the acquirer of shares in the CDR process is exempted from making an open offer. No such exemptions have been provided for the conversion of debt to equity by ARCs.
5. Barriers to foreign skills and capital. A natural pool of expertise are global firms with a specialisation in distressed debt management. Perhaps the only pool of capital that can pay cash for distressed assets is found overseas. However, autarkic policies by RBI have hampered the entry of foreign players, and capital controls have been used to block the inflow of foreign capital. This choked ARCs of both capital and knowledge.
In an environment riddled with mistakes in regulation, how have ARCs survived at all? There are two things that enable ARCs to remain viable even in such a market. The first is the low levels of capital that ARCs need to acquire NPAs. When ARCs issue SRs to finance the NPA acquisition, it is done through trusts in which ARCs, as per RBI guidelines, need to have at least 5 percent of own investment. These SRs have a maturity of 5 years, which can be extended to 8 years in special cases. This is the time-frame that ARCs have, in order to recover value from the acquired assets. Any loss at the end of this period has to be borne by SR holders proportionately. Since the ARC share in the loss from the asset is limited to 5 percent, it allows ARCs to acquire assets even at uneconomic valuations. In most cases, the seller bank, who can sell assets at close to book value, itself subscribes to the balance 95 percent SRs.

The second is the annual management fee that ARCs receive from the seller bank. This is typically 1.5-2 percent of the acquisition value of the asset. The fee has no link with the recovery from the asset. Hence, the ARC has little incentive to recover or resolve assets. They just need to hold the assets till maturity of the SRs, during which they continue to earn the management fee income.

This yields an exercise in sound and fury that achieves little. In this form of the sale transaction, the NPA risk remains in the bank balance sheets -- it is merely being reclassified as investment in SRs. Further, there is little improvement in the overall economic efficiency in resolution of NPAs. With this, the ARC industry in India suffers from the syndrome of numerous other parts of finance (e.g. the bond market or the currency market), where there is a show on display with apparent institutional arrangements and plenty of huffing and puffing, but the actual soul of a market economy is absent.

### Recent developments

1. On 30th January, RBI released the Framework for Revitalising Distressed Assets in the Economy, with several changes in the operational framework for ARCs.
2. In April, a report estimated that banks sold Rs. 270 billion of non-performing assets (NPA) to ARCs in FY 2014, with most of the sale taking place during January to March 2014.
3. The June release of the Financial Stability Report raised concerns that bank-ARC transactions were being used by banks as an option of evergreening their balance sheets. The report also questioned the 'real' incremental value addition of ARCs in the process of 'reconstruction' of assets, over banks' traditional skills and informational advantages.
4. On 5th August, 2014, RBI issued a notification with amendments to the regulatory framework for securitisation companies and ARCs.

### Evaluating recent policy changes

In the January 30th 2014 Framework for Revitalising Distressed Assets in the Economy, RBI proposed the following changes in the ARC framework:

• Assets in the 61 to 90 days category can also be sold to ARCs. This would encourage early sale of distressed assets and better recovery.
• Banks allowed to spread loss on sale over a two year period, for assets sold till March, 2015. They are also allowed to reverse provisions made for NPA, if there is gain on sale. This would address banks' concerns on loss on sale of assets.
• It is mandatory for banks to accept bids in an auction that are above reserve price and fulfill conditions specified.
• Steps to be taken to improve price transparency in bilateral sale of assets.
• Sale of assets between ARCs and their sponsor banks is permitted only through a transparent and arms length auction. These would improve transparency in the sale process.
• Promoters of companies allowed to buy-back assets from the ARCs, with ARCs demonstrating no prior collusion between the ARC and the defaulting borrower, to the RBI.

On one hand, these measures removed procedural hurdles faced by ARCs. On the other, there is pressure on PSBs to offload their growing NPAs or face an erosion of profits in the medium term. Both factors contributed to a sudden spurt in sale of NPAs from banks to ARCs in the last quarter of FY 2014. Most of this sale was by public sector banks (PSBs). For example, State Bank of India (SBI) in its Annual Report for FY 2014, has reported a sale of Rs. 36 billion of NPAs to ARCs. The book value and the sale value of these assets are Rs.15 billion and Rs.16 billion respectively, with SBI making a profit of Rs.1 billion on these transactions.

The spurt in NPA sale transactions in 2014 led to further changes through the 5th August, 2014 notification:

• Increase ARCs capital commitment in the acquired asset from 5 to 15 percent.
• ARCs fees linked to the net asset value (NAV) of the acquired assets rather than the outstanding value of the security receipts. Shortfalls in recovery now affect ARC fees.
• Increased reporting and disclosure requirements for ARCs, specially for asset sale by banks above book value and for asset sale by ARCs at a significant discount.
• Increased time that ARCs get for due diligence at asset auctions, at least two weeks.
• Reduced planning period for acquired assets from one year to six months. This is also the time frame within which the acquired asset need to be rated and re-valued.
• Inclusion of ARCs in the Joint Lenders Forum (JLF) and a mandate for them to put up a list of willful defaulters on their website.

These changes will help reduce three aspects of bank-ARC transactions as they have been proceeding:

• Banks selling assets to ARCs without actual risk transfer, since 95 percent of the value of the sale got back into banks' balance sheets as investment in SRs.
• ARCs earning fee income linked to the book value of the asset and not to its recovery value. Low levels of ARCs capital commitments meant no real incentive for them to resolve NPAs.
• Promoters, even the willful defaulters, getting relief from repaying their dues under the ARC model, which was focused on warehousing instead of resolution of NPAs.

These latest amendments have increased the ARCs risk in acquiring assets. ARCs will now need to make recoveries to earn fees and to get returns on invested capital. However, the larger problems of these arrangements remain unresolved.

### The way forward

In order to make distressed debt processing and ARCs work, the work plan for policy makers consists of the following elements:

1. A clear understanding is required that the role of RBI in regulations should stop at the point of sale of distressed assets to the ARC. The working of the ARCs should be unregulated as there is no market failure there.
2. Mistakes in micro-prudential regulations of banks, in recognition and provisioning by banks, need to be addressed.
3. Banks should be required to do true sales in exchange for cash of distressed debt. This will yield closure on the books of the bank. After the transaction, the ARC would work to obtain recovery with no relationship to the original lender.
4. The bankruptcy process should be improved.
5. ARCs should be first class participants in the bankruptcy process. There should be no bias in the bankruptcy process in favour of any one kind of financial firm such as bank.
6. Establishment of operations by foreign ARCs should be feasible with 100% equity ownership. Foreign capital into ARCs (whether private or foreign) should be welcome through private equity structures. All institutional investors in India -- but not banks -- should be able to invest capital into these private equity structures. Banks should only face the choice of selling (in exchange for cash) or not selling.

We are grateful for Harsh Vardhan of Bain Consulting and Badri Narayanan of Third Eye Capital for useful discussions.

Finance Research Group, IGIDR, Bombay

## Tuesday, August 05, 2014

### What you can't infer from a regression

We are inundated by results of research papers such as:

• Companies which have women directors do better; hedge funds which have female GPs do better [link].
• Parents who have children graduating from college tend to live longer [link].
These correlations are facts. Almost everyone who reads about the result jumps to the conclusion that these have consequences for decisions that we can make. E.g.:
• Since companies which have woman directors do better, let's add women directors to our company and it will fare better.
• Since hedge funds with female GPs do better, let's add women GPs to our hedge fund and it will fare better.
• Since parents that have kids that graduate from college tend to live longer, if we take extra trouble to put our kids through college, then we will live longer.
All these statements are flat wrong.

The fact that there is a correlation absolutely does not imply that there is a causal connection that can be used to make a decision. When x and y are correlated there are numerous possibilities. Maybe x has a causal impact on y. Maybe y has a causal impact on x. Maybe there is a z which has a causal impact on both x and y. We cannot jump to the conclusion about which of these causal pathways is at work when we observe a correlation.

Let's take women on boards as an example. Suppose the evidence shows that firms with women on boards do better. It could just be the case that these are firms with a more socially progressive outlook, and maybe more progressive teams fare better than socially backward teams. If so, a band aid of two women added to the board of a neanderthal bunch is not going to change their outlook.

Let's take parents and children and college. Some kinds of parents have the household environment where children delay gratification, work hard, immerse themselves less into mass culture. Those kinds of kids make it to college and graduate from college. Those kinds of parents live longer. There needs to be no causal connection.

#### The problem of reverse regression

When we see a linear regression

y  =  a  +  b x  +  e

we jump to the conclusion that changing x by 1 unit will have a causal impact on y of b. There is absolutely no justification for this with observational data! If you want to terrify your young students in a dark alley, do the reverse regression:

x  =  a  +  b y  +  u

The slope will be significant here also. So does changing y have an impact on x or does changing x have an impact on y?

#### Let's be more careful

To take the results of conventional linear econometrics, and imply that there is a causal interpretation, or that someone can use the result to make a better decision, is immoral and unethical.

Many economists are a bit cavalier about these distinctions. The only way to learn about the impact of a treatment is to observe natural or artificial experiments where events happen for exogenous reasons, through which we get to see what happened in the aftermath of the change for near-identical units of observation where one is treated and one is held as a control. The two key tools for this are matching (to figure out what are the near-identical units of observation) and event studies (to figure out what happened after the event).

The old style regressions, where vast datasets are thrown into some matrix algebra, are dangerous and best avoided. No amount of torture by matrices can rescue a bad design. Under observational data, OLS is not BLUE. Everything we have been told in traditional econometrics is suspect when faced with observational data.

#### Corollary when working with Indian firm data

The emphasis on "near-identical units of observation" has an interesting implication when working with firm data. Imagine that you're doing something involving y and x and firm data. There are some natural experiments where x changes for some firms. You are looking for near-identical firms where the x did not change. This would make possible an event study to figure out the impact of the change.

Suppose the treatment was applied to Reliance Industries. You're out of luck because there is no company in India which is near-identical to Reliance Industries. You have to drop this observation and move on. Reliance Industries is sui generis.

Suppose the treatment was NOT applied to Reliance Industries. No treated company will ever be much like Reliance Industries. You will not find Reliance Industries in your matched dataset.

Suppose you were not careful in this data preparation and Reliance Industries somehow showed up in your dataset. It is quite likely to be an outlier and will mess up your results.

Hence I fear that any regression done with a dataset that contains accounting data for Reliance Industries is wrong.

(This is not a problem with returns data, as the returns data for Reliance is much like that seen for other firms).