Registration of security interest: A peculiar Indian problem

by Pratik Datta.

When a lender extends credit to a company, it often secures repayment by way of a security (often referred to as a “charge”) created over certain assets or properties of that company. Company law usually requires such security to be registered with an agency. For instance, in the UK, company charges are registered with the Companies House. Registration of security could serve three different purposes:

1. the purpose of registration of security could be to publish the existence of such security to make it available for public inspection. This gives potential lenders to the company information about the extent of prior lending to the company which may rank ahead of their own contemplated advances. Such information may also be of interest to credit analysts, resolution professionals, shareholders and investors.

2. registration may be necessary for ‘perfection’ of the security. That is, registration may be treated by law as a necessary part of the process whereby a person obtains a security interest against the company. Without registration, the person in question would fail to obtain security interest and so would not be able to rely on it against the unsecured creditors of the company during the company’s insolvency.

3. registration could be used in law as a way of determining priority among secured creditors. For example, the law could require that priorities among secured creditors be determined by the date of registration of the security instead of the date of creation of security.

In India, we have a peculiar situation. When a bank or notified financial institution extends a secured credit facility to a company, three different registrations are necessary under three different laws for the same security.

1. Under section 77 of Companies Act 2013, a company creating charge on its assets or properties is required to register the particulars of such charge with the Registrar of Companies (‘RoC’). This involves providing the relevant information in Form No. CHG-1 (for charges other than debentures) or Form No. CHG-9 (for debentures), getting it signed by both the company and the charge holder, and then filing the Form along with the underlying credit agreement with the ROC.

2. Under section 23 of Securitisation and Reconstruction of Financial Assets and Enforcement of Security Interest Act, 2002 (‘SARFAESI Act’), the particulars of every transaction (involving banks and notified financial institutions) creating security interest must be filed with the Central Registry of Securitisation Asset Reconstruction and Security Interest of India (‘CERSAI’). This involves filing Form I with CERSAI.

3. Under section 215(2) of the Insolvency and Bankruptcy Code 2016 (‘IBC’), a financial creditor (which typically includes banks and regulated financial institutions) is mandatorily required to submit financial information and information relating to assets, in relation to which any security interest has been created, to an Information Utility (“IU”). Unlike RoC or CERSAI, IUs are required to authenticate and verify information of default, and issue a record of default in Form D to its registered uses.

As a result of these legal provisions, every single secured credit transaction in India has to be mandatorily registered with the RoC, the CERSAI as well as an IU. More than increasing compliance burden, this institutional overlap increases the legal uncertainties around security creation and enforcement, with potentially adverse implications for the entire secured credit landscape. A recent case illustrates the point.

Case in point

In Bizloan Pvt. Ltd. v. Mr. Amit Chandrashekhar Poddar (“Bizloan judgment”), the NCLAT was seized of a unique situation where a corporate credit transaction was registered only with CERSAI but not with RoC. Bizloan Private Ltd. (“Bizloan”) provided financial credit facilities to Autocop (India) Pvt. Ltd. (“Autocop”) in the form of sales bill discounting and purchase bill discounting of Rs. 1 crore in aggregate. Subsequently, Autocop went into corporate insolvency resolution process (“CIRP”) under the Insolvency and Bankruptcy Code 2016 (“IBC”). Bizloan filed its claims in Form C during CIRP, which were admitted in full without indicating if they were secured or unsecured. It was only when Bizloan received the final resolution plan for Autocop that it realized that Bizloan had been classified as an unsecured financial creditor. Bizloan challenged this classification but by then Autocop had been put into liquidation. The NCLT dismissed Bizloan’s challenge. Consequently, Bizloan approached NCLAT in appeal.

Bizloan’s arguments

1. Bizloan argued that proving security interest in liquidation proceedings under IBC should be governed by Regulation 21 of the IBB (Liquidation Process) Regulations, 2016, which states:

The existence of a security interest may be proved by a secured creditor on the basis of -

1. the records available in an information utility, if any;
2. certificate of registration of charge issued by the Registrar of Companies; or
3. proof of registration of charge with the Central Registry of Securitisation Asset Reconstruction and Security Interest of India.

Evidently, proof of registration of charge with CERSAI is sufficient for proving security interest in a liquidation by virtue of Regulation 21(c) of the Liquidation Regulations.

2. Bizloan further argued that section 238 of the IBC overrides provisions of other statutes. Therefore, if there is any inconsistency between IBC and any other statute, IBC and the regulations issued under it should prevail.

Liquidator’s arguments

1. The Liquidator relied on section 77(3) of the Companies Act 2013, which states:

Notwithstanding anything contained in any other law for the time being in force, no charge created by a company shall be taken into account by the liquidator appointed under this Act or the Insolvency and Bankruptcy Code, 2016 (31 of 2016), as the case may be, or any other creditor unless it is duly registered under sub-section (1) and a certificate of registration of such charge is given by the Registrar under subsection (2).

The underlined portion of the above provision was inserted through the Eleventh Schedule of the IBC itself, which came into effect from November 15, 2016. The liquidator highlighted that the words “shall” makes him duty bound to follow the above provision. Further, if there is any conflict between section 77 of Companies Act 2013 and Regulation 21 of the Liquidation Regulations issued under the IBC, the former will override the latter since section 77 is a specific provision dealing with the particular situation (that is, registration of charges) and it explicitly uses the words ““notwithstanding anything contained in any other law”. Since Bizloan’s charge was not registered with the RoC under section 77 of the Companies Act 2013 and only registered with CERSAI, Bizloan cannot be treated as a secured financial creditor in liquidation governed by the IBC.

2. The liquidator further argued that Regulation 21 is an outcome of section 52(3)(b) of the IBC, which states:

Before any security interest is realised by the secured creditor under this section, the liquidator shall verify such security interest and permit the secured creditor to realise only such security interest, the existence of which may be proved either – (a) by the records of such security interest maintained by an information utility; or (b) by such other means as may be specified by the Board.

The liquidator argued that section 52(3) applies only before a secured creditor chooses to “realise” its security interest, which does not come into the picture in Bizloan’s case since Bizloan had effectively “relinquished it security interest to the liquidation estate” and was to receive the sale proceeds in terms of section 53 of IBC.

3. The Liquidator further highlighted that Regulation 21 uses the words “may prove”, which is discretionary and not mandatory. In contrast, section 77 uses the word “shall” which is mandatory and binding.

4. Additionally, the Liquidator argued that if there is a conflict between section 77 and Regulation 21, Regulation 21 of the Liquidation Regulations issued under section 240 of the IBC will have to give way to section 255 of the IBC, which amended section 77(3) of the Companies Act explicitly giving more weightage to section 77 of Companies Act 2013 in matters of registration of charges on a company’s assets or properties.

5. The Liquidator also drew attention to section 20(4) of the SARFAESI Act 2002, which reads:

The provisions of this Act pertaining to the Central Registry shall be in addition to and not in derogation of any of the provisions contained in the Registration Act, 1908 (16 of 1908), the Companies Act, 1956 (1 of 1956), the Merchant Shipping Act, 1958 (44 of 1958), the Patents Act, 1970 (39 of 1970), the Motor Vehicles Act, 1988 (49 of 1988), and the Designs Act, 2000 (16 of 2000) or any other law requiring registration of charges and shall not affect the priority of charges or validity thereof under those Acts or laws.

Accordingly, the Liquidator argued that SARFAESI Act 2002 is ‘only in addition and not in derogation of’ the provisions of Companies Act 2013 and any other law. Therefore, registration with CERSAI under SARFAESI Act 2002 cannot affect the priority of charges or validity thereof under those other Acts or laws.

NCLAT’s judgment

The NCLAT noted the well-established principle of statutory interpretation that a latter law prevails over an older law. Accordingly, it observed that the IBC came into effect on December 1, 2016 while the amendment to section 77(3) of Companies Act 2013 came into effect earlier on November 11, 2016. Further, Regulation 21 of the Liquidation Regulations came into effect on December 15, 2016, after the amendment to section 77(3) of Companies Act 2013. Therefore, NCLAT concluded that the IBC will override the amended section 77(3) of Companies Act 2013. Consequently, it was held that security interest of a creditor can be proved if the same is available only in CERSAI. It is not completely and exclusively dependent on charge registered with RoC under section 77 of Companies Act 2013. As a result, Bizloan should be treated as a secured financial creditor based on its CERSAI registration pursuant to Regulation 21 of the Liquidation Regulations.

Analysis of NCLAT’s reasoning

The NCLAT’s reasoning is problematic. The general principle of statutory interpretation that a new law overrides an old law is based on the assumption that if both laws have been enacted by the Parliament at different points in time, it is reasonable to assume that the latter law reflects the latest policy intent of the Parliament and therefore, should prevail over the earlier law.

When IBC was enacted by the Parliament, section 255 of IBC amended section 77(3) of Companies Act 2013 to clarify that a liquidator appointed under IBC must take into account a charge created by a company only if such charge was registered under section 77 of Companies Act 2013. The Parliamentary intent was clearly to ensure that only charges registered under section 77 of Companies Act 2013 are taken into account in a liquidation under IBC.

The Ministry of Corporate Affairs (“MCA”) notified different provisions of IBC at different points in time because of administrative convenience. Parliamentary intent cannot reasonably be determined based on whether a provision of IBC was notified before another provision of the IBC by the MCA, that too within a span of a month. Therefore, the fundamental basis of NCLAT’s reasoning stands of unsure footing.

Policy issues

The NCLAT noted that RoC and CERSAI registrations serve different purposes. Registration of charges with RoC under section 77 of Companies Act 2013 is relevant for determining priority of claimants of a company during liquidation under IBC or winding up under Companies Act 2013. In contrast, CERSAI registration under section 20 of SARFAESI Act 2002 is relevant for realization of security interests by banks and notified financial institutions through the SARFAESI Act 2002. It is also noted that CERSAI registration helps in fraud prevention by allowing lenders to check if the asset being offered as security is already hypothecated or mortgaged.

On closer examination, these stated purposes do not appear to be mutually exclusive. When a bank or a notified financial institution extends secured credit to a company, the borrower company is mandated by law to register the charges with the RoC under section 77 of Companies Act 2013. This RoC data is available for public inspection. Potential lenders to the company can use the RoC data to check if the company has already given any of its assets or properties as security to any prior lender(s). Clearly, fraud prevention in corporate lending by banks and notified financial institutions cannot be a reason for setting up CERSAI.

CERSAI becomes relevant only for fraud prevention in the case of loans extended by banks or notified financial institutions to non-corporate borrowers such as individuals, sole proprietorships, societies, partnerships etc. The RoC does not have information on prior borrowings by such non-corporate borrowers or the existing security on the assets or properties of such borrowers. In such cases, CERSAI plays a legitimate role in fraud prevention.

The problem in the current institutional design lies is the overlap between RoC, CERSAI and IUs with respect to corporate secured lending. Banks and notified financial institutions have a strong incentive to register security interests in corporate lending transactions with CERSAI because it enables them to enforce such security interests through the special out-of-court enforcement mechanism under SARFAESI Act 2002. These lenders also have an incentive to get the same information filed with an IU so that they can rely on the IU’s record of default in insolvency proceedings under IBC. And the corporate borrower is anyways legally mandated to register the security with RoC under Companies Act 2013. Overall, these laws have created layers of institutions over one another for the same purpose, muddying the functional clarity between RoC, CERSAI and IUs.

Conclusion

The blurring of functionalities between the RoC, CERSAI and IUs not only creates avoidable transaction cost in corporate secured credit transactions, it also leads to legal risks around security creation as the Bizloan judgment illustrates.

Registration of a particular security interest against assets or properties of a particular corporate debtor should be done only once. Let’s assume that the registration agency is RoC. The corporate debtor should register a particular security interest only once with the ROC. In case of default, that RoC registration alone should be enough for banks and notified institutions to use enforcement rights under SARFAESI against such corporate debtors. Similarly, the same ROC registration alone should be adequate proof of security interest against a corporate debtor for the purposes of IBC. The law should not require the same security interest against the same corporate debtor to be registered with CERSAI or any IU.

CERSAI would, of course, remain relevant for registration of security interests against non-corporate borrowers. The case for IUs is more nuanced. The BLRC had envisaged an open competitive industry in the market for information required for insolvency and bankruptcy. This should be achieved by enabling multiple private competing businesses to perform the role of RoC, which would require a fundamental rethinking of the RoC as a state monopoly under Companies Act 2013. Adding an additional layer of IUs over the existing RoC to perform exactly the same function is not exactly the reform that the BLRC had envisaged.

The legal mechanics of achieving these outcomes is not particularly complex. Suitable amendments would be required to Companies Act 2013, SARFAESI Act 2002 and Insolvency and Bankruptcy Code 2016 and some subordinate legislations issued under these statutes. But first of all, the MCA (for RoC and IUs) and Ministry of Finance (for CERSAI) need to recognize the problems with the current laws on registration of security interests and agree on the policy pathway ahead.




The author is a lawyer.

Announcements

Call for Papers: 16^th Emerging Markets Conference

14^th - 17^th December, 2025

XKDR Forum in collaboration with Vanderbilt law School is inviting papers to be submitted for the 16^th Emerging Markets Conference, 2025. In the past, the audience for these events has comprised of academics, participants from the legal and financial industry, policy makers from government and regulators.

Details of the previous conferences can be viewed at https://emergingmarketsconference.org/. The conference aims to cover presentations and discussions across the following set of research topics:

• The sources of economic success or failure in EMs.
• Finance in EMs (households, financial markets, financial intermediaries, firms and finance, finance and growth).
• Political economy, law, public administration, regulation in EMs.
• The impact of populism upon the possibility of sustained growth.
• Insights into large EMs that matter in and of themselves.
• Insights from narrow research projects that illuminate EMs in general.
• The new phase of globalisation and its consequences for international trade, international finance and the nature of the EM firm.
• Features of a society that enable or disable convergence into the ''normal'' package of high levels of freedom and prosperity.
• The puzzles faced by all kinds of decision makers: individuals, civil society actors, firms, all levels of government.
• Grand challenges such as climate change: implications for EMs and ramifications of choices made in EMs.
• State capability in EMs.

The ideal papers for EMC shed light on the great questions of the age, while being analytically sound and persuasive.

Conference design

For EMC 2025, we intend to bring on board a wider research papers, panels on contemporary policy and keynotes by experts in the area of finance, economics and law. The conference this year will be completely in-person mode.

Best Discussant Award

Each year, we award the Emerging Markets Conference discussant award for the best discussant and the first runner up discussant of the papers presented on each day of the EMC. The discussants are selected by an audience poll.

Program Committee

• Adam Feibelman, Tulane University
• Ajay Shah, XKDR Forum
• Bidisha Chakraborty, Saint Louis University
• Dan J Awrey, Cornell Law School
• Harsh Vardhan, Independent
• Indradeep Ghosh, Dvara Research
• Joshua Felman, J. H. Consulting
• Kose John, NYU Stern
• Kumar V, SMU - Cox School of Business
• Marios Panayides, The University of Oklahoma
• N. Prabhala, Johns Hopkins University
• Pab Jotikasthira, SMU - Edwin L Cox School of Business
• Pradeep Yadav, The University of Oklahoma
• Rambhadran Thirumalai, ISB
• Rajeswari Sengupta, IGIDR
• Renuka Sane, TrustBridge
• Sanjay Kallapur, ISB
• Susan Thomas, XKDR Forum
• Tanika Chakraborty, IIM Calcutta
• Vimal Balasubramaniam, Queen Mary University of London
• Yesha Yadav, Vanderbilt University

Important dates

• Paper submission deadline: 25^th August 2025.
• Expected date for notification of acceptance: 30^th September 2025.
• Dates of the conference: 14^th - 17^th December 2025.

Support

Financial support for academic authors whose papers have been accepted at the conference includes travel support of up to USD 500 as well as accommodation at the conference venue for 3 nights of the conference (14^th to 17^th December).

Registration and contact details

Submissions: Please submit your papers in pdf format by following this link here
For any clarifications, please reach out to Jyoti at outreach@xkdr.org

Dealing with fraud in consumer finance

by Renuka Sane.

There is great ire among consumers about financial fraud. Fraud is the deliberate deception of one party by another for the purpose of unlawful gain, typically involving the misrepresentation or concealment of material facts. When fraud occurs, the key question is: who ends up paying for it? The answer to this is not so obvious. Consider the recent incident involving Falcon, an online bill discounting platform now defunct. This platform was promoted since 2021 as a peer-to-peer invoice finance platform. It had about 7000 investors and had raised Rs.1,700 crores by 2025. Retail investors lent money against invoices supposedly issued by reputable companies, earning high returns over short tenures. Until suddenly they didn't. Consumers realised one day that Falcon had closed its offices and cut off all communication. The ensuing cascade of chargebacks for services not rendered, their denial by financial firms, a subsequent Bombay High Court interim order which continued the freeze on chargeback requests illustrates how the existing system leaves consumers in a precarious position. There is no easy answer when it comes to dealing with fraud, but understanding the options is a good place to start.

The case

Falcon operated an online platform for short-term invoice/bill discounting. Payments to Falcon were routed through a payment aggregator called Worldline ePayments India Pvt. Ltd. Worldline had pooling accounts with various banks and cards, including the State Bank of India through which such transactions would be facilitated.

Falcon ceased its operations owing to allegations of fraud. Once customers figured that Falcon was no longer operational, they started asking for reversals of their transactions, or chargebacks, on the basis of services not rendered. As a result Worldline's pooling account with SBI started to get debited. Worldline requested SBI not to debit their pooling account, and SBI initially agreed for a limited period. This essentially meant that SBI would not be able to honour customer requests on chargeback. Once the limited period got over, SBI began to debit Worldline's account again. A Vacation Court order on May 19, 2025, temporarily stopped SBI from continuing to debit Worldline's pooling account to cover chargeback requests related to Falcon's transactions.

The dispute continued. SBI didn't want to be the only bank which was temporarily stopped from debiting Worldline's pooling account and to risk its funds getting debited. Other banks (or card companies) wanted a simpler life by not having to deal with chargeback requests. Worldline didn't want any debiting from any account - according to them if the customer was defrauded by Falcon, they had nothing to do with it.

All of these parties were given relief by the interim order of the Bombay High Court which ordered that no bank or credit card company will now debit Worldline's account on chargeback requests. The Court appears more sympathetic to shareholders of the intermediaries and banks relative to customers, as they have lost their money, at least until there is a final order in this case.

Who should the burden be on?

While the Bombay high court seems to have bought into the argument that the intermediary is just a pass-through, the critical question in markets remains, "who bears the burden?" A standard response in India is to increase licensing and networth requirements to carry out financial activity, but that often makes the informal market bigger, and fails to address the problem of fraud. We have three choices - leave it to the customer, hold the firm committing fraud to account, or place liability on the intermediary. The choice we make will shape the structure of markets, the roles of intermediaries, and incentives for honesty and risk.

Option 1: The customer

In a caveat emptor or "let the buyer beware" world, the burden of due diligence rests solely on the customer. If Falcon ceased operations, and consumers money was held up, then it is the consumers loss.

On the one hand, a caveat emptor world incetivises caution by consumers. Consumers may learn to discern good firms from bad with experience and this may eventually drive out the bad firms. However, it also leads to enormous wariness in every transaction. Anonymous transactions, where the buyer and seller do not know nor have long-term interactions with each other - become impossible or extremely risky. This is an implicit entry barrier for new firms trying out innovative products - they will have to take significant efforts to signal credibility. Modern capitalism becomes less viable if fraud risk sits squarely with the consumer.

A private certification agency could mediate the "credibility" signal, offering a seal-of-approval as a safeguard against the risk of fraud. However, such private certification agencies are notably absent in India. The reasons for this lack of emergence remain unclear -- perhaps it is difficult to design viable business models within a price-sensitive and fragmented market. In the absence of a credit certification agency, a caveat emptor world means retail customers have no ex-post recourse, only their ex-ante judgment.

Option 2: The firm

Here, the company providing the goods or services is made directly and strictly liable for any fraud. Under Indian law, if a seller's fraudulent actions prevent or frustrate a buyer's due diligence, the seller cannot then turn around and claim that the buyer should have been more careful under the caveat emptor principle. This runs into trouble when customers are dealing with a fly-by-night operator. If the company commits fraud and vanishes, it becomes the domain of the police to pursue, locate, and prosecute the company's proprietors and courts to impose sanctions. If the company's resources are exhausted, there is no meaningful restitution to the consumer; sanctions may deter future fraud but do not compensate customer's losses. If the justice system doesn't work well or is not designed to deal with class action suits by a group of consumers, then this outcome is not too different from the burden being solely on the customer.

Option 3: The intermediary

In this set up, the intermediary, such as the payment aggregator, would act as a trusted third party. The burden of scrutinising legitimacy - of both buyer and seller - would rest on the intermediary. The intermediary may provide insurance to buyers (and sellers) against fraud, restoring lost funds where possible. The liability (at least in part) would lay on Worldline. We see an example of this in the credit card industry where the Fair Credit Billing Act in the United States requires credit card companies to investigate unauthorised transactions (or billing errors in the case of fraud) and transfer money back to customers if they report misuse of the card (or evidence of fraud) within a specified period of time.

In India, RBI requires payment aggregators to do due diligence of merchants it onboards. In the Falcon case, Worldline as the payment aggregator would have conducted due diligence of Falcon. A liability framework exists under the RBI as well, but only for unauthorised transactions. The applicability to instance of fraud remains unclear. If the RBI were to extend the liability framework to deal with fraud, similar responsibilities may get placed on payment aggregators, and other intermediaries.

At first glance, this is a better outcome for consumers. They are assured of the credentials of an anonymous provider of services and getting their money back in the event of fraud. This may increase the number of transactions that take place and the size of the market. However, protection comes at a cost. The intermediary firm will have to incur additional expenses and significantly change its business model. The firms may pass on the burden of anti-fraud compliance to customers in the form of higher platform fees, or stricter participation standards. But firms will also be incentivised to invest in measures to detect and block fraudulent transactions. We may see a consolidation in the intermediaries market with a few, large providers able to offer risk management at cost.

Conclusion

Instances of fraud create pressure upon the government to create an ex-ante regulatory system that makes many kinds of fraud infeasible through licensing conditions, price restrictions, and other regulatory barriers. But these conditions also make many kinds of products and transactions infeasible, which is not in the best interest of consumers and markets.

A well-designed regulatory system should first confirm that a complaint involves fraud, as not all losses are caused by fraud. It should then allocate this burden wisely. The Falcon case suggests that we are operating under the Option 1 scenario. The desirability of shifting to Option 3, with a significantly higher liability burden on the intermediaries, is an issue that merits immediate attention. A system that harnesses the interests of profit-seeking financial firms in blocking fraud is the one that has the best chance of success.

The author is a researcher at the TrustBridge Rule of Law Foundation.