Reserve Bank of India imposed ₹3.10 lakh penalty on CreditAccess Grameen Limited on May 25, 2026, for deficiencies in internal software systems. The microfinance company lacked robust mechanisms to alert on transactions inconsistent with customer risk profiles, impacting suspicious transaction identification. The penalty order was received via email on May 29, 2026. CreditAccess Grameen disclosed this to stock exchanges under SEBI Regulation 30, confirming financial impact limited to penalty amount.

This RBI penalty represents regulatory enforcement of anti-money laundering (AML) and Know Your Customer (KYC) compliance in microfinance. CreditAccess Grameen's software deficiency specifically involved absence of transaction monitoring systems that should flag activities inconsistent with customer risk categorization. Such systems are crucial for identifying suspicious transactions under Prevention of Money Laundering Act (PMLA) requirements. The ₹3.10 lakh penalty, while modest for a company with ₹97.77% five-year returns, signals RBI's focus on technology-driven compliance in NBFC-MFIs. The timing coincides with increased regulatory scrutiny of digital lending platforms and fintech partnerships. For the broader microfinance sector, this highlights the need for robust transaction monitoring systems as customer bases expand and digital transactions increase. The disclosure under SEBI Regulation 30 ensures transparency for investors, particularly relevant as CreditAccess Grameen engages international investors like Federated Hermes. This case exemplifies how operational compliance gaps, even in software systems, attract regulatory action in India's evolving financial landscape.