Fraud signals are split into hard fraud (decline) and soft fraud (refer with high-priority manual review).
| Rule | Action |
|---|
| PAN name vs Aadhaar name material mismatch (fuzzy) | REFER |
| Mobile-Aadhaar mismatch | REFER |
| Mobile-PAN mismatch | REFER |
| Multiple Aadhaars associated with same mobile (vendor signal) | DECLINE |
Mobile is brand-new (< 30 days old) | REFER |
| Sanctions / PEP confirmed hit | DECLINE |
| Rule | Action |
|---|
| BSA vendor tampering flag (text-layer mismatch, font anomaly, totals not reconciling) | DECLINE if confirmed; REFER if suspicion |
| Bank statement PDF metadata anomalies | REFER |
| Invoice IRN lookup fails on GST IRP for above-threshold invoice | DECLINE for that invoice |
| Tally backup with manual P&L edits suspected (vendor signal) | REFER |
| OVD photo manipulation flagged by face / liveness vendor | DECLINE |
| Rule | Action |
|---|
Multiple distinct applications from same device in < 7 days | REFER |
| Submission time anomaly (e.g., 3 AM batch) | REFER (low-severity) |
| Identical bank-account / mobile across distinct applicants | DECLINE |
| Same address / building across multiple unrelated applications | REFER |
| Borrower edits high-impact field many times before submit | REFER |
| Rule | Action |
|---|
| Recent fraud declaration on bureau (vendor’s fraud flag) | DECLINE |
| Address / mobile change immediately before application | REFER |
| Rule | Action |
|---|
| Internal blacklist hit (borrower / promoter / mobile / device / bank account) | DECLINE |
| Consortium fraud-feed hit | DECLINE or REFER per source confidence |
| Rule | Action |
|---|
| Emulator detected | REFER |
| Rooted / jailbroken device | REFER |
Same device used for > 3 distinct applications in 30 days | DECLINE |
| VPN / proxy with high anonymity score | REFER |
| Rule | Action |
|---|
Channel / DSA submitting > N applications per day above norm | flag for channel review; REFER each |
| Sudden spike in approvals per DSA without commensurate quality | flag |
When a borrower fails a policy rule but business wants to approve, a deviation is requested.
| Type | Example | Approval |
|---|
| Soft | Bureau score 680 (B threshold) but rest of file is A-grade | Credit-manager |
| Medium | Single-borrower exposure cap at 90% of limit; want to do 100% | Credit-head |
| Hard | DPD 30+ on existing facility but recently cured | CRO + credit-head |
| Hard / NPA-history | Settled history > 36 months ago | Credit committee |
| Pricing deviation | Off-grid rate for retention | Credit-head + business-head |
Define a matrix by:
- Deviation magnitude (soft / medium / hard).
- Loan ticket size.
- Channel / partner.
The matrix routes each deviation to the correct approver chain with SLAs.
- Track deviation rate per channel / per DSA / per credit manager.
- A rising deviation rate is a signal of policy drift or pressure; investigate.
For every decline, a coded reason from a controlled vocabulary. Example codes:
BUREAU_SCORE_BELOW_THRESHOLDBUREAU_RECENT_DPDBUREAU_WRITEOFFBUREAU_WILFUL_DEFAULTERGST_LOW_TURNOVERGST_NON_FILERGST_CANCELLEDBANK_LOW_ABBBANK_HIGH_BOUNCESCASH_FLOW_INSUFFICIENTIDENTITY_FRAUD_SIGNALDOCUMENT_FRAUD_SIGNALINTERNAL_BLACKLIST_HITEXPOSURE_CAP_BREACHINDUSTRY_RESTRICTEDGEOGRAPHY_RESTRICTEDENTITY_VINTAGE_INSUFFICIENTKYC_INCOMPLETEBO_VERIFICATION_FAILEDBANK_ACCOUNT_VERIFICATION_FAILEDSANCTIONS_HIT
The borrower-facing decline letter uses a softer wording but the coded reason is preserved for audit and analytics.