Is AI calling for loan collection RBI Fair Practices Code compliant?

Yes — when the AI calling platform is architected for FPC. Compliance is not a property of AI in the abstract; it is a property of the specific platform's controls. A platform that enforces 8am-7pm calling hours, locks identity disclosure in the opening 30 seconds, separates borrower from reference contact lists, retains recordings for at least 90 days, routes grievances to a human officer, and produces a per-borrower per-call audit trail meets the FPC bar. A platform that does not have these controls is non-compliant regardless of whether it is technically capable of AI calling.

What hours are NBFCs allowed to call borrowers under RBI FPC?

8:00am to 7:00pm IST. There is no exception based on borrower preference — RBI's rule is binding even if the borrower says they would prefer otherwise. Multi-state lenders should treat IST as the binding timezone. National holidays and major festivals where calling is widely understood to be inappropriate should be blocked at the platform level as a supervisory expectation, not just a courtesy.

Does the AI need to identify itself as automated within 30 seconds?

RBI has not issued a formal directive specifically requiring AI self-disclosure, but the consumer-transparency direction of the 2022 Digital Lending Guidelines and global regulatory consensus point clearly to disclosure being the safe path. Caller Digital and every responsible Indian voice AI platform default to disclosing the automated nature of the caller in the opening line, alongside lender name, purpose, and recording notice. Lenders that run AI campaigns without disclosure are betting against the regulatory trend.

How long should NBFCs retain AI collection call recordings?

The RBI minimum is 90 days. The supervisory expectation, particularly for unsecured personal loans and microfinance portfolios, is closer to three years. The reason is grievance defence — a borrower who complains about a call from eighteen months ago, and a lender that cannot produce the recording, is presumed to have failed. Three-year retention is the safe default for high-risk portfolios. Recordings should be indexed by borrower, loan reference, campaign, script version, and disposition for fast retrieval.

Can voice AI handle DPD bucket 30-60 negotiations under RBI FPC?

Not safely on its own. AI can handle first contact, hardship qualification, and restructuring-option presentation in bucket 30-60. Negotiation itself — where the borrower's situation requires judgment and customised solutions — should be human-led, with the AI doing prep work. Pure-AI negotiation in bucket 30+ is where most harassment-perception complaints originate. Vendors that promise end-to-end AI negotiation in this bucket are selling regulatory exposure.

What does the 2022 Digital Lending Guidelines overlay add for AI collection calls?

Four things. Pre-authorised consent at loan origination for collection calls (call-time consent does not satisfy DLG). Transparent disclosure of every charge, fee, or penalty mentioned on the call. Written confirmation — SMS, email, or in-app — of any payment promise captured on the call. And a hard separation between collection campaigns and cross-sell campaigns, with no template or consent bleed between the two. AI platforms must reflect all four in their architecture.

How do NBFCs audit AI calling vendor compliance with FPC?

Use the 12-point checklist in this guide as the starting framework. Demand documentary evidence for each point — config screenshots, log samples, sample recordings, sample audit trails, written policies. Require quarterly compliance reviews with the vendor as a contractual obligation. Insist on the vendor producing per-borrower per-call audit trails on demand within a defined SLA. And benchmark the vendor's controls against the eight diligence questions in this guide. If the vendor cannot answer all eight in writing with evidence, the deployment is not RBI-compliant. It is RBI-exposed, and the lender's name is on the front of the exposure.

RBI Fair Practices Code for AI Collection Calls India 2026 | Caller Digital

RBI's Fair Practices Code reads like a list of don'ts. Don't call before 8am. Don't intimidate. Don't pressure references. Don't disrupt employment. Don't withhold identity. The interesting question for AI calling vendors isn't whether they comply — it's whether they make compliance auditable. Most don't. That's the actual buying criterion for any NBFC head of collections in 2026.

The Fair Practices Code is no longer a soft governance document that legal teams skim once a year. After the harassment cases that hit national news in 2024 and 2025 — the suicide-linked recovery incidents, the leaked WhatsApp groups, the High Court strictures — RBI has materially tightened its supervisory posture. Quarterly reviews of recovery vendor relationships are now standard. The Reserve Bank's Department of Supervision is asking NBFCs to produce evidence of conduct, not just policy. And every regulated lender that has plugged an AI calling vendor into its collections stack is now discovering an uncomfortable truth: the AI layer is a regulatory surface area, not a regulatory shortcut.

This guide is written for the NBFC head of collections, the bank's compliance officer, and the procurement lead who has to defend the AI calling vendor choice in front of an internal audit committee. It is the most complete public mapping of RBI's Fair Practices Code (FPC), the Recovery Agents Code, and the 2022 Digital Lending Guidelines onto AI voice calling that we are aware of in the Indian market. If you are signing a 12- or 24-month vendor contract for collections automation in 2026, read every section. The wrong vendor choice is no longer a productivity miss — it is a regulatory exposure with the lender's name on the front of it.

What RBI's Fair Practices Code actually requires for collection calls

The FPC originated in 2003. It has been materially revised — the 2007 update on recovery agents, the 2015 master direction consolidation, the 2022 digital lending guidelines, and the 2024 supervisory tightening following the harassment cases. The portions that bear directly on collection calls are these.

Calling hours. The permitted window is 8:00am to 7:00pm IST. There is no exception for "borrower preference" — RBI's rule governs even if the borrower says they would prefer a 10pm call. NBFCs that allow vendors to dial outside this window inherit the violation regardless of vendor wording in the SOW.

Identity disclosure. The agent — human or AI — must disclose, within the opening seconds of the call, who they are, what entity they represent, and the purpose of the call. RBI's expectation, reinforced in supervisory letters, is that this disclosure happens before any substantive conversation. A 30-second cap is the practical industry standard.

No abusive, intimidating, or threatening language. This includes language that implies legal consequences that have not actually been initiated, threats of police involvement, threats of public shaming, or any communication that a reasonable borrower would find coercive. Tone matters as much as words.

No workplace disruption. Calls to the borrower's office that disrupt their employment — repeated calls during work hours, calls to the borrower's manager or HR, voicemails left with colleagues — are prohibited.

No pressuring of family members or references. References captured at loan origination are for verification, not collection leverage. Calling a borrower's spouse, parent, or reference to "create pressure" is a clear FPC violation and the most common source of complaints.

Recording retention. RBI's minimum is 90 days for collection call recordings. The supervisory expectation, particularly for unsecured personal loans and microfinance, is closer to three years. Lenders defending grievance complaints without recordings are presumed to have failed.

Recovery Agents Code (DRA Code). Human collection agents must complete the IIBF-administered DRA certification or equivalent. The Code covers training, conduct, supervision, and escalation discipline. AI does not pass IIBF — but the platform's compliance architecture must serve as the substitute, and that substitute must be auditable.

Grievance redressal. Every borrower must have a documented, accessible pathway to escalate a complaint to a grievance officer, with response timelines aligned to the RBI Integrated Ombudsman Scheme.

The 2022 Digital Lending Guidelines layer. Pre-authorised consent for collection calls (captured at loan origination, not at call time), transparent fee and charge disclosure, written confirmation of any payment promise made on call, and a hard separation between collection campaigns and cross-sell campaigns.

Together, this is what FPC demands. The next question is what it means when the caller is an AI.

How RBI FPC maps to AI voice calling

Every FPC rule has a translation into the AI calling layer. Some translations are simpler than the human equivalent. Some are harder. All of them require the lender to take a position.

Calling hours. AI is structurally easier to control than humans here. The dialer must be hard-coded to the 8am-7pm window in the borrower's resident timezone — which matters for multi-state lenders, since a borrower whose loan was originated in Guwahati but who lives in Mumbai must be governed by IST as RBI defines it. The vendor's scheduler should also block national holidays and the major regional festivals where calling is widely understood to be inappropriate. This is not strictly required by FPC but is strongly expected by supervisors.

Identity disclosure. The AI's opening line must include the lender's full registered name (not a brand alias), an explicit statement that the caller is an automated voice assistant or AI agent on behalf of the lender, the purpose of the call (loan account reminder, EMI collection, etc.), and a recording notice. RBI has not formally taken a position on whether AI must self-disclose as AI, but the consumer-protection direction of every regulator globally — and the language of the 2022 Digital Lending Guidelines on transparency — point clearly to disclosure being the safe path. Caller Digital's default scripts always disclose the AI nature of the call.

Abusive language. AI is structurally better than humans here. AI does not lose its temper. AI does not freelance. AI does not improvise insults. But AI can be over-aggressive by script design — a poorly translated Hindi line, a pressure-coded English phrase, an urgency cue that crosses into coercion. The lender's compliance team must vet every script, in every language, before it goes live.

Workplace calls. AI must respect the communication preference captured at loan origination. If the borrower marked "do not call at work" or specified non-work hours, the platform must propagate that preference into dialer logic.

Reference calls. AI must not auto-dial references for collection purposes. Verification calls at origination are different from collection escalation calls. Most FPC violations involving AI come from sloppy contact-list hygiene where references and co-applicants get pulled into collection campaigns automatically.

Recording. AI calls are strictly easier to retain than human calls. Storage architecture should support a 90-day minimum and a three-year option for unsecured and microfinance portfolios.

DRA training analogue. This is the compliance lever that distinguishes a serious vendor from a hobbyist. Human DRAs go through IIBF certification. AI doesn't. Instead, the platform's compliance architecture — the script-vetting workflow, the language-coverage testing, the tone-classification model, the supervision dashboard — is the substitute. Crucially, it is auditable in a way human training never has been. A lender can show RBI exactly what the AI said on every call. That is a meaningful upgrade, if the architecture exists.

Grievance redressal. The AI must recognise grievance language ("I want to complain", "this is harassment", "I want to speak to your manager") and route the call to a human grievance officer with a documented response SLA.

The DPD bucket strategy under RBI FPC

Not every collection call is the same call. RBI's expectations scale with bucket. So should the AI's role.

Bucket 0-15 (current or just due). This is the soft-reminder bucket. Polite tone, payment confirmation, UPI link delivery, NACH re-mandate where applicable. AI handles 80%+ of contact attempts at this stage and arguably should — humans are wasted on borrowers who simply forgot. Compliance risk is low because the conversation is informational.

Bucket 15-30 (early DPD). AI continues to lead. Tone is slightly firmer but still cooperative — payment plan options, partial-payment acceptance, NACH re-presentation scheduling. The AI must avoid any phrasing that implies legal consequences.

Bucket 30-60 (mid DPD). This is where pure-AI calling becomes a regulatory risk. The borrower's situation now requires judgment — hardship classification, restructuring conversation, partial settlement negotiation. AI handles first contact and qualification. A human takes over for negotiation. AI cannot pressure-negotiate; it does not have the situational awareness to read distress signals reliably enough to satisfy a supervisor.

Bucket 60-90 (late DPD). Human-led, with AI confined to skip tracing assistance, documentation reminders, and grievance triage. The harassment risk in this bucket is the highest in the cycle, and any vendor that pushes AI into negotiation here is doing the lender a disservice.

Bucket 90+ (legal track). SARFAESI notice cycle, NCLT preparation, settlement letter logistics. AI restricted to documentation-only calls — confirming receipt of a notice, scheduling a documentation submission. No negotiation, no pressure, no script that could be construed as a threat.

A serious AI calling vendor will agree to these guardrails contractually. A vendor that promises "AI can handle bucket 60+ negotiation end-to-end" is selling you a future regulatory letter.

The five RBI FPC failure modes in AI collection calls

After reviewing dozens of NBFC and bank deployments, five failure modes account for the overwhelming majority of FPC issues with AI calling. Each has a clean fix.

1. Calling outside the window. Calls dialed at 7:45am or 7:15pm because the dialer was configured to UTC, or because the campaign scheduler assumed the borrower's address timezone matched the lender's HQ timezone. Fix: hard-code IST as the binding timezone for every Indian borrower, with festival and holiday blocks layered on top, and make it impossible to override at the campaign level without a documented compliance officer approval.

2. Insufficient identity disclosure. Scripts that say "Hello, this is a call about your loan" without naming the lender, without disclosing the AI nature, without stating the purpose. Often the result of script-shortening done by marketing teams optimising for completion rates. Fix: lock the opening 30 seconds as a compliance-controlled template that script editors cannot modify, and require a compliance sign-off before any new language variant goes live.

3. Tone that crosses into pressure. This is almost always introduced during translation. An English line that reads "we need to resolve this today" can become a Hindi line that reads as a threat. The translation pass is where most coercion creeps in. Fix: every Hindi, Tamil, Telugu, Marathi, Bengali, Kannada, Gujarati, and Punjabi script must be reviewed by a native-speaker compliance reviewer and then tested with a tone-classification model before deployment.

4. Auto-dialing references without consent. The platform pulled references from the loan origination system into the collection contact list, and the AI dialed them. Fix: a hard separation between borrower contacts and reference contacts in the platform's data model, and an explicit consent flag — captured at origination — before any reference contact can be dialed for collection.

5. No grievance pathway. The AI ends the call without offering an escalation route. The borrower has no documented way to complain, the lender has no record of the complaint, and the supervisor has no audit trail. Fix: every collection call template must include a grievance line ("if you have any concern, you can reach our grievance officer at..."), and the AI must detect grievance language and route to a human within the call wherever possible.

If your current vendor cannot demonstrate a fix for all five, you have a procurement decision to make.

The 12-point RBI FPC compliance audit checklist

Use this checklist verbatim in your next vendor review. Every point should produce documentary evidence — a policy, a config screenshot, a log sample, a recording.

Time-window enforcement. Dialer hard-coded to 8am-7pm IST with no override path below compliance officer level.
Borrower timezone handling. Multi-state borrower handling documented, IST as the binding timezone.
Identity disclosure within 30 seconds. Lender name, AI nature, purpose, recording notice — all four in the opening.
AI nature of call disclosed. Explicit statement that the caller is automated.
Lender name and loan reference disclosed. Registered name, not a brand alias.
Tone scripted for non-coercion. No legal threats, no urgency that crosses into pressure, no shaming language.
Reference call discipline. Hard separation between borrower and reference contact lists; explicit consent required.
Workplace call discipline. Borrower communication preferences propagated into dialer logic.
Recording retention. 90-day minimum, three-year option for unsecured and microfinance.
Grievance officer routing. Live, documented, with a same-day callback SLA.
Borrower opt-out flow. Documented and propagating across all campaigns within 24 hours.
Audit trail. Every consent, every call, every script version, every disposition logged and retrievable per borrower.

If a vendor cannot answer all twelve in writing, with evidence, the deployment is not RBI-compliant. It is RBI-exposed.

The 2022 Digital Lending Guidelines overlay

The Digital Lending Guidelines (DLG), introduced in September 2022 and tightened progressively since, sit on top of FPC. For collection calls specifically, four DLG provisions matter most.

Pre-authorised consent for collection calls. Consent must be captured at loan origination — explicitly, in plain language, in the borrower's preferred language — and stored as part of the loan record. Consent at call time (the "press 1 to consent to this call" pattern) does not satisfy DLG. The AI calling platform must reference origination-time consent before any campaign launches.

Transparent disclosure of charges. Late payment penalties, bounce charges, restructuring fees — every charge mentioned on a collection call must be disclosed transparently with reference to the loan agreement. AI scripts that mention "additional charges may apply" without specificity violate DLG.

Written confirmation of payment promises. Any payment promise captured on a call (a borrower committing to pay by a specific date) must be confirmed in writing — SMS, email, or in-app — within a defined SLA, typically within minutes of the call ending. The AI platform should automate this.

Cross-sell separation. Collection calls cannot carry cross-sell pitches. A call to a bucket 15 borrower is not the moment to offer a top-up loan or an insurance product. AI calling platforms must run collection campaigns and cross-sell campaigns on separate templates, with separate consent records, and no shared scripts. Vendors that bundle "you can also offer the customer..." into a collection script are misreading DLG.

The DLG layer is where most of the 2024-25 supervisory letters have focused. Lenders that get FPC right but miss DLG separation are still exposed.

What to ask your AI calling vendor about RBI FPC

Take this list into your next vendor evaluation. The answers — not the marketing decks — are the basis on which to choose.

Show me your time-window enforcement logic across timezones, including holiday and festival blocks, and demonstrate that no campaign can override it without a compliance officer's documented approval.
How do you screen scripts for non-coercive language across English, Hindi, and the major regional languages? Walk me through your tone-classification model and your native-speaker review workflow.
What's your reference-call discipline? Show me how the platform separates borrower contacts from references, and how consent at origination flows through to dialer eligibility.
How do you log grievance escalations? Show me a sample audit trail from grievance language detection through to grievance officer callback.
What's your recording retention architecture? 90-day minimum is table stakes — what does three-year storage look like, and how is it indexed for grievance defence?
How do you separate collection from cross-sell campaigns? Show me the campaign-level controls that prevent template bleed.
Show me your consent audit trail per borrower per call — origination consent, opt-out events, every campaign the borrower was eligible or ineligible for.
What happens, end-to-end, when a borrower invokes the opt-out clause? Walk me through propagation timelines, downstream campaign exclusion, and re-consent rules.

Vendors that answer all eight clearly are the short list. Everyone else is a compliance liability.

How Caller Digital handles RBI FPC

Caller Digital was built for Indian regulated lending from the first line of code. Our compliance architecture for collections specifically:

Time-window enforcement. 8am-7pm IST is hard-coded at the platform layer, not the campaign layer. Campaigns cannot override the window; only a compliance officer with audited credentials can grant a documented exception, and exceptions are logged and reported in the monthly compliance review.

Identity disclosure. Every script template begins with the lender's registered name, an explicit AI disclosure, the purpose, and the recording notice. The opening 30 seconds is locked — campaign managers cannot edit it without compliance sign-off.

Tone discipline. Hindi, Hinglish, Tamil, Telugu, Marathi, Bengali, Kannada, Gujarati, and Punjabi scripts are reviewed by native-speaker compliance reviewers and run through a tone-classification model before any campaign goes live. We share the review log with the lender.

Reference call discipline. Reference contacts are stored separately from borrower contacts in the data model. References cannot be dialed for collection without an explicit consent flag captured at origination. The platform refuses the dial if the flag is absent.

Recording retention. 90-day minimum is the default. Configurable up to three years for unsecured and microfinance portfolios. Recordings are indexed by borrower, loan reference, campaign, script version, and disposition.

Grievance routing. Same-day callback SLA. Grievance language detection is built into every script. The borrower can also press a single key during the call to escalate.

Cross-sell separation. Collection and cross-sell campaigns are separate by default. The platform refuses to merge them.

Consent audit trail. Every call links to a specific consent record. Every opt-out propagates within 24 hours to every campaign across the lender's portfolio.

For a deeper view of how this fits into a full collections programme, see our voice AI for EMI payment reminders page, the BFSI industry overview, and the EMI collections ROI calculator. For the original product-marketing piece on NBFC collections, see voice AI collections for NBFCs, and the voice AI EMI collections playbook. For adjacent compliance regimes, see our writing on DPDP compliance for AI calling and TRAI DND compliance. For a vendor-comparison view, see best voice AI for NBFCs and AI voice agents for BFSI lead qualification. Or start at the top: AI Caller for India.

Conclusion: the compliance moat as a competitive advantage

The instinct on the lender side is to treat FPC compliance as a cost — a tax on collections productivity, a drag on campaign velocity, a thicket of legal review. That framing is wrong.

NBFCs and banks that get FPC compliance right with AI become harder to displace, not easier. The reason is that their entire collection operation becomes auditable in a way human-led ops never will be. Every call recorded. Every consent linked. Every script versioned. Every grievance routed. Every opt-out propagated. When the RBI's supervisory team asks for evidence — and they are asking, more often, more pointedly — the lender that can produce it in fifteen minutes wins. The lender that cannot enters the next quarter on a watchlist.

Beyond the regulator, the borrower experience compounds. A collections programme that respects calling hours, discloses identity cleanly, never pressures references, routes grievances quickly, and confirms every payment promise in writing is a programme that retains borrowers across cycles. Net Promoter Scores in collections — historically negative — turn neutral and even positive for lenders that run this discipline.

The compliance moat is therefore a competitive moat. AI compliance done right is not a defence. It is a compounding advantage. And in a market where every NBFC's recovery vendor relationship is now under quarterly review, the lenders that built that advantage in 2026 will be the ones that have it in 2028 when the supervisory bar goes up again.

That's the actual buying criterion. Pick accordingly.

RBI Fair Practices Code for AI Collection Calls: The 2026 Definitive Guide for NBFCs and Banks