Liability Framework for Credit Rating Agencies in India’s IFSC

The establishment of India’s International Financial Services Centre (“IFSC”) in GIFT City marks a pivotal step in integrating the nation with global financial markets. Central to this ecosystem are Credit Rating Agencies (“CRAs”), whose assessments underpin market confidence and influence investor decision-making. The International Financial Services Centers Authority (“IFSCA”) has been tasked with developing a regulatory environment that attracts global capital while maintaining the integrity of financial markets. In this context, understanding the liability landscape faced by CRAs operating in the IFSC is crucial.

The liability framework for CRAs in India’s IFSC is multifaceted. It encompasses direct regulatory obligations, civil liabilities, and personal liability risks for key management personnel. The recent consolidation of CRA related regulations into a single IFSC’s Master Circular of August 2025 (“Master Circular”)[1] further clarifies these obligations while also raising the bar for accountability. Global CRAs, particularly those operating through branch-office models, face distinct challenges as, the decentralized nature of their global operations can conflict with India’s centralized approach to personal liability, and statutory duties codified under the IFSC framework may override traditional contractual risk-mitigation strategies.

A CRA’s primary liability exposure arises from regulatory monitoring by the IFSCA. Section 13 of the IFSCA Act, 2019[2], grants the authority (IFSCA) powers akin to those of the Indian financial regulators (such as Securities Exchange Board of India and Reserve Bank of India), creating a robust enforcement mechanism. Regulation 41 of the IFSCA (Capital Market Intermediaries) Regulations, 2025 (“CMI Regulations”)[3] provide the foundational rules for CRAs, allowing the IFSCA to suspend or cancel a CRA’s registration for non-compliance with registration conditions, furnishing false information, or failing to cooperate with investigations. The Master Circular operationalizes these rules, detailing requirements for rating processes, governance, disclosures, and internal audits, such that any deviation constitutes a regulatory breach.

CRAs are also required to comply with the Prevention of Money Laundering Act, 2002 (“PML Act”)[4] and the IFSCA (Anti Money Laundering, Counter Terrorist Financing, and Know Your Customer) Guidelines, 2022[5]. Non-compliance can result in monetary penalties for the entity and its directors, and even imprisonment for providing false information or obstructing authorities. The IFSC framework further extends India’s insider-trading principles, exposing CRAs to penalties equivalent to those under Section 15G of the SEBI Act, 1992 (“SEBI Act”)[6], in cases of insider trading on IFSC listed securities. This creates the potential for dual jurisdiction issues when rating actions concern issuers with securities listed both within and outside the IFSC.

A defining feature of Indian financial regulation is the personal accountability of senior management, known as the ‘officer in default’. Both Section 70 of the PML Act and Section 27 of the SEBI Act, whose principles are extended to the IFSC, stipulate that any person in charge of, and responsible for, the conduct of the business at the time of a contravention is also deemed guilty. For global CRAs, this creates uncertainty when key rating decisions are made outside India. The designation of the ‘reporting head’ in the IFSC may not align with actual decision-making authority, requiring careful internal governance and documentation to avoid local staff being held liable for foreign-based decisions.

Beyond regulatory exposure, CRAs also face civil liability arising from contract and tort law. The CMI Regulations mandate that CRAs enter into written agreements with clients, often including ‘Limitation-of-Liability’ clauses. While enforceable under the Indian Contract Act, 1872[1], these clauses are not absolute. The codification of a high statutory duty of care in the Master Circular, requiring due diligence, investor protection, and disclosure of quantitative rating sensitivities, means that courts could set aside contractual limitations in cases of gross negligence or reckless disregard for statutory duties.

The potential for collective redress further amplifies liability risks. Indian law allows for class action suits under Section 245 of the Companies Act, 2013[2], and the Civil Procedure Code, 1908[3], enabling shareholders and depositors to bring claims against “experts or advisors” for incorrect or misleading statements.¹¹ Enhanced disclosure obligations in the Master Circular could provide plaintiffs with compelling evidence, such as failure to act on quantitative rating triggers, forming the basis for class actions. Additionally, choice of law clauses specifying foreign jurisdiction may not protect CRAs if courts determine that public policy favors adjudication in India for breaches of statutory duties.

In conclusion, the liability framework for CRAs in the IFSC imposes a high standard of accountability. Global CRAs must navigate complex regulatory obligations, personal liability risks, and civil claims while ensuring that statutory duties take precedence over contractual protections. Effective compliance, clear internal governance, and robust documentation are critical to operating successfully in this evolving financial hub, where accountability is paramount.