The first sign that something is off rarely comes from a regulator.
It usually arrives as a success story.
A monthly business review.
A deck from the analytics team.
A slide titled, in neutral language:
“Optimised Treatment Strategy – Results After 90 Days”.
The analyst walks the room through the highlights:
· Early buckets cure up 18% in the optimised segment.
· Limits and pricing tuned by a new risk model have improved ROA by 40–60 bps.
· A revised cross-sell engine is delivering 2.5x uplift on a small pilot base.
People are happy.
Someone from business says:
“This is exactly why we invested in advanced analytics.
We’re finally using bureau and internal data properly.”
Then a quieter slide appears.
A segmentation table with three bands:
· Tier A – Strategic
· Tier B – Maintain
· Tier C – Limited Potential
Under Tier C, the bullets read:
· “Lower expected lifetime value”
· “Higher predicted stress in slowdown scenario”
· “Low response probability to positive offers”
Suggested treatment:
“Maintain contractual terms.
Minimal proactive offers.
No discretionary upgrades.
Monitor for early exit or rising stress.”
Most people skim it.
The Chief Risk Officer doesn’t.
They ask a simple question:
“For Tier C, are we talking about customers who are already in trouble, or people who have never missed a payment?”
The analyst answers honestly:
“Behaviour today is clean.
They’re just not attractive from a value and risk perspective over the next three years.”
There is a small pause.
On the same slide, a footnote says:
“All usage within existing consent and data-privacy policy.
No change to contractual rights.”
The meeting moves on.
Nobody quite says what that pause is about:
“At what point does ‘better analytics’ become us quietly deciding who deserves a better financial life, even when they’ve done nothing wrong?”
You don’t meet that question in the model approval note.
You meet it a year later, when:
· A regulator asks why certain districts almost never see rate drops despite strong repayment performance.
· A Board member forwards an email from an old-time customer: “Why did my neighbour get a cheaper top-up and I didn’t, when my history is cleaner?”
· An internal whistleblower hints that a project “effectively blacklists low-income segments from upgrades”, even though no document uses that word.
By then, you’re no longer discussing uplift and Gini.
You’re explaining what you chose to do with power.
If you strip away the careful phrasing, the working belief in many lenders sounds like this:
“We work within RBI rules.
We pull bureau data with consent.
Our models go through governance.
As long as we stay inside the law and documented policy, using more data is not an ethical problem – it’s simply smarter risk management.”
You hear versions of it in different rooms:
· Product and business
“If we can see which customers are more likely to churn or default, why wouldn’t we treat them differently? That’s the point of analytics.”
· Marketing and growth
“We’re not denying anyone their legal rights. We’re choosing where to invest better offers and fee waivers.”
· Legal and compliance in a use-case note
“Purpose is risk management and legitimate business interest. No deviation from consent or permissible use.”
Underneath sits one assumption:
· Ethics is handled upstream – by law, consent flows, and high-level policy.
· Once those gates are cleared, analytics teams are free to explore the full optimisation space.
In a simple, low-information market that might be enough.
In India’s credit system, it isn’t.
Here, you already have:
· Dense bureau histories that follow borrowers across institutions.
· Internal data that sees cashflows, device patterns, geography, and behaviour.
· Customers – especially thin-file and lower-income segments – who don’t fully understand how scores and risk labels shape their future.
On top of that, advanced analytics no longer just decide yes/no.
They increasingly decide:
· Who gets a second chance.
· Who ever sees a better rate or higher line.
· Who is left with only the bare contractual minimum.
At that point, “Is it legal?” becomes too small a question.
Overreach almost never starts with bad intent.
It starts with clean business goals:
· Reduce losses.
· Improve returns.
· Target offers better.
Then it drifts.
Most large lenders have some version of a customer value score:
· Profitability.
· Expected lifetime value.
· Cross-sell potential.
· Cost to serve.
Increasingly, those scores include:
· Bureau-based measures of leverage and stability.
· Internal behaviour signals.
· Sometimes soft proxies for affluence and digital savviness.
Treatment frameworks follow:
· Gold / Platinum / Prime → faster service, better pricing, proactive upgrades.
· Standard → base experience, occasional offers.
· Low priority → minimal outreach, slow manual reviews, no discretionary gestures.
In one NBFC, the “strategic value” note attached to the model file said:
“Tier 3 customers will continue to receive contractual service.
However, they should not be prioritised for upgrades, fee waivers or enhanced relationship effort.”
When someone finally overlaid this “strategy” on real people, they found:
· Tier 3 had a higher share of semi-urban PIN codes and certain occupation codes.
· Their arrears and roll-rate behaviour was not materially worse than Tier 2.
· They simply looked less profitable and less cross-sellable on a three-year horizon.
The effect:
· For a whole slice of customers – teachers, small traders, lower-income salaried in smaller towns – the system had quietly decided:
“You may pay on time for years, but you will not see the same generosity or opportunity as others.”
No one wrote that sentence.
But it’s what the combination of rules delivered.
From inside, it still sounded reasonable:
“We are not worsening terms.
We’re just not stretching for customers who don’t move the needle.”
From the outside, it looks like a two-tier world.
On paper, policies say:
· “Bureau data is used for credit decisioning, portfolio monitoring and risk management.”
In practice, once the data sits in internal marts, boundaries soften:
· A stress-detection model built to flag early risk ends up feeding into a cross-sell engine: customers with “high resilience” get more unsecured offers; others simply never see them.
· A hardship-eligibility score influences not just who is offered relief, but who gets a softer collections path – and who receives legal language earlier.
· Combined bureau + internal views are used to build look-alike audiences for acquisition campaigns, effectively using past credit-behaviour patterns to shape who is even invited into the funnel.
Each step is defensible in isolation:
· The purpose is still “portfolio management”.
· Nobody is selling data outside permissible channels.
· Legal sign-off exists for the original project.
But in practice:
· The same underlying credit data starts to influence marketing intensity, upgrade paths and tone of voice, not just base risk decisions.
· There is rarely a fresh discussion each time on whether that particular use still fits what a borrower thought they were consenting to.
What was originally framed as:
“We will use your credit information to decide whether and how to lend to you,”
quietly becomes:
“We will use it to decide whether you are worth effort, relief, opportunities and attention – even when your behaviour is clean.”
Modern analytics can carve the portfolio into very fine segments:
· By district and micro-market, not just state.
· By relationship type (single-product vs multi-product, co-borrowers, guarantor roles).
· By combinations of bureau attributes, transaction behaviour and device usage.
Treatment strategies follow:
· Collections journeys that differ sharply by segment – early settlement offers here, legal referencing there.
· “High potential” lists that get special retention and upgrade effort.
· “Low potential” lists that are managed strictly by rule.
The issue is not the segmentation itself.
It’s that:
· Customers cannot see or contest the labels that shape their path.
· Two borrowers with identical repayment history and basic profile can receive very different opportunity sets because they diverge on a handful of opaque features.
In one bank, a collections experiment assigned borrowers to:
· Path 1 – Flexible: more time, softer scripts, hardship options.
· Path 2 – Firm: faster escalation language, fewer waivers.
The model used:
· Repayment history across products.
· Bureau-level leverage and recent enquiries.
· A proxy for “likelihood to contest or escalate”, based on past complaint behaviour and communication patterns.
Experiment results looked strong:
· Better overall resolution.
· Lower cost per cure.
When someone later put the model description in front of a broader forum, the question changed:
“Are we comfortable that a customer’s ability or willingness to push back is part of how hard we lean on them?”
The documentation had focused on performance metrics.
The ethical question arrived late.
If these patterns are real, why aren’t they caught early?
Because the way analytics is wired into organisations hides the ethical dimension in three places.
Model documents and segmentation decks behave like technical artefacts:
· They go through validation, back-testing and monitoring.
· They are filed in model inventories and referenced in risk-committee packs.
· Checklists focus on data sources, methodology, stability, performance.
Very few governance templates ask:
· “Who consistently benefits from this model, and who consistently loses, even when they behave well?”
· “Would we be comfortable explaining this treatment logic to a borrower in plain language?”
So ethics is not absent.
It is simply not part of the formal lens.
The only time the pattern becomes visible is when:
· A complaint escalates with enough detail.
· A regulatory review looks at outcomes by geography or segment.
· A senior leader connects a personal story with a model they once approved.
By then, overreach has already been baked into live systems.
Analytics teams are measured on:
· Uplift vs control.
· Delinquency reduction.
· Return on capital.
· Response and conversion.
Standard dashboards show:
· Cures by journey.
· Loss performance by treatment arm.
· Uplift curves by segment.
What they almost never show:
· The distribution of beneficial decisions (rate drops, line increases, hardship approvals) by basic socio-economic proxies – district, ticket size bands, vintage, occupation code.
· The number of customers who, over a multi-year period, never saw a positive discretionary move despite spotless behaviour.
· Any view of who is repeatedly excluded from better paths.
So the story that travels upward is clean:
“The new segmentation works. Losses are lower. Response is higher.”
The missing line is:
“It also means that these specific pockets almost never get a better deal, and we have no plan to revisit that.”
Most governance forums are designed to catch:
· Use of prohibited attributes.
· Clear circular violations.
· Explicit misuse of consent.
They are not designed to ask:
· “What happens if we run this for five years?”
· “Do we want a world where these borrowers always remain second-class?”
So the default test becomes:
“Is there any legal, regulatory or policy reason we cannot do this?”
If the answer is no, and the uplift is clear, most committees feel they have done their job.
Ethical drift accumulates under the threshold of rule-breaking.
The institutions that handle this better don’t abandon modelling.
They make a few grounded moves.
Instead of treating ethics as a vague principle, they ask teams to write one sentence per use-case:
“What are we not willing to do, even if the numbers look good?”
Examples we’ve seen:
· For hardship models:
“We will not use any attribute that estimates a customer’s ability to create pressure (education, complaints history, social media reach) in deciding hardship support.”
· For strategic-value scores:
“We accept that low-profit segments get fewer proactive offers.
We do not accept that long-standing, clean segments are permanently excluded from upgrades or fee reductions.”
· For collections journeys:
“No customer with clean pre-COVID history and genuine pandemic-era stress will be placed on the hardest path solely due to current leverage indicators.”
These are not perfect.
They do two things:
· Make assumptions visible.
· Give committees something concrete to challenge.
You can’t hide “we deprioritise low-value segments” behind a neutral chart once you’ve written down what that means in human terms.
Rather than generic bias tests, they run simple, uncomfortable cuts.
For a given period (say, the last 12 or 24 months), they ask:
· Among customers eligible on paper for upgrades or rate drops, who actually got them, by:
– district buckets (metro / non-metro / specific states),
– ticket size bands,
– occupation codes,
– simple income ranges where available.
· Among customers who requested some form of relief and had decent pre-stress behaviour, which groups saw acceptance vs rejection rates that are hard to justify?
The intent is not to produce something for external publication.
It’s for internal honesty.
In one bank, a very basic table showed:
· Customers from certain state clusters made up ~20% of the clean unsecured book but ~3% of proactive line-increases.
· Customers in smaller ticket-size bands had near-zero incidence of rate reductions, even when their delinquency profiles were better than higher-ticket peers.
These were not the result of any explicit rule.
They were the side-effects of multiple models and strategies stacked together.
Once that table existed, it changed how people spoke about “value-based treatment”.
In most places, the unspoken rule is:
· If Legal and Compliance sign off on purpose and consent, and Risk sees strong numbers, the project will proceed.
More conservative teams adjust this.
They agree that a small number of cases will be blocked or altered with a different justification:
“This is legal. The numbers are good.
We are still not comfortable living with this at scale.”
You don’t need to use that option often to change culture.
The effect is that:
· Teams start pre-filtering ideas that would pass strictly legal tests, but are awkward to defend in plain language.
· Discussions around models move from “can we?” to “are we okay owning this outcome five years from now?”
It’s tempting to keep the story where it is:
“We have consent.
We follow RBI guidance.
Our models are approved.
Analytics is about efficiency; ethics is baked into the rules.”
If you stay there, the line between analytics and overreach will continue to be drawn:
· Late – by complaints, media stories, or regulators.
· Case by case – around specific incidents.
· Mostly by people outside your institution.
If you accept a harder view:
· That in India’s credit ecosystem, analytics now helps decide who climbs and who stays where they are, even among clean payers;
· That many of those decisions are encoded in segments and scores that borrowers cannot see or challenge;
· And that “permissible and profitable” is not the same as “something you’re willing to read aloud as a story about real people”,
then the core question changes.
It stops being:
“Are we allowed to use this data in this way?”
and becomes:
“If we run this model and treatment logic for five years,
and then sit in a room with borrowers who did everything right but never saw better terms,
are we prepared to say:
‘Yes – this is the system we deliberately chose to build’?”
If the honest answer is “not quite”,
the work is not to switch analytics off.
It’s to draw the lines yourself
before someone else draws them for you.
27 Mar 2026
24 Dec 2025
26 Dec 2025