Overview

Standard B11 of the CBI’s Standards Booklet imposes a mandatory obligation on every digital bank to participate in Iraq’s credit registry system. This obligation has two dimensions: the bank must report its credit exposures to the registry, and it must query the registry before extending credit to customers. Both obligations arise from Assessment Cycle 1 and reflect the CBI’s commitment  grounded in both Iraqi banking legislation and international supervisory principles to the responsible use of credit information in the lending process.

This article examines the legal scope of the credit registry obligation, the specific requirements imposed by Standard B11 and Iraqi banking legislation, the bank’s data quality obligations, and the interaction of credit registry participation with the bank’s credit risk management framework.

1. Legal Basis

The credit registry obligation arises from two legal sources. First, Iraqi banking legislation imposes obligations on all licensed banks to participate in credit information systems operated or designated by the CBI. Second, the digital bank framework’s Standard B11 reinforces and supplements these obligations with specific requirements calibrated to the digital bank model.

The CBI operates or designates credit information services including the I-Score credit bureau through which lenders can access a borrower’s credit history across all regulated institutions. Participation in this system is not optional for licensed banks. The bank’s legal obligation extends both to querying the system before lending and to reporting its own exposures to the system so that other lenders can access accurate information.

2. Pre-Lending Inquiry Obligations

Before extending any credit facility to a customer, the digital bank is legally required to query the credit registry and to obtain a credit report on the prospective borrower. This obligation applies regardless of the size or maturity of the credit product being offered.

The legal significance of the pre-lending inquiry obligation is threefold:

• Risk management: the credit report informs the bank’s credit decision and pricing. A borrower with a poor credit history including defaults, restructured facilities, or multiple simultaneous credit exposures presents a materially higher credit risk. The bank’s credit policy must specify how credit history information is used in lending decisions.
• Responsible lending: the pre-lending inquiry obligation gives effect to the responsible lending principle embedded in Iraqi banking legislation, which requires banks to assess a borrower’s ability to repay before extending credit. A bank that extends credit without querying the registry cannot demonstrate compliance with this principle.
• Regulatory defence: in the event of a credit loss, a bank that failed to query the registry before extending the relevant facility may face supervisory action for breach of the lending standard. Evidence of registry queries maintained as part of the credit file is a key element of demonstrating compliance.

All pre-lending queries must be documented in the customer’s credit file. The query result the credit report must be retained for the duration of the credit facility and for a defined period thereafter in accordance with data retention requirements.

3. Credit Data Reporting Obligations

In addition to querying the registry, every digital bank must report its credit exposures to the registry on the schedule and in the format prescribed by the CBI. The reporting obligation covers:

• New credit facilities: every new credit facility extended by the bank must be reported to the registry within the timeframe prescribed by the CBI’s instructions. Late reporting is a breach of the credit registry obligations.
• Repayment performance: the bank must report on the repayment performance of each borrower including on-time payments, late payments, defaults, and partial payments. This reporting creates the credit history record that other lenders can access when the borrower seeks credit elsewhere.
• Facility changes: any material change to a credit facility including restructuring, extension of maturity, change of security, or write-off must be reported to the registry promptly.
• Closure of facilities: when a credit facility is repaid and closed, the bank must report the closure and the final repayment status to the registry. The registry record must accurately reflect the facility’s full lifecycle.

Data accuracy is a legal obligation not merely a best practice. The bank is responsible for the accuracy of the data it reports to the registry. Inaccurate reporting whether through system failures, manual error, or intentional misreporting is a breach of both the credit registry obligations and the bank’s general obligation to maintain accurate records.

4. Interaction with the Credit Risk Framework

The credit registry obligations are directly embedded in the digital bank’s credit risk management framework. The bank’s credit policy must specify how registry information is used in credit decisions, how registry query results are documented, and how the bank manages any discrepancy between the registry data and information provided by the borrower.

During the pilot phase, where credit products are limited to small-value, short-term facilities subject to CBI case-by-case approval, the credit registry obligation applies in full from the first day the bank offers any credit product. The small value of permitted pilot phase credit facilities does not exempt them from the pre-lending query and reporting requirements.

5. International Standard Alignment

The credit registry obligations reflect the internationally recognized importance of credit information systems in the sound management of bank credit risk. The World Bank’s General Principles for Credit Reporting Systems which represent the international benchmark for credit bureau governance require that credit reporting systems operate with comprehensive coverage, accurate data, fair access, and robust data protection. The CBI’s requirements are consistent with these principles.

From a Basel perspective, the effective use of credit information including external credit assessments from recognized registries is a recognized component of the Internal Ratings-Based approach to credit risk measurement under the Basel Capital Framework. While Iraq’s digital banks will not initially apply advanced Basel approaches, the use of credit registry data as part of the credit assessment process aligns the bank with international credit risk management principles from day one.