An NBFC was disbursing personal loans on a 22-day turn-around — competitive death in a sector where neo-banks promise same-day. We delivered an LOS (loan origination system) with KYC, bureau, and underwriting automation that compressed TAT to under 24 hours for 78% of applications.
The NBFC had 80,000 customers, Rs 1,200 Cr book, and a 22-day average disbursal time on a stack stitched from two legacy LOS vendors and Excel. Every fintech competitor was promising same-day approval. The board mandated <24-hour TAT or shut down the personal-loan vertical. We had nine months.
We rebuilt the LOS from the ground up: a borrower-first app, a configurable rules engine, orchestrated KYC + bureau integrations, and an immutable audit layer. The platform supports nine product policies (personal, SME, gold, two-wheeler, etc.) without a code change.
Apply-in-minutes flow: phone OTP, PAN + Aadhaar OTP-based KYC, occupation + income capture, bank statement upload (or AA-fetch), bureau consent, offer screen, e-mandate, e-NACH or e-sign, disbursal notification.
DSA / branch-agent flow: walk-in customers, lead capture, application initiation on borrower's behalf, document scanning, video-KYC initiation, status tracking, commission view.
Application work-queue, full applicant view (KYC docs, bureau report, AA data, statement parser output), policy override flow with reason capture, four-eyes-check workflow, decision audit trail, ops dashboard.
Policy = JSON (with a no-code editor for risk team). Each new product is a JSON definition. Auto-decision > X score, manual review between X-Y, auto-decline < Y. Override capture is mandatory and logged.
Java Spring Boot for the core LOS, Postgres for transactional data (point-in-time recovery enabled), Kafka for event-driven KYC + bureau orchestration, immutable audit table with cryptographic chaining, AWS Mumbai with BCP region.
We picked the stack for fit, performance under realistic load, and operational simplicity. Here is the breakdown:
Java Spring for the LOS core: not glamorous, deeply boring, exactly right. Banking integrations come with Java SDKs by default, transactional integrity is first-class, the talent pool is wide. We picked the unsexy choice and shipped on time.
Kafka for KYC + bureau orchestration: KYC has 6+ async steps (OTP, PAN, Aadhaar, video, DigiLocker, bank statement) any of which can fail and need retry. Kafka with consumer groups handled this cleanly; we'd have built a worse Kafka in 8 months otherwise.
Immutable audit table with hash chaining: each row stores hash(prev_row_hash + this_row_data). Tamper detection is provable. RBI auditors loved it; the audit got cleared in one pass.
Account Aggregator (AA) integration.
India's Account Aggregator framework is the single most important piece of plumbing in modern lending — and the most under-documented. Pull a borrower's last 6 months of bank statements directly via AA in 90 seconds, eliminate fraudulent uploaded PDFs, get a 30% lift in approval accuracy.
We integrated with two AAs (Sahamati network — OneMoney + CAMSFinserv) for fall-back redundancy. The orchestration layer normalises the FIP-by-FIP differences in response shape, retries on failure, and maps to our internal statement schema.
AA-pulled statements are now used in 84% of approvals. Approval-decision time on AA-flow applications is 4 minutes vs 18 hours on uploaded-PDF flow. This single integration is what made same-day disbursal mathematically possible.
We launched the personal-loan product first — single product, single channel (own borrower app), three branches as fall-back. 90 days of double-running with the legacy system before we cut over. Discrepancies caught: 14, all minor, all traced to legacy data quality.
Multi-product expansion was a configuration exercise. Adding gold loan: 6 weeks (UI tweaks + asset-valuation flow). Two-wheeler loan: 4 weeks. The rules engine paid for itself by product three.
“ITD treated this like a banking platform, not a website. Audit trail, four-eyes flows, AA integration — they got the boring stuff right. The user-facing stuff was the easy half.”
Chief Technology Officer
NBFC · Mumbai · Rs 1,200 Cr book
Bring the risk team into the rules-engine design from week one, not week ten. We built the engine, then asked the risk team if it modelled their policies. They said 'almost' — which cost us a month of refactoring. Co-design or refactor; pick one.
Lending platforms live or die on compliance, integrations, and turn-around time. We've shipped LOS platforms processing thousands of crore in disbursal. Talk to engineers who have built it.
Get a Free Consultation
