Customer Due Diligence (CDD)

By

 Customer Due Diligence : Rule 9 of PMLR 2005


Rule 9(1)(a) at the time of commencement of an account-based relationship

(i)  Identify its clients, verify their identity, obtain information on the purpose and intended nature of the business relationship; and

(ii) Determine whether a client is acting on behalf of a beneficial owner, and the identify the beneficial owner and take all steps to verify the identity of the beneficial owner

Amendments to PML (Maintenance of Records) Rules 2005

Through an amendment in 2015 in the Finance Act, the PMLA was amended and the definition of “proceeds of crime” was widened to include property taken or held outside the country as a result of criminal activity relating to a “scheduled offence”. In case of offences specified under Part B of the Act, value involved in such offence was increased from Rs.30 Lakhs to Rs.1 Crore. Amendments were made in sections 5, 8, 20, 21 & 60 of the Act. In the Schedule to the Act after Part A, Part B was added which includes Section 132 – false declaration, false documents etc. of the Customs Act, 1962. The PML Rules were amended in July, 2015 and September, 2015 to provide for a Central KYC Records Registry and empower Director-FIU to issue guidelines in consultation with Regulator

The PML (Maintenance of Records) Rules, 2005 have also been amended in July, 2015 following amendment of the PMLA in April, 2015, to give effect to changes made in PMLA and the revised recommendations of FATF. The salient features of the amendments are given below:

·         A provision of Central Know Your Customer (CKYC) Records Registry has been provided which shall be an agency owned and controlled by the Federal Government and a repository of all customers of all the reporting entities. This provision makes KYC provision easy and forgery of KYC documents difficult. Functions and obligations of CKYC Records Registry were also specified.

·         Definition of non profit organisation was clarified.

·         Officially valid documents have been specified.

·         Maintenance of physical copy of records of identity of client by reporting entity, that have been obtained in accordance with the provision of client due diligence, after filing electronic copy with CKYC Records Registry.

These records have to be maintained in the manner specified by the Regulator.[source: FIU-Ind annual report 2015-16]


Central KYC Records Registry Rule 9(1)(b)                                                                       

1A: Every reporting entity shall within 10 days [immediately, wef 17/10/2023] after the commencement of account-based relationship with a client, file the electronic copy of the client’s KYC records with Central KYC Records Registry.

1B: The Central KYC Records Registry shall process the KYC records received from a reporting entity for de-duplicating and issue a KYC Identifier for each client to the reporting entity, which shall communicate the KYC Identifier in writing to their client.

1C: Where a client, for the purposes of clause (a) and clause (b), submits a KYC Identifier to a reporting entity, then such reporting entity shall retrieve the KYC records online from the Central KYC Records Registry by using the KYC Identifier and shall not require a client to submit the same KYC records or information or any other additional identification documents or details (except in some given circumstances).

1D: A reporting entity after obtaining additional or updated information from a client under sub-rule (1C), shall as soon as possible furnish the updated information to the Central KYC Records Registry which shall update the existing KYC records of the client and the Central KYC Records Registry shall thereafter inform electronically all reporting entities who have dealt with the concerned client regarding updation of KYC record of the said client.

1E: The reporting entity which performed the last KYC verification or sent updated information in respect of a client shall be responsible for verifying the authenticity of the identity or address of the client.

1F: A reporting entity shall not use the KYC records of a client obtained from the Central KYC Records Registry for purposes other than verifying the identity or address of the client and shall not transfer KYC records or any information contained therein to any third party unless authorised to do so by the client or by the Regulator or by the Director.

1G: The regulator shall issue guidelines to ensure that the Central KYC records are accessible to the reporting entities in real time.

 One of the most important aspects of anti-money laundering measures with respect to financial transactions is client due diligence or customer due diligence. Client is the main cornerstone of any financial transaction. Every financial transaction revolves around a client. Hence the anti-money laundering measures with regard to a financial transaction will revolve only around a client. As mentioned earlier, client is a person who is engaged in a financial transaction or activity with a reporting entity and includes a person on whose behalf the person who engaged in the transaction or activity, is acting. “Transaction” means a purchase, sale, loan, pledge, gift, transfer, delivery or the arrangement thereof and includes –


(i)                 Opening of an account;

(ii)               Deposits, withdrawal, exchange or transfer of funds in whatever currency, whether in cash or by cheque, payment order or other instruments or by electronic or other non-physical means;

(iii)             The use of a safety deposit box or any other form of safe deposit;

(iv)             Entering into any fiduciary relationship;

(v)               Any payment made or received in whole or in part of any contractual or other legal obligation;

(vi)             Any payment made in respect of playing games of chance for cash or kind including such activities associated with casino; and

(vii)            Establishing or creating a legal person or legal arrangement.





 It is mandatory for every reporting entity, at the time of opening an account or executing any transaction with it, to verify the record of identity and current address or addresses including permanent address or addresses of the client, the nature of business of the client and his financial status. If it is not possible to verify the identity of the client at the time of opening an account or executing any transaction, the reporting entity should verify the identity of the client within a reasonable time after the account has been opened or the transaction has been executed. Every reporting entity should exercise ongoing due diligence with respect to the business relationship with every client and closely examine the transactions in order to ensure that they are consistent with their knowledge of the customer, his business and risk profile



Customer Due Diligence : PMLA 2002

Following the risk based approach the RE has to conduct the customer due diligence.

Section 11A – Verification of Identity by Reporting Entity



       ·         Authentication under the Aadhaar (offline/online)/Passport

 ·         Verify the identity of its Clients and the Beneficial Owner


The amended norms broaden the scope of the definition by incorporating the phrase “using reliable and independent sources of identification”. As a result, the term “client due diligence” now covers due diligence carried out on a client as defined in section 2(1)(ha) of the Act by using reliable and independent sources of identification as per G.S.R 745(E), dated October 17, 2023, notified the Prevention of Money-laundering (Maintenance of Records) Third Amendment Rules, 2023 which came into force w e f 17 Oct 2023.

CDD done by third parties

As per G.S.R 745(E), dated October 17, 2023, notified the Prevention of Money-laundering (Maintenance of Records) Third Amendment Rules, 2023 require reporting entities to immediately obtain client due diligence records or information from a third party or from the Central KYC Records Registry.


Section 12AA – Enhanced Due Diligence


Every Reporting Entity to do following before commencement of each specified transaction:

 

·         Verification of identity of the clients by authentication under the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 (18 of 2016)

·         Tal‹e additional steps to examine the ownership and financial position, including sources of funds of the client

·         Take additional steps to record the purpose behind conducting the specified transaction and the intended nature of the relationship between the transaction parties

·         Where the clients fails to fulfil the above conditions, the reporting entity to not allow the specified transaction to be carried out

·         Reporting entity to increase the monitoring of the business relationship with the client and to make the greater scrutiny of transactions if these are considered suspicious or likely to involve proceeds of crime

·         Above-said information to be maintained for a period of five years from the date of transaction between a client and the reporting entity


Occasional Transactions

As per G.S.R 745(E), dated October 17, 2023, notified the Prevention of Money-laundering (Maintenance of Records) Third Amendment Rules, 2023, every reporting entity must, at the time of commencement of an account-based relationship or while carrying out occasional transactions of an amount equal to or exceeding Rs 50,000, undertake several key obligations. These obligations include identifying clients, verifying their identity using reliable and independent sources of identification and obtaining information on the purpose and intended nature of business relationship.

Further, the reporting entity is required to determine whether a client is acting on behalf of a beneficial owner, identify the beneficial owner and undertake all necessary steps to verify the identity of the beneficial owner using reliable and independent sources of identification.

Also, the reporting entity is required to take all reasonable steps to understand the nature of the customer’s business, and its ownership and control.


The Union Budget 2023-24, to bring ease of doing business in the country, also allowed the Permanent Account Number (PAN) as the common business identifier for all digital systems of specified government agencies. This will be similar to the role Aadhaar plays as a common identifier for individuals. The advantage of having PAN as the common business identifier results in doing away with repeated document submission or difficulties in accessing data across regulatory and other databases across various submissions and other compliance requirements. In fact, the RBI Report of the Expert Committee on Micro, Small and Medium Enterprises, dated June 25, 2019, (the U.K. Sinha Committee Report) had recommended PAN to be recognized as a unique identifier for micro, small and medium enterprises, suggesting that the Central Board of Direct Taxes be recognized as the nodal institution for its implementation. 

Currently, businesses are required to obtain multiple identifiers, as required under different laws applicable, including the PAN, TAN, CIN, GST, professional tax, and labor registrations. These identifiers are required to be submitted to multiple government and private institutions to obtain business approvals. Considering that PAN already contains most of the business-related information of the business entity and accordingly will reduce duplicity of submission of information for obtaining government approvals and compliance burden. It is further expected that the development will help reduce the time taken to verify the information and grant approvals by government agencies by at least half. 


Happy Reading


Those who read this, also read:



Formerly Faculty for Finance & Associate Dean, IBS-Kochi MBA (Banking & Finance – CUSAT);CFA. Accredited Management Teacher from CME of AIMA, Delhi has been in Management Education from 1988. Exposure is in the field of Mutual Funds, Market Research, Project Report preparation & evaluation, Advertising & NGO Activities. This Chief Manager, UTI Asset Management Co Pvt. Ltd(1992-2003), Mumbai. Undergone training in Case Study method of teaching under Mr. Trevor Williams and Mr. Scott M Andrews conducted by the ECCH, UK . Published Books & Book Review, Series of academic articles and maintains a column on MFs under "Fund scan" in Business Manorama since January 2007,Contributes "Portfolio Doctor" column for 'Sampadyam' a wealth mgt publication in Malayalam from manorama group since February 2007, Listed her case studies at asiacase.com.Presented papers in national & international conferences on Mutual Funds. Faculty Member @ ASIET, Kalady from 2010 to June 2019. Dean @ SNGIST, N Paravur, Ernakulam from Sep 2019 -Jan 2021, I continue my efforts to spread the knowledge in area of Finance and contribute to Management Education

Comments

Post a Comment

Popular posts from this blog

National Risk Assessment (NRA): India

By
  India's National Risk Assessment (NRA) is  an ongoing exercise to identify sectors that are vulnerable to money laundering and terrorist financing (ML/TF) .  The NRA is based on recommendations from the Financial Action Task Force (FATF) and helps inform policy-making, resource allocation, and the implementation of effective AML/CFT measures. The NRA also ensures that national strategies address both domestic and international threats. The NRA provides a foundation for informed policy-making, resource allocation, and the implementation of effective AML/CFT measures . It ensures that national strategies are aligned with the specific risk landscape of the country and that they address both domestic and international threats. The subject matter of NRA  was discussed in the Anti-Money Laundering Steering Committee (AMLSC) set up with the approval of Finance Minister, and it was decided to conduct the NRA following the World Bank methodology. The Methodology requi...
Read more

Customer Due Diligence(CDD) : Individuals

By
Image
This post is based on RBI Master Circular dated Feb 25, 2016 updated on Jan 04, 2024  Part I - Customer Due Diligence (CDD) Procedure in case of Individuals For undertaking CDD, REs shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity: (a)     the Aadhaar number where,   (i) He is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or (ii) He decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub-section (1) of section 11A of the PML Act; or (aa) the proof of possession of Aadhaar number where offline verification can be carried out; or (ab) the proof of possession of Aa...
Read more

Periodic Updation of Customer Risk Profile

By
1. Preparation of Customer Profile from KYC Data In the initial years of KYC, RBI has been following a handholding approach as can be seen from their circular dated July 2009 and that of Feb 25, 2016 as updated on Jan 04, 2024. RBI requires REs to conduct risk profiling and risk categorization and periodic updation.  Extracts from RBI MD dated July 01, 2009 under Customer Acceptance Policy a)ii) Parameters of risk perception are clearly defined in terms of the nature of business activity , location of customer  and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher; b). Banks should prepare a profile for each new customer based on risk categorisatio...
Read more