Know Your Customer (KYC) - India Perspective

By

 Introduction

KYC means Know Your Customer and sometimes Know Your Client. KYC or KYC check is the mandatory process of identifying and verifying the client's identity when opening an account based or other relationship with a potential client and periodically over time as the relationship progress. In other words, banks/financial institutions must ensure that their clients are genuinely who they claim to be.

The Reserve Bank of India has made it mandatory for banks, financial institutions and other organisations to verify the identity and address of all customers carrying out financial transactions.

KYC enables an institution to authenticate the identity and address of an individual. A customer has to submit his KYC before he starts investing in various instruments such as mutual funds, fixed deposits, bank accounts, etc. However, an individual has to do it only while he starts investing for the first time.


Meaning of Authentication & Verification

 Authentication is the process of determining the identity of a person or an object. Verification, on the other hand, focuses on confirming that something is true.

 

Verification is more of a confirmation of what is already known. It is a process of confirming that something is true or valid. For example, when someone gives you their name, verifying it would mean checking to make sure that the person is who they say they are. This can be done by asking for proof such as an ID card or other documents


ID Verification

This type of verification confirms an identity through official documents such as a government-issued ID card. This is usually done to protect against identity theft, fraud and other malicious activities. Some examples of accepted IDs for verification are bank statements, credit/debit cards, driver’s licenses, passports and Social Security Numbers.

IDs like these contain official watermarks, holograms, or other security features that are used to authenticate a person’s identity.


Document Verification

This type of verification is used to check the legitimacy and accuracy of documents. This can be done by verifying signatures, dates, or other vital information on the document. Document verification is usually done when signing contracts or agreements.


Data Verification

This type of verification is used to ensure that the information provided is accurate and up-to-date. Data can be verified through checksums or other cryptographic methods such as signing digital documents with a private key. It is also known as Source Data Verification (SDV) in some fields, such as clinical trials.


Identity Verification


This type of verification involves knowing personal data, such as name, address, date of birth, etc. in order to confirm a person’s identity. This type of verification is commonly used for banking and financial services.


Authentication & Verification – Aadhar Act 2016


As per section 2(c) of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 (‘Aadhaar Act’) “authentication” means the process by which the Aadhaar number along with demographic information or biometric information of an individual is submitted to the Central Identities Data Repository for its verification and such Repository verifies the correctness, or the lack thereof, on the basis of information available with it;

Authentication is a process of authenticity of aadhaar information using the authentication facility provided by the UIDAI.

Further, Section 2(pa) defines offline verification as the process of verifying the identity of the Aadhaar number holder without authentication, through such offline modes as may be specified by regulations.

 Customer Due Diligence (CDD) and FATF

CDD consists of performing background checks, and screening potential and existing customers to ensure they're not involved in illegal activity. At a minimum, CDD checks include verifying a customer's name, address, date of birth and photo ID and screening them to ensure they're not on prohibited lists

FATF recommendation 10 requires that financial institutions should be prohibited from keeping anonymous accounts or accounts in obviously fictitious names. Financial institutions should be required to undertake customer due diligence (CDD) measures when:

(i) Establishing business relations

(ii) Carrying out occasional transactions: 

        

a)                  above the applicable designated threshold; or

b)                 that are wire transfers in the circumstances covered by the Interpretive Note to Recommendation 16


(iii) There is a suspicion of money laundering or terrorist financing

(iv) The financial institution has doubts about the veracity or adequacy of previously obtained customer identification data

The customer due diligence (CDD) measures to be taken are as follows:

a) Identifying the customer and verifying that customer’s identity using reliable, independent source documents, data or information.

b) Identifying the beneficial owner, and taking reasonable measures to verify the identity of the beneficial owner such that the financial institution is satisfied that it knows who the beneficial owner is. For legal persons and arrangements this should include financial institutions taking reasonable measures to understand the ownership and control structure of the customer.

c) Obtaining information on the purpose and intended nature of the business relationship.

d) Conducting ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the institution’s knowledge of the customer, their business and risk profile, including, where necessary, the source of funds.

Financial institutions should apply each of the CDD measures under (a) to (d) above, but may determine the extent of such measures on a risk sensitive basis depending on the type of customer, business relationship or transaction. The measures that are taken should be consistent with any guidelines issued by competent authorities. For higher risk categories, financial institutions should perform enhanced due diligence.

In certain circumstances, where there are low risks, countries may decide that financial institutions can apply reduced or simplified measures. Financial institutions should verify the identity of the customer and beneficial owner before or during the course of establishing a business relationship or conducting transactions for occasional customers. Countries may permit financial institutions to complete the verification as soon as reasonably practicable following the establishment of the relationship, where the money laundering risks are effectively managed and where this is essential not to interrupt the normal conduct of business.

Where the financial institution is unable to comply with paragraphs (a) to (c) above, it should not open the account, commence business relations or perform the transaction; or should terminate the business relationship; and should consider making a suspicious transactions report in relation to the customer.

These requirements should apply to all new customers, though financial institutions should also apply this Recommendation to existing customers on the basis of materiality and risk, and should conduct due diligence on such existing relationships at appropriate times.

Significance of KYC for different Legal Entities

    

   

     KYC for Commercial Transaction


 Safeguarding against misuse of products and services offered by the bank /financial institution by unintended parties form the basis for collection of information and monitoring the commercial business relationship. 

Financial Due Diligence: Leverage KYC/KYB solutions to assess the financial health of partners, preventing potential ROI, time, and reputation losses.

AML & CFT Due Diligence: A robust KYC process is essential for AML and CFT compliance, combating fraud, and preventing money laundering and terrorist financing.

Customer Onboarding: Financial institutions use KYC to verify customer identities, ensuring compliance with anti-money laundering regulations and mitigating legal and reputational risks.

Employee Onboarding: KYC includes background checks for new hires to maintain a secure workplace, safeguard sensitive information, and uphold company integrity.

Stakeholder Verification: Businesses utilise KYC to validate key stakeholders’ legitimacy, such as clients, partners, and investors, ensuring compliance with legal requirements. 

Fraud Prevention: KYC aims to minimise the risk of fraud, protecting organisations from financial losses, legal liabilities, and reputational damage. 

As per provisions of PMLA2002, obligated  entities need to have adequate infrastructure and resources to do risk based customer due diligence , ongoing due diligence and submit prescribed reports at specified intervals.


    KYC for Employer

Every employer hiring people through third party or under direct recruitment more or less makes due diligence of candidate before signing contract. It includes personal details of candidate, third part reference, family background, report of previous employer etc. This process is undertaken to know the identity about the candidate that helps in future in case something wrong is done by the employee

    KYC for General Public

    

    Due to risk of money or local law compliance, even a non-commerce person

    make identity of person with  whom he/she is going to make any transaction either in money or in kind. 

    Such process relives or somehow helps in fraud or cheating. It is suggested for every person to get the 

    identity and location proof of person before any deal is taken place it may be sale of house, marriage, 

    renting property, sale of asset etc. 


    In India, two registries are involved in carrying out the KYC process   the UIDAI and CERSAI.


   Different Types of KYC

There are different types of KYC based on technology involved and process applied.

  • Aadhaar-based KYC
    • Online – Using Aadhaar-based biometric authentication
    • Online – Using OTP authentication
  • In-Person-Verification (IPV) KYC
  • Digital KYC
  • Video KYC
  • Central KYC
  • Self-KYC

Each of the above KYC types are described briefly below:

a) Aadhar based  KYC


Aadhaar-based KYC allows a customer to perform KYC using his Aadhar details online. However, he is allowed to invest only up to Rs. 50,000 every financial year per fund.

In case the customer wants to invest more in a specific fund every year, he needs to get In-Person-Verification done. The customer can either visit a fund house office or KYC kiosk for in-person verification or authenticate using Aadhaar-biometrics by calling the KRA (KYC Registration Agency) executive to his home/office.

Some mutual fund houses allow customers to get their IPV KYC done through video call where they have to display their original identity and address proof. Once completed, the bar of Rs. 50,000 maximum investment amount is lifted for such customers.

Aadhaar Paperless Offline e-KYC eliminates the need for the Aadhaar number holder to provide photo copy of Aadhaar letter and instead Aadhaar number holder can download the KYC XML and provide the same to agencies wanted to have his/her KYC

Advantages of Aadhaar-based e-KYC

There are a number of benefits of Aadhaar-based e-KYC. These are discussed below:

Paperless: The biggest advantage of KYC Aadhaar is that it is paperless and allows a service provider to manage the documents with ease and with efficiency.

Secure: UIDAI will only share tamper-proof digital documents through a secure channel. This helps protect the identity of the holder. There is no possibility of getting the documents forged and it also cannot be used without the consent of the service provider or the Aadhaar holder.

Consent-based: UIDAI will only share your information with the service provider after you give consent in the form of an OTP acknowledgment or through a biometric.

 Authorisation: Information that is shared by UIDAI will contain authenticated data which makes it acceptable and legal for the parties that are involved in a transaction.

Cost-efficient: The system of e-KYC is paperless and online. It eliminates the physical movement of information and makes it a cost-effective process.


b). Digital KYC


Defined by the RBI, digital KYC requires authorized officials to be physically present to capture live pictures of the customer and their documents.


Benefits: Paperless and offers a faster, automated onboarding process.

Challenges: Not entirely digital as it requires physical presence; potential for manual errors.

For Example, Paytm, a leading digital payments platform, uses digital KYC for its wallet and banking services. Paytm agents visit customers to capture live photographs and verify documents, enabling a convenient and compliant KYC process.





c). Video KYC


Customers are onboarded over a video call, where they submit their documents, followed by a review process known as (VKYC).



Video based Customer Identification Process (V-CIP): an alternate method of customer identification with facial recognition and customer due diligence by an authorised official of the RE by undertaking seamless, secure, live, informed-consent based audio-visual interaction with the customer to obtain identification information required for CDD purpose, and to ascertain the veracity of the information furnished by the customer through independent verification and maintaining audit trail of the process. Such processes complying with prescribed standards and procedures shall be treated on par with face-to-face CIP for the purpose of this Master Direction.Accounts, both deposit and borrowal, opened using OTP based e-KYC shall not be allowed for more than one year unless identification as per Section 16 or as per Section 18 (V-CIP) is carried out. If Aadhaar details are used under Section 18, the process shall be followed in its entirety including fresh Aadhaar OTP authentication

REs may undertake V-CIP to carry out: 

i) CDD in case of new customer on-boarding for individual customers, proprietor in case of proprietorship firm, authorised signatories and Beneficial Owners (BOs) in case of Legal Entity (LE) customers. 

Provided that in case of CDD of a proprietorship firm, REs shall also obtain the equivalent e-document of the activity proofs with respect to the proprietorship firm, as mentioned in Section 28 and Section 29, apart from undertaking CDD of the proprietor.

 ii) Conversion of existing accounts opened in non-face to face mode using Aadhaar OTP based e-KYC authentication as per Section 17. 

iii) Updation/Periodic updation of KYC for eligible customers.

REs opting to undertake V-CIP, shall adhere to the following minimum standards prescribed by RBI, India:

V-CIP Infrastructure

V-CIP Process

V-CIP Data & Records Management

Benefits: Remote onboarding, high security, and a significant reduction in time and costs for FIs.

Challenges: Technology-intensive and requires employee training for compliance.

Examples:  HDFC Bank have adopted video KYC (Know Your Customer) for account openings and various other banking services. This innovative approach allows customers to complete the KYC process remotely through a video call. During the call, customers present their identification documents to a bank representative.




d). Central KYC


Central KYC Registry is a centralized repository of KYC records of customers in the financial sector with uniform KYC norms and inter-usability of the KYC records across the sector with an objective to reduce the burden of producing KYC documents and getting those verified every time when the customer creates a new relationship with a financial entity.

Under this, the individual need to submit your KYC documents for verification in a central repository. The central KYC process is regulated and maintained by the Central Registry of Securitisation Asset Reconstruction and Security Interests of India or CERSAI.

For this verification, you will receive a 14-digit KIN or KYC identification number. Once your data is stored with this central repository, banks and financial institutions can access these with your KIN.

KYC is widely used in banking, insurance, stock markets, digital payments, telecom, real estate, cryptocurrency, mutual funds, e-commerce, and government welfare schemes. Financial institutions use it to assess risk, prevent fraud, and ensure transparency. Telecom companies require KYC for SIM card issuance, while stockbrokers and mutual funds verify investors before transactions.

SEBI has reviewed the provisions regarding ‘PAN Linking with Aadhaar’ and has decided to simplify the risk management framework vide circular ref. no. SEBI/HO/MIRSD/SECFATF/P/CIR/2024/41 dated May 14, 2024. Further, SEBI vide FAQ dated May 14, 2024 on ‘KYC norms for the Securities Market’ (point no. 12) clarified that ‘Clients, in whose case PAN Aadhaar linkage is not verified, shall be allowed to transact with the existing intermediary subject to a valid PAN. However, the client’s KYC shall not be portable in the securities market’.

As a part of the risk management framework, the KRAs shall verify the PAN, name, and address of all clients within two days of receipt of KYC records.

If a mutual fund investor's KYC status is 'verified', 'registered' or 'on-hold', then he/she is required to do the re-KYC again. It is essential to have 'KYC Validated' status to ensure that an investor can invest in any scheme of any mutual fund house easily without giving KYC documents again and again.

The records of those clients in respect of which all attributes are verified by KRAs with official databases (such as Income Tax Department database on PAN, Aadhaar XML / Digilocker / M- Aadhaar) and PAN-Aadhaar linkage has also been verified as referred to in Rule 114 AAA of the Income Tax Rules, 1962 shall be considered as Validated Records.

SEBI circular informed that the exchanges/depositories/concerned intermediaries shall complete the necessary technical change in their systems by May 31, 2024




An investor should check KYC status before investing. If the status is shown as ‘KYC validated’, then the investor can make a transaction in any mutual fund at, anytime.

RBI MD dated Feb25, 2016 updated as on Jan 04, 2024 on CKYC

Government of India has authorised the Central Registry of Securitisation Asset Reconstruction and Security Interest of India (CERSAI), to act as, and to perform the functions of the CKYCR vide Gazette Notification No. S.O. 3183(E) dated November 26, 2015.

In terms of provision of Rule 9(1A) of the PML Rules, the REs shall capture customer’s KYC records and upload onto CKYCR within 10 days of commencement of an account-based relationship with the customer.

However, this has to be read with PMLR 2005  amendment dated 17/10/2023 on obtaining records from third parties

The Government has notified [17.10.2023] the Prevention of Money-laundering (Maintenance of Records) Third Amendment Rules, 2023. As per the amended norms, the reporting entities must immediately obtain client due diligence records from third parties or from the Central KYC Records Registry. Earlier, the reporting entities were required to obtain client due diligence records from third parties or the Central KYC Records Registry within 2 days.


Types of CKYC Accounts

1. Normal Account

A Normal Account is a CKYC account that is opened with an individual's completion of a KYC form. This type of account will be linked to the PAN Card, Aadhar Card & other essential documents.

2. Simplified/Low-risk Account

The Central KYC Registry (CKYC) simplifies opening accounts for low-risk customers by allowing them to open an account with a single KYC form which all banks and CKYC-registered entities accept.

3. Small Account

A Small Account is the most basic type of CKYC account. It allows individuals to open single accounts in multiple financial institutions without going through the KY.

4. OTP-Based eKYC Account: Online OTP-based KYC. This account may be opened by uploading a photograph along with a PDF file of an Aadhaar card acquired from the UIDAI website. An OTP is then used to enable these. The KYC Verification prefixes these accounts with ‘O.’


CKYC & Budget 2025

The Budget 2025 announcement highlights key enhancements to CKYC, including technology-driven verification methods and seamless integration with digital platforms. The Centre will launch an updated Central KYC Registry in 2025, featuring AI-based matching algorithms and secure electronic formats for storing data. It will also integrate with DIGI locker for digital onboarding and offer real-time notifications to financial institutions about KYC updates.


Features of the revamped Central KYC Registry

  • Verification of the data uploaded by the REs with the documents uploaded so as to ensure that there is no mismatch in the data & documents uploaded.
  • AI based matching algorithm including face match technology proposed to be used for deduplication at the time of issuing unique CKYCR number
  • Verification/validation of the documents of individual client uploaded by Financial Institutions from the document issuing authorities.
  • View only access to clients to see their KYC details with CKYCRR, the details of Financial Institutions which uploaded/ downloaded/ updated her KYC record and which Financial Institution to approach for correction, if any, required.
  • For digital onboarding, CKYCRR will be integrated with DIGI locker.
  • Customer consent through OTP/face authentication on use of KYC data with CKYCRR
  • Availability of metadata – the number of times KYC Records are downloaded /updated in last five years will be available to the Financial Institutions.
  • No fee for uploading of KYC records



CERSAI

CERSAI is a Government of India company, licensed under section 8 of the Companies Act, 2013. Its Registered Office is at New Delhi. The company has been incorporated with majority shareholding of the Central Government, Public Sector Banks and National Housing Bank initially for the purpose of operating a Registration System under the provisions of Chapter IV of the Securitisation and Reconstruction of Financial Assets and Enforcement of Security Interest Act, 2002 (SARFAESI Act).The Security Interest Registry, which was incorporated in 2011, made a humble beginning by filing of Security Interest of Immovable Properties, it has today matured into a complete registry encompassing security interest of immovable, movable, intangible properties and assignment of receivables. It now provides access to all kind of creditors and also provides facility for filing of attachment orders and court orders, so as to provide a complete picture of any encumbered / attached property. The importance of Security Interest Registry and its contribution In Ease of Doing Business (EoDB) score of the country under the sub-head Getting Credit has been significant.


The Central KYC Record Registry, which started operating from 2016, caters to Reporting Entities (REs) of all four major regulators of financials sector i.e. RBI, SEBI, IRDAI & PFRDA. As on 30th September 2024, CKYCRR hosts more than 94 crore KYC records and the growing number of KYC Records downloaded by REs from CKYCRR signify the benefit and ease this repository has provided to the REs and their customers.

 

In line with the BUDS Act 2019 section 9, sub section (1), CERSAI has been authorized to operate a portal accessible to the public, containing information relating to deposit takers, which shall include the following,

i). List of deposit takers operating in India, the extent and areas of their operation;

ii). Any action taken under any law for the time being in force against any deposit taker for collection of deposits;

iii). Updates regarding proceedings for restitution of depositors under Chapter V of the Banning of Unregulated Deposits Schemes (BUDS) Act, 2019.

CERSAI is in process of development of this portal which shall be available in public domain soon.


e). Self KYC

In accordance with the recent Union Cabinet approval, Self-KYC as an alternate process for issuing new mobile connections as per Annexure may be implemented by the Telecom Service Providers with immediate effect. Accordingly, the instructions issued vide letter of even number dated 31,.08.2021, is hereby superseded.

In this process, the issuing of mobile connection to the customers is done through an App/Portal based online process wherein a customer can apply for mobile connection sitting at home/office and gets the SIM delivered at his door step using documents electronically verified by UIDAI (Aadhaar) or Digilocker.

The testing and verification in consultation with Government agencies will not be necessary. However, all security related compliances must be ensured by the TSPs while implementing the process. Action taken shall be informed to DoT and MHA.


DigiLocker is a flagship initiative of Ministry of Electronics & IT (MeitY) under Digital India programme. DigiLocker aims at 'Digital Empowerment' of citizen by providing access to authentic digital documents to citizen's digital document wallet. DigiLocker is a secure cloud based platform for storage, sharing and verification of documents & certificates.



Simplified process for periodic KYC updates

As per RBI’s Master Directions, periodic updation shall be carried out at least once in every two years for high-risk customers, once in every eight years for medium risk customers and once in every ten years for low-risk customers from the date of opening of the account / last KYC updation. In case of no change in the KYC information, a self-declaration from the customer in this regard shall be obtained through customer’s email-id registered with the RE, customer’s mobile number registered with  the RE, ATMs, digital channels (such as online banking / internet banking, mobile application of RE), letter, etc.
In case of a change only in the address details of the customer, a self-declaration of the new address shall be obtained from the customer through customer’s email-id registered with the RE, customer’s mobile number registered with the RE, ATMs, digital channels (such as online banking / internet banking, mobile application of RE), letter, etc., and the declared address shall be verified through positive confirmation within two months, by means such as address verification letter, contact point verification, deliverables, etc. The process of periodic updation will be streamlined



Digital Access is a right: SC directs KYC changes for disabled persons


The digital divide, characterised by unequal access to digital infrastructure, skills, and content, continues to perpetuate systemic exclusion not only of persons with disabilities but also of large sections of rural populations, senior citizens, economically weaker communities, and linguistic minorities.

The right to digital access, therefore, emerges as an intrinsic component of the right to life and liberty, necessitating that the state proactively design and implement inclusive digital ecosystems that serve not only the privileged but also the marginalised, those who have been historically excluded.

Barriers with the existing eKYC processes.

The procedures requiring facial recognition, head movements, or physical signatures posed significant challenges for many with visual impairments or facial disfigurements. Acid attack survivor faced  the discriminatory requirement for a "live photograph," a mandate under the Reserve Bank of India's 2016 KYC Master Directions.

One of the petitions concerned an acid attack survivor who faced difficulties in opening a bank account in 2023 because her eyes were disfigured, she couldn't perform visual tasks such as capturing a "live photograph" by blinking her eyes.

As this is mandated under the RBI-regulated KYC process, the woman couldn't open her bank account. However, the bank later made an exception following an outrage over the issue on social media.

A completely  blind person has the inaccessibility of screen signatures and paper form uploads. 


The court directed the Centre on 30 April 2025 to make the process of digital KYC accessible to the disabled, particularly those with facial disfigurements and visual disabilities. It also directed different ministries to ask all regulating authorities, government or private, to follow accessibility standards as prescribed from time to time.

The court also ordered the Reserve Bank of India (RBI) to ensure that entities conducting customer due diligence and onboarding new customers could use the video-based KYC process, in line with the 2016 KYC provisions in which blinking of the eyes was not mandatory.


Happy reading,


1. Important KYC Framework in RBI Prescriptions

2. NBFCs and e-KYC: RBI, India





Formerly Faculty for Finance & Associate Dean, IBS-Kochi MBA (Banking & Finance – CUSAT);CFA. Accredited Management Teacher from CME of AIMA, Delhi has been in Management Education from 1988. Exposure is in the field of Mutual Funds, Market Research, Project Report preparation & evaluation, Advertising & NGO Activities. This Chief Manager, UTI Asset Management Co Pvt. Ltd(1992-2003), Mumbai. Undergone training in Case Study method of teaching under Mr. Trevor Williams and Mr. Scott M Andrews conducted by the ECCH, UK . Published Books & Book Review, Series of academic articles and maintains a column on MFs under "Fund scan" in Business Manorama since January 2007,Contributes "Portfolio Doctor" column for 'Sampadyam' a wealth mgt publication in Malayalam from manorama group since February 2007, Listed her case studies at asiacase.com.Presented papers in national & international conferences on Mutual Funds. Faculty Member @ ASIET, Kalady from 2010 to June 2019. Dean @ SNGIST, N Paravur, Ernakulam from Sep 2019 -Jan 2021, I continue my efforts to spread the knowledge in area of Finance and contribute to Management Education

Comments

Post a Comment

Popular posts from this blog

National Risk Assessment (NRA): India

By
  India's National Risk Assessment (NRA) is  an ongoing exercise to identify sectors that are vulnerable to money laundering and terrorist financing (ML/TF) .  The NRA is based on recommendations from the Financial Action Task Force (FATF) and helps inform policy-making, resource allocation, and the implementation of effective AML/CFT measures. The NRA also ensures that national strategies address both domestic and international threats. The NRA provides a foundation for informed policy-making, resource allocation, and the implementation of effective AML/CFT measures . It ensures that national strategies are aligned with the specific risk landscape of the country and that they address both domestic and international threats. The subject matter of NRA  was discussed in the Anti-Money Laundering Steering Committee (AMLSC) set up with the approval of Finance Minister, and it was decided to conduct the NRA following the World Bank methodology. The Methodology requi...
Read more

Customer Due Diligence(CDD) : Individuals

By
Image
This post is based on RBI Master Circular dated Feb 25, 2016 updated on Jan 04, 2024  Part I - Customer Due Diligence (CDD) Procedure in case of Individuals For undertaking CDD, REs shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity: (a)     the Aadhaar number where,   (i) He is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or (ii) He decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub-section (1) of section 11A of the PML Act; or (aa) the proof of possession of Aadhaar number where offline verification can be carried out; or (ab) the proof of possession of Aa...
Read more

Periodic Updation of Customer Risk Profile

By
1. Preparation of Customer Profile from KYC Data In the initial years of KYC, RBI has been following a handholding approach as can be seen from their circular dated July 2009 and that of Feb 25, 2016 as updated on Jan 04, 2024. RBI requires REs to conduct risk profiling and risk categorization and periodic updation.  Extracts from RBI MD dated July 01, 2009 under Customer Acceptance Policy a)ii) Parameters of risk perception are clearly defined in terms of the nature of business activity , location of customer  and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher; b). Banks should prepare a profile for each new customer based on risk categorisatio...
Read more