RBI Overhauls KYC Norms for Robust Customer Due Diligence
The Reserve Bank of India (RBI) recently unveiled a sweeping set of changes to Know Your Customer (KYC) guidelines that regulated entities (REs) must follow. The revised Master Direction on KYC seeks to comprehensively strengthen customer due diligence by financial institutions, NBFCs, fintechs, and other entities regulated by the RBI.
This overhaul of KYC norms comes at an opportune time. With digital payments and fintech adoption growing exponentially in India, maintaining robust customer verification processes is crucial. The enhancements in the new guidelines can equip REs with the frameworks and systems to better understand their customers, monitor suspicious transactions, and collaborate seamlessly to combat money laundering.
Key Changes to Bolster KYC Frameworks
Expanded List of Official Documents for Verification
A major change introduced in the updated guidelines is the expansion of acceptable documents for identity and address verification. Customers can now submit unique identification documents like Aadhaar, PAN, Passport, Driving License, and Voter ID Card for KYC. The RBI has also enabled digital KYC by allowing REs to accept soft copies of documents stored in Digilocker or other government repositories. This provides flexibility to customers and facilitates remote, paperless onboarding.
Enhanced Due Diligence of Customer identity
REs will now have to implement enhanced due diligence for ascertaining and verifying the identity of new customers. The norms elaborate the procedures to identify beneficial owners, establish ownership structure, and understand the intended purpose of the account. REs will gather more information upfront for a better understanding of the customer’s profile before initiating the relationship.
Ongoing Monitoring of Transactions
The guidelines mandate closer ongoing monitoring of transactions in customer accounts. REs must regularly check that transactions match the customer’s profile, stated purpose, and expected activity patterns. Any substantial deviations will be subjected to additional compliance checks. This vigilance will help REs identify potential money laundering risks.
Risk-based Approach for KYC Updation
The norms adopt a risk-based approach for periodic KYC updation. REs must formulate policies to determine KYC updation frequency based on the money laundering or terrorist financing risks posed by a customer. Periodic KYC updation will be done more frequently for high-risk categories. This ensures optimal utilization of REs’ resources.
Monitoring Low KYC Accounts
To identify potential risks, the RBI has introduced mandatory monitoring of small accounts opened under simplified KYC by NBFCs. These will be tracked for suspicious actions and full KYC will be initiated if required. This balances efficiency and diligence for such accounts.
Record-keeping for All Customers
Earlier, KYC records had to be maintained only for account holders. Now, REs must keep records for all customer engagements including walk-ins and occasional transactions. This plugs a gap in monitoring non-account relationships.
Enhanced Vigil on Politically Exposed Persons
REs will have to exercise extra caution in dealing with Politically Exposed Persons (PEPs) and their relatives. They must establish the source of funds/wealth and have senior management approval before taking on PEPs. Ongoing monitoring of their transactions will also be enhanced.
The Way Forward
The RBI’s more stringent KYC and AML policies are a welcome move to tackle evolving money laundering typologies. The onus is now on REs to make necessary upgrades to their customer onboarding, transaction monitoring, and reporting systems.
With digital transactions becoming ubiquitous, maintaining robust KYC procedures is crucial. REs should see this as an opportunity to harness technology like AI, machine learning, and blockchain to implement compliant and efficient customer verification.