Understanding Know Your Customer (KYC): Safeguarding Financial Integrity in India
– Sakshi Patil | finserv@vinodkothari.com
KYC compliance is mandatory for opening bank accounts, investing in mutual funds, opening demat accounts, purchasing insurance policies, and availing various other financial services. It ensures not only regulatory compliance but also safeguards the integrity of the financial system by preventing identity fraud, money laundering, and other illicit activities.
Further, India’s banking and financial sector is changing fast. Banks and other financial institutions need to make sure they know who their customers really are and that their money transactions are legal, this is where KYC processes play a pivotal role.
A. Introduction
1. What is KYC
KYC stands for Know Your Customer. It refers to a process by which Regulated Entities[1] (REs) verify the identity, address, and financial profile of their customers before initiating a business relationship and at regular intervals thereafter, as mandated by the Reserve Bank of India (RBI) and other regulatory authorities.
2. Why it is a critical compliance process in financial services
KYC serves as the cornerstone of compliance in India’s financial services sector. It acts as the first line of defense against financial crimes such as money laundering, terrorism financing, identity theft, and fraud. The process has gained increased significance following government’s push toward financial inclusion through initiatives like Jan Dhan Yojana and Digital India.
By verifying the identity and background of customers, financial institutions can assess the risk associated with each relationship and ensure compliance with domestic regulations while supporting the government’s broader financial inclusion objectives.
3. Key Risks KYC Helps Prevent:
Money Laundering Risk: Every financial transaction carries the inherent risk of money laundering. Financial institutions are particularly vulnerable to being used as conduits for laundering illicit funds.
Terrorism Financing Risk: For lending institutions, there is an additional risk of inadvertently financing terrorist activities, making customer verification essential for national security.
Impersonation Risk: Without proper identity verification, institutions face the risk of fraudsters opening accounts using false identities.
Fraud Prevention: KYC processes help prevent various types of financial frauds by establishing authentic customer identities and monitoring transaction patterns.
Regulatory Framework in India
India’s anti-money laundering system is built on the Prevention of Money-Laundering Act, 2002 (PML Act) and the Prevention of Money-Laundering Rules, 2005 (PML Rules).
All financial entities must follow these laws along with KYC rules. The Finance Ministry regularly updates these rules to keep them current.
The system is overseen by following key organizations:
- RBI – governs banks and financial institutions and creates KYC rules that REs must follow and monitors whether they are complying properly.
- Securities and Exchange Board of India (SEBI) – oversees stock markets, mutual funds, insurance companies, and investment firms. SEBI ensures that these companies follow proper KYC procedures when dealing with investors and clients.
- Financial Action Task Force (FATF) – This is an international organization that sets global standards for fighting money laundering and terrorist financing. FATF monitors how well countries like India are implementing these standards and provides guidelines that India must follow to stay compliant with international requirements.
B. Core Components of KYC
1. Customer Due Diligence
Customer Due Diligence (CDD) means process of identifying and verifying the customer and the beneficial owner, going beyond basic identification to understand the customer’s profile and risk assessment, using reliable and independent sources of identification.
The process requires collection and verification of specific identifying information including the customer’s full name as per official documents, father’s/spouse’s name, date of birth or age, address, and occupation or nature of business.
Officially Valid Documents (OVDs) accepted in India include:
- Passport,
- Driving licence,
- Proof of possession of Aadhaar number,
- Voter’s Identity Card issued by the Election Commission of India,
- Job card issued by NREGA duly signed by an officer of the State Government, and
- Letter issued by the National Population Register.
- Permanent Account Number (PAN) or the equivalent e-document, thereof, or Form No. 60 as defined in Income-tax Rules, 1962; and
- other documents in respect of the nature of business and financial status of the customer, or the equivalent e-documents thereof, as may be required by the RE.
2. Unique customer identification code
The KYC Directions require REs to allot a Unique Customer Identification Code (UCIC) to each customer, which serves as a distinct identifier across all products and services offered by the RE.
No fresh CDD is required when an existing KYC-compliant customer avails any additional product or service from the same RE, solely for the purpose of identification. It streamlines KYC processes, minimise duplication of procedures and documentation, and simplify customer onboarding.
However, it is advisable for REs to obtain a declaration from the customer, prior to extending any new product or service, confirming that there has been no change in the KYC information previously submitted.
3. Customer Onboarding Options under KYC Framework
An RE has the following options to onboard a customer:
- Face-to-face onboarding:
Customers can visit the branch or office of the RE, or by completing the Digital KYC Process. Additionally, REs can use the Video-based Customer Identification Process (V-CIP) which is considered equivalent to face-to-face onboarding, provided it complies with the standards and procedures prescribed by the regulator.
- Non-face-to-face onboarding:
The non-face-to-face onboarding would mean there is no physical interaction with the customer. REs rely on Aadhaar OTP-based e-KYC authentication, or use digital channels like the CKYCR, DigiLocker, or equivalent e-documents. In the case of Non-Resident Indians (NRIs) and Persons of Indian Origin (PIOs), non-digital modes such as obtaining a certified copy of an OVD by additional certifying authorities, as permitted under applicable regulations, are also acceptable.
For such non-face-to-face customers, given the increased risk, the due diligence shall also be enhanced. Accordingly, accounts which are opened through non face to face mode are subjected to enhanced due diligence.
There was already a restriction on customer accounts opened using Aadhaar OTP-based e-KYC, in non-face-to-face mode. However, only a handful of REs, other than bank, have been authorised to carry out Aadhaar OTP-based e-KYC.
4. Digital KYC and V-CIP
India has been at the forefront of digital KYC innovation. It allows instant customer verification through OTP-based authentication or through video call (V-CIP), significantly reducing account opening time and improving customer experience.
V-CIP is an alternate method of customer identification with facial recognition and customer due diligence that allows REs to obtain and verify a customer’s identity information through a digital, secure, live, informed and consent-based and live audio-visual interaction between an authorised RE official and the customer to obtain identification information required for CDD purpose.
5. Periodic KYC Updates
Regulations mandate periodic updation of KYC records and for which REs are required to do classification of the customers. Customers are broadly categorised into three risk categories, viz high, medium and low.
For high-risk customers, KYC must be updated two years, for medium-risk customers every eight years, and for low-risk customers every ten years. This ensures that customer information remains current and risk assessments stay relevant.
Further, A system of periodic review of risk categorisation of accounts shall be carried out at least once in six months.
C. Challenges in Indian KYC Implementation
Many potential customers, particularly in rural areas, face challenges in providing proper documentation.
While urban areas have robust digital infrastructure, rural and semi-urban areas may face connectivity issues affecting digital KYC processes. Institutions are required to develop a system to facilitate technology driven measures to obtain KYC.
3. Privacy and Data Security Concerns
Customers worry about sharing sensitive personal information, especially after data breaches in the news. They may be reluctant to provide documents or answer detailed questions, slowing down the verification process.
D. Conclusion
KYC processes in India create an important balance between following regulations and making sure everyone can access financial services. India’s special approach uses digital identity systems while working with people from different economic backgrounds. This makes it a good example for other developing countries.
As India works toward becoming a $5 trillion economy, strong KYC processes will be very important for keeping the financial system safe while helping everyone participate in economic growth. Banks and financial companies that do well at making KYC processes easy for customers and technology-friendly will be in the best position to serve India’s growing economy while meeting what regulators require.
The changes in KYC in India show the country’s bigger move toward digital technology. This proves how new ways of following compliance rules can help achieve both regulatory goals and national economic targets. To succeed in this environment, financial institutions need to stay flexible, focus on customers, and use technology to benefit everyone in India’s financial system.
[1] Regulated Entity (RE)- means all banks, AIFIs, NBFCs, Payment System Providers/ System Participants and Prepaid Payment Instrument Issuers and all authorised persons regulated by the RBI.
Leave a Reply
Want to join the discussion?Feel free to contribute!