• Understanding the “Know Your Customer” (KYC) Process

    KYC / FinanceGuide
    Over the past, there have been uncountable incidents of money laundering to dodge taxes, fund terrorist activities, and conceal bribe money. These incidents slowly impede economic growth and stress the government and the general public.

    Given these occurrences, two new acts were enacted: the Prevention of Money Laundering Act of 2002 (PMLA) and the PMLA (Maintenance of Records) Rules of 2005. Both of these acts define criteria that all financial institutions must follow, commonly called “KYC.”

    Let’s understand what KYC is in banking.

    What is KYC?

    KYC (Know Your Customer) is the process of gathering and verifying personal and financial information about customers. This is done to maintain track of monetary transactions made through financial institutions or Fintech applications and to report any questionable or fraudulent transactions.

    Whether a person wishes to invest in mutual funds, trade in preferred stocks, open a bank account, buy premiums, or borrow funds, they must first complete the KYC process as prescribed by the law.

    Components of the KYC Process

    The KYC process has four main steps. Let’s discuss them.

    Customer Identification Program (CIP)

    This is the first stage. Financial institutions collect basic information about their clients or customers here. They record their name, date of birth, address, and identification number.

    Following information gathering, they verify their documents using facial recognition, biometrics, or physical verification.

    Physical verification is common, mostly in mortgage transactions. The lender sends their executive in person to the location where the mortgaged property is located, reviews its condition, and fetches the property’s market value.

    The primary purpose of this stage is to ensure the customer is not providing fake or stolen identities.

    Customer Due Diligence (CDD)

    This is the second stage. Financial institutions collect information on their customers’ occupation, income, source of funds, purpose of the business relationship, and expected transaction behaviour.

    Financial institutions then assess the risk associated with the customer’s profile. For example, in the case of financing, by looking at the applicant’s transaction, lenders get a fair idea of their repayment potential and, based on that, decide on the maximum amount that can be sanctioned.

    Enhanced Due Diligence (EDD)

    This “know your client” step is not for every customer but for those with higher risk levels. Politically exposed persons (PEPs), sanctioned individuals, and high-net-worth individuals fall under this category.

    The concerned financial institution conducts more in-depth verification and screening of these customers by checking their background, reputation, and connections. To conduct EDD, they may obtain assistance from different sources, such as media reports, public records, or third-party databases.

    This step aims to ensure the customer is not engaged in any illicit or unethical activities.

    Ongoing Monitoring

    KYC is not a one-time process. What if the customer changes their address? In case of death, what and where will be the assets transferred to the legal heir?

    Hence, financial institutions must update customers’ information and risk profiles periodically or whenever there is a significant change in their circumstances. Financial institutions may also monitor their customers’ transaction monitoring, behaviour analysis, or anomaly detection.

    Types of KYC Process

    The KYC process is mainly classified into two types: Aadhar-based and in-person.

    Aadhar-Based KYC:

    This can also be referred to as an online KYC practice. The customer uploads a scanned copy of their original Aadhar card to the financial institution’s portal. The application retrieves the data from it and automatically fills all required fields. However, this KYC has a mutual fund investment cap of Rs 50,000.

    In-Person-Based KYC:

    In this case, the customer must go to the KYC kiosk in person and authenticate their identification using biometrics. They must also submit the appropriate documents and complete the prescribed form for verification.

    Video KYC

    This is a novel and innovative way of doing KYC in India and is quite popular among banks and Fintech today. The process starts with a live video call with a bank officer who verifies the documents and the customer’s signature. The video call is recorded and stored for future reference and audit purposes.

    However, the organisation will require facial recognition, liveness detection, and geo-tagging to make this process more effective and fraud-proof.

    Documents Required for KYC Completion

    The list of documents that the government approves for KYC purposes are:

    Identity Proof

    Aadhar card

    Driver’s licence

    PAN card


    Identity card issued by central or state government or the regulatory or statutory authorities

    Identity Card issued by public financial institutions

    ID cards issued by universities or their affiliated colleges

    Address Proof

    Voter ID card

    Lease or rent agreement

    Ration card

    Utility bills like electricity bill not older than three months

    Recent bank account statements

    Residence proof issued by a gazetted officer, parliament, and a notary public

    List of KYC Documents for Businesses

    Depending upon the nature of the business, the following documents may be required.

    Certificate of Incorporation of the Company

    Memorandum of Association and Articles of Association of the Company

    Board Resolution permitting the opening and function of the account and the list of authorised signatories

    Registration Certificate for registered partnership firms

    PAN card of the Partnership firm

    Partnership Deed

    Power of Attorney granted to any one of the partners or employees to transact business on its behalf

    KYC Compliance and Regulations in India

    As mentioned earlier, the PMLA, 2002, and the PML Rules, 2005, primarily govern the KYC requirements in India. The Financial Intelligence Unit - India (FIU-IND) enforces these laws and rules.

    FIU-IND is the central agency responsible for collecting, processing, reviewing, and sharing information relating to suspicious financial transactions. It coordinates with other domestic and international agencies to battle money laundering and terrorist financing.

    In addition to the PMLA and the PML Rules, the RBI has issued various guidelines and circulars on KYC for banks and other financial institutions operating in India. These include the Master Direction -

    KYC Direction, 2016, which consolidates and updates all the KYC norms issued by the RBI to date. The Master Direction covers the following aspects of KYC:

    Customer Acceptance Policy

    Risk Management

    Customer Identification Procedure

    Customer Due Diligence Procedure

    Record Management

    Reporting Requirements to FIU-IND

    Requirements/obligations under International Agreements


    KYC is a process of verifying a financial services user’s identity and other credentials. It helps prevent money laundering, terrorism financing, and other illegal activities by ensuring the customers are who they claim to be. It further helps financial institutions assess the risk profile and suitability of the customers for their products and services. KYC also helps protect customers from fraud and identity theft by securing their personal and financial information.