Given these occurrences, two new acts were enacted: the Prevention of Money Laundering Act of 2002 (PMLA) and the PMLA (Maintenance of Records) Rules of 2005. Both of these acts define criteria that all financial institutions must follow, commonly called “KYC.”
Let’s understand what KYC is in banking.
KYC (Know Your Customer) is the process of gathering and verifying personal and financial information about customers. This is done to maintain track of monetary transactions made through financial institutions or Fintech applications and to report any questionable or fraudulent transactions.
Whether a person wishes to invest in mutual funds, trade in preferred stocks, open a bank account, buy premiums, or borrow funds, they must first complete the KYC process as prescribed by the law.
The KYC process has four main steps. Let’s discuss them.
This is the first stage. Financial institutions collect basic information about their clients or customers here. They record their name, date of birth, address, and identification number.
Following information gathering, they verify their documents using facial recognition, biometrics, or physical verification.
Physical verification is common, mostly in mortgage transactions. The lender sends their executive in person to the location where the mortgaged property is located, reviews its condition, and fetches the property’s market value.
The primary purpose of this stage is to ensure the customer is not providing fake or stolen identities.
This is the second stage. Financial institutions collect information on their customers’ occupation, income, source of funds, purpose of the business relationship, and expected transaction behaviour.
Financial institutions then assess the risk associated with the customer’s profile. For example, in the case of financing, by looking at the applicant’s transaction, lenders get a fair idea of their repayment potential and, based on that, decide on the maximum amount that can be sanctioned.
This “know your client” step is not for every customer but for those with higher risk levels. Politically exposed persons (PEPs), sanctioned individuals, and high-net-worth individuals fall under this category.
The concerned financial institution conducts more in-depth verification and screening of these customers by checking their background, reputation, and connections. To conduct EDD, they may obtain assistance from different sources, such as media reports, public records, or third-party databases.
This step aims to ensure the customer is not engaged in any illicit or unethical activities.
KYC is not a one-time process. What if the customer changes their address? In case of death, what and where will be the assets transferred to the legal heir?
Hence, financial institutions must update customers’ information and risk profiles periodically or whenever there is a significant change in their circumstances. Financial institutions may also monitor their customers’ transaction monitoring, behaviour analysis, or anomaly detection.
The KYC process is mainly classified into two types: Aadhar-based and in-person.
This can also be referred to as an online KYC practice. The customer uploads a scanned copy of their original Aadhar card to the financial institution’s portal. The application retrieves the data from it and automatically fills all required fields. However, this KYC has a mutual fund investment cap of Rs 50,000.
In this case, the customer must go to the KYC kiosk in person and authenticate their identification using biometrics. They must also submit the appropriate documents and complete the prescribed form for verification.
This is a novel and innovative way of doing KYC in India and is quite popular among banks and Fintech today. The process starts with a live video call with a bank officer who verifies the documents and the customer’s signature. The video call is recorded and stored for future reference and audit purposes.
However, the organisation will require facial recognition, liveness detection, and geo-tagging to make this process more effective and fraud-proof.
The list of documents that the government approves for KYC purposes are:
Aadhar card
Driver’s licence
PAN card
Passport
Identity card issued by central or state government or the regulatory or statutory authorities
Identity Card issued by public financial institutions
ID cards issued by universities or their affiliated colleges
Voter ID card
Lease or rent agreement
Ration card
Utility bills like electricity bill not older than three months
Recent bank account statements
Residence proof issued by a gazetted officer, parliament, and a notary public
Depending upon the nature of the business, the following documents may be required.
Certificate of Incorporation of the Company
Memorandum of Association and Articles of Association of the Company
Board Resolution permitting the opening and function of the account and the list of authorised signatories
Registration Certificate for registered partnership firms
PAN card of the Partnership firm
Partnership Deed
Power of Attorney granted to any one of the partners or employees to transact business on its behalf
As mentioned earlier, the PMLA, 2002, and the PML Rules, 2005, primarily govern the KYC requirements in India. The Financial Intelligence Unit - India (FIU-IND) enforces these laws and rules.
FIU-IND is the central agency responsible for collecting, processing, reviewing, and sharing information relating to suspicious financial transactions. It coordinates with other domestic and international agencies to battle money laundering and terrorist financing.
In addition to the PMLA and the PML Rules, the RBI has issued various guidelines and circulars on KYC for banks and other financial institutions operating in India. These include the Master Direction -
KYC Direction, 2016, which consolidates and updates all the KYC norms issued by the RBI to date. The Master Direction covers the following aspects of KYC:
Customer Acceptance Policy
Risk Management
Customer Identification Procedure
Customer Due Diligence Procedure
Record Management
Reporting Requirements to FIU-IND
Requirements/obligations under International Agreements
KYC is a process of verifying a financial services user’s identity and other credentials. It helps prevent money laundering, terrorism financing, and other illegal activities by ensuring the customers are who they claim to be. It further helps financial institutions assess the risk profile and suitability of the customers for their products and services. KYC also helps protect customers from fraud and identity theft by securing their personal and financial information.
