RBI's new KYC rules: Simplified verification and enhanced security

The amended provisions in the Master Direction have come into force with immediate effect, said the circular issued by the Reserve Bank of India

The Reserve Bank of India (RBI) has announced updates to the Master Directions on Know Your Customer (KYC). These revised provisions, announced on November 6, will be effective immediately, as stated in the circular issued by the central bank on the same date.

 

According to the RBI notification dated November 6, the Master Direction on KYC has been updated to:

 

(a) Align with recent amendments to the Prevention of Money Laundering (Maintenance of Records) Rules, 2005, according to the Gazette Notification dated July 19, 2024.

 

(b) Include instructions based on the corrigendum issued by the Government of India on April 22, 2024, to the February 2, 2021, order regarding the 'Procedure for implementation of Section 51A of the Unlawful Activities (Prevention) Act, 1967,' and

 

 

(c) Revise certain existing instructions.

 

“The Reserve Bank of India’s recent amendments to KYC guidelines aim to streamline the verification process, making it easier and more secure for consumers. By updating these standards, RBI is enhancing the efficiency of onboarding and verification, which means consumers can expect faster access to banking services and reduced paperwork. Ultimately, this move will make financial transactions more accessible and reliable, benefiting both consumers and financial institutions alike with immediate, user-centric improvements,” said Sandeep Sethi, V-P of Sales- India & South Asia, Wibmo, (a PayU company).

 

What is KYC?

 

Know Your Customer (KYC) is a process financial institutions use to verify the identities of their customers. Nowadays, KYC is essential in helping prevent illegal activities, including money laundering and terrorist financing, which pose serious threats to the financial system. By conducting background checks, KYC allows organisations to ensure their customers are not involved in any unlawful activities, protecting both the institution and the client.

 

What are the amendments?

 

KYC simplification for existing customers: Customers of a financial institution who have already completed their KYC will no longer need to repeat the process if they open a new account or use a different service within the same institution.

 

The RBI has revised its Customer Acceptance Policy to introduce a Unique Customer Identification Code (UCIC) for each customer. This means a KYC-compliant customer could open a bank account and later start a mutual fund without redoing KYC. However, coordination between regulators like Sebi (mutual funds) and Irdai (insurance) for ensuring KYC compliance across services remains to be clarified.

 

Periodic KYC updates based on risk levels: REs (regulated entities) must update customer KYC records periodically using a risk-based approach. Specifically:

 

·   High-risk customers: Update every 2 years

 

·   Medium-risk customers: Update every 8 years

 

·   Low-risk customers: Update every 10 years

The Board of Directors or an empowered Board committee must approve these systems as part of the entity’s internal KYC policy.

 

Sharing KYC data with Central KYC Records Registry (CKYCR): REs must upload KYC information to the CKYCR for individual accounts opened after specific dates (January 1, 2017, for SCBs and April 1, 2021, for other REs). KYC updates provided by customers must also be reflected in the CKYCR.

 

No redundant KYC requests: When a KYC identifier is available in the CKYCR, REs should use it instead of asking customers to resubmit KYC documents, unless:

 

·   Information is incomplete or outdated.

 

·   Validity of downloaded documents has expired.

 

·   Additional verification or enhanced due diligence is necessary to assess risk.

 

Updating CKYCR with new information: Upon receiving updated information from a customer, REs must revise the KYC records in the CKYCR within seven days, or within the timeframe specified by the Central Government. CKYCR will then notify other entities linked with the customer about the update.

 

Enhanced monitoring of high-risk accounts: High-risk accounts, such as those with numerous cheque book requests, frequent small cash deposits, or similar cheque amounts, must undergo increased scrutiny. REs must report suspicious activities to authorities like the RNI and FIU-IND. Special attention should also be given to MLM companies’ accounts, and REs should review their risk categorisation systems every six months.

 

Change in designation of UAPA central nodal officer: The designation of the central nodal officer for the Unlawful Activities (Prevention) Act (UAPA) has been changed from additional secretary to joint secretary by the Government of India.