Monitoring of Transactions under KYC norms is a process that involves tracking customer transactions to identify suspicious activity and potential fraud. The customer risk profile is created at the time of opening a bank account and is used to monitor their transactions.
Transaction monitoring provides enterprises with the tools to detect unusual transactional activity using AML obligations to prevent financial crime.
“Customer Due Diligence (CDD)” means identifying and verifying the customer and the beneficial owner using reliable and independent sources of identification.
Explanation – The CDD, at the time of commencement of an account-based relationship or while carrying out occasional transactions of an amount equal to or exceeding rupees fifty thousand, whether conducted as a single transaction or several transactions that appear to be connected, or any international money transfer operations, shall include:
Identification of the customer, verification of their identity using reliable and independent sources of identification, obtaining information on the purpose and intended nature of the business relationship, where applicable;
Taking reasonable steps to understand the nature of the customer’s business, and its ownership and control;
Determine whether a customer is acting on behalf of a beneficial owner, identifying the beneficial owner, and taking all steps to verify the identity of the beneficial owner, using reliable and independent sources of identification.
On-going Due Diligence” means regular monitoring of transactions in accounts to ensure that those are consistent with RE’s knowledge about the customers, customers’ business and risk profile, and the source of funds/wealth.
Banks/FIs should pay particular attention to the following types of transactions:
- large and complex transactions, and those with unusual patterns, that have no apparent economic rationale or legitimate purpose.
- transactions that exceed the thresholds prescribed for specific categories of accounts.
- transactions involving large amounts of cash inconsistent with the normal activity of the customer.
- high account turnover inconsistent with the size of the balance maintained.
It is important to monitor the transactions in accounts of marketing firms, especially accounts of Multi-level Marketing (MLM) Companies. Banks should analyse data in cases where a large number of checkbooks are sought by the company, there are multiple small deposits (generally in cash) across the country in one bank account, and where a large number of cheques are issued bearing similar amounts/dates. Where such features are noticed by the bank and in case they find such unusual operations in their accounts, the matter should be immediately reported to the Reserve Bank and other appropriate authorities such as FIU-IND. [ To know more read: WHAT IS MONEY LAUNDERING AND FINANCING OF TERRORISM RISKS?]
Banks/FIs should exercise ongoing due diligence concerning the business relationship with every client and closely examine the transactions to ensure that they are consistent with their knowledge about the clients, their business and risk profile, and where necessary, the source of funds.
In terms of instructions contained in Para 15(1) of the Master Circular No 184 dated July 1, 2010, in the event of an existing customer or the beneficial owner of an existing account, subsequently becoming a Politically Exposed Person (PEP), the Regulated Entities (including NBFCs/RNBCS) were advised to obtain senior management approval to continue the business relationship and subject the account to the CDD measures as applicable to the customers of PEP category including enhanced monitoring on an ongoing basis. It was further clarified that the instructions are also applicable to accounts where PEP is the ultimate beneficial owner. Further, regarding PEP accounts, it is reiterated that Banks/NBFCs should have appropriate ongoing risk management procedures for identifying and applying enhanced CDD to PEPs, customers who are close relatives of PEPs, and accounts of which PEP is the ultimate beneficial owner.
The Board of Directors should ensure that an effective AML/CFT programme [read: WHAT ARE CFT AND FATF IN BANKING?], is in place by establishing appropriate procedures and ensuring their effective implementation. It should cover proper management oversight, systems and controls, segregation of duties, training of staff, and other related matters. In addition, the following may also be ensured for effectively implementing the AML/CFT requirements.
- Using a risk-based approach to address management and mitigation of various AML/CFT risks.
- Allocation of responsibility for effective implementation of policies and procedures.
- Independent evaluation by the compliance functions of bank/FI’s policies and procedures, including legal and regulatory requirements.
- Concurrent/internal audit to verify compliance with KYC/AML policies and procedures.
- Putting up consolidated notes on such audits and compliance to the Audit Committee at quarterly intervals.
For each new customer, banks shall prepare a customer profile. Banks/FIs should prepare a profile for each new customer based on risk categorization (low, medium, and high risk) containing information relating to the customer’s identity, social/financial status, nature of the business activity, information about the client’s business and their location, etc. The nature and extent of due diligence will depend on the risk perceived by the bank/FI.
The nature and extent of due diligence may be based on the following principles:
- Individuals (other than High Net Worth) and entities, whose identity and source of income, can be easily identified, and customers whose accounts the transactions conform to the known profile, may be categorised as low risk. Illustrative examples include salaried employees and pensioners, people belonging to lower economic strata, government departments and government-owned companies, regulators and statutory bodies, etc. Further, Non-Profit Organisations (NPOs)/ Non-Government Organisations (NGOs) promoted by the United Nations or its agencies, and such international/ multilateral organizations of repute, may also be classified as low-risk customers.
- Customers who are likely to pose a higher than average risk should be categorised as a low, medium, or high risk depending on the background, nature, and location of the activity, country of origin, sources of funds, customer profile, etc. Customers requiring a very high level of monitoring, e.g., those involved in cash-intensive business, Politically Exposed Persons (PEPs) of foreign origin, may, if considered necessary, be categorised as high risk.
[To know more read: WHAT IS CUSTOMER DUE DILIGENCE (CDD) UNDER AML RISK MANAGEMENT IN BANKS?]
RBI guidance states that “The above guidelines for risk categorisation are indicative and banks/FIs may use their judgment in arriving at the categorisation for each account based on their own assessment and risk perception of the customers and not merely based on any group or class they belong to. Banks may use for guidance in their risk assessment, the reports and guidance notes on KYC/AML issued by the Indian Banks Association”.
Documents and other information are to be collected from different categories of customers depending on perceived risk and the requirements of the PML Act, 2002, as well as instructions/guidelines issued by the Reserve Bank from time to time. [Read: KYC POLICY FOR OPENING BANK ACCOUNTS OF ALL VARIETIES (LATEST UPDATE] Circumstances, in which a customer is permitted to act on behalf of another person/entity, should be spelled out in conformity with the established law and practice of banking. The bank/FI should have suitable systems in place to ensure that the customer’s identity does not match any person or entity, whose name appears in the sanction lists circulated by the Reserve Bank. It is important to bear in mind that adopting a customer acceptance policy and its implementation should not be too restrictive, resulting in the denial of banking facilities to members of the general public, especially those financially or socially disadvantaged.