Banks are required to periodically update their customers’ KYC details under Know Your Customer (KYC) Norms /Anti-Money Laundering (AML) Standards/ Combating of Financing of Terrorism (CFT)/Obligation of banks under Prevention of Money Laundering Act (PMLA), 2002. As per latest review and directives of RBI, periodic full KYC exercise will be required to be done for the following categories of customers
Low risk category of individuals and entities: at least every ten years after the account is opened, full KYC updating exercise (which includes collecting customer’s identification data and photograph/s) required to be done.
Medium risk individuals and entities: at least every eight years after the account is opened, full KYC updating exercise (which includes customer’s identification data and photograph/s) required to be done.
High risk category of individuals and entities: at least every two years after the account is opened, full KYC updating exercise (which include customer’s identification data and photograph/s) required to be done.
In addition to the above actions as a part of their ongoing due diligence on customers’ accounts, banks are required to obtain positive confirmation (obtaining KYC related updates through e-mail/letter/telephonic conversation/forms/interviews/visits, etc.), at least every two years for medium risk and at least every three years for low risk individuals and entities. Fresh photographs required to be obtained from minor customer on becoming major.
The parameters of risk low, medium and high risk perception are defined in terms of the nature of business activity, location of customer and his clients, mode of payments, volume of turnover, social and financial status etc. Banks are at liberty to choose any suitable nomenclature like level I, level II and level III instead of high risk, medium risk or low risk categories of customers. The salaried employees whose salary structures are well defined, people belonging to lower economic strata of the society whose accounts show small balances and low turnover, Government Departments and Government owned companies, regulators and statutory bodies etc. whose identities and sources of wealth can be easily identified and transactions in whose accounts by and large conform to the known profile, are classified as low risk customers. The NPOs/NGOs promoted by United Nations or its agencies are also classified as low risk customers.
Customers who may likely to pose a higher than average risk to the bank are categorised as medium or high risk depending on customer’s background, nature and location of activity, country of origin, sources of funds and customer’s client profile, etc. For example, accounts of bullion dealers (including sub-dealers) & jewelers are categorized as high risk customers in view of the risks involved in their cash intensive businesses. Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher parameter.
Other examples of customers requiring higher due diligence are;
(a) Nonresident customers;
(b)High net worth individuals;
(c) trusts, charities, NGOs and organizations receiving donations;
(d) Companies having close family shareholding or beneficial ownership;
(e) Firms with ‘sleeping partners’;
(f) Politically exposed persons (PEPs) of foreign origin, customers who are close relatives of PEPs and accounts of which PEP is the ultimate beneficial owner;
(g) Non-face to face customers and
(h) Those with dubious reputation as per public information available etc.
The above types of customers are categorized as medium or high risk customers based on the risk assessment of the bank, especially those for whom the sources of funds are not clear.
KYC documents for current accounts of all varieties
How to open bank accounts under e-KYC process?
What are the valid address proof documents for KYC?
What is relaxed KYC norm for proprietary concerns?
KYC/AML guidelines for opening bank account made simple