The Reserve Bank of India (RBI) on Monday cautioned individuals against sharing bank account login details, personal information, copies of know-your-customer (KYC) documents, card information, PIN, password, and OTP, etc. with unidentified persons or agencies. The banking regulator further bank advised the general public that such details should not be shared through unverified or unauthorised websites or applications.
The notification said that Reserve Bank has been receiving complaints/reports about customers falling prey to frauds being perpetrated in the name of KYC updation.
The usual modus operandi in such cases include receipt of unsolicited communication, such as calls, SMSs, emails, etc., by customer urging him/her to share certain personal details, account/login details/ card information, PIN, OTP, etc. or install some unauthorised/ unverified application for KYC updation using a link provided in the communication. Such communications are also reported to carry threats of account freeze/ block/closure. Once a customer shares information over call/message/unauthorised application, fraudsters get access to the customer’s account and defraud him/her.
It is also clarified that while the Regulated Entities (REs) are required to undertake periodic updation of KYC, the process of periodic updation of KYC has been simplified to a large extent vide circular dated May 10, 2021. Further, vide circular dated May 5, 2021, REs have been advised that in respect of customer accounts where periodic updation of KYC is due and pending as on date, no restrictions on operations of such account shall be imposed till December 31, 2021, for this reason alone, unless warranted under instructions of any regulator/ enforcement agency/court of law, etc.