This post explains Operational Aspects of KYC including Monitoring of Transactions.
The KYC norms in banking and other financial institutions are a set of procedures and rules as outlined by the regulator RBI. The regulated institutions must follow to verify the identity and address of their customers. This process involves collecting and verifying documents that prove a customer’s identity and residential address.
KYC or “Know Your Customer” is the process employed by banks to verify the identity and address of their clients. This process is critical, as it helps prevent the banking sector from being exploited for illegal activities. KYC validation is not a one-off check but an ongoing process to ensure that the bank’s services are not misused.
There are four key elements to the KYC guidelines as set out by RBI
Customer Acceptance Policy: No account is opened in an anonymous or fictitious/benami name. Parameters of risk perception are clearly defined in terms of the nature of the business activity, location of the customer and his clients, mode of payments, volume of turnover, social and financial status, etc. to enable the bank/FIs to categorizing the customers into low, medium and high-risk ones. Documents and other information are to be collected from different categories of customers depending on perceived risk and the requirements of the PML Act, 2002, and instructions/guidelines issued by the Reserve Bank from time to time. Circumstances, in which a customer is permitted to act on behalf of another person/entity, should be clearly spelled out in conformity with the established law and practice of banking.
Customer Identification Procedures:
Banks and financial institutions are forbidden to open an account if they are unable to apply appropriate customer due diligence measures [Read:(WHAT IS CUSTOMER DUE DILIGENCE (CDD) UNDER AML RISK MANAGEMENT IN BANKS?)], such as being unable to verify the identity and /or obtain required documents either due to non-cooperation of the customer or non-reliability of the documents/information furnished by the customer. The bank/FI may also consider closing an existing account under similar circumstances. The bank/FI should have suitable systems in place to ensure that the identity of the customer does not match with any person or entity, whose name appears in the sanction lists circulated by the Reserve Bank.
(a) Customer identification means undertaking client due diligence measures while commencing an account-based relationship including identifying and verifying the customer and the beneficial owner based on one of the OVDs. Banks/FIs need to obtain sufficient information to establish, to their satisfaction, the identity of each new customer, whether regular or occasional and the purpose of the intended nature of the banking relationship. The bank/FI must be able to satisfy the competent authorities that due diligence was observed based on the risk profile of the customer in compliance with the extant guidelines in place. Such a risk-based approach is considered necessary to avoid disproportionate costs to the banks/FIs and a burdensome regime for the customers.
Banks/FIs should have a policy approved by their Boards which should clearly spell out the Customer Identification Procedure to be carried out at different stages, i.e.,
Banks/FIs may seek ‘mandatory’ information required for KYC purposes which the customer is obliged to give while opening an account or during periodic updation. Other ‘optional’ customer details/additional information, if required, may be obtained separately after the account is opened only with the explicit consent of the customer.
Monitoring of Transactions:
Constant monitoring is an essential element of effective KYC/AML procedures. Regular exercises of Customer Due diligence should be carried out to closely examine the transactions to ensure that they are consistent with the customer’s profile and source of funds as per extant instructions. Such review of risk categorisation of customers should be carried out at a periodicity of not less than once in six months. The ongoing due diligence may be based on the following principles:
a) The extent of monitoring will depend on the risk category of the account. High-risk accounts have to be subjected to more intensified monitoring.
(b) Banks/FIs should pay particular attention to the following types of transactions:
It is important to monitor the transactions in accounts of marketing firms, especially accounts of Multi-level Marketing (MLM) Companies. Banks should analyse data in cases where a large number of checkbooks are sought by the company, there are multiple small deposits (generally in cash) across the country in one bank account, and where a large number of cheques are issued bearing similar amounts/dates. Where such features are noticed by the bank and in case they find such unusual operations in their accounts, the matter should be immediately reported to the Reserve Bank and other appropriate authorities such as FIU-IND. [ To know more read: WHAT IS MONEY LAUNDERING AND FINANCING OF TERRORISM RISKS?]
Risk Management:
Banks/FIs should exercise ongoing due diligence concerning the business relationship with every client and closely examine the transactions to ensure that they are consistent with their knowledge about the clients, their business and risk profile, and where necessary, the source of funds.
The Board of Directors should ensure that an effective AML/CFT programme [read: WHAT ARE CFT AND FATF IN BANKING?], is in place by establishing appropriate procedures and ensuring their effective implementation. It should cover proper management oversight, systems and controls, segregation of duties, training of staff, and other related matters. In addition, the following may also be ensured for effectively implementing the AML/CFT requirements.
For each new customer, banks shall prepare a customer profile. Banks/FIs should prepare a profile for each new customer based on risk categorization (low, medium, and high risk) containing information relating to the customer’s identity, social/financial status, nature of the business activity, information about the client’s business and their location, etc. The nature and extent of due diligence will depend on the risk perceived by the bank/FI.
The nature and extent of due diligence may be based on the following principles:
[To know more read: WHAT IS CUSTOMER DUE DILIGENCE (CDD) UNDER AML RISK MANAGEMENT IN BANKS?]
RBI guidance states that “The above guidelines for risk categorisation are indicative and banks/FIs may use their judgment in arriving at the categorisation for each account based on their own assessment and risk perception of the customers and not merely based on any group or class they belong to. Banks may use for guidance in their risk assessment, the reports and guidance notes on KYC/AML issued by the Indian Banks Association”.
For documents and other information to be collected from different categories of customers depending on perceived risk and the requirements of the PML Act, 2002, and instructions/guidelines issued by the Reserve Bank from time to time. [Read: KYC POLICY FOR OPENING BANK ACCOUNTS OF ALL VARIETIES (LATEST UPDATE] Circumstances, in which a customer is permitted to act on behalf of another person/entity, should be spelled out in conformity with the established law and practice of banking. The bank/FI should have suitable systems in place to ensure that the identity of the customer does not match with any person or entity, whose name appears in the sanction lists circulated by the Reserve Bank. It is important to bear in mind that the adoption of a customer acceptance policy and its implementation should not be too restrictive which results in the denial of banking facilities to members of the general public, especially those, who are financially or socially disadvantaged.
Related Posts
More Related Posts:
The Basel Committee on Banking Supervision (BCBS) is the primary global standard setter for the…
In terms of Securities and Exchange Board of India (Listing Obligations and Disclosure Requirements) Regulations,…
Many methods and techniques are used in the analysis of financial statements including profit and…
The Government of Uttar Pradesh vide order No. 870/3-2024-39(2)/2016 dated 17.12.2025 declared following days as…
Financial statement disclosures are non-financial information that appears at the end of a financial statement.…
NPCI warns users about the rising 'Digital Arrest' scam targeting UPI users, in which scammers…