Know Your Customer (KYC) norms
Banks are required to follow Know Your Customer (KYC) guidelines. These guidelines are meant to weed out and to protect the good ones and the banks. With the growth in organized crime, KYC has assumed great significance for banks. The RBI guidelines on KYC aim at preventing banks from being used, intentionally or unintentionally, by criminal elements for money laundering or terrorist financing activities. They also enable banks to have better knowledge and understanding of their customers and their financial dealings. This in turn helps banks to manage their risks better. The RBI expects all banks to have comprehensive KYC policies, which need to be approved by their respective boards.
Banks should frame their KYC policies incorporating the following four key elements:
a) Customer Acceptance Policy;
b) Customer Identification Procedures;
c) Monitoring of Transactions; and
d) Risk Management.
Customer Acceptance Policy
Every bank should develop a clear Customer Acceptance Policy laying down explicit criteria for acceptance of customers. The usual elements of this policy should include the following. Banks, for example, should not open an account in anonymous or fictitious/ benami name(s). Nor should any account be opened where the bank's due diligence exercises relating to identity has not been carried out. Banks have to ensure that the identity of the new or existing customers does not match with any person with known criminal background. If a customer wants to act on behalf of another, the reasons for the same must be looked into.
However, the adoption of customer acceptance policy and its implementation should not become too restrictive and should not result in denial of banking services to general public, especially to those who are financially or socially disadvantaged.
Customer Identification Procedures
Customer identification means identifying the customer and verifying his/her identity by using reliable, independent source documents, data or information. For individual customers, banks should obtain sufficient identification data to verify the identity of the customer, his address and a recent photograph. The usual documents required for opening deposit accounts are given in Box 7.3. For customers who are legal persons, banks should scrutinize their legal status through relevant documents, examine the ownership structures and determine the natural persons who control the entity.
Documents for opening deposit accounts under KYC guidelines
The Customer identification will be done on the basis of documents provided by the prospective customer as under:
a) Passport or Voter ID card or Pension Payment Orders (Govt./PSUs) alone, whereon the address is the same as mentioned in account opening form.
b) Any one document for proof of identity and proof of address, from each of the under noted items:
Proof of Identity
i) Passport, if the address differs from the one mentioned in the account opening form
ii) Voter ID card, if the address differs from the one mentioned in the account opening form
iii) PAN Card
iv) Govt./ Defence ID card
v) ID cards of reputed employers
vi) Driving License
vii) Pension Payment Orders (Govt./PSUs), if the address differs from the one mentioned in the account opening form
viii) Photo ID card issued by Post Offices
viii) Photo ID card issued to bonafide students of Universities/ Institutes approved by UGC/AICTE
Proof of address
i) Credit card statement
ii) Salary slip
iii) Income tax/ wealth tax assessment
iv) Electricity bill
v) Telephone bill
vi) Bank account statement
vii) Letter from a reputed employer
viii) Letter from any recognized public authority
ix) Ration card
x) Copies of registered leave & license agreement/ Sale Deed/ Lease Agreement may be accepted as proof of address
xi) Certificate issued by hostel and also, proof of residence incorporating local address, as well as permanent address issued by respective hostel warden of aforesaid University/institute where the student resides, duly countersigned by the Registrar/ Principal/Dean of Student Welfare. Such accounts should be closed on completion of education/leaving the University/ Institute.
xii) For students residing with relatives, address proof of relatives along with their identity proof, can also be accepted provided declaration is given by the relative that the student is related to him and is staying with him.
Source: State Bank of India website
Monitoring of Transactions
Ongoing monitoring is an essential element of effective KYC procedures. Banks can effectively control and reduce their risk only if they have an understanding of the normal and reasonable activity of the customer so that they have the means of identifying the transactions that fall outside the regular pattern of activity. Banks should pay special attention to all complex, unusually large transactions and all unusual patterns which have no apparent economic or visible lawful purpose. Banks may prescribe threshold limits for a particular category of accounts and pay particular attention to the transactions which exceed these limits.
Banks should ensure that any remittance of funds by way of demand draft/ mail/ telegraphictransfer or any other mode and issue of travellers' cheques for value of Rs 50,000 and above is effected by debit to the customer's account or against cheques and not against cash payment.
Banks should further ensure that the provisions of Foreign Contribution (Regulation) Act, 1976 as amended from time to time, wherever applicable, are strictly adhered to.
Risk Management
Banks should, in consultation with their boards, devise procedures for creating risk profiles of their existing and new customers and apply various anti-money laundering measures keeping in view the risks involved in a transaction, account or banking/ business relationship.Banks should prepare a profile for each new customer based on risk categorisation. The customer profile may contain information relating to customer's identity, social/ financial status, nature of business activity, information about his clients' business and their location etc. Customers may be categorised into low, medium and high risk. For example, individuals (other than high net worth individuals) and entities whose identities and sources of wealth can be easily identified and transactions in whose accounts by and large conform to the known transaction profile of that kind of customers may be categorised as low risk. Salaried employees, government owned companies, regulators etc fall in this category. For this category of customers, it is sufficient to meet just the basic requirements of verifying identity.
There are other customers who belong to medium to high risk category. Banks need to apply intensive due diligence for higher risk customers, especially those for whom the sources of funds are not clear.
Examples of customers requiring higher due diligence include
(a) nonresident customers;
(b) high net worth individuals;
(c) trusts, charities, NGOs and organizations receiving donations;
(d) companies having close family shareholding or beneficial ownership;
(e) firms with 'sleeping partners';
(f) politically exposed persons (PEPs) of foreign origin;
(g) non-face-to-face customers and
(h) those with dubious reputation as per public information available etc.
Banks' internal audit and compliance functions have an important role in evaluating and ensuringadherence to the KYC policies and procedures. Concurrent/ Internal Auditors should specifically check and verify the application of KYC procedures at the branches and comment on the lapses observed in this regard.
