How Is The Risk Perception Of Customers Linked To KYC: RBI

RBI deputy governor R Gandhi said that KYC was always there in banking! The focus, earlier, was more on the asset side and not on the liability side as no banker could risk parting with his funds to an unknown person.

Speaking at the Federation of Andhra Pradesh Chambers of Commerce and Industry, Hyderabad, on Friday, Gandhi said, “The thorough appraisal process to screen the potential borrowers is a good example of KYC process.”

The theme of the session was, "KYC: Compliance vs Convenience".

Below are the excerpts of R Gandhi's speech:

Issues such as illegal/black money and more recently, terrorism financing became matters of serious concern and then KYC on payments and remittances, and consequently on the liability side (deposit accounts, etc.) started assuming high importance.

Why KYC/AML Norms

Sound KYC policies and procedures are critical for protecting the safety and soundness of banks and the integrity of banking system in the country.

Due to increasing globalisation of Indian banks, their interaction with other countries' financial systems are expanding, making the task of ensuring safety of our systems more critical. International obligations and inter-regulatory consensus built via United Nations Resolutions, Basle Committee on Banking Supervision and the Financial Action Task Force also require that we put in place an elaborate KYC Framework in India.

Financial Action Task Force (FATF)

The FATF is an intergovernmental body established in 1989 (G-7 initiative). Its tasks are to set standards and promote effective implementation of legal, regulatory and operational measures for combating money laundering, terrorist financing and other related threats to the integrity of the international financial system. It is a policy-making body which works to generate the necessary political will to bring about national legislative and regulatory reforms in these areas. It monitors the progress of its members in implementing necessary measures.

There are 36 full-fledged members. India is one of them. Over 18 jurisdictions around the world have committed to the FATF Recommendations. India has also committed to implement the recommendations of FATF. Originally, in 1990, FATF had 40 recommendations focussing on drug money. It revised its recommendations in 1996 and broadened the scope. Then in 2001, it added eight (later nine) special recommendations to combat financing of terrorism which were further revised in 2003. The latest exercise in 2012 had further revised the recommendations and combined the 40+9 to 40.

Basel Committee

Findings of an internal survey of cross-border banking in 1999 by the Basel Committee identified deficiencies in KYC policies for banks in a large number of countries. It constituted a Working Group on Cross-border Banking to examine the then KYC procedures and to draw up standards applicable to banks in all countries. It issued a consultative document, called the Customer Due Diligence for banks (CDD) in January 2001. While the FATF’s focus is on money-laundering and terrorist financing, the Basel Committee's approach to KYC is from a wider prudential, and risk-management perspective, not just anti-money laundering perspective.

PMLA – Salient Features

UN General Assembly resolution (1990) calls upon the Member States to adopt national money-laundering legislation and programme. Accordingly, in India the Prevention of Money Laundering Act (PMLA), 2002 was enacted in January 2003. The Act along with the Rules framed there under have come into force with effect from 1st July 2005.

The objectives of the PMLA are to:

  • prevent and control money laundering
  • confiscate and seize the property obtained from the laundered money
  • prescribe fines and penalties for offence

The important feature of the Act is that the burden of proof is on the accused.

Regulatory Stance

The Reserve Bank's regulatory stance on KYC is with the aim to safeguard banks from being used by criminal elements for money laundering activities and to enable banks to understand the risk posed by customers, products and services, delivery channels and helping them assess and manage their risks prudently. At the same time, the Reserve Bank is fully conscious that the KYC framework will have to be relevant to the perceived risk and not intrusive in nature nor too strict resulting in denial of banking services to general public.

As far as Indian banking sector is concerned, some of the initial steps taken (instructions issued) in respect of KYC are as under. Actually these instructions are there for the past 50 years or so, as far back as from 1965.

1965 – Banks were asked to ensure that full and correct addresses of the depositors are recorded (Benami accounts & avoidance of tax).

1976 – For opening of accounts, in order to establish the identity of account holders/avoid benami accounts, the concept of "Introduction" was prescribed.

1987 - There should be reasonable gap of say, 6 months between the time an introducer opens his account and introduces another prospective account holder to the bank. Introduction of an account should enable proper identification of the person opening an account so that the person can be traced if the account is misused.

1991 - No cash transaction above ` 50,000/- for TCs/ DDs/MTs/TTs

1993 - Banks to keep vigil over heavy cash withdrawals by account holders which may be disproportionate to their normal trade/business requirements and cases of unusual trends

The banks to introduce the practice of obtaining photographs of the depositors/account holders who are authorised to operate the said accounts at the time of opening of all new operative accounts with effect from 1st January 1994

1995 - Monitoring & special reporting for cash transactions of value more than `10 Lakh.

1999 - Confirmation by post from both the customer and the introducer before issue of cheque book 2002 – KYC circular

Paradigm shift – KYC prior to & post Nov’ 04

After the international focus on KYC, the Reserve Bank brought on a paradigm shift in the approach to KYC by banks in India. It moved away from introduction to document based identification - hence introduction not required. It also shifted the focus from financial loss (from frauds) to the banks to the loss of reputation to the banks (by non-compliance). The other principles are that the KYC information collected is to be consistent with risk perception and other information to be collected only with consent of the customer and the KYC related information is confidential - not to be divulged for cross-selling or any other purpose.

Who is a Customer – a KYC context

In the context of KYC framework, the concept of "customer" has now been redefined. A "customer" is no longer just the one who has an Account and/or business relationship with the bank; the ones on whose behalf the account is maintained (i.e. the beneficial owner), the beneficiaries of transactions conducted by professional intermediaries, such as Stock Brokers, Chartered Accountants, Solicitors and any person/entity connected with any financial transaction which can pose risk to bank, say, through a wire transfer/issue of a high value DD, etc are all "customers".

KYC policy of banks – the 4 key elements

The Reserve Bank has prescribed that the KYC policy of banks should have the following key elements:

  • Customer Acceptance Policy
  • Customer Identification Procedures
  • Monitoring of Transactions, and
  • Risk Management

Customer Acceptance Policy

The salient features are:

  • No anonymous or fictitious/benami accounts to be allowed
  • Not to open/close accounts when unable to apply appropriate Customer Due Diligence (CDD - decision to close a/cs to be taken at reasonably high levels after issuing due notice to the customers).
  • Define parameters of risk perception to enable categorisation of customers Documentation/information requirements for different risk categories (to prepare a profile of each customer)
  • Circumstances where a customer is permitted to act on behalf of another person/entity, should be spelt out (eg., account is operated by a mandate holder)
  • Identity of the customer does not match with those of criminal backgrounds/banned entities (terrorists, etc.)

Customer Identification Procedures (CIP)

Customer identification - identifying the customer and verifying his/her identity by using reliable, independent source documents, data or information. the banks must be able to satisfy the competent authorities that due diligence was observed based on the risk profile of the customer in compliance with the extant guidelines in place.

Such risk-based approach is considered necessary to avoid disproportionate cost to banks and a burdensome regime for the customers. nature of information/documents required would also depend on the type of customer (individual, corporate etc.)

CIP – When Customer ID is required

While establishing a banking relationship

While carrying out a financial transaction as in the case of a ‘Walk in Customer’

When the bank has a doubt about the authenticity/veracity or the adequacy of the previously obtained customer identification data