The Reserve Bank of India (RBI) is at the forefront of ensuring financial institutions’ compliance and the safety of the Indian financial system. In its quest for a robust financial sector, the RBI periodically amends and updates its regulations. This circular delves into the recent amendment to the Master Direction (MD) on Know Your Customer (KYC) and its significance for regulated entities (REs).
The RBI’s MD on KYC, initially issued on February 25, 2016, lays out the framework for Customer Due Diligence (CDD) for financial institutions and other REs. These entities are mandated to follow the processes outlined in the MD to ensure the legitimacy of their customers.
2. Recent Amendments
The recent amendment to the MD on KYC, as dated October 17, 2023, introduces several crucial changes:
a) Compliance with Updated Laws: The amendment includes instructions that align with changes to the Prevention of Money Laundering (PML) Rules following government notifications in September and October 2023.
b) Annex II and Annex III Updates: Annex II and Annex III have been updated to reflect changes in government orders related to Unlawful Activities (Prevention) Act, 1967, and Weapons of Mass Destruction and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005.
c) FATF Recommendations: Certain instructions have been modified in accordance with recommendations from the Financial Action Task Force (FATF).
d) Introduction of Section 55A: A new Section 55A on the Foreign Contribution (Regulation) Act (FCRA) has been incorporated into the MD.
e) Miscellaneous Updates: Several other instructions have been updated to enhance the regulatory framework.
3. Implications of the Amendment
The implications of the amendment are extensive:
a) Compliance with Updated Laws: The REs are expected to adhere to the latest changes in the PML Rules as specified in the amendment.
b) Enhanced Beneficial Owner Identification: The requirement for identifying beneficial owners in partnership firms has been revised, and a clarifying ‘Explanation’ has been added.
c) Definition of Principal Officer: The definition of “Principal Officer” has been refined to include “at the management level” in its description.
d) Customer Due Diligence (CDD): The definition of CDD now emphasizes “using reliable and independent sources of identification” and lays out specific requirements during account commencement or high-value transactions.
e) Ongoing Due Diligence: The obligations for ongoing due diligence have been enhanced to ensure that transactions align with the RE’s knowledge about customers and their risk profiles.
f) Asset Reconstruction Companies (ARCs): Asset Reconstruction Companies are explicitly included under the definition of ‘Regulated Entities.’
g) Countermeasures: REs are now expected to undertake countermeasures when requested by international or intergovernmental organizations of which India is a member.
h) Enhanced Due Diligence: REs must apply enhanced due diligence, as required by the FATF, for business relationships and transactions from countries where such measures are mandated.
i) Monitoring Money Mules: Banks are instructed to take diligence measures to identify and act upon accounts operated as “Money Mules.”
j) Correspondent Banking and Wire Transfers: Enhanced directives related to correspondent banking and wire transfers, emphasizing understanding the nature of the respondent bank’s business and risk profile.
The RBI’s amendment to the Master Direction on KYC is aimed at strengthening the anti-money laundering and counter-terrorism financing framework in the Indian financial sector. Regulated entities must promptly implement these changes to ensure that they remain compliant and contribute to a secure and transparent financial environment in the country. Staying up-to-date with regulatory amendments is crucial for financial institutions and other stakeholders to maintain their credibility and reputation.
Reserve Bank of India
Dated: October 17, 2023
The Chairpersons/ CEOs of all the Regulated Entities
Dear Sir / Madam,
Amendment to the Master Direction (MD) on KYC
Please refer to the Master Direction (MD) on KYC dated February 25, 2016, as amended from time to time, in terms of which Regulated Entities (REs) have to undertake Customer Due Diligence (CDD), as per the process laid out therein, for their customers.
2. In this regard, on a review, it has been decided to amend the MD on KYC to:
(a) Update certain instructions considering amendments to the PML Rules vide Government notifications dated September 4, 2023 and October 17, 2023;
(b) Update Annex II of the MD considering the changes to Government of India Order related to Unlawful Activities (Prevention) Act (UAPA), 1967, vide corrigendum dated August 29, 2023;
(c) Update Annex III of the MD by replacing the Government of India Order dated January 30, 2023, related to Weapons of Mass Destruction and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005 (WMD Act, 2005) with the Government of India Order dated September 1, 2023 (which has been issued by the Government in suppression of the earlier WMD Act Order dated January 30, 2023), on the matter;
(d) Update certain instructions in accordance with the FATF Recommendations;
(e) Add a new Section 55A, on FCRA, in the MD on KYC; and
(f) Update certain other instructions post review.
The changes carried out in the MD in this regard are provided in Annexure.
3. Accordingly, the relevant Sections of the MD on KYC are hereby amended to reflect the changes furnished in Annexure. The amended provisions in the MD shall come into force with immediate effect.
(Santosh Kumar Panigrahy)
Chief General Manager
Encl: As above
I. Section 2 – “Applicability”
Proviso (i) to Section 2 (b) has been amended to instruct Regulated Entities (REs) that where applicable laws and regulations prohibit implementation of these guidelines, the same shall be brought to the notice of the Reserve Bank of India. RBI may advise further necessary action by the RE including application of additional measures to be taken by the RE to manage the ML/TF risks.
II. Section 3 – Beneficial Owner (BO) Identification criteria for a “partnership firm”
Changes have been made to sub-clause (b), clause (iv), sub-section (a) of Section 3 of the MD, dealing with the requirement of beneficial owner (BO) identification for “partnership firms”. An ‘Explanation’ has also been added after the said sub-clause (b).
III. Section 3 – Principal Officer
In clause (xviii), sub-section (a) of Section 3 of the MD, on definition of “Principal Officer” (PO), the words “at the management level” have been inserted. The revised definition of PO is – ““Principal Officer” means an officer at the management level nominated by the RE, responsible for furnishing information as per rule 8 of the Rules.”
IV. Section 3 – Customer Due Diligence (CDD)
In clause (v), sub-section (b) of Section 3 of the MD, on definition of “Customer Due Diligence (CDD)”, the words “using reliable and independent sources of identification” have been appended. Further, an explanation has been provided to the definition as under –
“Explanation – The CDD, at the time of commencement of an account-based relationship or while carrying out occasional transaction of an amount equal to or exceeding rupees fifty thousand, whether conducted as a single transaction or several transactions that appear to be connected, or any international money transfer operations, shall include:
(a) Identification of the customer, verification of their identity using reliable and independent sources of identification, obtaining information on the purpose and intended nature of the business relationship, where applicable;
Annexure to the circular on amendment to the MD on KYC
(b) Taking reasonable steps to understand the nature of the customer’s business, and its ownership and control;
(c) Determining whether a customer is acting on behalf of a beneficial owner, and identifying the beneficial owner and taking all steps to verify the identity of the beneficial owner, using reliable and independent sources of identification.”
V. Section 3 and 35 – “On-going Due Diligence”
In clause (xi), sub-section (b) of Section 3 of the MD, the definition of “On-going Due Diligence” has been amended directing REs to ensure that transactions in account are consistent with RE’s knowledge about the customers, customers’ business and risk profile, the source of funds/wealth. Section 35 has also been amended accordingly.
VI. Section 3 – Clarification regarding Asset Reconstruction Companies (ARCs) In terms of clause (a) of Section 2 of the MD on KYC, the provision of the MD shall apply to every entity regulated by RBI. Asset Reconstruction Companies (ARCs), which were hitherto not explicitly mentioned under the definition of ‘Regulated Entities’ in Section 3(b)(xiv) of the MD, have been included in Section 3(b)(xiv) to make the applicability of the MD to ARCs explicit.
VII. Section 4 – General
Clause (b) of Section 4 has been amended to read as under:
“In terms of PML Rules, groups are required to implement group-wide policies for the purpose of discharging obligations under the provisions of Chapter IV of the PML Act, 2002. (15 of 2003). Accordingly, every RE which is part of a group, shall implement group-wide programmes against money laundering and terror financing, including group-wide policies for sharing information required for the purposes of client due diligence and money laundering and terror finance risk management and such programmes shall include adequate safeguards on the confidentiality and use of information exchanged, including safeguards to prevent tipping-off.”
VIII Section 5A – Money Laundering and Terrorist Financing Risk Assessment by REs
Clause (b) of Section 5A is amended to provide option to REs that the periodicity of the ML/TF risk assessment exercise may be determined by, either the ‘Boardof the RE’ or ‘a Committee of the Board’ to which the power is delegated.
Section 5B – CDD programme for mitigation and management of the identified risk
Clause (d) of Section 5A has been deleted and a new Section (5B) has been added as under:
“5B. REs shall apply a Risk Based Approach (RBA) and implement a CDD programme, having regard to the ML/TF risks identified (by the RE itself or through the National Risk Assessment) and the size of business, for mitigation and management of the identified risk and should have Board approved policies, controls and procedures in this regard. Further, REs shall monitor the implementation of the controls and enhance them if necessary.”
IX. Section 10 – Customer Acceptance Policy
In clause (b) of Section 10, the following provision has been added: “The RE shall consider filing an STR, if necessary, when it is unable to comply with the relevant CDD measures in relation to the customer.”
X. Section 14
Clause (a) of Section 14, has been amended to read as under –
“(a) RE immediately obtains from the third party or from the Central KYC Records Registry, the record or the information of such client due diligence carried out by the third party.”
XI. Section 24 – Simplified procedure for opening accounts by Non-Banking Finance Companies (NBFCs)
Clause (h) has been added to Section 24. The clause reads as follows:
“The account shall be monitored and when there is suspicion of ML/TF activities or other high-risk scenarios, the identity of the customer shall be established as per Section 16 or Section 18.”
XII. Section 32 – CDD process for Trusts
In clause (e) of Section 32, after the word “settlor” the words “protector, if any” have been added.
XIII. Section 33B
The following proviso has been added to Section 33B of the MD –
“Provided that in case of a trust, the RE shall ensure that trustees disclose their status at the time of commencement of an account-based relationship or when carrying out transactions as specified in clauses (b), (e) and (f) of Section 13 of this MD.”
XIV. Section 38 – Updation / Periodic Updation of KYC
Risk-based approach for periodic updation of KYC under Section 38 has been amended to read as follows- “REs shall adopt a risk-based approach for periodic updation of KYC ensuring that the information or data collected under CDD is kept up-to-date and relevant, particularly where there is high-risk.”
XVI. Section 41 – Accounts of Politically Exposed Persons (PEPs)
Section 41 has been amended to read as under-
“41. Account of Politically Exposed Persons (PEPs)-
A. REs shall have the option of establishing a relationship with PEPs (whether as customer or beneficial owner) provided that, apart from performing normal customer due diligence:
(a) REs have in place appropriate risk management systems to determine whether the customer or the beneficial owner is a PEP;
(b) Reasonable measures are taken by the REs for establishing the source of funds/wealth;
(c) the approval to open an account for a PEP shall be obtained from the senior management;
(d) all such accounts are subjected to enhanced monitoring on an on-going basis;
(e) in the event of an existing customer or the beneficial owner of an existing account subsequently becoming a PEP, senior management’s approval is obtained to continue the business relationship;
B. These instructions shall also be applicable to family members or close associates of PEPs.”
XVII. Section 46 – Record Management
The introductory lines of Section 46 of the MD hitherto read as follows:
“The following steps shall be taken regarding maintenance, preservation and reporting of customer account information, with reference to provisions of PML Act and Rules”
The word “account” has been deleted from the above requirement thereby clarifying that records of a customer need to be maintained by the RE as per Section 46 of the MD, irrespective of whether the customer is a walk-in customer or is an account holder.
Accordingly, Section 46 of the MD has been amended.
XVIII. Section 49
Section 49 of the MD has been amended to read as under:
“49. While furnishing information to the Director, FIU-IND, delay of each day in not reporting a transaction or delay of each day in rectifying a mis-represented transaction beyond the time limit as specified in the Rule shall be constituted as a separate violation. REs shall not put any restriction on operations in the accounts merely on the basis of the STR filed. Every RE, its directors, officers, and all employees shall ensure that the fact of maintenance of records referred to in rule 3 and furnishing of the information to the Director is confidential. However, such confidentiality requirement shall not inhibit sharing of information under Section 4(b) of this Master Direction of any analysis of transactions and activities which appear unusual, if any such analysis has been done.”
XIX. Section 53B – Countermeasures
A new Section 53B has been added in the MD as under –
“53B. REs shall undertake countermeasures when called upon to do so by any international or intergovernmental organisation of which India is a member and accepted by the Central Government.”
XX. Section 54 – Jurisdictions that do not or insufficiently apply the FATF Recommendations
Section 54 of the MD has been amended replacing the following sentence “Risks arising from the deficiencies in AML/CFT regime of the jurisdictions included in the FATF Statement shall be taken into account” with “REs shall apply enhanced due diligence, which are effective and proportionate to the risks, to business relationships and transactions with natural and legal persons (including financial institutions) from countries for which this is called for by the FATF.”
XXI. Section 55A – FCRA related provisions
Master Circular (MC) titled “Guidelines issued under Section 36(1)(a) of the Banking Regulation Act, 1949 – Implementation of the provisions of Foreign Contribution (Regulation) Act (FCRA), 2010” dated July 1, 2015 has been repealed. A new Section 55A on FCRA (in the Chapter X – ‘Other Instructions’ of the MD) has been added in the MD.
XXII. Section 59
Section 59 has been amended to read as under:
“The instructions on opening of accounts and monitoring of transactions shall be strictly adhered to, in order to minimise the operations of “Money Mules” which are used to launder the proceeds of fraud schemes (e.g., phishing and identity theft) by criminals who gain illegal access to deposit accounts by recruiting third parties which act as “money mules.” Banks shall undertake diligence measures and meticulous monitoring to identify accounts which are operated as Money Mules and take appropriate action, including reporting of suspicious transactions to FIU-IND. Further, if it is established that an account opened and operated is that of a Money Mule, but no STR was filed by the concerned bank, it shall then be deemed that the bank has not complied with these directions.”
XXIII. Section 63 – Correspondent Banking
Section 63 of the MD has been amended to clarify that apart from gathering information about the respondent bank, banks shall also use the gathered information to fully “understand” the nature of the respondent bank’s business, “to determine” from publicly available information the reputation of the respondent bank and the quality of supervision, including whether it has been subjected to a ML/TF investigation or regulatory action. Banks shall also “assess the AML/CFT controls of the respondent bank”. Further, correspondent banking relationships shall not be entered into or “continued” with a shell bank.
XXIV. Section 64 – Wire Transfer
Point (iv) of para A of Section 64 of the MD has been amended to clarify that in case of domestic wire transfers below rupees fifty thousand where the originator is not an account holder of the ordering RE and where the information accompanying the wire transfer can be made available to the beneficiary RE and appropriate authorities by other means, it is sufficient for the ordering RE to include a unique transaction reference number, provided that this number or identifier will permit the transaction to be traced back to the originator or the beneficiary. Further, it is also instructed that the ordering RE shall make the information available within three working/business days of receiving the request from the intermediary RE, beneficiary RE, or from appropriate competent authorities.
The wire transfer instructions contained in point (iv) of para B of Section 64 (Wire-Transfer) which were addressed to Money Transfer Service Scheme (MTSS) providers, have been extended to other REs as well.
XXV. Amendments to Annex II of the MD
Order dated February 2, 2021, of the Ministry of Home Affairs, Government of India on “Procedure for implementation of Section 51A of the Unlawful Activities (Prevention) Act, 1967” provided in Annex II of the MD has been updated consequent to the amendment of the aforementioned Order vide corrigendum dated August 29, 2023.
a) The words “and any other person” have been appended to the title of paragraph 7.
b) Two sub-paragraphs under paragraph 7 have been inserted.
XXVI. Amendments to Annex III of the MD
A revised WMD Order dated September 1, 2023 has been issued by the Govt. in suppression of the earlier WMD Order F.No.P-12011/14/2022-ES Cell-DOR, dated 30th January 2023. Accordingly, Annex III of the MD on KYC now reflects the WMD Order dated September 1, 2023. Also, the corresponding reference in section 52 has been appropriately modified.