Reserve Bank of India
RBI/2023-24/24
DOR.AML.REC.111/14.01.001/2023-24 Dated: April 28, 2023
The Chairpersons/ CEOs of all the Regulated Entities
Dear Sir/Madam,
Amendment to the Master Direction (MD) on KYC
Please refer to the Master Direction (MD) on KYC dated February 25, 2016, as amended from time to time, in terms of which Regulated Entities (REs) have to undertake Customer Due Diligence (CDD), as per the process laid out therein, for their customers.
2. In this regard, on a review, it has been decided to amend the MD on KYC to (a) align the instructions with the recent amendments carried out in the Prevention of Money Laundering (Maintenance of Records) Rules, 2005, (b) incorporate instructions in terms of the Government Order dated January 30, 2023, titled “Procedure for Implementation of Section 12A of the Weapons of Mass Destruction (WMD) and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005 (WMD Act, 2005)”; (c) update certain instructions in accordance with FATF Recommendations; and (d) refine certain extant instructions post review. The changes carried out in the MD in this regard are provided in Annexure.
3. Accordingly, the relevant Sections of the MD on KYCare hereby amended to reflect the changes furnished in Annexure. The amended provisions in the MD shall come into force with immediate effect.
Yours faithfully,
(Santosh Kumar Panigrahy)
Chief General Manager
Encl: As above
Annexure
I. Identification of Beneficial Owner
a) The threshold for “Controlling ownership interest” for the purpose of determination of Beneficial Owner (BO) has been revised to 10 percent for both companies and trusts from earlier threshold of 25 percent and 15 percent, respectively.
b) Exemption from identification of BO: The exemption from BO identification has been aligned with that provided in the PML Rules, 2005, such that where the customer or the owner of the controlling interest is (i) an entity listed on a stock exchange in India, or (ii) is an entity resident in jurisdictions notified by the Central Government and listed on stock exchanges in such jurisdictions, or (iii) is a subsidiary of such listed entities; it is not necessary to identify and verify the identity of any shareholder or beneficial owner of such an entity.
II. CDD measures in case of certain categories of non-individual customers
The CDD measures pertaining to following categories of non-individual customers have been amended to include certain additional information / document requirements:
a) Companies –
(i) the names of the relevant persons holding senior management position; and
(ii) the registered office and the principal place of its business, if it is different.
b) Partnership firms –
(i) the names of all the partners; and
(ii) address of the registered office, and the principal place of its business, if it is different.
c) Trusts –
(i) the names of the beneficiaries, trustees, settlor and authors of the trust
(ii) the address of the registered office of the trust; and
(iii) list of trustees and documents, as specified in Section 16, for those discharging role as trustee and authorised to transact on behalf of the trust.
Further, Section 33B has been amended to extend its applicability to a customer who purports to act on behalf of juridical person or individual or trust.
(It may be noted that compliance to the instructions at para I(a) and II above w.r.t legacy accounts shall be done by the REs in a time bound manner)
III. Record Management
a) An explanation has been provided in the instructions on ‘Record Management’ such that the expressions “records pertaining to the identification”, “identification records”, etc., shall include updated records of the identification data, account files, business correspondence and results of any analysis undertaken.
b) Instructions have been inserted advising REs to ensure that in case of customers who are non-profit organisations, the details of such customers are registered on the DARPAN Portal of NITI Aayog. If such customers are not registered, RE shall register the details on the DARPAN Portal. REs shall also maintain such registration records for a period of five years after the business relationship between the customer and the RE has ended or the account has been closed, whichever is later.
IV. Updation/Periodic Updation of KYC
a) Aadhaar OTP based e-KYC in non-face to face mode has been permitted to be used for periodic updation. Declaration of current address, if the current address is different from the address in Aadhaar, shall not require positive confirmation in this case. REs shall, however, ensure that the mobile number for Aadhaar authentication is same as the one available with them in the customer’s profile, in order to prevent any fraud.
b) Clause (vi) of sub-section (c) on ‘Additional measures’ of Section 38 has been deleted.
c) Instructions on obligation of customers in terms of the requirements of PML Rules, have been inserted – REs shall advise the customers that in order to comply with the PML Rules, in case of any update in the documents submitted by the customer at the time of establishment of business relationship / account-based relationship and thereafter, as necessary, customers shall submit to the REs the update of such documents. This shall be done within 30 days of the update to the documents for the purpose of updating the records at REs’ end.
V. Requirements/obligations under International Agreements Communications from International Agencies
a) Section 51 has been amended to stipulate that the UNSC Sanctions Lists and lists as available in the Schedules to the Prevention and Suppression of Terrorism (Implementation of Security Council Resolutions) Order, 2007, shall be verified on a daily basis and any modifications to the lists in terms of additions, deletions or other changes shall be taken into account by the REs for meticulous compliance.
The extant provisions relating to the Unlawful Activities (Prevention) Act, 1967 (UAPA), in Chapter IX have been consolidated in Section 51 of the MD.
b) Instructions for compliance with the Order dated January 30, 2023, titled – “Procedure for Implementation of Section 12A of the Weapons of Mass Destruction (WMD) and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005 (WMD Act, 2005)”, issued by the Ministry of Finance, Government of India, have been inserted in Section 52 for meticulous compliance by the REs. The Order stipulates detailed requirements and actions to be taken by the stakeholders for freezing / unfreezing of accounts, financial assets, etc., of individuals / entities designated under the list as specified under Section 12A of the WMD Act, 2005.
Certain important obligations cast upon the REs vide the aforementioned Order are summarised below:
(i) In accordance with paragraph 3 of the aforementioned Order, REs shall ensure not
to carry out transactions in case the particulars of the individual / entity match with the particulars in the designated list.
(ii) Further, REs shall run a check, on the given parameters, at the time of establishing a relation with a customer and on a periodic basis to verify whether individuals and entities in the designated list are holding any funds, financial asset, etc., in the form of bank account, etc.
(iii) In case of match in the above cases, REs shall immediately inform the transaction details with full particulars of the funds, financial assets or economic resources involved to the Central Nodal Officer (CNO), designated as the authority to exercise powers under Section 12A of the WMD Act, 2005. A copy of the communication shall be sent to State Nodal Officer, where the account / transaction is held and to the RBI. REs shall file an STR with FIU-IND covering all transactions in the accounts, covered above, carried through or attempted.
It may be noted that in terms of Paragraph 1 of the Order, Director, FIU-India has been designated as the CNO.
(iv) REs may refer to the designated list, as amended from time to time, available on the portal of FIU-India.
(v) In case there are reasons to believe beyond doubt, that funds or assets held by a customer would fall under the purview of clause (a) or (b) of sub-section (2) of Section 12A of the WMD Act, 2005, REs shall prevent such individual/entity from conducting financial transactions, under intimation to the CNO by email, FAX and by post, without delay.
(vi) In case an order to freeze assets under Section 12A is received by the REs from the CNO, REs shall, without delay, take necessary action to comply with the Order.
(vii) The process of unfreezing of funds, etc., shall be carried out as per paragraph 7 of the Order. Accordingly, copy of application received from an individual/entity regarding unfreezing shall be forwarded by RE along with full details of the asset frozen, as given by the applicant, to the CNO by email, FAX and by post, within two working days.
c) Further, extant instruction in Section 52 viz., “In addition to the above, other UNSCRs circulated by the Reserve Bank in respect of any other jurisdictions/ entities from time to time shall also be taken note of.”, has been amended and inserted as Section 53A which reads as under:
“In addition to the above, REs shall take into account – (a) other UNSCRs and (b) lists in the first schedule and the fourth schedule of UAPA, 1967 and any amendments to the same for compliance with the Government orders on implementation of Section 51A of the UAPA and Section 12A of the WMD Act.”
d) Vide Section 52, REs have been mandated that they shall verify every day, the ‘UNSCR 1718 Sanctions List of Designated Individuals and Entities’, as available at https://www.mea.gov.in/Implementation-of-UNSC-Sanctions-DPRK.htm, to take into account any modifications to the list by way of additions, deletions or other changes and also ensure compliance with the ‘Implementation of Security Council Resolution on Democratic People’s Republic of Korea Order, 2017’, as amended from time to time by the Central Government.
VI. Shell Banks
Definition of ‘Shell Bank’ has been amended to read as under –
“Shell bank means a bank that has no physical presence in the country in which it is incorporated and licensed, and which is unaffiliated with a regulated financial group that is subject to effective consolidated supervision. Physical presence means meaningful mind and management located within a country. The existence simply of a local agent or low-level staff does not constitute physical presence”.
VII. Correspondent Banking
The instructions regarding correspondent banking relationships have been aligned with international standards. Banks shall ensure that prior approval of the senior management is obtained for establishing new correspondent banking relationships. Banks shall use the publicly available information which, inter alia, should include (a) information relating to the reputation of the respondent institution (b) the quality of supervision in the concerned jurisdiction (c) whether the respondent institution has been subjected to any investigation or regulatory action relating to Money Laundering / Terrorist Financing.
Further, definitions of ‘correspondent banking’ and ‘payable-through accounts’ have been added.
VIII. Customer Acceptance Policy
Where RE is suspicious of money laundering or terrorist financing, and it reasonably believes that performing the CDD process will tip-off the customer, it shall not pursue the CDD process, and instead file an STR.
IX. Introduction of new technologies
Instructions have been amended to ensure that REs identify and assess the ML/TF risks that may arise in relation to the development of new products and new business practices, including new delivery mechanisms, and the use of new or developing technologies for both new and pre-existing products. Accordingly, REs shall undertake the risk assessments prior to the launch or use of such products, practices, services and technologies; and take appropriate measures to manage and mitigate the risks.
X. Enhanced due diligence (non-face to face customer onboarding)
Certain additional enhanced due diligence measures have been added in Section 40. These measures include – RE shall verify the current address through positive confirmation before allowing operations in the account, PAN shall be obtained from the customer and shall be verified, customers shall be categorized as high-risk customers and accounts opened in non-face to face mode shall be subjected to enhanced monitoring until the identity of the customer is verified in face-to-face manner or through V-CIP, etc.
XI. Amendment to other instructions
a) Definitions
Definition of “Group” has been added. Further, definitions of “Non-profit organisations” and “Politically Exposed Persons” have been amended to align those with the definitions in the PML Rules.
b) General
(i) Section 4 has been amended and a provision has been inserted advising REs to ensure that a group-wide policy is implemented for the purpose of discharging obligations under the provisions of Chapter IV of the Prevention of Money-laundering Act, 2002 (15 of 2003).
(ii) In addition to communicating to the FIU-IND, REs shall communicate the name, designation, address and contact details of Designated Director and Principal Officer to the Reserve Bank.
c) Customer Acceptance Policy
Instructions have been amended to clarify that additional information, where such information requirement has not been specified in the internal KYC Policy of the RE, is obtained with the explicit consent of the customer.
Where GST number is available, the same shall be verified through the search/verification facility provided by the issuing authority.
d) Risk Categorisation
Section 12 has been amended to include the provision that, “Broad principles may be laid down by the REs for risk-categorisation of customers.” The indicative list of parameters for risk categorization has been expanded to include geographical risk covering customers as well as transactions, type of products/services offered, delivery channel used for delivery of products/services, types of transaction undertaken, etc.
REs shall treat the risk categorization and reasons for risk categorization of customers as confidential.
e) Customer Due Diligence (CDD) of Individuals
Section 16 has been amended to specifically provide that REs can obtain KYC Identifier with explicit customer consent to download KYC records from CKYCR, for the purpose of CDD.
f) Account opening using Aadhaar OTP based e-KYC, in non-face-to-face mode Following risk-mitigating measure for such accounts has been added in the process – “REs shall ensure that transaction alerts, OTP, etc., are sent only to the mobile number of the customer registered with Aadhaar. REs shall have a board approved policy delineating a robust process of due diligence for dealing with requests for change of mobile number in such accounts.”
g) Video based Customer Identification Process (V-CIP)
Certain instructions pertaining to V-CIP infrastructure and disruption in the V-CIP have been amended. Further, the requirement of ‘three days’ for – (i) the validity of Aadhaar XML file / Aadhaar Secure QR Code and (ii) to undertake the video process has been amended to ‘three working days’.
h) CDD Measures for Sole Proprietary Firms
Section 28 has been amended to clarify that “Registration certificate” as a proof of business/ activity in the name of the proprietary firm includes “Udyam Registration Certificate (URC) issued by the Government”.
i) Ongoing due diligence
For ongoing due diligence, REs may consider adopting appropriate innovations including artificial intelligence and machine learning (AI & ML) to support effective monitoring.
j) Requirements/obligations under International Agreements – Communications from International Agencies
A new Section 54A has been introduced requiring REs to leverage latest technological innovations and tools for effective implementation of name screening to meet the sanctions requirements.
k) Secrecy obligations
It has been clarified that secrecy obligations shall extend to all REs.
l) Instructions on the CKYCR
Instructions have been amended to ensure that KYC documents downloaded from the CKYCR, but whose validity has lapsed, are not used for KYC purpose by downloading REs.
m) Unique Customer Identification Code (UCIC)
The requirement to allot UCIC to customers has been extended to all REs.
n) Hiring of Employees and Training
Instructions have been amended to include elements of open communication, high-integrity, proper understanding of subject matter amongst the REs’ staff dealing with KYC/AML/CFT matters.
o) Deletion of Section 72
Section 72 regarding “Adherence to Know Your Customer (KYC) guidelines by NBFCs/RNBCs and persons authorised by NBFCs/RNBCs including brokers/agents, etc.”, has been deleted.
p) Change in UAPA Central (designated) Nodal Officer
Consequent upon the transfer of charge, the Central [designated] Nodal Officer for the UAPA is the Additional Secretary (CTCR), Ministry of Home Affairs in place of the Joint Secretary. Paragraph 3.1 of the UAPA Order (Annexure II of the MD on KYC) has, accordingly, been amended.
*************************************
