Know Your Customer (KYC) Norms / Anti-Money Laundering (AML) Standards / Combating of Financing of Terrorism (CFT) - RBI - Reserve Bank of India
Know Your Customer (KYC) Norms / Anti-Money Laundering (AML) Standards / Combating of Financing of Terrorism (CFT)
RBI / 2007- 08 / 239 February 18, 2008 All Scheduled Commercial Banks/FIs Dear Sir, Banks have been advised vide our circular DBOD.NO.AML.BC.58/14.01.001 /2004-05 dated November 29, 2004 that the adoption of customer acceptance policy and its implementation should not result in denial of banking services to general public, especially to those, who are financially or socially disadvantaged. It was also clarified to the banks that a risk based approach has been followed in the KYC guidelines issued by Reserve Bank to avoid disproportionate cost to banks and a burdensome regime for the customers. Banks were accordingly advised that customer identification means identifying the customer and verifying his/her identity by using reliable, independent source documents, data or information to their satisfaction. 2. It was further clarified to banks that 'being satisfied' means that the bank must be able to satisfy the competent authorities that due diligence was observed based on the risk profile of the customer in compliance with the extant guidelines in place. An indicative list of the nature and type of documents/ information that may be relied upon for customer identification was also given in the Annex-II to the aforesaid circular. It has been brought to our notice that Annex-II, which was clearly termed as an indicative list, is being treated by some banks as an exhaustive list as a result of which a section of public is being denied access to banking services. Banks are, therefore, advised to take a review of their extant internal instructions in this regard. 4. The instructions contained in paragraph 4 of the circular dated November 29, 2004, also require banks to put in place a system of periodical review of risk categorisation of accounts and the need for applying enhanced due diligence measures in case of higher risk perception on a customer. Banks are further advised that such review of risk categorisation of customers should be carried out at a periodicity of not less than once in six months. Banks should also introduce a system of periodical updation of customer identification data (including photograph/s) after the account is opened. The periodicity of such updation should not be less than once in five years in case of low risk category customers and not less than once in two years in case of high and medium risk categories. 5. Banks have been further advised, vide paragraph 9 of our circular dated November 29, 2004, that KYC/AML guidelines issued by Reserve Bank of India shall also apply to their branches and majority owned subsidiaries located outside India, especially, in countries which do not or insufficiently apply the FATF Recommendations, to the extent local laws permit. It is further clarified that in case there is a variance in KYC/AML standards prescribed by the Reserve Bank and the host country regulators, branches/overseas subsidiaries of banks are required to adopt the more stringent regulation of the two. 6. Combating financing of terrorism a) In terms of PMLA Rules, suspicious transaction should include inter alia transactions which give rise to a reasonable ground of suspicion that these may involve financing of the activities relating to terrorism. Banks are, therefore, advised to develop suitable mechanism through appropriate policy framework for enhanced monitoring of accounts suspected of having terrorist links and swift identification of the transactions and making suitable reports to the Financial Intelligence Unit – India (FIU-IND) on priority. b) As and when list of individuals and entities, approved by Security Council Committee established pursuant to various United Nations' Security Council Resolutions (UNSCRs), are received from Government of India, Reserve Bank circulates these to all banks and financial institutions. Banks/Financial Institutions should ensure to update the consolidated list of individuals and entities as circulated by Reserve Bank. Further, the updated list of such individuals/entities can be accessed in the United Nations website at http://www.un.org/sc/committees/1267/consolist.shtml. Banks are advised that before opening any new account it should be ensured that the name/s of the proposed customer does not appear in the list. Further, banks should scan all existing accounts to ensure that no account is held by or linked to any of the entities or individuals included in the list. Full details of accounts bearing resemblance with any of the individuals/entities in the list should immediately be intimated to RBI and FIU-IND. 7. It may be appreciated that KYC norms/AML standards/CFT measures have been prescribed to ensure that criminals are not allowed to misuse the banking channels. It would, therefore, be necessary that adequate screening mechanism is put in place by banks as an integral part of their recruitment/hiring process of personnel. 8. These guidelines are issued under Section 35A of the Banking Regulation Act, 1949 and any contravention thereof may attract penalties under the relevant provisions of the Act. Yours faithfully, ( Vinay Baijal ) |