- 7 minutes read
RBI Amends KYC Directions, 2023
A Recap
On October 17, 2023, the Reserve Bank of India (RBI) made a significant move to enhance the effectiveness of the country’s anti-money laundering (AML) and counter-terrorism financing (CTF) efforts. The RBI introduced the third set of amendments this year to the Master Direction – Know Your Customer (KYC) Directions, 2016. These amendments come in the backdrop of global efforts to combat financial crimes and to bring India’s regulatory framework in line with international standards.
The amendments introduced by the RBI aim to align the KYC Directions with recent changes to the Prevention of Money Laundering (Maintenance of Records) Rules, 2005 (PMLA Rules), the Unlawful Activities (Prevention) Act, 1967 (UAPA), and the Weapons of Mass Destruction (WMD) and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005 (WMD Act, 2005).
Key Highlights
The amendments to the KYC Directions encompass various aspects, and we’ll delve into the key highlights of these changes.
Extension Of Scope
- Asset Reconstruction Companies (ARCs) are now explicitly included under the ambit of Regulated Entities (REs) covered by the KYC Directions. This extension means that ARCs are now subject to the same KYC requirements as other REs. Additionally, the amendments empower the RBI to instruct REs with offshore branches and majority-owned overseas subsidiaries to take actions and additional measures to manage money laundering (ML) and terrorism financing (TF) risks. This provision aims to ensure that even offshore entities adhere to robust KYC standards.
Alignment With PMLA Rules
Several amendments have been made to align the KYC Directions with the recent changes in the PMLA Rules, including the following:
- Beneficial Ownership Criteria: The threshold for determining the beneficial owner for partnership firms has been lowered from 15% to 10%. Moreover, the term "control" now explicitly includes the right to control management or policy decisions.
- Principal Officer: REs are now required to appoint or nominate a management-level officer as the "principal officer" responsible for furnishing information to the RBI related to compliance with the KYC Directions.
- Customer Due Diligence (CDD): Given the increasing adoption of digital payment systems and banking networks, supplementary measures have been introduced to enhance CDD processes. These measures include using reliable and independent sources of identification, seeking information about the purpose of transactions, intended nature of the business relationship, and ownership and control, where applicable.
- Reliance on Third-Party CDD: While the previous provisions allowed REs to rely on CDD data from third parties or Central KYC Records Registry, the amendments stipulate that REs may only rely on CDD data obtained "immediately."
- CDD for Trusts: For CDD of trusts, REs are now required to obtain the name of the "protector," if any.
- Periodic Updation of KYC: REs must ensure that information collected for CDD is up-to-date and relevant, especially for high-risk customers, accounts, or transactions.
- Additional Measures for CDD of Politically Exposed Persons (PEPs): REs must establish appropriate risk measures to determine whether the customer or beneficial owner is a PEP and to identify the source of funds or wealth.
- Implementation of CDD Program: REs are now required to implement a CDD program covering ML/TF risks and the size of the business. This program should also monitor implementation and suggest enhanced controls as needed.
- Group-Level Policies and Programs: Every RE that is part of a group must implement group-level policies and programs to ensure compliance with the PMLA Rules. This includes measures to curb ML/TF, share information within the group for CDD and ML/TF risk management, and put in place safeguards for confidentiality and the use of shared information.
- Confidentiality Safeguards: Policies and processes must be established to ensure the confidentiality of records maintained for furnishing information to the Director, FIU-IND (Financial Intelligence Unit - India).
- International Compliance: Enhanced compliance requirements have been prescribed for REs, including the undertaking of countermeasures if called upon by any international or intergovernmental organization of which India is a member and accepted by the Central Government.
Periodicity Of ML/TF Risk Assessment Review
- The Board of the RE or a Committee of the Board is empowered to determine the periodicity of ML/TF risk assessment, allowing for flexibility in adapting to changing risk profiles.
Record Management Of Customer Information
- The amendments clarify that REs are required to maintain records of "customer information" and not just "customer account information." This change removes ambiguity and underscores the need to maintain comprehensive records for all customers, including walk-in customers who may not have accounts.
Enhanced Due Diligence For Non-FATF Compliant Jurisdictions
- REs are now required to actively undertake due diligence that is proportionate and effective to the risks, business relationships, and transactions as per the recommendations of the Financial Action Task Force (FATF) for transactions in jurisdictions that are not FATF-compliant.
Additional Compliances For REs
The amendments introduce several additional compliance measures, including:
- Reporting inability to comply with CDD measures: REs must consider filing suspicious transaction reports (STRs) even if they are unable to fully comply with the CDD measures for a customer.
- Accounts with Non-Banking Finance Companies (NBFCs): NBFCs must exercise greater vigilance for accounts opened through a simplified process, continuously monitoring activities and transactions related to such accounts. If there are suspicions of ML/TF activities or other high-risk scenarios, NBFCs are required to complete CDD for these accounts even before the permitted 12-month conditional period expires.
- Wire Transfers: For wire transfers below INR 50,000 from a customer who is not an account holder, the ordering RE is only required to include a unique transaction reference (UTR) number. This UTR should be traceable back to the originator or beneficiary. The RE is also obligated to make originator or beneficiary information available to the intermediary RE, beneficiary RE, or competent authorities within three days of receiving a request. Furthermore, the provisions for STR filing and reporting to the FIU have been extended to all REs, whereas previously they only applied to Money Transfer Service Scheme providers.
Additional Measures For Banks
- Banks are now required to ensure meticulous compliance with the provisions of the Foreign Contribution Act, 2010, and follow instructions on the subject from the RBI and the Ministry of Home Affairs. Additionally, banks must take comprehensive measures to identify Money Mule accounts and take appropriate actions, including reporting to FIU-IND. When engaging in correspondent banking relationships, banks are instructed to gather information, understand the nature of the respondent correspondent bank's business, and assess the reputation and quality of supervision at the respondent bank. Banks are explicitly advised not to commence or continue correspondent banking relationships with shell banks.
Amendments To Obligations Under The UAPA And WMD Act
- The processes and procedures under Annexure II and III of the KYC Directions have been updated to align with amendments made to the Unlawful Activities (Prevention) Act, 1967 (UAPA) on August 29, 2023, and revised government instructions dated September 1, 2023, related to the Weapons of Mass Destruction (WMD) and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005 (WMD Act, 2005).
The amendments to the KYC Directions reflect the RBI’s proactive approach to aligning KYC procedures with other relevant KYC and AML/TF laws. These changes are expected to have a significant impact on the processes and procedures of Regulated Entities, especially in the realm of customer due diligence (CDD).
In essence, these amendments underscore the crucial role played by REs in combating money laundering and terrorism financing risks, thereby safeguarding both the financial system and customers. It’s evident that the RBI is committed to strengthening the regulatory framework to ensure transparency, compliance, and the prevention of illicit financial activities.
The changes also emphasize the importance of timely and accurate KYC information, both for high-risk customers and those conducting transactions in non-FATF compliant jurisdictions. The added focus on confidentiality safeguards, compliance with international standards, and vigilant reporting mechanisms further contributes to a robust anti-money laundering and counter-terrorism financing ecosystem in India.
In conclusion, the RBI’s commitment to adapting and enhancing KYC procedures in response to evolving financial crime risks is essential for maintaining the integrity and security of India’s financial system. These amendments serve as a reminder that KYC is an ever-evolving field, and staying compliant with these regulations is crucial for financial institutions to protect their operations and maintain the trust of their customers and the broader financial community.
14 Aug 2024
