In this article higher aspects of KYC as desired by RBI circulars in given in concise manner.
--Know Your Customer (KYC) Guidelines -Anti Money Laundering (AML) Standards - RBI Circular dated November 29, 2004. This was the major step in the banking industry in India towards money laundering prevention. Though RBI had historically issued guidelines to banks for conducting due diligence of customers including taking photographs, this was the first comprehensive anti-money laundering initiative by RBI. The Guidelines required the banks in India to follow the following steps towards preventing money laundering :
• Customer Acceptance Policy
• Customer identification Procedures
• Monitoring of Transactions, and
• Risk Management
These four points are the pillars of KYC envisaged by RBI in India.
Elaborations are as under:
Who is a customer?
The RBI Master Circular dated July 1, 2014 on Know Your Customer (KYC) Norms & Anti Money Laundering Standards, which consolidates all guidelines issued on the subject, defines 'Customer' as:
• a person or entity that maintains an account and/or has a business relationship with the bank;
• one on whose behalf the account is maintained (i.e. the beneficial owner);
• beneficiaries of transactions conducted by professional intermediaries,such as Stock Brokers, Chartered Accountants, Solicitors etc. as permitted under the law, and
• any person or entity connected with a financial transaction which can pose significant reputation or other risks to the bank, say, a wire transfer or issue of a high value demand draft as a single transaction
WHAT IS CUSTOMER ACCEPTANCE?
--Customer Acceptance Policy (CAP): Every bank should develop a clear Customer Acceptance Policy laying down explicit criteria for acceptance of customers. The Customer Acceptance Policy must ensure that explicit guidelines are in place on the following aspects of customer relationship in the bank:
i. No account is opened in anonymous or fictitious / benami name(s);
ii. The customers are categorized as per their risk perception based on their profile (Customer Risk Categorization)
iii. Documentation requirements and other information to be collected in respect of different categories of customers depending on perceived risk.
iv. Not to open an account or close an existing account where the bank is unable to apply appropriate customer due diligence measures.
v. Circumstances, in which a customer is permitted to act on behalf of another person/entity, should be clearly spelt out in conformity with the established law and practice of banking as there could be occasions when an account is operated by a mandate holder or where an account in is opened by an intermediary in fiduciary capacity.
vi. Necessary checks before opening a new account so as to ensure that the identity of the customer does not match with any person with known criminal background or with banned entities such as individual terrorists or terrorist organizations etc. (Name Screening Process)
WHAT IS CUSTOMER IDENTIFICATION?
--Customer identification means identifying the customer and verifying his/her identity by using reliable, independent source documents, data or information.
--Customer identification is required to be carried during:
* establishing a banking relationship;
* carrying out a financial transaction
* when the bank has a doubt about the authenticity/veracity or the adequacy of the previously obtained customer identification data.
ESTABLISHING IDENTITY AND CDD (CUSTOMER DUE DILIGENCE)
--Identity generally means a set of attributes which together uniquely identify a natural or legal person. The attributes, which help establishing the unique identity of a natural or legal person, are called 'identifiers‘. E.g : Name (in full), Father' Name, Date of birth, Passport number, Election Card number (EPIC number), PAN number, Driving License number.
Addresses / location and nationality and other such identifiers may serve as secondary identifiers' as they help further refine the identity though they may not directly help uniquely identify a natural or legal person.
--Customer Due Diligence (CDD) can be defined as any measure undertaken by a financial institution to collect and verify information and positively establish the identity of a customer.
--The base of CDD would be the board approved Customer Acceptance Policy of a bank. Based on Customer Acceptance Policy, the Customer Identification Procedures needs to be drawn.
--
--When a Bank is unable to apply Customer Due Diligence measures, it:
i. must not establish a business relationship or carry out an occasional transaction with the customer;
ii. should not carry out a transaction with or for the customer through a bank account;
iii. should terminate all existing business relationship with the customer;
iv. should consider whether it ought to report to FIU-IND/ Regulators, in accordance with extant guidelines.
IS DUE DILIGENCE SO SIMPLE FOR EVERYONE?
Sadly, not for everyone, for customers with perceived risks (which means transaction wise they pose high risk and does not necessarily mean, they are criminals or terrorists...!!!) the bankers will carry extra, i.e over and above the normal CDD, which is Enhanced Due Diligence (EDD)
—* PEP’s: Politically exposed persons
—* High risk countries
*** Specific type of business (e.g arms dealers,jewellers,etc)
—* Trust accounts
—* Non face to face customers
—* Foreign nationals/NRIs
These are only some cases, the list is not exhaustive only indicative.
WHAT IS TRANSACTION MONITORING?
In one case, some one asked me, you talk of banker customer relationship and "democracy and then you monitor your own customers transactions and dealing, fair?
I was compelled to answer him, yes....!!!! Democracy guarantees you free ride to carry out transactions as and when, how, where, whatever amount you want, however this doesn't mean you put the entire organisation and the banking industry at risk.
It is responsible democracy afterall where there will be bound to be checks and balances for you.
Huh, lets come to "Transaction Monitoring"
--After identity is established and transactions are carried out, monitoring is done through basis of alerts/exceptions.
Some common rules
1. Pure thresholds:
--Large Value Cash Transactions
--Large Value Non Cash Transactions
--Large Volume of Transactions
--Large Value transaction in dormant accounts
--Large number of remittances
--Large value of remittances
2. Pattern checks:
--Single remitter transmitting funds to multiple beneficiaries
--Multiple remitters transmitting funds to single beneficiary
--Multiple accounts of the same customer
--Any other pattern, which appears unusual, based on banks experience
3. Profile based alerts:
--Significant deviation from known transaction profile of customer
Note, this is also "act of innovation".
The smarter the customer gets to carry out his transactions in a complex way, the harder will be the banker try to find the trail it leaves....!!!!
RISK MANAGEMENT:
This is the actual purpose of all bankers...!!
The fear of bank being used by criminals and other anti social elements doesn't mean the bank hinder its business for other business. On the other hand it provides bank with a unique opportunity of managing its risks prudently...!
--The Board of Directors and the senior management of the bank have the responsibility to ensure that the bank's control processes and procedures are appropriately designed and implemented, and are effectively operated to reduce the risk of the Bank being used in connection with money laundering or terrorist financing.
--
--Appointment of Principal Officer It is the responsibility of the Board of Directors to appoint the Principal Officer (PO). It is recommended that the PO has a sufficient level of seniority within the bank and has sufficient resources, including sufficient time and (if necessary) support staff. The level of resources should reflect the size, complexity and geographical spread of the bank's customer/product base.
RBI and FIU IND have also notified appointment of "Designated Director" from the Board now for such purposes.
This is the actual interpretation of RBI Master Circular on KYC-AML-CTF
My take:
K Y C.....!!!!!!!
Who are you really??
I feel KYC is similar to the duty of SASURJI (Father in law) as per typical Indian concept.
A banker assumes the role of sasurji-father in law when he wants his banking product, i.e an account (like daughter of sasurji) to be handed over to a person, he has his own apprehensions.
Rightly so, there is always a chance of something going wrong, so the sasurji exercises caution, what does he do?
He does the potential JAMAAIRAJA's KYC (Jamaairaja is prospective groom). What does he check?
* Identification
* Risk profile
* Name screening (for crime, habits or otherwise)
* Due diligence
* Then accepts
Even after acceptance and post marriage he MONITORS the newly weds and on a timely basis caries out risk assessment of their well being...!!!
Right?
So the banker should assume a role as sasurji, an ideal father in law who will undertake proper due diligence of groom so that no problems arise later and no one is to blame/complain.
So, Bankers out there if you as the Guardians of your bank and its products, carry out this SASURJI activity of KYC properly, be assured the Jamai (groom) will turn out to be good (most of the times...!!!)
This is just on a lighter note, however the spirit remains the same.
Ab tumhaarey hawale KYC saathiyoo......
(the KYC activity is in your hands only)
Amit Retharekar...!!!
P.S: For a disclaimer purpose, I am yet to be diligently covered by KYC, I am unmarried.