KYC & AML Policy

Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance guidelines.

Policy Objective

The Reserve Bank of India has issued comprehensive guidelines on Know Your Customer (KYC) norms and Anti-Money Laundering (AML) standards and has advised all NBFCs to ensure that a proper policy framework on KYC and AML measures be formulated and put in place with the approval of the Board.

The objective of RBI guidelines is to prevent NBFCs from being used, intentionally or unintentionally by criminal elements for money laundering activities. The guidelines also mandate making reasonable efforts to determine the identity and beneficial ownership of accounts, source of funds, the nature of the customer's business, the reasonableness of operations in the account in relation to the customer's business, etc. which in turn helps the Company to manage its risks prudently. Accordingly, the main objective of this policy is to enable the Company to have positive identification of its customers.

Scope and Application

The scope of this policy is:

  • To lay down explicit criteria for acceptance of customers.
  • To establish processes and procedures to monitor high value transactions and/or transactions of suspicious nature in accounts.
  • To develop measures for conducting due diligence in respect of customers and reporting such transactions.

To fulfill the scope, the following four key elements will be incorporated into our policy:

  • Customer Acceptance Policy
  • Customer Identification Procedures
  • Monitoring of Transactions
  • Risk Management

Customer Acceptance Policy

Definition of a Customer:

  • A person or entity that has a business relationship with the Company
  • One on whose behalf the account is maintained (i.e. the beneficial owner)
  • Any other person or entity connected with a financial transaction that can pose significant reputation or other risks to the Company

A "Person" shall include: an Individual; a Hindu Undivided Family; a Company; a Trust; a Firm; an association of persons or a body of individuals, whether incorporated or not; every artificial juridical person; any agency, office or branch owned or controlled by any of the above.

Guidelines for Accepting Customers:

  • No loan account will be opened in a name that is anonymous or fictitious or appears to be a Benami Account
  • The Company shall insist on sufficient proof of identity
  • Circumstances where a customer acts on behalf of another person/entity shall be clearly spelt out
  • The Company shall not open any account where it is unable to apply appropriate due diligence measures

When Company Will Not Proceed:

  • Unable to verify identity of the customer
  • Customer refuses to provide documents without valid reasons
  • Information furnished does not originate from reliable sources
  • Identity matches with any individual terrorist or prohibited organizations

Risk Level Categorization

The Company shall categorize customers based on perceived risk. Profile will contain: Customer's Identity, Social/Legal and financial status, Nature of business activity, Information about business clients and locations.

  • Level-I (Low Risk): Well-governed corporates, Salaried employees, Government employees, Statutory bodies, Self-employed with regular income
  • Level-II/III (Medium/High Risk): Higher than average risk based on background, country of origin, business nature, source of funds

Special care for Politically Exposed Persons (PEP): Foreign Delegates, Senior Politicians, Senior Judicial Officers, Senior Military Officers, Senior Executives of State-Owned Corporations, Officials of leading political parties.

Due Diligence Requirements

Due Diligence of Business Partners:

  • Verify Identity: corporate formation documents, PAN card of Directors, legal counsel recommendation
  • Verify Source of Income: research in news/business databases, obtain corporate earnings information
  • Maintain files on each Business Partner

Due Diligence on Employees:

  • Verify Identity: Passports, PAN card, Driver's license, UID/Aadhaar
  • Verify Domicile of Residence: utility bills, Aadhaar
  • Verify previous Employment Record
  • Check References: 2+ professional references

Customer Identification Procedure (CIP)

Customer identification means identifying the customer and verifying identity using reliable, independent source documents. Need for photographs of signatories and power of attorney holders. Proof of customer address required.

As per PML Rules, the Company shall identify clients, verify identity at commencement of account-based relationship, and for transactions exceeding Rs. 50,000.

Monitoring of Transactions

Ongoing monitoring based on risk level. Special attention to suspicious transactions. Essential to understand normal working pattern of customer.

Suspicious Transaction Report (STR):

A suspicious transaction has reasonable grounds to suspect relation to money laundering or terrorist financing. No monetary threshold for reporting. Assessment based on knowledge of customer's business, financial history, background and behaviour. Compliance Team reviews and reports to FIU-IND.

Activities include:

  • Monitoring large value transactions based on alerts
  • Liaison with business teams for clarifications
  • Filing CTR with FIU by 15th of subsequent month
  • Filing STR with FIU by 15th of subsequent month
  • Scrutinizing customer data against UNSCR and negative lists

Cash Transaction Reports (CTR):

All individual cash transactions exceeding Rs. 10 Lakhs in a calendar month reported to FIU-IND. CTR submitted before 15th of succeeding month.

Counterfeit Currency Report (CCR):

Separate report for each incident of counterfeit currency detection. Reported by 15th of succeeding month.

Risk Management

Board ensures effective KYC program. Risk department carries out quarterly checks. Mandatory KYC adherence in internal audit scope every quarter. Regular training programmes for staff.

Risk types: Reputational risk, Operational risk, Legal risk, Concentration risk.

Policy Implementation Guidelines

  • Customer education about KYC procedures
  • Introduction of new technologies with attention to money laundering threats
  • Applicability to branches and subsidiaries outside India
  • KYC policy for existing customers

Appointment of Principal Officer

Senior official designated as Principal Officer at corporate office. Maintains communication with RBI and enforcement agencies. Reports to FIU-IND.

Maintenance and Preservation of Records

  • Transaction records maintained for 10 years from date of transaction
  • Client identity records maintained for 10 years from cessation of transactions

Reporting to FIU-IND

Director, FIU-IND
Financial Intelligence Unit, India
6th Floor, Hotel Samrat
Chanakyapuri, New Delhi – 110021

General Compliance

Company ensures adherence to PMLA and FCRA provisions. May close account/terminate relationship if customer does not cooperate with KYC requirements.