The Triple Threat | Article on Global Resession | Harsh Kumar
Kyc banks
1. KYC – BANKS
Introduction
Is it time for banks to look at their KYC (Know Your Customer) norms again and tighten up the
screws?
Well, looking at all the disturbances in India, the thought that comes to mind is that it is not quite
possible without easy money transfer for people who are disturbing the society.
Thus money is easily made available to such people, and, to say the least, this is a dangerous
matter. Apart from social awareness, help from public, and best governance practices, we
require very strict norms for identifying customers who enter into such banking transactions.
If we look at the emergence of KYC norms we can understand how these standards emerged.
The main purpose of KYC norms was to restrict money laundering and terrorist financing when
it was introduced in late the 1990s in the United States. The US government turned very strict
after 9/11 and all regulations were finalized before 2002 for KYC.
The US has made changes in its major legislations -- Bank Secrecy Act, USA Patriot Act, et
cetera -- to make KYC norms really effective for the banking sector.
Taking a leaf out of the US book, the Reserve Bank of India too directed all banks to implement
KYC guidelines for all new accounts in the 2nd half of 2002.
For existing accounts, imposing KYC norms was a little difficult, so the RBI issued guidelines for
the same at the end of 2004.
What is KYC?
But let us first understand what KYC norms actually mean.
In order to prevent identity theft, identity fraud, money laundering, terrorist financing, etc, the
RBI had directed all banks and financial institutions to put in place a policy framework to know
their customers before opening any account.
This involves verifying customers' identity and address by asking them to submit documents that
are accepted as relevant proof.
Mandatory details required under KYC norms are proof of identity and proof of address.
Passport, voter's ID card, PAN card or driving license are accepted as proof of identity, and
proof of residence can be a ration card, an electricity or telephone bill or a letter from the
employer or any recognized public authority certifying the address.
Some banks may even ask for verification by an existing account holder. Though the standard
documents which are accepted as proof of identity and residence remain the same across
various banks, some deviations are permitted, which differ from bank to bank.
So, all documents shall be checked against banks requirements to ascertain if those match or
not before initiating an account opening process with any bank. Thus opening a new bank
account is no longer a cake walk.
Author: Partho H. Chakraborty 1
2. KYC – BANKS
Those are the basic requirements of KYC to identify a customer at the account opening stage.
Let's check other aspects of KYC.
To prevent the possible misuse of banking activities for anti-national or illegal activities, the RBI
has given various directives to banks:
Strengthening the banks' 'Internal Control System' by allocating duties and responsibilities
clearly, and periodically monitoring them.
Before giving any finance at branch level, making sure that the person has no links with notified
terrorist entities and reporting any such 'suspect;' accounts to the government.
Regular 'Internal Audit' by internal and concurrent auditors to check if the KYC guidelines are
being properly adhered to or not by banks.
Most important, banks must keep an eye out for all banking transactions and identify suspicious
ones. Such transactions will be immediately reported to the bank's head office and authorities
and norms shall also be laid down for freezing of such accounts.
In 2004, the RBI had come up with more specific guidelines regarding KYC. These were divided
into four parts:
1. Customer Acceptance Policy: All banks shall develop criteria for accepting any person
as their customer to restrict any anonymous accounts and ensure documentation
mentioned in KYC.
2. Customer Identification Procedures: Customer to be identified not only while opening
the account, but also at the time when the bank has a doubt about his transactions.
3. Monitoring of Transactions: KYC can be effective by regular monitoring of
transactions. Identifying an abnormal or unusual transaction and keeping a watch on
higher risk group of the account is essential in monitoring transactions.
4. Risk management: This is about managing internal work to reduce the risk of any
unwanted activity. Managing responsibilities, duties and various audits plus regular
employee training for KYC procedures.
These guidelines also specify that KYC should be implemented for existing account holders on
the basis of materiality and risk segments.
The RBI had also directed all banks to make a policy for implementing 'Know Your Customer'
and anti-money laundering measures and remain fully compliant with given guidelines before
December 31, 2005.
Guidelines on "Know Your Customer" norms and "Cash transactions"
DBOD.AML.BC.18/14.01.001/2002-03 August 16, 2002
As part of ‘Know Your Customer’ (KYC) principle, RBI has issued several guidelines relating to
identification of depositors and advised the banks to put in place systems and procedures to
help control financial frauds, identify money laundering and suspicious activities, and for
scrutiny/monitoring of large value cash transactions. Instructions have also been issued by the
Author: Partho H. Chakraborty 2
3. KYC – BANKS
RBI from time to time advising banks to be vigilant while opening accounts for new customers to
prevent misuse of the banking system for perpetration of frauds. A gist of the past circulars
issued on the subjects under reference is listed in the Annexure. Taking into account recent
developments, both domestic and international, it has been decided to reiterate and consolidate
the extant instructions on KYC norms and cash transactions. The following guidelines reinforce
our earlier instructions on the subject with a view to safeguarding banks from being unwittingly
used for the transfer or deposit of funds derived from criminal activity (both in respect of deposit
and borrowable accounts), or for financing of terrorism. The guidelines are also applicable to
foreign currency accounts/transactions.
2. "Know Your Customer" (KYC) guidelines for New accounts
The following KYC guidelines will be applicable to all new accounts with immediate effect.
2.1 KYC Policy
(i) "Know Your Customer" (KYC) procedure should be the key principle for identification of an
individual/corporate opening an account. The customer identification should entail verification
through an introductory reference from an existing account holder/a person known to the bank
or on the basis of documents provided by the customer.
(ii) The Board of Directors of the banks should have in place adequate policies that establish
procedures to verify the bonafide identification of individual/corporates opening an account. The
Board should also have in place policies that establish processes and procedures to monitor
transactions of suspicious nature in accounts and have systems of conducting due diligence
and reporting of such transactions.
2.2 Customer identification
(i) The objectives of the KYC framework should be two fold, (i) to ensure appropriate customer
identification and (ii) to monitor transactions of a suspicious nature. Banks should obtain all
information necessary to establish the identity/legal existence of each new customer, based
preferably on disclosures by customers themselves. Typically easy means of establishing
identity would be documents such as passport, driving license etc. However where such
documents are not available, verification by existing account holders or introduction by a person
known to the bank may suffice. It should be ensured that the procedure adopted does not lead
to denial of access to the general public for banking services.
(ii) In this connection, we also invite a reference to a Report on Anti Money Laundering
Guidelines for Banks in India prepared by a Working Group, set up by IBA, for your guidance. It
may be seen that the IBA Working Group has made several recommendations for strengthening
KYC norms with anti money laundering focus and has also suggested formats for customer
profile, account opening procedures, establishing relationship with specific categories of
customers, as well as an illustrative list of suspicious activities.
3. "Know Your Customer" procedures for existing customers
Banks are expected to have adopted due diligence and appropriate KYC norms at the time of
opening of accounts in respect of existing customers in terms of our extant instructions referred
to in the Annexure. However, in case of any omission, the requisite KYC procedures for
customer identification should be got completed at the earliest.
Author: Partho H. Chakraborty 3
4. KYC – BANKS
4. Ceiling and monitoring of cash transactions
The extant RBI guidelines on the subject are as under:
(i) Banks are required to issue travelers cheques, demand drafts, mail transfers, and telegraphic
transfers for Rs.50,000 and above only by debit to customers’ accounts or against cheques and
not against cash (Circular DBOD.BP.BC.114/C.469 (81)-91 dated April 19, 1991) Further, the
applicants (whether customers or not) for the above transactions for amount exceeding
Rs.10,000 should affix permanent (Income tax) account number on the applications (Circular
DBOD.BP.BC.92/C469-76 dated August 12, 1976). Since KYC is now expected to establish the
identity of the customer and as the issue of demand draft etc. for Rs.50,000 and above is by
debit to account, the requirement for furnishing PAN stands increased uniformly to Rs.50,000/-.
(ii) The banks are required to keep a close watch of cash withdrawals and deposits for Rs.10
lakhs and above in deposit, cash credit or overdraft accounts and keep record of details of these
large cash transactions in a separate register. (Circular DBOD.BP.BC.57/21.01.001/95 dated
May 4, 1995).
(iii) Branches of banks are required to report all cash deposits and withdrawals of Rs.10 lakhs
and above as well as transactions of suspicious nature with full details in fortnightly statements
to their controlling offices. Besides, controlling offices are also required to apprise their Head
offices regarding transactions of suspicious nature. (Circular DBOD.BP.BC.101 /21.01.001/95
dated September 20, 1995). Early computerization of branch reporting will facilitate prompt
generation of such reports.
5. Risk management and monitoring procedures
In order to check possible abuse of banking channels for illegal and anti-national activities, the
Board should clearly lay down a policy for adherence to the above requirements comprising the
following:
5.1 Internal Control Systems
Duties and responsibilities should be explicitly allocated for ensuring that policies and
procedures are managed effectively and that there is full commitment and compliance to an
effective KYC program in respect of both existing and prospective deposit accounts. Controlling
offices of banks should periodically monitor strict adherence to the laid down policies and
procedures by the officials at the branch level.
5.2 Terrorism Finance
RBI has been circulating lists of terrorist entities notified by the Government of India to banks so
that banks may exercise caution if any transaction is detected with such entities. There should
be a system at the branch level to ensure that such lists are consulted in order to determine
whether a person/organization involved in a prospective or existing business relationship
appears on such a list. The authority to whom banks may report accounts suspected to belong
to terrorist entities will be advised in consultation with Government.
Author: Partho H. Chakraborty 4
5. KYC – BANKS
5.3 Internal Audit / Inspection
(i) An independent evaluation of the controls for identifying high value transactions should be
carried out on a regular basis by the internal audit function in the banks.
(ii) Concurrent/internal auditors must specifically scrutinize and comment on the effectiveness of
the measures taken by branches in adoption of KYC norms and steps towards prevention of
money laundering. Such compliance report should be placed before the Audit Committee of the
Board of banks at quarterly intervals. This may be included in the Calendar of Reviews advised
in our Circular DBOD.No.BP.BC.3/21.03.038/2000 dated 14th July 2000.
5.4 Identification and Reporting of Suspicious Transactions
Banks should ensure that the branches and controlling offices report transactions of suspicious
nature to the appropriate law enforcement authorities designated under the relevant laws
governing such activities. There should be well laid down systems for freezing of accounts as
directed by such authority and reporting thereof to the controlling office and head office. Being
matters of sensitive nature, there must be a quarterly reporting of such aspects to the audit
committee of the board or the board of directors.
5.5 Adherence to Foreign Contribution Regulation Act (FCRA), 1976
(i) Banks should also adhere to the instructions on the provisions of the Foreign Contribution
Regulation Act, 1976 cautioning them to open accounts or collect cheques only in favour of
association which are registered under the Act ibid by Government of India. A certificate to the
effect that the association is registered with the Government of India should be obtained from
the concerned associations at the time of opening of the account or collection of cheques.
(ii) Branches of the banks should be advised to exercise due care to ensure compliance and
desist from opening accounts in the name of banned organizations and those without requisite
registration.
6. Record Keeping
Financial intermediaries should prepare and maintain documentation on their customer
relationships and transactions to meet the requirements of relevant laws and regulations, to
enable any transaction effected through them to be reconstructed. In the case of wire transfer
transactions, the records of electronic payments and messages must be treated in the same
way as other records in support of entries in the account. All financial transactions records
should be retained for at least five years after the transaction has taken place and should be
available for perusal and scrutiny of audit functionaries as well as regulators as and when
required.
7. Training of staff and management
It is crucial that all the operating and management staff fully understand the need for strict
adherence to KYC norms. All institutions must, therefore, have an ongoing training program so
that staff is adequately trained for their roles and responsibilities as appropriate to their
hierarchical level in complying with anti-money laundering guidelines and for implementing KYC
policies consistently.
Author: Partho H. Chakraborty 5
6. KYC – BANKS
8. These guidelines are issued under Section 35 (A) of the Banking Regulation Act, 1949 and
any contravention of the same will attract penalties under the relevant provisions of the Act.
Banks are advised to bring the guidelines to the notice of their branches and controlling offices.
Note: Names if any are Suggestive only and without any relation to any real
entity whatsoever. It is only to give a feel and touch of how transactions
can be structured and names are indicative
This article is meant for education purposes only and it is not be
reproduced for any commercial purpose by print or electronic medium
whatsoever
This case study is written by:
Partho H. Chakraborty
A - 305, DSR Spring Beauty Apts., 124/1, ITPL Main Road, Brookefields, Kundalahalli, Bangalore - 560
037, India
Tel: +91 80 420 50293, Cell: +91 99863 22504
email: parthohc@airtelmail.in; parthohc@rediffmail.com
Skype: parthohc01
Author: Partho H. Chakraborty 6