RBI Master Circular No: RBI/2013-14/89 (01-Jul-13) RBI/2013-14/31 (01-Jul-13) Master Circular on Know Your Customer (KYC) Norms/Anti-Money Laundering (AML) Measures/Combating of Financing of Terrorism (CFT) / Obligations of banks under Prevention of Money Laundering Act (PMLA), 2002
UBD.BPD. (PCB).MC.No.16/12.05.001/2013-14
Chief Executive Officers
All Primary (Urban) Co-operative Banks
Madam/Dear Sir,
Master Circular on Know Your Customer (KYC) Norms/Anti-Money Laundering (AML) Measures/Combating of Financing of Terrorism (CFT) / Obligations of banks under Prevention of Money Laundering Act (PMLA), 2002
Please refer to our Master Circular UBD.BPD. (PCB).MC No. 16/ 12.05.001/2012-13 dated July 2, 2012 on the captioned subject (available at RBI website www.rbi.org.in). The enclosed Master Circular consolidates and updates all the instructions / guidelines on the subject issued up to June 30, 2013 and mentioned in the Appendix.
Yours faithfully,
A. K. Bera
Principal Chief General Manager
Encls.: As above
| Paragraph No. | Particulars |
| 1 | Introduction |
| 1.1 | KYC/AML/CFT |
| 1.2 | Definition of customer |
| 2 | Guidelines |
| 2.1 | General |
| 2.2 | KYC policy |
| 2.3 | Customer Acceptance Policy |
| 2.4 | Customer Identification Procedure |
| 2.5 | Customer Identification Requirements -- Indicative Guidelines |
| 2.6 | Small deposit accounts |
| 2.7 | Monitoring of transactions |
| 2.8 | Closure of accounts |
| 2.9 | Risk Management |
| 2.10 | Introduction of new technology -- credit/debit/smart/gift card |
| 2.11 | Combating Financing of Terrorism |
| 2.12 | Correspondent banking |
| 2.13 | Wire Transfers |
| 2.14 | Principal Officer |
| 2.15 | Maintenance of records of transactions/information to be preserved/maintenance and preservation of records/Cash and Suspicious Transactions reporting to Financial Intelligence Unit -- |
| 2.16 | Cash and Suspicious Transaction Report |
| 2.17 | Customer Education/Employees'' Training/Employees'' Hiring |
| Annex I -- Indicative list of documents required for opening of accounts | |
| Annex II -- List of reporting formats | |
| Annex III -- UAPA Orders dated August 27, 2009 | |
| Annex IV -- Government of India Notification dated December 16, 2010 | |
| Appendix -- List of circulars consolidated in the Master Circular |
Master Circular on Know Your Customer (KYC) Norms/Anti-Money Laundering (AML) Measures/Combating of Financing of Terrorism (CFT) / Obligations of banks under Prevention of Money Laundering Act (PMLA), 2002
1. Introduction
1.2 Definition of Customer
For the purpose of KYC policy, a ''Customer'' is defined as:
· a person or entity that maintains an account and/or has a business relationship with the bank;
· one on whose behalf the account is maintained (i.e. the beneficial owner);
· beneficiaries of transactions conducted by professional intermediaries, such as Stock Brokers, Chartered Accountants, Solicitors etc. as permitted under the law, and
· any person or entity connected with a financial transaction which can pose significant reputational or other risks to the bank, say, a wire transfer or issue of a high value demand draft as a single transaction.
2. Guidelines
2.1 General
2.2 KYC Policy
Banks should frame their KYC policies incorporating the following four key elements:
(a) Customer Acceptance Policy;
(b) Customer Identification Procedures;
(c) Monitoring of Transactions; and
(d) Risk Management.
2.3 Customer Acceptance Policy (CAP)
a) Every bank should develop a clear Customer Acceptance Policy laying down explicit criteria for acceptance of customers. The Customer Acceptance Policy must ensure that explicit guidelines are in place on the following aspects of customer relationship in the bank:
(i) No account is opened in anonymous or fictitious/benami name(s);
(ii) Parameters of risk perception are clearly defined in terms of the nature of business activity, location of customer and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher;
(iii) Documentation requirements and other information to be collected in respect of different categories of customers depending on perceived risk and keeping in mind the requirements of PML Act, 2002 and instructions/guidelines issued by Reserve Bank from time to time;
(iv) Not to open an account or close an existing account where the bank is unable to apply appropriate customer due diligence measures i.e. bank is unable to verify the identity and /or obtain documents required as per the risk categorisation due to non cooperation of the customer or non reliability of the data/information furnished to the bank. It is, however, necessary to have suitable built in safeguards to avoid harassment of the customer. For example, decision by a bank to close an account should be taken at a reasonably high level after giving due notice to the customer explaining the reasons for such a decision;
(v) Circumstances, in which a customer is permitted to act on behalf of another person/entity, should be clearly spelt out in conformity with the established law and practice of banking as there could be occasions when an account is operated by a mandate holder or where an account is opened by an intermediary in fiduciary capacity and
(vi) Necessary checks before opening a new account so as to ensure that the identity of the customer does not match with any person with known criminal background or with banned entities such as individual terrorists or terrorist organisations etc.
b) The increasing complexity and volume of financial transactions necessitate that customers do not have multiple identities within a bank, across the banking system and across the financial system. This can be achieved by introducing a unique identification code for each customer. In this regard, a Working Group constituted by the Government of India has proposed the introduction of unique identifiers for customers across different banks and Financial Institutions for setting up a centralized KYC Registry. Banks should allot Unique Customer Identification Code (UCIC) to all their customers while entering into any new relationships for individual customers. Similarly, existing individual customers should be allotted unique customer identification code by March 31, 2014. The UCIC will help banks to identify customers, track the facilities availed, monitor financial transactions in a holistic manner and enable banks to have a better approach to risk profiling of customers. It would also smoothen banking operations for the customers.
c) Banks should prepare a profile for each new customer based on risk categorisation. The customer profile may contain information relating to customer''s identity, social/financial status, nature of business activity, information about his clients'' business and their location etc. The nature and extent of due diligence will depend on the risk perceived by the bank. However, while preparing customer profile banks should take care to seek only such information from the customer, which is relevant to the risk category and is not intrusive. The customer profile is a confidential document and details contained therein should not be divulged for cross selling or any other purposes.
d) For the purpose of risk categorisation, individuals (other than High Net Worth) and entities whose identities and sources of wealth can be easily identified and transactions in whose accounts by and large conform to the known profile, may be categorised as low risk. Illustrative examples of low risk customers could be salaried employees whose salary structures are well defined, people belonging to lower economic strata of the society whose accounts show small balances and low turnover, Government Departments and Government owned companies, regulators and statutory bodies etc. In such cases, the policy may require that only the basic requirements of verifying the identity and location of the customer are to be met. Customers that are likely to pose a higher than average risk to the bank should be categorised as medium or high risk depending on customer's background, nature and location of activity, country of origin, sources of funds and his client profile etc. Banks should apply enhanced due diligence measures based on the risk assessment, thereby requiring intensive ''due diligence'' for higher risk customers,...
To continue reading
Request your trial