KYC Norms in banks

Meaning and Concept of KYC

KYC stands for Know Your Customer. It refers to the process by which banks identify and verify the identity and address of their customers. KYC is not a one-time activity; it is a continuous process carried out throughout the banking relationship. The main purpose of KYC is to ensure that banks know who their customers are, understand the nature of their business, and assess the risk involved in dealing with them.

KYC norms in India are issued mainly by the Reserve Bank of India (RBI) under the Prevention of Money Laundering Act (PMLA), 2002 and related rules. Every bank and financial institution is legally required to follow these norms.

KYC is very important because it forms the foundation of AML (Anti-Money Laundering) and CFT (Combating Financing of Terrorism) frameworks.

Objectives of KYC Norms

The primary objective of KYC norms is to prevent misuse of the banking system. Banks handle public money and therefore must ensure that their services are not used for illegal activities.

The major objectives of KYC include:

  • To prevent money laundering
  • To stop terrorist financing
  • To ensure transparency in financial transactions
  • To protect banks from operational, legal and reputational risks
  • To establish the true identity of customers

By following KYC norms, banks can monitor transactions better and report suspicious activities to regulators.

Legal and Regulatory Framework of KYC in India

KYC norms in India are governed by a combination of laws, rules and RBI guidelines. The most important among them are:

  • Prevention of Money Laundering Act (PMLA), 2002
  • PML Rules, 2005
  • RBI Master Directions on KYC
  • Foreign Exchange Management Act (FEMA), 1999 (indirectly relevant)
  • Unlawful Activities (Prevention) Act (UAPA) for terrorist financing

Banks must comply strictly with these regulations. Non-compliance can result in heavy penalties imposed by RBI.

Key Elements of KYC Policy

RBI requires every bank to have a Board-approved KYC Policy. This policy generally consists of the following core elements:

1. Customer Acceptance Policy (CAP)

Customer Acceptance Policy lays down who can be accepted as a customer. Banks must not open accounts in fictitious or anonymous names. The policy ensures that only genuine customers with valid identity and address proof are allowed to open accounts.

Banks may refuse to open an account if:

  • The customer fails to provide required documents
  • The customer’s identity cannot be verified
  • The customer appears to be high risk without sufficient justification

2. Customer Identification Procedure (CIP)

Customer Identification Procedure involves verifying the identity and address of customers using reliable documents, data or information.

CIP is carried out:

  • At the time of account opening
  • While carrying out high-value transactions
  • When there is doubt about the authenticity of earlier information

3. Monitoring of Transactions

Banks are required to continuously monitor customer transactions to ensure that they are consistent with the customer’s profile and risk category. Any unusual or suspicious transaction must be examined and reported.

4. Risk Management

Banks must classify customers into low, medium or high risk categories and apply due diligence accordingly.

Customer Due Diligence (CDD)

Customer Due Diligence is a critical component of KYC. It refers to the process of collecting, verifying and maintaining customer information.

CDD includes:

  • Identifying the customer
  • Verifying identity using official documents
  • Understanding the purpose of the account
  • Identifying the beneficial owner (if applicable)

Types of Customer Due Diligence

1. Simplified Due Diligence (SDD)

Simplified Due Diligence is applied to low-risk customers such as:

  • Government departments
  • Regulators
  • Public sector companies

In such cases, documentation requirements are minimal.

2. Normal Due Diligence

This is applied to most customers, including individuals and businesses, where standard KYC documents are required.

3. Enhanced Due Diligence (EDD)

Enhanced Due Diligence is applied to high-risk customers, such as:

  • Politically Exposed Persons (PEPs)
  • Non-resident customers
  • Customers from high-risk countries
  • Trusts and NGOs

EDD involves deeper scrutiny, senior management approval and closer transaction monitoring.

Officially Valid Documents (OVDs)

For KYC compliance, RBI has prescribed Officially Valid Documents (OVDs) for identity and address verification.

Common OVDs include:

  • Aadhaar Card
  • Passport
  • Voter ID Card
  • Driving Licence
  • NREGA Job Card
  • PAN Card (mandatory for most accounts)

For address proof, the document should contain the current address. If not, additional documents may be required.

KYC for Different Types of Customers

Individual Customers

For individuals, banks collect:

  • Proof of identity
  • Proof of address
  • PAN or Form 60

Non-Individual Customers

For entities such as companies, firms, trusts and societies, KYC includes:

  • Certificate of incorporation / registration
  • Memorandum and Articles of Association (for companies)
  • Partnership deed (for firms)
  • Trust deed (for trusts)
  • KYC of directors, partners and authorised signatories

Banks must also identify the beneficial owner, i.e., the person who ultimately controls the entity.

Periodic Updation of KYC

KYC is not a one-time process. Banks are required to periodically update customer information based on risk category.

  • High-risk customers: Every 2 years
  • Medium-risk customers: Every 8 years
  • Low-risk customers: Every 10 years

Periodic updation includes updating:

  • Address
  • Identity documents
  • Contact details
  • Occupation and income details

Central KYC Registry (CKYCR)

The Central KYC Registry (CKYCR) is a centralised repository of KYC records. Once a customer completes KYC with one financial institution, the same KYC can be used across other institutions using the CKYC number.

Benefits of CKYCR include:

  • Avoids repeated KYC
  • Improves customer convenience
  • Enhances data accuracy

KYC and Digital Banking

With the growth of digital banking, RBI has permitted:

  • e-KYC using Aadhaar
  • Video KYC (V-CIP)

Video KYC allows banks to verify customers remotely through live video interaction while ensuring security and compliance.

Consequences of Non-Compliance with KYC

Failure to comply with KYC norms can lead to:

  • Monetary penalties by RBI
  • Restriction on business activities
  • Reputational damage to the bank
  • Increased risk of fraud and money laundering

Hence, KYC compliance is a critical responsibility of every bank employee.

Importance of KYC from Exam Perspective

For JAIIB and CAIIB exams, KYC is important because:

  • It is linked with AML, PMLA and Risk Management
  • Questions are often asked on:
    • Objectives of KYC
    • CDD and EDD
    • OVDs
    • Periodic updation
    • CKYCR
  • Both theoretical and case-based MCQs are common

Conclusion

KYC norms are a vital part of the banking system. They help banks identify customers, assess risk, prevent financial crimes and maintain the integrity of the financial system. For a banker, understanding KYC is not only important for regulatory compliance but also essential for safe and responsible banking operations.