What are the rules regarding periodical updation of KYC?

Different periodicities have been prescribed for updation of KYC records depending on the risk perception of the bank. KYC is required to be done at least every two years for high risk customers, at least every eight years for medium risk customers and ten years for low risk customers. This exercise would involve all formalities normally taken at the time of opening the account.

Hie Uma, - Different periodicities have been prescribed for updation of KYC records depending on the risk perception of the bank. KYC is required to be done at least every two years for high risk customers, at least every eight years for medium risk customers and ten years for low risk customers. - This exercise would involve all formalities normally taken at the time of opening the account. If there is no change in status with respect to the identity (change in name, etc.) and/or address, such customers who are categorised as ‘low risk’ by the banks may now submit a self-certification to that effect at the time of periodic updation. In case of change of address of such ‘low risk’ customers, they could merely forward a certified copy of the document (proof of address) by mail/post, etc. Physical presence of such low risk customer is not required at the time of periodic updation.

Know Your Customer (KYC) is a process to identify the veracity of a customer’s identity as well residence proof. This is an integral part of establishing business relationship with a customer for banks and financial institutions. Additionally, the KYC process helps prevent banks from being used, intentionally or unintentionally, by criminal elements for money laundering or terrorist financing activities. Last, but not the least, KYC procedures also enable banks to understand their customers and their financial dealings better which in turn help them manage their risks prudently. Banks and financial institutions grapple with the issues related to the KYC compliance. Non-compliance of KYC is a major challenge faced by the banks in India. There are two aspects of KYC compliance that banks need to monitor. The first aspect that they need to check is whether the employees are following the KYC guidelines properly or not. The second, but no less important, is the co-operation of customers. Without help from customers, it is difficult for a bank to build a robust KYC process. The role of the customer is important in the KYC process at two critical steps: first, when the account is opened; second, when the ongoing process of KYC once business relationship has been established. While the first step of KYC is easy to monitor, it is in the ongoing process of KYC that many banks face challenge. The guidelines of Reserve Bank of India (RBI) on KYC process states that banks should follow ‘risk-based’ approach of KYC process and classify customers into low, medium and high risk. The significance of classification lies in the fact that ongoing KYC process is driven by the classification. As per RBI guidelines, “Banks should introduce a system of periodical updation of customer identification data (including photograph/s) after the account is opened. The periodicity of such updation should not be less than once in five years in case of low risk category customers and not less than once in two years in case of high and medium risk categories. Such verification should be done irrespective of whether the account has been transferred from one branch to another and banks are required to also maintain records of transactions as prescribed”. After master circular was issued on 1st July, the RBI carried out amendment in these guidelines for low and medium risk customers which were mentioned by central bank in the notification. So considering the above guidelines, what should a bank do, say for a low risk customer who has failed to produce updated customer identification data? The Bank has two options. First, close the account, especially, if it has become dormant and has nominal balance. Second, the customer should be penalised for failing to submit KYC documents. A bank faces a challenge in intimating customers about the need to re-submit documents, after specified number of years, as many customers move from their initial residence and it also involves cost.

If there is no change in status with respect to the identity (change in name, etc.) and/or address, such customers who are categorised as ‘low risk’ by the banks may now submit a self-certification to that effect at the time of periodic updation.

Different periodicities have been prescribed for updation of KYC records depending on the risk perception of the bank. KYC is required to be done at least every two years for high risk customers, at least every eight years for medium risk customers and ten years for low risk customers. This exercise would involve all formalities normally taken at the time of opening the account. If there is no change in status with respect to the identity (change in name, etc.) and/or address, such customers who are categorised as ‘low risk’ by the banks may now submit a self-certification to that effect at the time of periodic updation. In case of change of address of such ‘low risk’ customers, they could merely forward a certified copy of the document (proof of address) by mail/post, etc. Physical presence of such low risk customer is not required at the time of periodic updation. Thanks