The Reserve Bank of India, which was established on April 1, 1935 in accordance with the provisions of the Reserve Bank of India Act, 1934, serves as the country’s central and primary financial regulator. RBI is responsible for protecting the country’s monetary stability and does so by regulating the economy, issuing currency, promoting growth, and supervising financial institutions. As part of that supervisory role, the RBI works to combat financial crime, with a focus on anti money laundering in India and on countering the financing terrorism.
In its regulatory and supervisory role, the RBI has a broad range of duties and responsibilities, including:
• Issuing licenses to banks wishing to conduct business in India or open new branches.
• Inspecting banks and financial institutions for compliance with RBI regulations,
• Developing and implementing AML/CFT regulations, and pursuing FATF AML/CFT policy
• Issuing directives to non-banking financial institutions that are not influenced by monetary policy.
India is a member of the Financial Action Task Force (FATF) and works to implement the AML/CFT policy set out in the FATF’s 40 recommendation. The FATF Recommendations set out a comprehensive and consistent framework of measures which countries should implement in order to combat money laundering and terrorist financing, as well as the financing of proliferation of weapons of mass destruction.
Reserve Bank of India has issued regulatory guidelines on Know Your Customer (KYC) norms / Anti Money Laundering (AML) Standards / Combating of Financing of Terrorism (CFT) from time to time. Banks were advised to follow certain customer identification procedure for opening of accounts and monitoring transactions of a suspicious nature for the purpose of reporting it to appropriate authority. Banks have been advised to ensure that a proper policy framework on ‘Know Your Customer’ and Anti-Money Laundering measures with the approval of the Board is formulated and put in place.
The objective of KYC/AML/CFT guidelines is to prevent banks from being used, intentionally or unintentionally, by criminal elements for money laundering or terrorist financing activities. KYC procedures also enable banks to know/understand their customers and their financial dealings better which in turn help them manage their risks prudently.
Banks should frame their KYC/AML policies incorporating the following four key elements:
a) Customer Acceptance Policy
• Develop a clear acceptance policy laying down explicit criteria of acceptance of customers.
• Profile customers based on risk categorisation (low, medium & high)
• Policy should not become detrimental to deny banking services to the general public especially to those, who are financially or socially disadvantaged.
b) Customer Identification Procedures
• Identify the customer and verify his/her identity by using reliable, independent source documents, data or information
• Introduce a system of periodical updating of customer identification data.
• Procedures to be carried out at different stages, such as while establishing a banking relationship; carrying out a financial transaction or when the bank has a doubt about the authenticity/veracity or the adequacy of the previously obtained customer identification data.
c) Monitoring of Transactions
• Pay attention to all complex, unusually large transactions and all unusual patterns, which have no apparent economic or visible lawful purpose.
• Subject high risk accounts to intensified monitoring
• Periodical review of risk categorisation and the need for applying enhanced due diligence measures
d) Risk Management
• The Board of Directors of the bank should ensure that an effective KYC programme is put in place establishing appropriate procedures and ensuring their effective implementation
• The program should cover proper management oversight, systems and controls, segregation of duties, training and other related matters
• Internal Audit and Compliance functions play an important role in evaluating and ensuring adherence to the KYC policies and procedures
• Internal auditors should specifically check and verify KYC procedures and comment on gap/lapses observed