1. Know Your Customer Standards
-
a) The objective of the KYC guidelines is to prevent payment institutions from being
used, intentionally or
unintentionally, by criminal elements for money laundering activities. KYC
procedures enable
payment institutions to know/understand their customers and their financial dealings
better which in turn help
them manage their risks prudently. The revised KYC policy of the payment institution
incorporates the following
four elements:
- i. Customer Acceptance Policy (CAP)
- ii. Customer Identification Procedures (CIP)
- iii. Monitoring of Transactions; and
- iv. Risk Management
-
b) A customer for the purpose of KYC Policy is defined as:
- A person or entity that maintains an account and/or has a business
relationship with the payment institution
- One on whose behalf the account is maintained (i.e., the beneficial owner)
- Any person or entity connected with a financial transaction which can pose
significant
reputational or other risks to the payment institution, say, a wire transfer
or issue of high value demand
draft as a single transaction.
2. Customer Acceptance Policy (CAP)
-
a) The following Customer Acceptance Policy indicating the criteria for acceptance
of customers shall
be followed in the payment institution. Payment institution shall accept customer
strictly in accordance with the said
policy:
- i. No account shall be opened in anonymous or fictitious/benami name(s)
- ii. Parameters of risk perception shall be clearly defined in terms of the
nature of business
activity, location of customer and his clients, mode of payments, volume of
turnover,
social and financial status etc., to enable categorization of customers into
low, medium
and high risk called Level I, Level II and Level III respectively; Customers
requiring very
high level of monitoring e.g., Politically Exposed Persons (PEPs) may be
categorized as
Level IV.
- iii. Payment institution shall collect documents and other information from
the customer depending
on perceived risk and keeping in mind the requirements of AML Act, 2002
- iv. Payment institution shall close an existing account or shall not open a
new account where it is
unable to apply appropriate customer due diligence measures i.e., branch is
unable to
verify the identity and/or obtain documents required as per the risk
categorization due to
non cooperation of the customer or non reliability of data/information
furnished to the
branch. Payment institution shall, however, ensure that these measures do
not lead to the
harassment of the customer. However, in case the account is required to be
closed on this
ground, payment institution shall do so only after permission of J/DGM (I&V)
of their concerned
Zonal Offices is obtained. Further, the customer should be given a prior
notice of at least
20 days wherein reasons for closure of his account should also be mentioned.
- v. The Updated Manual of Instructions (Chapter 2 Volume I) provides detailed
guidelines as
to the mode of operations of different types of accounts and the
circumstances in which a
customer is permitted to act on behalf of another person/entity. Payment
institution is
advised to strictly follow these instructions.
- vi. Payment institution shall make necessary checks before opening a new
account so as to ensure
that the identity of the customer does not match with any person with known
criminal
background or with banned entities such as individual terrorists or
terrorist organizations,
etc.
-
b) Payment institution shall prepare a profile for each new customer based on risk
categorization.
It has devised a revised Composite Account Opening Form for recording and
maintaining the
profile of each new customer. Revised form is separate for Individuals, Companies
and other legal entities or special accounts e.g., account in the name of brand
names, domain names, etc.
-
c) The risk to the customer shall be assigned on the following basis:
- i. Low Risk (Level I):
Individuals (other than High Net Worth) and entities whose identities and
sources of wealth can
be easily identified and transactions in whose accounts by and large conform
to the known profile
may be categorized as low risk.
-
ii. Medium Risk (Level II):
Customers that are likely to pose a higher than average risk to the payment
institution may be categorized as
medium or high risk depending on customer’s background, nature and location
of activity, country
of origin, sources of funds and his client profile etc;
-
iii. High Risk (Level III):
Payment institution may apply enhanced due diligence measures based on the
risk assessment, thereby
requiring intensive ‘due diligence’ for higher risk customers, especially
those for whom the
sources of funds are not clear.
The persons requiring very high level of monitoring may be categorized as Level IV.
3. Customer Identification Procedure (CIP)
-
a) Customer identification means identifying the person and verifying his/her
identity by using
reliable, independent source documents, data or information. Payment institution
need to obtain
sufficient information necessary to establish, to their satisfaction, the identity
of each new
customer, whether regular or occasional. Being satisfied means that payment
institution is able to satisfy the competent authorities
that due diligence was observed based on the risk profile of the customer in
compliance of the
extant guidelines in place. Besides risk perception, the nature of
information/documents required
would also depend on the type of customer (individual, corporate, etc). For
customers that are
natural persons,payment institution shall obtain sufficient identification data to
verify the identity of the
customer, his address/location, and also his passport. For customers that are legal
persons or entities, payment institution shall (i) verify the legal status of the
legal person/entity through
proper and relevant documents (ii) verify that any person purporting to act on
behalf of the legal
person/entity is so authorized and identify and verify the identity of that person
(iii) understand
the ownership and control structure of the customer and determine who are the
natural persons
who ultimately control the legal person. Customer Identification requirements in
respect of a few
typical cases, especially, legal persons requiring an extra element of caution are
given in
guidance of payment institution.
-
b) If payment institution decides to accept such accounts in terms of the Customer
Acceptance Policy, it shall take reasonable measures to identify the beneficial
owner(s) and verify his/her/their
identity in a manner so that it is satisfied that it knows who the beneficial
owner(s) is/are. An
indicative list of the nature and type of documents/information that may be relied
upon for
customer identification.
4. Monitoring of Transactions
-
a) Continuous monitoring is an essential ingredient of effective KYC procedures and
the extent of
monitoring should be according to the risk sensitivity of the account. Payment
institution shall pay special
attention to all complex, unusually large transactions and all unusual patterns
which have no
apparent economic or visible lawful purpose. High risk accounts shall be subjected
to intensive monitoring.
-
b) Compliance shall specifically check and verify the application of KYC
procedures at payment institution and comment on the lapses if any observed in this
regard. All staff members shall be provided training on Anti Money Laundering. The
focus of training
shall be different for frontline staff, compliance staff and staff dealing with new
customers.
5. KYC for the Existing Accounts
As per extant guidelines, payment institution is required to obtain Composite Account
Opening
Form from all the existing customers.
Send your questions to [email protected]. Smart Payment Solutions a.s., reg. number 046 83 811 © 2016 — 2021