Ozg NBFC Consultant
Ozg Center | Delhi | Mumbai | Chennai | Bangalore | Kolkata
Back Office Phone # 09811415831-37-61-72-84-92-94
W: nbfc.in | Email: ask@nbfc.in
RBI/2013-14/41
DNBS (PD) CC No.339 /03.10.42/ 2013-14
DNBS (PD) CC No.339 /03.10.42/ 2013-14
July 1, 2013
To
All Non-Banking Financial Companies (NBFCs),
Miscellaneous Non-Banking Companies (MNBCs),
and Residuary Non-Banking Companies (RNBCs)
Miscellaneous Non-Banking Companies (MNBCs),
and Residuary Non-Banking Companies (RNBCs)
Dear Sirs,
Master Circular – 'Know Your Customer' (KYC)
Guidelines – Anti Money Laundering Standards (AML) -'Prevention of
Money Laundering Act, 2002 - Obligations of NBFCs in terms of Rules
notified thereunder’
As you are aware, in order to have all current instructions on
the subject at one place, the Reserve Bank of India issues Master
Circulars on various topics. In accordance with the approach, a master
circular on the captioned subject, updated up to 30th June 2013 is
being issued. It may be noted that the Master Circular consolidates and
updates all the instructions contained in the notifications listed in
the Appendix, in so far they relate to the subject. The Master Circular
has also been placed on the RBI web-site (http://www.rbi.org.in). A copy of the Master Circular is enclosed.
Yours faithfully,
(N. S. Vishwanathan)
Principal Chief General Manager
Principal Chief General Manager
I. Introduction
Purpose
NBFCs were advised to follow certain customer
identification procedure for opening of accounts and monitoring
transactions of a suspicious nature for the purpose of reporting it to
appropriate authority. These ‘Know Your Customer’ guidelines have been
revisited in the context of the Recommendations made by the Financial
Action Task Force (FATF) on Anti Money Laundering (AML) standards and
on Combating Financing of Terrorism (CFT). Detailed guidelines based on
the Recommendations of the Financial Action Task Force and the paper
issued on Customer Due Diligence (CDD) for NBFCs by the Basel Committee
on Banking Supervision, with indicative suggestions wherever
considered necessary, have been issued. NBFCs have been advised to
ensure that a proper policy framework on ‘Know Your Customer’ and
Anti-Money Laundering measures with the approval of the Board is
formulated and put in place.
2. This Master Circular aims at consolidating all
the instructions/guidelines issued by RBI on Know Your Customer (KYC)
norms/Anti-Money Laundering (AML) standards/Combating Financing of
Terrorism (CFT)/Obligations of NBFCs under PMLA, 2002. The Master
Circular has been placed on the RBI website (http://www.rbi.org.in).
Previous instructions
A list of circulars issued in this regard is given in Appendix.
Application
i) The instructions, contained in the master circular, are applicable to all NBFCs.
ii) These guidelines are issued under Sections 45K and 45L of the
RBI Act, 1934 and any contravention of the same or non-compliance
will attract penalties under the relevant provisions of the Act. and
Rule 7 of Prevention of Money-Laundering (Maintenance of Records of the
Nature and Value of Transactions, the Procedure and Manner of
Maintaining and Time for Furnishing Information and Verification and
Maintenance of Records of the Identity of the Clients of the Banking
Companies, Financial Institutions and Intermediaries) Rules, 2005.
iii) This Master Circular consolidates all the circulars issued on the subject up to June 30, 2012.
The ‘Know Your Customer’
guidelines were issued in February 2005 revisiting the earlier
guidelines issued in January 2004 in the context of the Recommendations
made by the Financial Action Task Force (FATF) on Anti Money
Laundering (AML) standards and on Combating Financing of Terrorism
(CFT). These standards have become the international benchmark for
framing Anti Money Laundering and combating financing of terrorism
policies by the regulatory authorities. Compliance with these standards
by the banks/financial institutions/NBFCs in the country have become
necessary for international financial relationships. The Department of
Banking Operations and Development of Reserve Bank has issued detailed
guidelines to the banks based on the Recommendations of the Financial
Action Task Force and the paper issued on Customer Due Diligence (CDD)
for banks by the Basel Committee on Banking Supervision, with
indicative suggestions wherever considered necessary, a copy of same is
enclosed as per Annex-VI.
These guidelines are equally applicable to NBFCs. All NBFCs are,
therefore, advised to adopt the same with suitable modifications
depending on the activity undertaken by them and ensure that a proper
policy framework on ‘Know Your Customer’ and Anti-Money Laundering
measures is formulated and put in place with the approval of the Board
within three months of the date of this circular. NBFCs were advised to
ensure that they are fully compliant with the instructions before
December 31, 2005.
2. While preparing operational guidelines NBFCs may bear in mind
that the information collected from the customer for the purpose of
opening of account should be kept as confidential and not divulge any
details thereof for cross selling or any other purposes. NBFCs may,
therefore, ensure that information sought from the customer is relevant
to the perceived risk, is not intrusive, and is in conformity with
the guidelines issued in this regard. Any other information from the
customer should be sought separately with his /her consent and after
opening the account.
3. As it is necessary that the guidelines should be equally
applicable to the persons authorised by NBFCs including brokers/agents
etc. collecting public deposits on behalf of NBFCs, it was advised on
October 11, 2005 that:
i. Adherence to Know Your Customer (KYC) guidelines by NBFC and persons authorised by NBFCs including brokers/agents etc.
An obligation has been cast on the banking companies, financial
institutions and intermediaries, by the Prevention of Money Laundering
Act, 2002 (Chapter IV), to comply with certain requirements in regard
to maintenance of record of the transactions of prescribed nature and
value, furnishing of information relating to those transactions and
verification and maintenance of the records of identity of all its
clients in prescribed manner. Accordingly, instructions were issued to
NBFCs vide our circular DNBS (PD) CC No. 48 /10.42/ 2004-05 dated February 21, 2005.
As regards deposits collected by persons authorised by NBFCs
including brokers/agents etc. inasmuch as such persons are collecting
the deposits on behalf of the NBFC, it shall be the sole responsibility
of the NBFC to ensure full compliance with the KYC guidelines by such
persons. The NBFC should make available all information to the Bank to
verify the compliance with the KYC guidelines and accept full
consequences of any violation by the persons authorised by NBFCs
including brokers/agents etc. who are operating on its behalf.
With regard to RNBCs a separate CC No.46 dated December 30, 2004
was issued delineating a road map for them wherein the guidelines were
issued as under:
In respect of new customers acquired after April 1, 2004, KYC
guidelines as stated in the circular CC No.48 should be complied with
in all cases. However, for the existing customers, initially, KYC
guidelines should be complied in respect of large customers whose
aggregate deposit exceeds Rs.1 lakh. For the remaining existing
accounts, the companies should ensure that the details of the customers
are updated at the time of renewal of the deposit. This should,
however, not result in unnecessary harassment of customers.
As regards deposits collected by agents / sub-agents in as much
as the agent / sub-agent is collecting the deposits on behalf of the
RNBC, it shall be the sole responsibility of the RNBC to ensure full
compliance with the KYC guidelines by its agents and sub-agents. The
RNBC should make available all information to the regulator or his
nominee to verify the compliance with the KYC guidelines and accept
full consequences of any violation by the agent / sub-agent who is
operating on its behalf.
ii. Due diligence of persons authorised by NBFCs including brokers/agents etc.
As an extension of the KYC Guidelines, NBFCs should put in place a
process of due diligence in respect of persons authorised by NBFCs
including brokers/agents etc. collecting deposits on behalf of the
company through a uniform policy for appointment and detailed
verification. Details of due diligence conducted may be kept on record
with the company for verification. Compliance in this regard were to be
reported to RBI by December 31, 2005.
In the depositors’ interests and for enhancing transparency of
operations, the companies should have systems in place to ensure that
the books of accounts of persons authorised by NBFCs including
brokers/agents etc, so far as they relate to brokerage functions of the
company, are available for audit and inspection whenever required.
RNBCs were also advised on the same lines vide CC No 46 dated
December 30, 2004 mentioned above and were advised to report compliance
to RBI by January 31, 2005.
iii. Customer service in terms of identifiable contact with persons authorised by NBFCs including brokers/agents etc.
All deposit receipts should bear the name and Registered Office
address of the NBFC and must invariably indicate the name of the persons
authorised by NBFCs including brokers/agents etc. and their addresses
who mobilised the deposit and the link office with the telephone
number of such officer and/or persons authorised by NBFCs including
brokers/agents etc in order that there is a clear indication of the
identifiable contact with the field persons and matters such as
unclaimed / lapsed deposits, discontinued deposits, interest payments
and other customer grievances are appropriately addressed. The
companies may also evolve suitable review procedures to identify
persons authorised by NBFCs including brokers/agents etc. in whose
cases the incidence of discontinued deposits is high for taking
suitable action.
RNBCs were also advised on the same lines vide CC No 46/ 02.02 (RNBC)/ 2004-05 dated December 30, 2004 as mentioned above.
4. It was clarified in March 2006 that although flexibility in
the requirement of documents of identity and proof of address has been
provided in the circular mentioned above yet there may be instances
where certain persons, especially, those belonging to low income group
both in urban and rural areas may not be able to produce such documents
to satisfy the NBFC about their identity and address. Hence, it has
been decided to further simplify the KYC procedure for opening accounts
by NBFCs for those persons who intend to keep balances not exceeding
rupees fifty thousand (Rs. 50,000/-) in all their accounts taken
together and the total credit in all the accounts taken together is not
expected to exceed rupees one lakh (Rs. 1,00,000/-) in a year.
5. Accordingly, in case a person who wants to open an account is
not able to produce documents mentioned in Annexure II of DBOD circular
enclosed with our circular dated February 21, 2005, NBFCs may open
accounts as described in paragraph 2 above, subject to
a) introduction from another account holder who has been
subjected to full KYC procedure. The introducer’s account with the NBFC
should be at least six month old and should show satisfactory
transactions. Photograph of the customer who proposes to open the
account and also his address needs to be certified by the introducer.
or
b) any other evidence as to the identity and address of the customer to the satisfaction of the NBFC.
6. While opening accounts as described above, the
customer should be made aware that if at any point of time, the
balances in all his/her accounts with the NBFC (taken together) exceeds
rupees fifty thousand (Rs. 50,000/-) or total credit in the account
exceeds rupees one lakh (Rs. 1,00,000/-), no further transactions will
be permitted until the full KYC procedure is completed. In order not to
inconvenience the customer, the NBFC must notify the customer when the
balance reaches rupees forty thousand (Rs. 40,000/-) or the total
credit in a year reaches rupees eighty thousand (Rs. 80,000/-) that
appropriate documents for conducting the KYC must be submitted
otherwise the operations in the account will be stopped when the total
balance in all the accounts taken together exceeds rupees fifty
thousand (Rs. 50,000/-) or the total credit in the accounts exceeds
rupees one lakh (Rs. 1,00,000/-) in a year. NBFCs were advised to issue
suitable instructions to their branches for implementation in this
regard.
7. It was further clarified to NBFCs in April 2008 that for the purpose of Circular dated February 21, 2005 the term 'being satisfied'
means that the NBFC must be able to satisfy the competent authorities
that due diligence was observed based on the risk profile of the
customer in compliance with the extant guidelines in place. An indicative list of the nature and type of documents/ information that may be relied upon for customer identification was also given in the Annex-VIII
to this circular. It may happen that Annex-VIII, which was clearly
termed as an indicative list, may be treated by some NBFCs as an
exhaustive list as a result of which a section of public may be denied
access to financial services. NBFCs are, therefore, advised to take a
review of their extant internal instructions in this regard.
8. It is clarified that permanent correct
address, as referred to in Annex-VIII of this circular, means the
address at which a person usually resides and can be taken as the
address as mentioned in a utility bill or any other document accepted
by the NBFC for verification of the address of the customer. In case
utility bill is not in the name of person depositing money but is close
relative wife, son, daughter and parents etc. who live with their
husband, father/mother and son, NBFCs can obtain an identity document
and a utility bill of the relative with whom the prospective customer
is living along with a declaration from the relative that the said
person (prospective customer) wanting to open an account is a relative
and is staying with him/her. NBFCs can use any supplementary evidence
such as a letter received through post for further verification of the
address. While issuing operational instructions to the branches on the
subject, NBFCs should keep in mind the spirit of instructions issued by
the Reserve Bank and avoid undue hardships to individuals who are,
otherwise, classified as low risk customers.
9. In terms of extant instructions, NBFCs are
required to put in place a system of periodical review of risk
categorisation of accounts and the need for applying enhanced due
diligence measures in case of higher risk perception on a customer.
NBFCs are further advised that such review of risk categorisation of
customers should be carried out at a periodicity of not less
than once in six months. NBFCs also introduce a system of periodical
updation of customer identification data (including photograph/s) after
the account is opened. The periodicity of such updation should not be
less than once in five years in case of low risk category customers
and not less than once in two years in case of high and medium risk
categories.
10. NBFCs have been further advised in terms of
extant instructions that KYC/AML guidelines issued by Reserve Bank of
India shall also apply to their branches and majority owned
subsidiaries located outside India, especially, in countries which do
not or insufficiently apply the FATF Recommendations, to the extent
local laws permit. It is further clarified that in case there is a
variance in KYC/AML standards prescribed by the Reserve Bank and the
host country regulators, branches/overseas subsidiaries of NBFCs are
required to adopt the more stringent regulation of the two.
11. Letter issued by Unique Identification Authority of India (UIDAI) containing details of name, address and Aadhaar number
The Government of India issued a Notification No.
14/2010/F.No. 6/2/2007-ES dated December 16, 2010 which recognises the
letter issued by Unique Identification Authority of India (UIDAI)
containing details of name, address and Aadhaar number, as an
officially valid document as contained in Rule 2(1)(d) of the PML
Rules, 2005.
It has been decided to accept the letter issued
by the (UIDAI) as an officially valid document for opening of accounts.
Attention was invited to Annex VI para 3 of Master Circular No 231
dated July 1, 2011 on KYC/AML/PMLA dealing with customer
identification. All NBFCs were advised that, while opening accounts
based on Aadhaar also, NBFCs must satisfy themselves about the current
address of the customer by obtaining required proof of the same as per
extant instructions.
Further all NBFCs were advised to confirm
compliance to these instructions to Regional Offices of DNBS under whose
jurisdiction they are registered.
11A 1Non-Deposit
taking NBFCs with assets of Rs 25 cr and above and all Deposit taking
NBFCs were advised that the Reserve Bank of India has been, from time
to time, issuing guidelines on KYC/AML/CFT measures. The increasing
complexity and volume of financial transactions necessitate that
customers do not have multiple identities within a Financial Institution
or across the financial system. This can be achieved by introducing a
unique identification code for each customer. In this regard, a Working
Group constituted by the Government of India has proposed the
introduction of unique identifiers for customers across different
Financial Institutions for setting up a centralized KYC Registry.
While setting up such a system for the entire
financial system is likely to take time, NBFCs were advised to make an
immediate beginning in this regard by putting in place such
identification code for their own customers. The UCIC will help NBFCs
to identify customers, track the facilities availed, monitor financial
transactions in a holistic manner and enable NBFCs to have a better
approach to risk profiling of customers. It would also smoothen NBFC’s
operations for the customers.
Consequently, NBFCs were advised to initiate
steps for allotting Unique Customer Identification Code (UCIC) to all
their customers while entering into any new relationships. Similarly,
existing individual customers may also be allotted UCIC by end-June
2013.
1. Detailed guidelines on Customer Due Diligence
(CDD) measures to be made applicable to Politically Exposed Person
(PEP) and their family members or close relatives are contained in Annex VII to the Master Circular No.151/03.10.42/2009-10 dated July 1, 2009.
It is further advised that in the event of an existing customer or the
beneficial owner of an existing account, subsequently becoming a PEP,
NBFCs (including RNBCs) should obtain senior management approval to
continue the business relationship and subject the account to the CDD
measures as applicable to the customers of PEP category including
enhanced monitoring on an ongoing basis.
It was further clarified that the instructions
are also applicable to accounts where PEP is the ultimate beneficial
owner. Further, in regard to PEP accounts, it is reiterated that NBFCs
should have appropriate ongoing risk management procedures for
identifying and applying enhanced CDD to PEPs, customers who are close
relatives of PEPs, and accounts of which PEP is the ultimate beneficial
owner.
In terms of instructions contained in Para 15(1)
of the Master Circular No 184 dated July 1, 2010 in the event of an
existing customer or the beneficial owner of an existing account,
subsequently becoming a PEP, NBFCs (including RNBCS) were advised to
obtain senior management approval to continue the business relationship
and subject the account to the CDD measures as applicable to the
customers of PEP category including enhanced monitoring on an ongoing
basis.
When the NBFC has knowledge or reason to believe
that the client account opened by a professional intermediary is on
behalf of a single client, that client must be identified. NBFCs may
hold 'pooled' accounts managed by professional intermediaries on behalf
of entities like mutual funds, pension funds or other types of funds.
NBFCs also maintain 'pooled' accounts managed by lawyers/chartered
accountants or stockbrokers for funds held 'on deposit' or 'in escrow'
for a range of clients. Where funds held by the intermediaries are not
co-mingled at the NBFCs and there are 'sub-accounts', each of them
attributable to a beneficial owner, all the beneficial owners must be
identified. Where such funds are co-mingled at the NBFC, the NBFC
should still look through to the beneficial owners. Further, in terms
of paragraph 3 of Annex-VI of the above mentioned Master Circular, if a
NBFC decides to accept an account in terms of the Customer Acceptance
Policy, NBFC should take reasonable measures to identify the beneficial
owner(s) and verify his/her/their identity in a manner so that it is
satisfied that it knows who the beneficial owner(s) is/are. Therefore,
under the extant AML/CFT framework it is not possible for professional
intermediaries like Lawyers and Chartered Accountants, etc. who are
bound by any client confidentiality that prohibits disclosure of the
client details, to hold an account on behalf of their clients.
It was therefore, reiterated that NBFCs should
not allow opening and/or holding of an account on behalf of a client/s
by professional intermediaries, like Lawyers and Chartered Accountants,
etc., who are unable to disclose true identity of the owner of the
account/funds due to any professional obligation of customer
confidentiality. Further, any professional intermediary who is under
any obligation that inhibits NBFCs ability to know and verify the true
identity of the client on whose behalf the account is held or beneficial
ownership of the account or understand true nature and purpose of
transaction/s, should not be allowed to open an account on behalf of a
client.
NBFCs have been advised that internal guidelines
for customer identification procedure of legal entities may be framed by
them based on their experience of dealing with such entities, normal
lenders prudence and the legal requirements as per established
practices. If the NBFCs/RNBCs decide to accept such accounts in terms
of the Customer Acceptance Policy, the NBFC should take reasonable
measures to identify the beneficial owner(s) and verify his / her /
their identity in a manner so that it is satisfied that it knows who
the beneficial owner(s) is /are.
Further they were advised that for sake of
clarity, in case of accounts of proprietorship concerns, it has been
decided to lay down criteria for the customer identification procedure
for account opening by proprietary concerns. Accordingly, apart from
following the extant guidelines on customer identification procedure as
applicable to the proprietor, NBFCs/RNBCs should call for and verify
the following documents before opening of accounts in the name of a
proprietary concern:
i) Proof of the name, address and activity of the
concern, like registration certificate (in the case of a registered
concern), certificate/licence issued by the Municipal authorities under
Shop & Establishment Act, sales and income tax returns, CST / VAT
certificate, certificate / registration document issued by Sales Tax /
Service Tax / Professional Tax authorities, Licence issued by the
Registering authority like Certificate of Practice issued by Institute
of Chartered Accountants ofIndia, Institute of Cost Accountants of
India, Institute of Company Secretaries of India, Indian Medical
Council, Food and Drug Control Authorities, etc.
ii) Any registration / licensing document issued
in the name of the proprietary concern by the Central Government or
State Government Authority/ Department. NBFCs/RNBCs may also accept IEC
(Importer Exporter Code) issued to the proprietary concern by the
office of DGFT as an identity document for opening of account.
iii) The complete Income Tax return (not just the
acknowledgement) in the name of the sole proprietor where the firm's
income is reflected, duly authenticated/acknowledged by the Income Tax
Authorities.
iv) Utility bills such as electricity, water, and landline telephone bills in the name of the proprietary concern.
v) Any two of the above documents would suffice. These documents should be in the name of the proprietary concern.
NBFCs (including RNBCs) have been advised in Para 10 of Annex VI
to the above said Master Circular dated July 1, 2009 that NBFCs
(including RNBCs) should appoint a senior management officer to be
designated as Principal Officer and the role and responsibilities of
the Principal Officer have been detailed therein. With a view to enable
the Principal Officer to discharge his responsibilities, it is advised
that the Principal Officer and other appropriate staff should have
timely access to customer identification data and other CDD information,
transaction records and other relevant information. Further, NBFCs
(including RNBCs) should ensure that the Principal Officer is able to
act independently and report directly to the senior management or to
the Board of Directors.It was clarified that the role and
responsibilities of the Principal Officer should include overseeing and
ensuring overall compliance with regulatory guidelines on KYC/AML/CFT
issued from time to time and obligations under the Prevention of Money
Laundering Act, 2002, rules and regulations made thereunder, as amended
form time to time.
With a view to preventing NBFCs from being used,
intentionally or unintentionally, by criminal elements for money
laundering or terrorist financing, it was clarified that whenever there
is suspicion of money laundering or terrorist financing or when other
factors give rise to a belief that the customer does not, in fact, pose
a low risk, NBFCs were advised to carry out full scale customer due
diligence (CDD) before opening an account.
Attention was invited to the instructions
contained in Para 2 (iv) Annex-VI of the Master Circular in terms of
which a NBFC should not open an account (or should consider closing an
existing account) when it is unable to apply appropriate CDD measures.
It was clarified that in the circumstances when a NBFC believes that it
would no longer be satisfied that it knows the true identity of the
account holder, the Company should also file an STR with FIU-IND.
III. Prevention of Money Laundering Act, 2002 - Obligations of NBFCs in terms of Rules notified thereunder’
1. NBFCs were advised to
appoint a Principal Officer and put in place a system of internal
reporting of suspicious transactions and cash transactions of Rs.10
lakh and above. In this connection, Government of India, Ministry of
Finance, Department of Revenue, issued a notification dated July 1,
2005 in the Gazette of India, notifying the Rules under the Prevention
of Money Laundering Act (PMLA), 2002. In terms of the Rules, the
provisions of PMLA, 2002 have come into effect from July 1, 2005.
Section 12 of the PMLA, 2002 casts certain obligations on the NBFCs in
regard to preservation and reporting of customer account information.
NBFCs are, therefore, advised to go through the provisions of PMLA,
2002 and the Rules notified there under and take all steps considered
necessary to ensure compliance with the requirements of section 12 of
the Act ibid.
NBFCs should introduce a system of maintaining proper record of transactions prescribed under Rule 3, as mentioned below:
(i) all cash transactions of the value of more than rupees ten lakh or its equivalent in foreign currency;
(ii) all series of cash transactions integrally connected to each
other which have been valued below rupees ten lakh or its equivalent
in foreign currency where such series of transactions have taken place
within a month and the aggregate value of such transactions exceeds
rupees ten lakh;
(iii) all cash transactions where forged or counterfeit currency
notes or bank notes have been used as genuine and where any forgery of a
valuable security has taken place;
(iv) all suspicious transactions whether or not made in cash and
in manner as mentioned in the Rules framed by Government of India under
the Prevention of Money Laundering Act , 2002.
NBFCs are required to maintain the following information in respect of transactions referred to in Rule 3:
i) the nature of the transactions;
ii) the amount of the transaction and the currency in which it was denominated;
iii) the date on which the transaction was conducted; and
iv) the parties to the transaction.
NBFCs should take appropriate steps to evolve a system for proper
maintenance and preservation of account information in a manner that
allows data to be retrieved easily and quickly whenever required or when
requested by the competent authorities. Further, NBFCs should maintain
for at least ten years from the date of cessation of transaction
between the NBFCs and the client, all necessary records of
transactions, both domestic or international, which will permit
reconstruction of individual transactions (including the amounts and
types of currency involved if any) so as to provide, if necessary,
evidence for prosecution of persons involved in criminal activity.
NBFCs should ensure that records pertaining to the identification
of the customer and his address (e.g. copies of documents like
passports, identity cards, driving licenses, PAN, utility bills etc.)
obtained while opening the account and during the course of business
relationship, are properly preserved for at least ten years after the
business relationship is ended. The identification records and
transaction data should be made available to the competent authorities
upon request.
(i) The Prevention of Money Laundering (Amendment) Act, 2009
(No. 21 of 2009) has come into force with effect from June 01, 2009 as
notified by the Government. In terms of Sub-Section 2(a) of Section 12
of The Prevention of Money Laundering (Amendment) Act, 2009 (PMLA,
2009), the records referred to in clause (a) of Sub-Section (1) of
Section 12 shall be maintained for a period of ten years from the date
of transaction between the clients and the banking company and in terms
of Sub-Section 2(b) of Section 12 of the Act ibid, the records
referred to in clause (c) of Sub-Section (1) of Section 12 shall be
maintained for a period of ten years from the date of cessation of
transaction between the clients and the banking company.
(ii) NBFCs (including RNBCs) are advised to maintain for at least
ten years from the date of transaction between the NBFC (including
RNBC) and the client, all necessary records of transactions referred to
at Rule 3 of the Prevention of Money-Laundering (Maintenance of
Records of the Nature and Value of Transactions, the Procedure and
Manner of Maintaining and Time for Furnishing Information and
Verification and Maintenance of Records of the Identity of the Clients
of the Banking Companies, Financial Institutions and Intermediaries)
Rules, 2005 (PMLA Rules), both domestic or international, which will
permit reconstruction of individual transactions (including the amounts
and types of currency involved, if any) so as to provide, if
necessary, evidence for prosecution of persons involved in criminal
activity.
(iii) However, records pertaining to the identification of the
customer and his address (e.g. copies of documents like passports,
identity cards, driving licenses, PAN card, utility bills etc.)
obtained while opening the account and during the course of business
relationship, as indicated in paragraph 4 of the of the above said
Master Circular dated July 1, 2009, would continue to be preserved for
at least ten years after the business relationship is ended as required
under Rule 10 of the Rules ibid.
It is advised that in terms of the PMLA rules, NBFCs are required
to report information relating to cash and suspicious transactions to
the Director, Financial Intelligence Unit-India (FIU-IND) at the
following address:
Director, FIU-IND,
Financial Intelligence Unit-India,
6th Floor, Hotel Samrat,
Chanakyapuri,
New Delhi-110021
Financial Intelligence Unit-India,
6th Floor, Hotel Samrat,
Chanakyapuri,
New Delhi-110021
I) NBFCs should carefully go through all the reporting formats.
There are altogether five reporting formats prescribed for a banking
company viz. i) Manual reporting of cash transactions ii) Manual
reporting of suspicious transactions iii) Consolidated reporting of
cash transactions by Principal Officer of the bank iv) Electronic data
structure for cash transaction reporting and v) Electronic data
structure for suspicious transaction reporting which are enclosed to
this circular. The reporting formats contain detailed guidelines on the
compilation and manner/procedure of submission of the reports to
FIU-IND. NBFCs are advised to adopt the format
prescribed for banks with suitable modifications. It would be necessary
for NBFCs to initiate urgent steps to ensure electronic filing of cash
transaction report (CTR) as early as possible. The related
hardware and technical requirement for preparing reports in an
electronic format, the related data files and data structures thereof
are furnished in the instructions part of the concerned formats.
However, NBFCs which are not in a position to immediately file
electronic reports may file manual reports to FIU-IND. While detailed
instructions for filing all types of reports are given in the
instructions part of the related formats, NBFCs should scrupulously
adhere to the following:
(a) The cash transaction report (CTR) for each month should be
submitted to FIU-IND by 15th of the succeeding month. While filing CTR,
individual transactions below rupees fifty thousand may not be
included;
(b) The Suspicious Transaction Report (STR) should be furnished
within 7 days of arriving at a conclusion that any transaction, whether
cash or non-cash, or a series of transactions integrally connected are
of suspicious nature. The Principal Officer should record his reasons
for treating any transaction or a series of transactions as suspicious.
It should be ensured that there is no undue delay in arriving at such a
conclusion once a suspicious transaction report is received from a
branch or any other office. Such report should be made available to the
competent authorities on request;
(c) The Principal Officer will be responsible for timely submission of CTR and STR to FIU-IND;
(d) Utmost confidentiality should be maintained in filing of CTR
and STR with FIU-IND. The reports may be transmitted by speed/
registered post, fax, email at the notified address;
(e) It should be ensured that the reports for all the branches are filed in one mode i.e. electronic or manual;
(f) A summary of cash transaction report for the NBFC as a whole
may be compiled by the Principal Officer of the NBFC in physical form
as per the format specified. The summary should be signed by the
Principal Officer and submitted both for manual and electronic
reporting.
6. NBFCs
may not put any restrictions on operations in the accounts where an STR
has been made. However, it should be ensured that there is no tipping off to the customer at any level.
7. In terms of instructions contained
in the guidelines on ‘Know Your Customer Norms’ and ‘Anti-Money
Laundering Measures’ of our circular dated February 21, 2005, NBFCs are
required to prepare a profile for each customer based on risk
categorization. Further, vide paragraph 4 of our circular DNBS(PD). CC 68 /03.10.042/2005-06 dated April 5, 2006,
the need for periodical review of risk categorization has been
emphasized. It is, therefore, reiterated that NBFCs, as a part of
transaction monitoring mechanism, are required to put in place an
appropriate software application to throw alerts when the transactions
are inconsistent with risk categorization and updated profile of
customers. It is needless to add that a robust software throwing alerts
is essential for effective identification and reporting of suspicious
transactions.
8. In paragraph 7 of our circular dated
April 5, 2006, referred to above, NBFCs were advised to initiate
urgent steps to ensure electronic filing of cash transaction report
(CTR) and Suspicious Transaction Reports (STR) to FIU-IND. It has been
reported by FIU-IND that many NBFCs are yet to file electronic reports.
It is, therefore, advised that in case of NBFCs, where all the
branches are not yet fully computerized, the Principal Officer of the
NBFC should cull out the transaction details from branches which are
not computerized and suitably arrange to feed the data into an
electronic file with the help of the editable electronic utilities of
CTR/STR as have been made available by FIU-IND on their website http://fiuindia.gov.in.
9. In paragraph 7(I)(a) of our circular
dated April 5, 2006, referred to above, NBFCs were advised to make
Cash Transaction Reports (CTR) to FIU-India for every month latest by
15th of the succeeding month. It is further clarified that cash
transaction reporting by branches/offices of NBFCs to their Principal
Officer should invariably be submitted on monthly basis (not on fortnightly basis)
and the Principal Officer, in turn, should ensure to submit CTR for
every month to FIU-IND within the prescribed time schedule.
10. In regard to CTR, it is reiterated
that the cut-off limit of Rupees ten lakh is applicable to integrally
connected cash transactions also. Further, after consultation with
FIU-IND, it is clarified that :
a) For determining integrally connected cash transactions, NBFCs should take into account all individual cash transactions in an account during a calendar month,
where either debit or credit summation, computed separately, exceeds
Rupees ten lakh during the month. However, while filing CTR, details of
individual cash transactions below rupees fifty thousand may not be
indicated. Illustration of integrally connected cash transactions is
furnished in Annex-I;
b) CTR should contain only the transactions carried out by the NBFC on behalf of their clients/customers excluding transactions between the internal accounts of the NBFC;
c) All cash transactions, where forged or counterfeit Indian
currency notes have been used as genuine should be reported by the
Principal Officer to FIU-IND immediately in the format (Counterfeit
Currency Report – CCR) as per Annex-II. Electronic data structure has been furnished in Annex-IV
to enable NBFCs to generate electronic CCRs. These cash transactions
should also include transactions where forgery of valuable security or
documents has taken place and may be reported to FIU-IND in plain text
form.
11. As stated in paragraph 4 of the Guidelines on KYC Norms/AML Measures annexed to our circular DNBS(PD). CC 48 /10.42/2004-05 dated February 21, 2005,
NBFCs are required to pay special attention to all complex, unusual
large transactions and all unusual patterns of transactions, which have
no apparent economic or visible lawful purpose. It is further
clarified that the background including all documents/office
records/memorandums pertaining to such transactions and purpose thereof
should, as far as possible, be examined and the findings at branch as
well as Principal Officer level should be properly recorded. These
records are required to be preserved for ten years as is required under
PMLA, 2002. Such records and related documents should be made
available to help auditors in their work relating to scrutiny of
transactions and also to Reserve Bank/other relevant authorities.
12. In paragraph 7 of our April 5, 2006
circular, NBFCs have been advised that the customer should not be
tipped off on the STRs made by them to FIU-IND. It is likely that in
some cases transactions are abandoned/ aborted by customers on being
asked to give some details or to provide documents. It is clarified
that NBFCs should report all such attempted transactions in STRs, even if not completed by customers, irrespective of the amount of the transaction.
13. While making STRs, NBFCs should be guided by the definition of 'suspicious transaction' as contained in Rule 2(g) of Rules ibid.
It is further clarified that NBFCs should make STRs if they have
reasonable ground to believe that the transaction involve proceeds of
crime generally irrespective of the amount of transaction and/or the threshold limit envisaged for predicate offences in part B of Schedule of PMLA, 2002.
14. In the context of creating KYC/AML
awareness among the staff and for generating alerts for suspicious
transactions, NBFCs may consider the indicative list of suspicious
activities contained in Annex-V.
15. Prevention of
Money-laundering (Maintenance of Records of the Nature and Value of
Transactions, the Procedure and Manner of Maintaining and Time for
Furnishing Information and Verification and Maintenance of Records of
the Identity of the Clients of the Banking Companies, Financial
Institutions and Intermediaries) Amendment Rules, 2009/10 - Obligation
of banks/Financial institutions
Government of India vide its Notification
No.13/2009/F.No.6/8/2009-ES dated November 12, 2009, subsequently vide
Notification February 12, 2010 and June 16,2010 has amended the
Prevention of Money-laundering (Maintenance of Records of the Nature
and Value of Transactions, the Procedure and Manner of Maintaining and
Time for Furnishing Information and Verification and Maintenance of
Records of the Identity of the Clients of the Banking Companies,
Financial Institutions and Intermediaries) Rules, 2005. NBFCs and RNBCs
were advised to study details of notification and the amendments
clearly noted and spread across their organisation and to strictly
follow the amended provisions of PMLA Rules and ensure meticulous
compliance with these Rules.
In terms of paragraph 2 of Annex vi of the Master Circular DNBC(PD)CC No 231/03.10.42 / 2011 -12 dated July 01, 2011
on Know Your Customer (KYC) norms /Anti-Money Laundering (AML)
standards/Combating of Financing of Terrorism (CFT)/Obligation of banks
under PMLA, 2002, NBFCs are required to prepare a risk profile of each
customer and apply enhanced due diligence measures on higher risk
customers. Some illustrative examples of customers requiring higher due
diligence have also been provided in the paragraph under reference.
Further, paragraph 5 of Annex vi of the Master Circular requires NBFCs
to put in place policies, systems and procedures for risk management
keeping in view the risks involved in a transaction, account or
banking/business relationship.
The Government of India had constituted a National Money
Laundering/Financing of Terror Risk Assessment Committee to assess
money laundering and terror financing risks, a national AML/CFT strategy
and institutional framework for AML/CFT in India. Assessment of risk
of Money Laundering /Financing of Terrorism helps both the competent
authorities and the regulated entities in taking necessary steps for
combating ML/FT adopting a risk-based approach. This helps in judicious
and efficient allocation of resources and makes the AML/CFT regime
more robust. The Committee has made recommendations regarding adoption
of a risk-based approach, assessment of risk and putting in place a
system which would use that assessment to take steps to effectively
counter ML/FT. The recommendations of the Committee have since been
accepted by the Government of India and needs to be implemented.
Accordingly, NBFCs should take steps to identify and assess their
ML/FT risk for customers, countries and geographical areas as also for
products/ services/ transactions/delivery channels, in addition to
what has been prescribed in our Master Circular dated July 1, 2011,
referred to in paragraph 2 above. NBFCs should have policies, controls
and procedures, duly approved by their boards, in place to effectively
manage and mitigate their risk adopting a risk-based approach as
discussed above. As a corollary, NBFCs would be required to adopt
enhanced measures for products, services and customers with a medium or
high risk rating.
In this regard, Indian Banks' Association (IBA) has taken
initiative in assessment of ML/FT risk in the banking sector. This has
circulated to its member banks on May 18, 2011 and a copy of their
Report on Parameters for Risk Based Transaction Monitoring (RBTM) as a
supplement to their guidance note on Know Your Customer (KYC) norms /
Anti-Money Laundering (AML) standards issued in July 2009, is available
on the IBA website. The IBA guidance also provides an indicative list
of high risk customers, products, services and geographies. NBFCs may
use the same as guidance in their own risk assessment.
2In
order to have an effective implementation of KYC/AML/CFT measures,
NBFCs were advised to put in place a system of periodic review of risk
categorization of customers and updation of customer identification data
in a time-bound manner, and in any case not later than end-March 2013.
17. Prevention of Money
Laundering Act, 2002 - Obligations of NBFCs in terms of Rules notified
thereunder’ - Reporting Format under Project FINnet
Reference was invited to Master Circular No 231 dated July 1,
2011 on 'Know Your Customer' (KYC) Guidelines- Anti Money Laundering
(AML) Standards. In terms of the extant instructions, NBFCs were
required to report information/data relating to Cash and Suspicious
Transactions to the Director, Financial Intelligence Unit-India
(FIU-IND) in the prescribed format.
The present multiple data files reporting format mentioned in
Annex-II and Annex-IV of para 28 c of the Master circular No 291 is
being replaced by a new single XML file format as provided in the
‘Download’ section of the FIU-IND website (http://fiuindia.gov.in).
All NBFCs were requested to carefully go through the revised
reporting format and initiate urgent steps to build capacity to
generate reports, which are compliant with the new reporting XML format
specifications. The exact date of transition from the old reporting
format to the new format will to be communicated separately.
3FIU-IND
had advised vide their letter F.No.9-29/2011-FIU-IND dated August 28,
2012, that all NBFCs should initiate submission of reports on the
FINnet Gateway in ‘TEST MODE’ from August 31, 2012 to test their
ability to upload the report electronically. Such submission in ‘Test
Mode’ would continue till FIU-IND informs the NBFCs about ‘go-live’ of
the project. NBFCs were also required to continue to submit the
existing reports in CD as presently required till further notice.
In terms of PMLA Rules, suspicious transaction should include inter alia
transactions which give rise to a reasonable ground of suspicion that
these may involve financing of the activities relating to terrorism.
NBFCs are, therefore, advised to develop suitable mechanism through
appropriate policy framework for enhanced monitoring of accounts
suspected of having terrorist links and swift identification of the
transactions and making suitable reports to the Financial Intelligence
Unit – India (FIU-IND) on priority.
As and when list of individuals and entities, approved by
Security Council Committee established pursuant to various United
Nations' Security Council Resolutions (UNSCRs), are received from
Government of India, Reserve Bank circulates these to all banks and
financial institutions (including NBFCs). NBFCs should ensure to update
the consolidated list of individuals and entities as circulated by
Reserve Bank. Further, the updated list of such individuals/entities
can be accessed in the United Nations website at http://www.un.org/sc/committees/1267/consolist.shtml.
NBFCs are advised that before opening any new account it should be
ensured that the name/s of the proposed customer does not appear in the
list. Further, NBFCs should scan all existing accounts to ensure that
no account is held by or linked to any of the entities or individuals
included in the list. Full details of accounts bearing resemblance with
any of the individuals/entities in the list should immediately be
intimated to RBI and FIU-IND.
2. It may be appreciated that KYC norms/AML standards/CFT
measures have been prescribed to ensure that criminals are not allowed
to misuse the banking/financial channels. It would, therefore, be
necessary that adequate screening mechanism is put in place by NBFCs as
an integral part of their recruitment/hiring process of personnel.
3. In the context of creating KYC/AML awareness among the staff
and for generating alerts for suspicious transactions, NBFCs may
consider the indicative list of suspicious activities contained in Annex-V of the CC No.126 dated August 05, 2008.
Countries which do not or insufficiently apply the FATF recommendations.
Financial Action Task Force (FATF) has issued several Statements
on risks arising from the deficiencies in AML/CFT regime of various
countries for example Uzbekistan, Iran, Pakistan, Turkmenistan, Sao
Tome and Principe on etc. which are updated from time to time. All
NBFCs/RNBCs were accordingly advised to consider the information
contained in the statements issued by FATF which however, does not
preclude financial institutions from legitimate trade and business
transactions with the countries and jurisdictions mentioned in the
statement.
NBFCs were advised to take into account risks arising from the
deficiencies in AML/CFT regime of the jurisdictions included in the
FATF Statement. It was further advised that NBFCs should, in addition
to FATF Statements circulated by Reserve Bank of India from time to
time, also consider publicly available information for identifying such
countries, which do not or insufficiently apply the FATF
Recommendations. NBFCs should give special attention to business
relationships and transactions with persons (including legal persons
and other financial institutions) from or in these countries.
Monitoring
In terms of paragraph 4 of Annex-VI of the Master Circular No 184
dated July 1, 2010, ongoing monitoring is an essential element of
effective KYC procedures. It is advised that NBFCs should examine the
background and purpose of transactions with persons (including legal
persons and other financial institutions) from jurisdictions included
in FATF Statements and countries that do not or insufficiently apply
the FATF Recommendations. Further, if the transactions have no apparent
economic or visible lawful purpose, the background and purpose of such
transactions should, as far as possible be examined, and written
findings together with all documents be retained and made available to
Reserve Bank/other relevant authorities, on request.
NBFCs were advised to apply enhanced due diligence measures on
high risk customers. Some illustrative examples of customers requiring
higher due diligence were also given in the paragraph under reference.
NBFCs were further advised that in view of the risks involved in cash
intensive businesses, accounts of bullion dealers(including
sub-dealers) and jewelers should also be categorized by NBFCs as ‘high
risk’ requiring enhanced due diligence.
Ongoing monitoring is an essential element of effective KYC
procedures. It was advised that NBFCs are also required to subject
these ‘high risk accounts’ to intensified transaction monitoring. High
risk associated with such accounts should be taken into account by NBFCs
to identify suspicious transactions for filing Suspicious Transaction
Reports (STRs) to FIU-ND.
With a view to preventing NBFCs from being used, intentionally or
unintentionally, by criminal elements for money laundering or
terrorist financing activities, Reserve Bank of India had issued
guidelines on Know Your Customer (KYC) norms/Anti-Money Laundering
(AML) standards/ Prevention of Money Laundering Act, 2002 that are
consolidated in the Master Circular DNBS (PD) CC No 184/03.10.42 / 2010-11 dated July 01, 2010.
It was brought to the notice of NBFCs /RNBCs that “Money mules” can be used to launder the proceeds of fraud schemes (e.g., phishing
and identity theft) by criminals who gain illegal access to deposit
accounts by recruiting third parties to act as “money mules.” In some
cases these third parties may be innocent while in others they may be
having complicity with the criminals.
NBFCS were advised to strictly adhere to the guidelines on
KYC/AML/CFT issued from time to time and to those relating to
periodical updation of customer identification data after the account
is opened and also to monitoring of transactions in order to protect
themselves and their customers from misuse by such fraudsters. NBFCs
were also advised to ensure that their accounts in banks are not used
for the purpose of money laundering in the manner specified above.
Ozg NBFC Consultant
Ozg Center | Delhi | Mumbai | Chennai | Bangalore | Kolkata
Back Office Phone # 09811415831-37-61-72-84-92-94