Revised as per statutory requirements of RBI Master Direction RBI/DNBR/2016-17/45 _
DNBS (PD).008/ 03.10.119 / 2016-17 dated 01st September, 2016
Reserve Bank of India (RBI) and Securities and Exchange Board of India (SEBI) has been issuing guidelines on Know
Your Customer (KYC) norms, norms/Anti-Money Laundering (AML) standards/Combating Financing of Terrorism
(CFT)/Obligations of NBFCs under PMLA, 2002 and measures to be taken in this regard.
NBFCs are required to ensure that a proper policy framework on ‘Know Your Customer’ and Anti-Money Laundering
measures with the approval of the Board is formulated and put in place. This policy document has been prepared in
line with the RBI/ SEBI guidelines. As a part of the policy, the Company shall ensure that the information collected
from the customer for the purpose of opening of account is kept as confidential and shall not divulge any details
thereof for cross selling or any other purposes. The Company shall, therefore, ensure that the information sought
from the customer is relevant to the perceived risk, is not intrusive, and is in conformity with the guidelines
issued by RBI/ SEBI. Any other information from the customer should be sought separately with his /her consent after
opening the account.
Money Laundering is any transaction or series of transactions undertaken to conceal or disguise the nature and source of funds that have been obtained from illegal activity. The main objective of the money launderer is to transform ‘dirty’ money into seemingly clean money or other assets in a way to leave as little trace as possible of the transformation.
This Policy represents the basic standards of Anti-Money Laundering and Combating Terrorism Financing (hereinafter collectively referred to as AML). Changes in the Policy will become effective upon approval by the Board of Directors of the Company. All relevant employees must be thoroughly familiar or made familiar with it and make use of the material contained in this Policy.
The primary objective of the policy is to prevent the Company from being used, intentionally or unintentionally, by criminal elements for money laundering activities or terrorist financing activities.
For the purpose of KYC policy a ‘Customer’ means a person defined under KYC policy of RBI/ SEBI and any amendment from time to time by RBI / SEBI which are at present as under:
Client Due Diligence is the main part of the policy and includes following:
Considering the potential threat of usage of the financial services by a money launderer, it is essential to make reasonable efforts to determine the true identity of clients. The Company has put in place effective procedures to obtain requisite details for proper identification of new customers.
Customer Acceptance Policy requires all customers to fill in the KYC Form to capture the relevant data for all categories of customers and provide supporting documents as given in the forms as a part of customer identification process / KYC.
The Company takes reasonable measures to verify the sources of funds as well as wealth of the clients and ensures that they are routed through proper banking channels. It takes reasonable steps to ensure that funds are received from clients through their bank account registered with the Company and payment to the client is made through ‘Account Payee’ cheque and/ or direct credit to the client bank account registered with it. The Company neither accepts cash from its clients nor gives cash to its clients. As per RBI directive, the Company gets banker’s certificate whenever a client gives demand draft.
Customer identification means identifying the customer and verifying his/her identity by using reliable, independent source documents, data or information. The Company shall obtain sufficient information necessary to verify the identity of each new customer along brief details of its promoters and management, whether regular or occasional and the purpose of the intended nature of business relationship.
The following precautions are taken by the Company in order to ascertain that accounts are not misused by the clients or by any third parties for money laundering activities:
The requirement as mentioned herein may be moderated according to the risk perception like in the case of a public specially listed company it will not be necessary to identify all the shareholders. The Company shall periodically update customer identification data after the transaction is completed and review it yearly.
The identification of beneficial ownership has to be done by the compliance department for all existing clients and all new clients shall be accepted only after verifying that the client is a non individual whether company/partner/unincorporated association/body of individuals on the parameters stated below:
The intention is to identify the identity of the natural person, who, whether acting alone or together or through one or more juridical person exercises control through ownership or who ultimately has controlling ownership interest. However, where the client or owner of controlling interest is a company listed on a recognized stock exchange or is a majority-owned subsidiary of such a company identification of the beneficial owner of such companies is not required.
The Company accepts the clients based on the risk they are likely to pose. For this purpose, it categorizes the clients under low risk, medium risk and high risk category based on appropriate Customer Due Diligence process. Risk Profiling of Customers is done on the basis of Yearly Income Declaration given by the Client, and /or on the basis of Capital/ Reserves/ Profits earned during the year and is periodically reviewed.
Monitoring of transactions will be conducted taking into consideration the risk profile of the account. The Company shall make endeavors to understand the normal and reasonable activity of the customer so that the transactions that fall outside the regular/pattern of activity can be identified.
The Company shall carry out the periodic review of risk categorization of transactions/customers and the need for applying enhanced due diligence measures at a periodicity of not less than once in six months.
The Company shall explore the possibility of validating the new accounts opening application with various watch lists available in public domain, including RBI/ SEBI watch list. After due diligence, any transactions or suspicious nature will be duly reported by Principal Officer to Director, Financial Intelligence Unit- India (FIU_IND).
The Company does not put any restriction on operation in the accounts of any client where an STR has been made and the same has been reported to FIU-IND. It is also prohibited from disclosing the same to the client for whom the STRs have been reported to FIU-IND. However, in exceptional circumstances consent is not to be given to continue to operate the account, and transaction may be suspended.
To ensure monitoring and reporting of all transactions and sharing of information as required under the law for KYC, Board may nominate any Director any other officer(s) duly authorized by the Board of Directors to be designated as the Company’s Principal Officer with respect to KYC/ AML/ CFT. The Company shall at the same time ensure the following:
The Government of India issued a Notification No. 14/2010/F.No. 6/2/2007-ES dated December 16, 2010 which recognises the letter issued by Unique Identification Authority of India (UIDAI) containing details of name, address and Aadhaar number, as an officially valid document as contained in Rule 2(1)(d) of the PML Rules, 2005.
The Company shall accept the letter issued by the (UIDAI) as an officially valid document for opening of accounts. Attention is invited to Annex VI para 3 of Master Circular No 231 dated July 1, 2011 on KYC/AML/PMLA dealing with customer identification. However, while opening accounts based on Aadhaar also, the Company must satisfy itself about the current address of the customer by obtaining required proof of the same.
Detailed guidelines on Customer Due Diligence (CDD) measures to be made applicable to Politically Exposed Person (PEP) and their family members or close relatives are contained in Annex VII to the Master Circular No.151/03.10.42/2009-10 dated July 1, 2009. In the event of an existing customer or the beneficial owner of an existing account, subsequently becoming a PEP, the Company shall obtain senior management approval to continue the business relationship and subject the account to the CDD measures as applicable to the customers of PEP category including enhanced monitoring on an ongoing basis.
The above instructions are also applicable to accounts where PEP is the ultimate beneficial owner. Further, in regard to PEP accounts, it is reiterated that the Company should have appropriate ongoing risk management procedures for identifying and applying enhanced CDD to PEPs, customers who are close relatives of PEPs, and accounts of which PEP is the ultimate beneficial owner. In the event of an existing customer or the beneficial owner of an existing account, subsequently becoming a PEP, the Company shall obtain senior management approval to continue the business relationship and subject the account to the CDD measures as applicable to the customers of PEP category including enhanced monitoring on an ongoing basis.
For undertaking CDD, the Company shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity:
Provided that where the customer has submitted,
Provided further that in case e-KYC authentication cannot be performed for an individual desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 owing to injury, illness or infirmity on account of old age or otherwise, and similar causes, the Company shall, apart from obtaining the Aadhaar number, perform identification preferably by carrying out offline verification or alternatively by obtaining the certified copy of any other OVD or the equivalent e-document thereof from the customer. CDD done in this manner shall invariably be carried out by an official of the Company and such exception handling shall also be a part of the concurrent audit as mandated in Section 8. The Company shall ensure to duly record the cases of exception handling in a centralised exception database. The database shall contain the details of grounds of granting exception, customer details, name of the designated official authorising the exception and additional details, if any. The database shall be subjected to periodic internal audit/inspection by the Company and shall be available for supervisory review.
Explanation 1: The Company shall, where its customer submits a proof of possession of Aadhaar Number containing Aadhaar Number, ensure that such customer redacts or blacks out his Aadhaar number through appropriate means where the authentication of Aadhaar number is not required as per proviso (i) above.
Explanation 2: Biometric based e-KYC authentication can be done by bank official/business correspondents/business facilitators.
Explanation 3: The use of Aadhaar, proof of possession of Aadhaar etc., shall be in accordance with the Aadhaar (Targeted Delivery of Financial and Other Subsidies Benefits and Services) Act, 2016 and the regulations made thereunder.
The Company may undertake live V-CIP, to be carried out by an official of the Company, for establishment of an account based relationship with an individual customer, after obtaining his informed consent and shall adhere to the following stipulations:
In case a person who desires to open an account is not able to produce documents, as specified in Section 16, NBFCs may at their discretion open accounts subject to the following conditions:
KYC verification once done by one branch/office of the Company shall be valid for transfer of the account to any other branch/office of the same Company, provided full KYC verification has already been done for the concerned account and the same is not due for periodic updation.
Explanation: Unregistered trusts/partnership firms shall be included under the term ‘unincorporated association’.
Explanation: Term ‘body of individuals’ includes societies.
The Company shall follow its internal guidelines for customer identification procedure of legal entities as may be framed by it based on its experience of dealing with such entities, normal lenders prudence and the legal requirements as per established practices. If the Company decides to accept such accounts in terms of the Customer Acceptance Policy, the Company shall take reasonable measures to identify the beneficial owner(s) and verify his / her / their identity in a manner so that it is satisfied that it knows who the beneficial owner(s) is /are.
In case of accounts of proprietorship concerns, apart from following the extant guidelines on customer identification procedure as applicable to the proprietor, the Company should call for and verify the following documents before opening of accounts in the name of a proprietary concern:
(i) Proof of the name, address and activity of the concern, like registration certificate (in the case of a registered concern), certificate/licence issued by the Municipal authorities under Shop & Establishment Act, sales and income tax returns, CST / VAT certificate, certificate / registration document issued by Sales Tax / Service Tax/ Professional Tax authorities, etc.
(ii) Any registration / licensing document issued in the name of the proprietary concern by the Central Government or State Government Authority/ Department. The Company may also accept IEC (Importer Exporter Code) issued to the proprietary concern by the office of DGFT as an identity document for opening of account.
(iii) The complete Income Tax return (not just the acknowledgement) in the name of the sole proprietor where the firm’s income is reflected, duly authenticated/acknowledged by the Income Tax Authorities.
(iv) Utility bills such as electricity, water, and landline telephone bills in the name of the proprietary concern.
(v) Any two of the above documents would suffice. These documents should be in the name of the proprietary concern.
FINANCIAL INTELLIGENCE UNIT (FIU)-INDIA The Government of India has set up FINANCIAL INTELLIGENCE UNIT (FIU) –INDIA on November 18, 20o4 as an independent body to report directly to the Economic Intelligence Council (EIC) headed by Finance Minister. FIU-IND has been established as the central national agency responsible for receiving, processing, analyzing and disseminating information related to suspect financial transactions. FIU-IND is also responsible for coordinating and stretching efforts of national and international intelligence and enforcement agencies in pursuing the global efforts against money laundering and related crimes.
APPOINTMENT OF PRINCIPAL OFFICER
The Company has appointed Ms. Shivangi Gupta as the Principal Officer under the provisions of PMLA and has intimated his name and contact details to FIU-IND. The role and responsibilities of the Principal Officer has been detailed therein. With a view to enable the Principal Officer to discharge his responsibilities, the Company is required to ensure that the Principal Officer and other appropriate staff should have timely access to customer identification data and other CDD information, transaction records and other relevant information. Further, the company should ensure that the Principal Officer is able to act independently and report directly to the senior management or to the Board of Directors. It was clarified that the role and responsibilities of the Principal Officer should include overseeing and ensuring overall compliance with regulatory guidelines on KYC/AML/CFT issued from time to time and obligations under the Prevention of Money Laundering Act, 20o2, rules and regulations made there under, as amended form time to time.
Principal Officer(s) for KYC will act independently and report directly to the concerned Director or to the Board of Directors. If the Directors have been appointed as Principal Officer(s), the role and responsibilities of the Principal Officer(s) would include overseeing and ensuring overall compliance with regulatory guidelines on KYC/AML/CFT issued from time to time and obligations under the Prevention of Money Laundering Act, 20o2, rules and regulations made there under, as amended form time to time.
• RESPONSIBILITIES OF PRINCIPAL OFFICER:
The Principal Officer ensures that:
→The PMLA guidelines and the Board approved PMLA Policy is implemented effectively by the Company
→The identification and assessment of potentially suspicious transactions are done on regular basis
→The Company reports the suspicious transactions to the concerned authorities within the specified time as per the PMLA Policy
→The Company is regularly updated regarding any changes /additions/modifications in PMLA provisions.
→The Company responds promptly to any request for information including KYC related information made by the regulators, FIU –IND and other statutory authorities. Any other responsibilities assigned to Director or any other official authorized Director with respect to the implementation of PMLA guidelines issued by RBI from time to time.
→The collection of data on the borrower side would be the primary responsibility of Principal Officer and the required data as per prescribed formats KYC Forms in this policy shall be collected. To ensure monitoring of KYC Guidelines, the record of borrowers shall be updated annually or in case there is any change in the structure of entity within a reasonable period.
ON- GOING DUE DILIGENCE
The Company shall undertake on-going due diligence of customers to ensure that their transactions are consistent with their knowledge about the customers, customers’ business and risk profile; and the source of funds.
Without prejudice to the generality of factors that call for close monitoring following types of transactions shall necessarily be monitored:
a. Large and complex transactions including RTGS transactions, and those with unusual patterns, inconsistent with the normal and expected activity of the customer, which have no apparent economic rationale or legitimate purpose.
b. Transactions which exceed the thresholds prescribed for specific categories of accounts.
c. High account turnover inconsistent with the size of the balance maintained.
d. Deposit of third party cheques, drafts, etc. in the existing and newly opened accounts followed by cash withdrawals for large amounts.
The extent of monitoring shall be aligned with the risk category of the customer. Explanation:
High risk accounts have to be subjected to more intensified monitoring.
a. A system of periodic review of risk categorization of accounts, with such periodicity being at least once in six months, and the need for applying enhanced due diligence measures shall be put in place.
b. The transactions in accounts of marketing firms, especially accounts of Multi-level Marketing (MLM) Companies shall be closely monitored.
Explanation: Cases where a large number of cheque b00ks are sought by the company and/or multiple small deposits (generally in cash) across the country in one bank account and/or where a large number of cheques are issued bearing similar amounts/dates, shall be immediately reported to Reserve Bank of India and other appropriate authorities such as FIUIND.
PERIODIC UPDATION
Periodic updation shall be carried out at least once in year for high risk customers, once in every eight years for medium risk customers and once in every ten years for low risk customers as per the following procedure:
(a) The Company shall carry out
i. CDD, as specified in Section 16, at the time of periodic updation. However, in case of low risk customers when there is no change in status with respect to their identities and addresses, a self-certification to that effect shall be obtained.
ii. In case of Legal entities, the Company shall review the documents sought at the time of opening of account and obtain fresh certified copies.
Provided, the Company shall ensure that KYC documents are available with them.
(b) The Company may not insist on the physical presence of the customer for the purpose of furnishing OVD or furnishing consent for Aadhaar authentication/Offline Verification unless there are sufficient reasons that physical presence of the account holder/holders is required to establish their bona-fides. Normally, OVD/Consent forwarded by the customer through mail/post, etc., shall be acceptable.
(c) The Company shall ensure to provide acknowledgment with date of having performed KYC updation.
(d) The time limits prescribed above would apply from the date of opening of the account/ last verification of KYC.
In case of existing customers, the Company shall obtain the Permanent Account Number or equivalent e-document thereof or Form No.6o, by such date as may be notified by the Central Government, failing which the Company shall temporarily cease operations in the account till the time the Permanent Account Number or equivalent e-documents thereof or Form No. 6o is submitted by the customer.
Provided that before temporarily ceasing operations for an account, the Company shall give the customer an accessible notice and a reasonable opportunity to be heard. Further, the Company shall include, in its internal policy, appropriate relaxation(s) for continued operation of accounts for customers who are unable to provide Permanent Account Number or equivalent e-document thereof or Form No. 6o owing to injury, illness or infirmity on account of old age or otherwise, and such like causes. Such accounts shall, however, be subject to enhanced monitoring.
Provided further that if a customer having an existing account-based relationship with the Company gives in writing that he does not want to submit his Permanent Account Number or equivalent e-document thereof or Form No.6o, the Company shall close the account and all obligations due in relation to the account shall be appropriately settled after establishing the identity of the customer by obtaining the identification documents as applicable to the customer.
Explanation – For the purpose of this Section, “temporary ceasing of operations” in relation an account shall mean the temporary suspension of all transactions or activities in relation to that account by the Company till such time the customer complies with the provisions of this Section. In case of asset accounts such as loan accounts, for the purpose of ceasing the operation in the account, only credits shall be allowed.
SIMPLIFIED KYC NORMS FOR FOREIGNPORTFOLIOINVESTORS(FPIs)
Accounts of FPIs which are eligible/ registered as per SEBI guidelines, for the purpose of investment under Portfolio Investment Scheme (PIS), shall be opened by accepting KYC documents as detailed in Annex II, subject to Income Tax (FATCA/CRS) Rules.
Provided that banks shall obtain undertaking from FPIs or the Global Custodian acting on behalf of the FPI that as and when required, the exempted documents as detailed in Annex II will be submitted.
SUSPICION OF MONEY LAUNDERING/TERRORIST FINANCING To prevent the Company from being used, intentionally or unintentionally, by criminal elements for money laundering or terrorist financing, it was clarified that whenever there is suspicion of money laundering or terrorist financing or when other factors give rise to a belief that the customer does not, in fact, pose a low risk, the Company shall carry out full scale customer due diligence (CDD) before opening an account.
FILING OF SUSPICIOUS TRANSACTIONREPORT(STR)
The Company should not open an account (or should consider closing an existing account) when it is unable to apply appropriate CDD measures. In the circumstances when the Company believes that it would no longer be satisfied that it knows the true identity of the account holder, the Company should also file an STR with FIU-IND.
OBLIGATIONS OF NBFCS IN TERMS OF RULESNOTIFIEDUNDER PREVENTION OF MONEY LAUNDERINGACT, 20o21. The Company shall in place a system of internal reporting of suspicious transactions and cash transactions of Rs.10 lakh and above. The Company shall ensure the preservation and reporting of customer account information. It shall take all steps considered necessary to ensure compliance with the requirements of section 12 of the Act ibid as per the provisions of PMLA, 20o2 and the Rules notified there under.
2. MAINTENANCE OF RECORDS OF TRANSACTIONS
The Company shall introduce a system of maintaining proper record of transactions as mentioned below:
(i) all cash transactions of the value of more than rupees ten lakh or its equivalent in foreign currency;
(ii) all series of cash transactions integrally connected to each other which have been valued below rupees ten lakh or its equivalent in foreign currency where such series of transactions have taken place within a month and the aggregate value of such transactions exceeds rupees ten lakh;
(iii) all cash transactions where forged or counterfeit currency notes or bank notes have been used as genuine and where any forgery of a valuable security has taken place;
(iv) all suspicious transactions whether or not made in cash and in manner as mentioned in the Rules framed by Government of India under the Prevention of Money Laundering Act , 20o2.
3. INFORMATION TO BE PRESERVED
The Company shall maintain the following information in respect of transactions:
(i) the nature of the transactions;
(ii) the amount of the transaction and the currency in which it was denominated;
(iii) the date on which the transaction was conducted; and
(iv) the parties to the transaction.
4. MAINTENANCE AND PRESERVATIONOF RECORDSPMLA stipulates that the Company should take appropriate steps to evolve a system for proper maintenance and preservation of account information in a manner that allows data to be retrieved easily and quickly whenever required or when requested by the competent authorities. Further, the Company should maintain for at least ten years from the date of cessation of transaction between itself and the client, all necessary records of transactions, both domestic or international, which will permit reconstruction of individual transactions (including the amounts and types of currency involved if any) so as to provide, if necessary, evidence for prosecution of persons involved in criminal activity. In cases where the records relate to on- going investigations or transactions that have been a subject of a suspicious transaction reporting, they should be retained until it is confirmed that the case has been closed.
– In view of this, the Company maintains the records in terms of the provisions of PMLA. The retention period is modified on receiving appropriate instructions from any regulatory authority like RBI, SEBI, FIU-IND or any other statutory authority.
– Records must be kept of all documents obtained for the purpose of identification and all transaction data as well as other information related to money laundering matters in accordance with the applicable Anti Money Laundering Laws.
– The Company should ensure that records pertaining to the identification of the customer and his address (e.g. copies of documents like passports, identity cards, driving licenses, PAN, utility bills etc.) obtained while opening the account and during the course of business relationship, are properly preserved for at least ten years after the business relationship is ended. The identification records and transaction data should be made available to the competent authorities upon request.
5. REPORTING TO FINANCIAL INTELLIGENCEUNIT-INDIA In terms of the PMLA rules, the Company is required to report information relating to cash and suspicious transactions to the Director, Financial Intelligence Unit-India (FIU-IND) at the following address:
Director, FIU,
Financial Intelligence Unit-India,
6th Fl00r, Hotel Samrat,
Chanakyapuri,
New Delhi-110o21
I) The Company take into record all the reporting formats as enclosed with the above RBI Master Circular dated July 1, 2013. There are altogether five reporting formats prescribed for a banking company viz. i) Manual reporting of cash transactions ii) Manual reporting of suspicious transactions iii) Consolidated reporting of cash transactions by Principal Officer of the bank iv) Electronic data structure for cash transaction reporting and v) Electronic data structure for suspicious transaction reporting.
The reporting formats contain detailed guidelines on the compilation and manner/procedure of submission of the reports to FIU-IND. The Company shall adopt the format prescribed for banks with suitable modifications. The Company shall initiate urgent steps to ensure electronic filing of cash transaction report (CTR) as early as possible. However, as the Company is not in a position to immediately file electronic reports, it shall file manual reports to FIU-IND. While detailed instructions for filing all types of reports are given in the instructions part of the related formats, the Company should scrupulously adhere to the following:
(a) The cash transaction report (CTR) for each month should be submitted to FIU-IND by 15th of the succeeding month. While filing CTR, individual transactions below rupees fifty thousand may not be included;
(b) The Suspicious Transaction Report (STR) should be furnished within 7 days of arriving at a conclusion that any transaction, whether cash or non cash, or a series of transactions integrally connected are of suspicious nature. The Principal Officer should record his reasons for treating any transaction or a series of transactions as suspicious. It should be ensured that there is no undue delay in arriving at such a conclusion once a suspicious transaction report is received from a branch or any other office. Such report should be made available to the competent authorities on request;
(c) The Principal Officer shall be responsible for timely submission of CTR and STR to FIUIND;
(d) Utmost confidentiality should be maintained in filing of CTR and STR with FIU-IND. The reports may be transmitted by speed/ registered post, fax, email at the notified address;’
(e) It should be ensured that the reports for all the branches are filed in one mode i.e. electronic or manual;
(f) A summary of cash transaction report for the Company as a whole may be compiled by the Principal Officer of the Company in physical form as per the format specified. The summary should be signed by the Principal Officer and submitted both for manual and electronic reporting.
6. The Company may not put any restrictions on operations in the accounts where an STR has been made. However, it should be ensured that there is no tipping off to the customer at any level.
7. The Company shall pay special attention to all complex, unusual large transactions and all unusual patterns of transactions, which have no apparent economic or visible lawful purpose. It is further clarified that the background including all documents/office records/memorandums pertaining to such transactions and purpose thereof should, as far as possible, be examined and the findings at branch as well as Principal Officer level should be properly recorded. These records are required to be preserved for ten years as is required under PMLA, 20o2. Such records and related documents should be made available to help auditors in their work relating to scrutiny of transactions and also to Reserve Bank/other relevant authorities.
8. The Company shall ensure that the customer is not being tipped off on the STRs made by it to FIU-IND. It is likely that in some cases transactions are abandoned/ aborted by customers on being asked to give some details or to provide documents. The Company should report all such attempted transactions in STRs, even if not completed by customers, irrespective of the amount of the transaction.
9. While making STRs, the Company should be guided by the definition of ‘suspicious transaction’ as contained in Rule 2(g) of Rules ibid. The Company should make STRs if they have reasonable ground to believe that the transaction involve proceeds of crime generally irrespective of the amount of transaction and/or the threshold limit envisaged for predicate offences in part B of Schedule of PMLA, 20o2 .
10. In the context of creating KYC/AML awareness among the staff and for generating alerts for suspicious transactions, NBFCs may consider the indicative list of suspicious activities contained in Annex-V of the RBI Circular No. DNBS (PD) CC No.339 /o3.10.42/ 2013-14 dated 1 July, 2013.
CLOSURE OF ACCOUNTS/TERMINATIONOFFINANCING/BUSINESS RELATIONSHIP Where the Company is unable to apply appropriate KYC measures due to non furnishing of information and/or non-operation by the customer, it shall terminate Financing/Business Relationship after issuing due notice to the customer explaining the reasons for taking such a decision. Such decision shall be taken with the approval of Board of Directors or Principal Officer.
CONFIDENTIALITY OF INFORMATION Information collected from the Customers shall be treated as confidential and details thereof are not to be divulged for cross selling or any other like purposes. The Company shall therefore, ensure that information sought from the Customer is relevant to the perceived risk, is not intrusive and is in conformity with the guidelines issued by RBI/ SEBI in this regard.
GRIEVANCE REDRESSAL MECHANISM In order to provide the best service to its customers and to satisfy their demands the Company shall form a Grievance Redressal Committee and lay down appropriate Grievance Redressal Mechanism within the organization. The main function of this committee is to hear the grievances of the clients and address the same. The Board shall maintain the policy of reviewing the compliances of the adopted Fair Practice Code on a periodical basis.
OTHER PROVISIONS
The Board shall not interfere in the workings of the borrower unless it affects the arrangement entered into with the Company and or some breaches have been found. It shall not harass its borrowers unduly and shall stick to the terms and conditions for the recovery of loans and for any other miscellaneous purposes.
FREEZING OF ASSETS UNDER SECTION51AOFUNLAWFULACTIVITIES (PREVENTION) ACT, 1967
The procedure laid down in the UAPA Order dated March 14, 2019 shall be strictly followed and meticulous compliance with the Order issued by the Government shall be ensured.
CDD PROCEDURE AND SHARING KYC INFORMATIONWITHCENTRAL KYC RECORDS REGISTRY (CKYCR)
The Company shall capture the KYC information for sharing with the CKYCR in the manner mentioned in the Rules, as required by the revised KYC templates prepared for ‘individuals’ and ‘Legal Entities’ as the case may be. Government of India has authorized the Central Registry of Securitization Asset Reconstruction and Security Interest of India (CERSAI), to act as, and to perform the functions of the CKYCR vide Gazette Notification No. S.O. 3183(E) dated November 26, 2015.
REPORTING REQUIREMENT UNDER FOREIGNACCOUNTTAXCOMPLIANCE ACT (FATCA) AND COMMONREPORTINGSTANDARDS (CRS)
Under FATCA and CRS, the Company shall adhere to the provisions of Income Tax Rules 114F, 114G and 114H and determine whether they are a Reporting Financial Institution as defined in Income Tax Rule 114F and if so, shall take following steps for complying with the reporting requirements:
(a) Register on the related e-filling portal of Income Tax Department as Reporting Financial Institutions at the link https://incometaxindiaefiling.gov.in/ post login –> My Account –> Register as Reporting Financial Institution,
(b) Submit online reports by using the digital signature of the ‘Designated Director’ by either uploading the Form 61B or ‘NIL’ report, for which, the schema prepared by Central Board of Direct Taxes (CBDT) shall be referred to.
Explanation: The Company shall refer to the spot reference rates published by Foreign Exchange Dealers’ Association of India (FEDAI) on their website at http://www.fedai.org.in/RevaluationRates.aspx for carrying out the due diligence procedure for the purposes of identifying reportable accounts in terms of Rule 114H.
(c) Develop Information Technology (IT) framework for carrying out due diligence procedure and for recording and maintaining the same, as provided in Rule 114H.
(d) Develop a system of audit for the IT framework and compliance with Rules 114F, 114G and 114H of Income Tax Rules.
(e) Constitute a “High Level Monitoring Committee” under the Designated Director or any other equivalent functionary to ensure compliance.
(f) Ensure compliance with updated instructions/ rules/ guidance notes/ Press releases/ issued on the subject by Central Board of Direct Taxes (CBDT) from time to time and available on the web site http://www.incometaxindia.gov.in/Pages/default.aspx. The Company may take note of the following:
i. updated Guidance Note on FATCA and CRS
ii. a press release on ‘Closure of Financial Accounts’ under Rule 114H (8)
MONEY LAUNDERING AND TERRORIST FINANCINGRISKASSESSMENT:
(a) The Company shall carry out ‘Money Laundering (ML) and Terrorist Financing (TF) Risk Assessment’ exercise periodically to identify, assess and take effective measures to mitigate its money laundering and terrorist financing risk for clients, countries or geographic areas, products, services, transactions or delivery channels, etc.
(b) The assessment process should consider all the relevant risk factors before determining the level of overall risk and the appropriate level and type of mitigation to be applied. While preparing the internal risk assessment, the Company shall take cognizance of the overall sector-specific vulnerabilities, if any, that the regulator/supervisor may share with the Company from time to time.
(c) The risk assessment by the Company shall be properly documented and be proportionate to the nature, size, geographical presence, complexity of activities/structure, etc. Further, the periodicity of risk assessment exercise shall be determined by the Board of the Company, in alignment with the outcome of the risk assessment exercise. However, it should be reviewed at least annually.
(d) The outcome of the exercise shall be put up to the Board or any committee of the Board to which power in this regard has been delegated, and should be available to competent authorities and self-regulating bodies.
(e) The Company shall apply a Risk Based Approach (RBA) for mitigation and management of the identified risk and should have Board approved policies, controls and procedures in this regard. Further, REs shall monitor the implementation of the controls and enhance them if necessary.
INTRODUCTION OF NEW TECHNOLOGIES – CREDITCARDS/DEBIT CARDS/ SMART CARDS/GIFTCARDS/MOBILEWALLET/ NET BANKING/ MOBILEBANKING/RTGS/NEFT/ECS/IMPS ETC.
Adequate attention shall be paid by the Company to any money-laundering and financing of terrorism threats that may arise from new or developing technologies and it shall be ensured that appropriate KYC procedures issued from time to time are duly applied before introducing new products/services/technologies. Agents used for marketing of credit cards shall also be subjected to due diligence and KYC measures.
CUSTOMER EDUCATION & AWARENESS
To implement AML/CFT measures requires the Company to demand certain information from clients which may be of personal nature or has hitherto never been called for. Such information can include documents evidencing source of funds/income tax returns/bank records etc. This can sometimes lead to raising of questions by the client with regard to the motive and purpose of collecting such information. There is, therefore, a need for the Company to sensitize their clients about these requirements as the ones emanating from AML and CFT framework. It is the duty of the Compliance Officer and Principal Officer including the other senior members to educate the clients for the objective of AML/ CFT program and its needs and seek their full cooperation to implement the same.
UPDATION IN KYC POLICY OF COMPANY
The Board of Directors of the Company shall be authorized to amend/modify the KYC/ AML/ CFT Policy or such other related guidance notes of Company, to be in line with RBI / SEBI or such other statutory authority’s requirements/updates/ amendments time to time.