Beyond KYC Headaches: Building Trust and Security in India's Finances
Chandramouli Mohan 20 April 2024
Have you ever received an SMS or email from your bank informing you that your account is frozen, for want of know-your-customer (KYC) or re-KYC? You are not alone. This has happened to the Moneylife Foundation also.
Mind you, the Reserve Bank of India (RBI) has never directed or suggested to banks and other regulated entities (REs) to freeze the accounts of the customers if they have not completed re-KYC. In a reply to a query filed under the Right to Information (RTI) Act, RBI reveals this information.
Are you annoyed with your mutual fund (MF) or asset management company (AMC) who asked you to complete the KYC process? You are not alone. This has happened to none other than a managing director (MD) of an AMC!
“After three decades in the market and filling every form for KYC over the years including biometric verification (for now abandoned MPIN) my heart aches to receive such an email,” Nilesh Shah, MD of Kotak AMC said, sharing a screenshot of the mail received by him as part of KYC norms for the securities market.
A Glimpse of Hope: FSDC Aims for a Single KYC System 
Imagine the struggle of explaining your life story to every new bank or investment company you deal with. That is the KYC mess we're facing in India right now. But wait, there's a glimmer of hope! The financial stability and development council (FSDC) is looking to streamline KYC norms with a single system  Sounds awesome, right? Well, hold on to your hats.
The Great KYC Divide: Double the Trouble, Half the Fun 
It is like having two different gym memberships you never use! This means double the paperwork, half the fun. India's current KYC framework operates on two distinct fronts: 
SEBI KRAs (KYC registration agencies), established in 2011 under SEBI's jurisdiction to manage KYC for investment purposes, and 
CERSAI CKYC (central registry of securitisation asset reconstruction and security interest - KYC), introduced by the RBI in 2016 to serve as a central repository for KYC details in the banking sector.
Ironically, these systems, intended to streamline KYC processes, exist in isolation.
CKYC (CERSAI) and Its Progress: A Snail's Pace: 
To fall in line with the Prevention of Money Laundering Act (PMLA), RBI has also issued guidelines vide its master directions on KYC vide DBR.AML.BC.No.81/14.01.001/2015-16
The guidelines, including uploading of KYC information of the customers to the central registry – CERSAI, are explained in clause no56 with the heading CDD procedure and sharing KYC information with the central KYC records registry (CKYCR) on pages no48 and 49 of the master directions cited above. 
The following chart shows the customer base vis-a-vis the CKYC records uploaded as of 31 August 2023 of the public sector banks (PSBs). 
Pictorial representation of the above chart
Communication of KIN Number to Customers
RBI has made it mandatory that the KIN (a 14-digit KYC identification number -KIN) number generated at CKYC must be communicated to the customers by SMS, email or letter. In theory, this number empowers individuals by facilitating easy access and serves as a portable KYC. It helps in the sharing of their KYC information with authorised institutions. 
Many banks have confirmed that they have communicated to all the customers who have been allotted KIN by CERSAI. However, the data shows that four banks have a huge gap between the number of KIN allotted and the communications sent to customers. 
Private banks and other REs are not public authorities and, hence, do not come under the RTI Act. When the progress of PSBs is abysmal, we can comprehend what would be the progress in other REs, including private banks.
It is time for RBI and REs to introspect on this abysmal progress after eight years of formation of the CKYC central registry. 
FSDC to the Rescue? Fixing a Broken System
The task before the FSDC is mammoth and they are not expected to and should not reinvent the wheel.
Before we build anew, ask the right questions: Before we jump into the FSDC's plan, let us ask some real questions: Why is following the existing KYC rules so tough? What is stopping institutions from uploading data to CERSAI? Are there tech glitches slowing things down? Can we ditch the old systems altogether and use CERSAI as the one-stop shop? Why haven't regulators been stricter about enforcing the rules?
If we can answer these questions, then we can build a KYC system that is actually useful. Imagine a world where you only submit your KYC details once, and it follows you wherever you go in the financial world. No more paperwork nightmares, just a smooth and secure experience.
The Dream of a Unified KYC: Benefits and Possibilities
Data central:  One source of truth for KYC info. Easy for you, easy for the banks. Regulators get a clearer picture too.
Fraud fighter:  Spot suspicious activity across institutions faster. Those sneaky scammers won't stand a chance.
Learning from fiascos:  Remember the Paytm PAN mess? A central KYC system with solid data validation can prevent such mishaps.
From dream to reality: The FSDC's action plan
Highlight PMLA power: Reassure everyone that KYC is important to fight money laundering, not just a random hassle.
Stop the cyber crooks:  The FSDC needs to address the rise of money mule accounts – basically, scammers using other people's accounts for crime. Let's shut them down!
Reunite the regulators:  Get all the financial watchdogs (IRDAI, PFRDA, SEBI, and RBI) on the same page with CKYC.
Data sharing champs:  Make sure KRAs and CERSAI talk to each other smoothly. No more information silos!
Iron out the kinks: Work with institutions to fix any technical or process problems that are slowing down KYC implementation.
The Future of KYC in India 
The FSDC's plan has the potential to be a game-changer for Indian finances. By untangling the current mess and building a strong central KYC system, they can create a future of convenience, efficiency, and security for everyone. This is a story worth following – it could impact the way you manage your money for years to come!
(Chandramouli Mohan retired as a senior manager from a public sector bank after 38 years of service in various capacities in several places across the country. He has been an RTI and consumer activist since his retirement in March 2020.)
SV Prasad
2 months ago
The current KYC mess revealed by Mr. Nilesh Shah was mandated by SEBI apparently to save their skin from Paytm like mess in banking, was pushed without due investor awareness campaigns by AMFI, AMCs or SEBI ; and worse grossly ignored lack of online KYC modification feature based on Aadhaar on most of the KRA and AMC portals for investor ease of updating their existing KYC. There are multiple versions of KYC, KYC Validated - being most superior based on online Aadhaar authentication and supposedly long lasting. Offline Aadhaar or OVD based is a few notches inferior as opening new folios with a new AMC would need a fresh dose of Re-KYC. KYC Registered-New KYC but with validated email and mobile is still inferior by a few more notches which is not good enough to open new folios with a new AMC, but good enough to transact in existing folios, and the lower versions are good for nothing inspite of a valid CKYC,PAN and Aadhaar. Senseless regulator and AMFI paying scant regard to public inconvenience which even digitally savvy cannot do much. If one searches and attempts on KRA & AMC portals they know the kind of mess and gross lack of facilities, about which SEBI is apparently looking the other way.
SV Prasad
Replied to SV Prasad comment 2 months ago
The two Key attributes in this mutual fund KYC are Name/Identity match for which PAN linked with Aadhaar is excellent as linking is possible only on 100% match. Second attribute is email and mobile number macthing. A third attribute address validation is sought to be based on OVD validation which was forced upon KRAsby SEBIs latest circular is a big and compliacted requirement. Even on providing an Aadhaar card copy the KRAs in no way can authticate it unless they can scan without error the complex QR code printed on it which they often fail, so the preference was accorded to online Aadhaar authentication route. Why the entire world has to revolve around Aadhaar alone for validation, ignoring the actual problem faced by KRAs in validating a driving licence, voter ID or even to extract address from PAN database. Banking industry has moved away from dependancy on Aadhaar via CKYC requirement albeit at a slow pace, as Aadhaar is not being insisted by banks oflate., unlike mutual funds and SEBI regulated entities which are going overzealous on not just Aadhaar but with responsibility of validation of the same at their end forced by SEBI.
Replied to SV Prasad comment 2 months ago
one more new issue which is cropping up ....validation of PAN by CBDT do not how many such agencies have the mfds to contend with and face the brunt of customer ire. The babus sitting in ac cabins should come out and volunteer to do this job for a week and understand the difficulties.
overzealous regulatory agencies

As per the recent guidelines from CBDT, the PAN number needs to be validated with the Income Tax Records. Further to these guidelines, there are additional validations incorporated by the RTAs/AMCs to comply with the same.

Investor name for all the fresh purchases should match with the income tax records.
Date of Birth (DOB) for Individuals / Date of Incorporation(DOI) for Non-Individuals should be provided as per PAN records for New Purchases, Additional Purchases or Redemptions.
Guardian Name and DOB will be mandatory in case of a minor.
In case of existing investors whose Name or DOB in the folio is not matching with the PAN/ITD, we request you to inform them to change their details either in the MF records or in the ITD before initiating an additional purchase or redemption.

We would request you to kindly evaluate the details of all your clients to ensure that they adhere to these guidelines by March 31, 2024. Any non-adherence to these guidelines will result in rejection of transactions at the end of the RTA from April 01, 2024. The same has been extended to 30th April 2024.

Requesting your support to comply with these requirements within the above timelines.
2 months ago
each regulator rbi, irdai, cersai, cvlkra wants to hold on to their importance and who cares of the customers or individuals. It is a sadistic pleasure which the regulators enjoy seeing the people running pillar to post with their kyc documents. Since cvl kra is centralised and is good system, why cant all the regulators use this. For those who have already done their kyc, this certification should be enough. I had to submit my rekyc with a bank, submit kyc docs everytime i take a policy. Sofirst time for my health insurance renewal after 20 years of renewing my policy, for my car insurance similarly after 15 years, etc and then comes the main headache for my mutual funds, registration, validation et al. when will all this madness stop. and when can we have a single kyc, why invent a new organisation (probably to find jobs for the retired babus and IAS officers) when cvl kra or nsdl can do the job.
SV Prasad
Replied to krishnan.venkat comment 2 months ago
Almost all KRAs are in a bad shape in terms of online facility to update KYC based on Aadhaar authntication, CVL-KRA being the market leader being the first in the industry and undoubtedly the worst, followed by Karvy, NSDL, Dotex and CAMS is one eyed in the kingdom of blind. CKYC is rsponsibility of entities regulated by RBI so customers are not troubled much by it. Whereas Stock/mutual fund investors KYC is SEBI mandated unique KYC which changes its colors every now and then with mutiple versions and requirements, and purely investors headache. SEBI has created the mess of 'validation' of OVDs by KRAs alone who are left with no option but pass it on investors to run from pillar to post. No one has run any kind of awareness campaign in media neither SEBI who simply issued circular 6 months back, nor AMFI the sleeping beauty meant for business development of AMCs, nor the AMCs who always hope on a last minute postponement or jugaad or work around nor the government babudom and finance ministry busy with election arrangements
Kamal Garg
Replied to krishnan.venkat comment 2 months ago
Fully agreed with the blogpost and your comments also. Why every other authority wants to have their way of having KYC. When one time, based on PAN number, a KYC is done, why it can't go to some central database and from there, all other regulated entities are legally bound to take down KYC details - and this regulated entities include all banks, AMCs, insurance companies and all other financial entities/intermediaries.
Replied to Kamal Garg comment 2 months ago
thanks. Similar to Aadhar which is basically used to identify a person, similarly once kyc is done others can tap that agency and confirm. All are regulated agencies or govt agencies, why the difference.
Razia Khan
2 months ago
Not related to above topic but I have below problems accessing Money Life website:

1. DuckDuckGo is the most user privacy friendly browser but your website blocks it (due to which I have to use Google Chrome or other browser which are not privacy friendly).

2. Earlier your website used to work even when I used to block Java script but now you need Java script enabled?

3. I can't update my profile if I want to say just update country details (I need to provide all details like state, city, mobile number etc.)

I like reading your articles, but above is making using the website very unfriendly for users and also privacy invasive.

Request to please make the website like earlier that was privacy friendly.
2 months ago
Has it dawn on the public, firms, regulators and policymakers that as the focus on KYC has been increasing the fraud in the system has only been multiplying at the faster rate? Currently the fraud is growing at scary 10 times. The west where KYC norms are simpler, done once and forget it, straightforward; are experiencing lower number of fraud rate than what is being experienced in India.
RBI Asks Banks, HFCs To Provide Simple Key Fact Statements to Borrowers on Loan Terms, Interest and Charges
Moneylife Digital Team 16 April 2024
The Reserve Bank of India (RBI) has asked all banks and housing finance companies (HFCs) to provide key fact statements (KFS) in simple terms to the prospective borrowers on the loans and interest that they are expected to pay to...
RBI Slaps Rs16 Lakh Penalty on 3 Cooperative Banks from Uttar Pradesh, 1 from Haryana
Moneylife Digital Team 16 April 2024
Reserve Bank of India (RBI) has imposed a penalty of Rs16 lakh on three cooperative banks from Uttar Pradesh (UP) and one from Haryana for non-compliance with the directions issued by the banking regulator. The highest penalty of Rs5...
Reliance Capital: NFRA Slaps Rs4.50 Crore Penalty on Pathak HD & Associates, 2 CAs for Professional Misconduct, Biased Auditing for FY18-19
Moneylife Digital Team 15 April 2024
Holding an audit firm and two chartered accountants (CAs) guilty of professional misconduct, the national financial reporting authority (NFRA) imposed a penalty of Rs4.50 crore on them for showing negligence in the audit of Reliance...
Free Helpline
Legal Credit