1.      Introduction

 Reserve Bank of India issues comprehensive guidelines on Know Your Customer (KYC) norms and Anti-money Laundering (AML) from time to time. In compliance with the recent guidelines issued by RBI- RBI/DBR/2015-16/18 Master Direction DBR.AML.BC.NO. 81/14.01.001/2015-16, updated guidelines w, the following KYC &AML policy of the Company is approved by the Board of Directors of the Company and shall be applicable to all products and services offered by the Company across all branches.

 2.      Objective

 Objective of this Policy is to ensure compliance with PML Act/Rules, including regulatory instructions in this regard and should provide a protection against threats arising from money laundering, terrorist financing, proliferation financing and other related risks at the same time ensure compliance, integrity and stability of the financial system. The policy outlines efforts to determine the identity and beneficial ownership of accounts, source of funds, the nature of customer’s business, reasonableness of operations in the account in relation to the

customer’s business, etc. which in turn helps the Company to manage its risks prudently. This policy seeks to provide guidance to businesses to ensure compliance with PML Act/Rules and to adopt best international practices taking into account the FATF standards for managing money laundering risks.

 

3.      Key elements

 Customer Acceptance

• Customer Identification Procedures (CIP); and
• Risk
• Monitoring of Transactions

 

 

4.      Customer Acceptance Policy (CAP)

 For the purpose of the KYC policy, a ‘Customer’ is defined as:

A person who is engaged in a financial transaction or activity with the Company and includes a person on whose behalf the person who is engaged in the transaction or activity, is acting as enumerated below:

1. an individual,

 

1. a Hindu undivided family,
2. a company,
3. a firm,
4. an association of persons or a body of individuals, whether incorporated or not,
5. every artificial juridical person, not falling within any one of the above persons (a to e), and
6. any agency, office or branch owned or controlled by any of the above persons (a to f).

 

 

The Company shall follow the following norms while accepting and dealing with its customers:

1. No account is opened in any anonymous or fictitious / benami
2. Carry out full scale customer due diligence (CDD) before opening an account. When the identity of the applicant is not known or appropriate due diligence cannot be applied, no transaction or account-based relationship will be undertaken with such person /
3. A Unique Customer Identification Code (CIF) shall be allotted by the Company while entering new relationships with individual customers. The Company shall apply CDD measures at the UNIQUE CIF ID
4. Parameters of risk assessment would consider customer identity, nature of business, location of customer and his clients, mode of payments, volume of business, social and financial status, geographical risk covering customers as well as transactions, type of products/services offered, delivery channel used for delivery of products/services, types of transaction undertaken – cash, cheque/monetary instruments to enable categorization of customers into low, medium and high risk.
5. The customer profile contains mandatory information to be sought for KYC purpose relating to

customer’s identity, address, social/financial status, nature of business activity, information about his clients’ business and their location etc. While preparing the customer profile the Company will seek only such information from the customer which is relevant to the risk category and is not intrusive. The customer Information shall be kept confidential, Company shall maintain secrecy regarding customer information except where the disclosure is under compulsion of law, there is a duty to the public to disclose, the disclosure is made with express or implied consent of the customer.

1. The Company shall ensure that the identity of the customer does not match with any person or entity whose name appears in the sanction lists / designated lists circulated by RBI from time to While the intent is to carry out due diligence as per regulatory standards, the Company will ensure that such a procedure adopted does not result in denial of services to any genuine customers.
2. The Customer Acceptance Policy shall not result in denial of banking/financial facility to members of the general public, especially those who are financially or socially
3. When the true identity of the account holder is not known or where the company forms a suspicion of money laundering or terrorist financing, the Company shall file Suspicious Transaction Reporting (STR) as outlined in the

 

 

5.      Customer Identification Procedure (CIP)

 

 

The Company shall undertake identification of customers before commencement of an account-based relationship.

1. Customer identification means identifying the customer and verifying his / her identity by using reliable and independent sources of documents, data, or information to ensure that the customer is not a fictitious/ anonymous/ benami person. The Company shall obtain sufficient information necessary to establish, to its satisfaction, the identity of each customer and the purpose of the intended nature of the business
2. As part of an effective Customer Identification Program (“CIP”) to implement the provisions of the Prevention of Money Laundering Act, 2002 and the relevant rules notified there under (PMLA), the Company’s KYC policy requires the business processes to carry out the following steps:
   1. verify the identity of any Person transacting with the Company to the extent reasonable and
   2. maintain records of the information used to verify a customer’s identity, including name, address and other identifying information and verify the United Nations Security Council (UNSC) sanctions lists under Unlawful Activities (Prevention) (UAPA) Act, 1967 / designated list under Weapons of Mass Destruction (WMD) and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005 / UNSCR 1718 Sanctions List of Designated Individuals and Entities / FATF statements of known or suspected terrorists or terrorist organizations / jurisdictions and countries that do not or insufficiently apply the FATF recommendations as provided to the Company by RBI or any other applicable government agency to determine whether a person opening an account or an existing customer appears on any such
   3. The Company will perform appropriate, specific, and where necessary, Enhanced Due Diligence on its customers that is reasonably designed to know and verify the true identity of its customers and to detect and report instances of criminal activity, including money laundering or terrorist
   4. The procedures, documentation, types of information obtained and levels of KYC due diligence to be performed will be based on the level of risk associated with the relationship (products, services, business processes, geographic locations) between the Company and the customer and the risk profile of the

 

6.      Risk Categorisation

 

 

The Company has put in place appropriate procedures to ensure the effective implementation of KYC guidelines.

 

The implementation procedure covers proper management oversight, systems and controls, segregation of duties, training, and other related matters.

Company’s internal audit and compliance functions play a role in evaluating and ensuring adherence to the KYC policies and procedures.

As a rule, the compliance function also provides an independent evaluation of the company’s own policies and procedures, including legal and regulatory requirements.

Compliance in this regard is put up before the Audit Committee of the Board at quarterly intervals. The Company ensures that the decision-making functions of determining compliance with KYC norms are not outsourced.

For Risk Management, REs shall have a risk-based approach.

• Customers shall be categorized as low, medium and high-risk category, based on the assessment and risk perception of the
• Broad principles may be laid down by the REs for risk-categorization of
• Risk categorization shall be undertaken based on parameters such as customer’s identity, social/financial status, nature of business activity, and information about the customer’s business and their location, geographical risk covering customers as well as transactions, type of products/services offered, delivery channel used for delivery of products/services, types of transaction undertaken – cash, cheque/monetary instruments, wire transfers, forex transactions, etc. While considering customer’s identity, the ability to confirm identity documents through online or other services offered by issuing authorities may also be factored
• The risk categorization of a customer and the specific reasons for such categorization shall be kept confidential and shall not be revealed to the customer to avoid tipping off the customer. Provided that various other information collected from different categories of customers relating to the perceived risk is non-intrusive and the same is specified in the KYC policy.

 

7.      Monitoring of Transactions

 

 

Ongoing monitoring is an essential element of effective KYC procedures. The Company can effectively control and reduce the risk only if it understands the normal and reasonable activity of the customer so that they have the means of identifying transactions that fall outside the regular pattern of activity. However, the extent of monitoring will depend on the risk sensitivityof the account. The different business divisions should pay special attention to all complex, unusually large transactions and all unusual patterns which have no apparent economic or visible legitimate purpose. High-risk accounts must be subject to intensified monitoring. It will also ensure that transactions of suspicious nature and/or any other type of transaction notified under section 12 of the PML Act, 2002 (and the Amended Act, 2009), is reported to the appropriate law enforcement authority.

The Company shall put in place an appropriate software application / mechanism to throw alerts when the transactions are inconsistent with risk categorization and update the profile of customers. The Company may

 

consider adopting appropriate innovations including artificial intelligence and machine learning technologies to support effective monitoring.

 

8.      Customer Due Diligence Procedure in case of Individuals

 

 

All the customers shall be identified by a unique identification code to identify customers, track the facilities availed, monitor financial transactions.

1. As per the customer identification requirement, the Business would obtain from each Customer, prior to transacting, the following information as may be relevant to that business:
   • Name – procedures require business processes to make reasonable efforts to ensure that the name recorded on the Company systems as the customer will be the same as the name that appears on any identifying documentation reviewed in connection with the
   • For individuals – age / date of birth; For a person other than individual (such as corporation, partnership, or trust) – date of
   • Address including the documentary proof
   • For an individual, a residential or business street
   • For a Person other than an individual (such as a corporation, partnership, or trust), the principal place of business, local office, or other physical
   • Telephone/Fax number/E-mail
   • Identification number:
   • A taxpayer identification number; passport number and country of issuance; proof of possession of Aadhaar number; alien identification card number; or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard or the unique number or code assigned by the Central KYC Records
   • Where a customer submits proof of possession of Aadhaar number, the Company shall ensure that such customer redacts or blackout his Aadhaar number before submitting the same to the
   • For a customer who has applied for, but has not received an identification number, loan may be sanctioned, but each business process shall implement procedures to confirm that the application was filed before the loan is sanctioned to customer and to obtain the identification number within a reasonable period before disbursal of
   • One recent photograph of an individual Fresh photographs will be obtained from minor customers on becoming major.

 

2. For undertaking CDD, the list of documents that can be accepted as proof of identity and address from various customers across various products offered by the Company is given as annexure III to this policy.

 

9.         Identity Verification

 

 

Each business process as a part of the credit policy will document and implement appropriate risk-based procedures designed to verify that it can form a reasonable belief that it knows the true identity of its customers. Verification of customer identity should occur before transacting with the customer. Procedures for business process shall describe acceptable methods of verification of customer identity, which may include verification through documents or non- documentary verification methods that are appropriate given the nature of the business process, the products and services provided and the associated risks.

 

1. Verification through documents:

 

 

These documents may include but are not limited to the list of documents that can be accepted as proof of identity and address from customers across various products offered by the Company as provided in annexure – III to this policy. These are appropriately covered in the credit policies of the respective businesses. The customer verification processes will be covered in detail in the credit policies of every business.

Where Permanent Account Number (PAN) is obtained, the same shall be verified from the verification facility of the issuing authority. Where Goods and Services Tax (GST) details are available, the GST number shall be verified from the search/verification facility of the issuing authority.

 

 

1. Verification through non-documentary methods: These methods may include, but are not limited to:
   • Contacting or visiting a
   • Independently verifying the customer’s identity through the comparison of information provided by the customer with information obtained from a consumer reporting agency, public database, or other
   • Checking references with other financial institutions; or
   • Obtaining a financial

 

 

1. Aadhaar based e-KYC authentication:

 

Where the customer submits Aadhaar number, the Company shall carry out authentication of the customer’s Aadhaar number using e-KYC authentication facility provided by the Unique Identification Authority of India. Further, in such a case, if customer wants to provide a current address, different from the address as per the identity information available in the Central Identities Data Repository, he may give a self-declaration to that effect and the company shall ensure that the mobile number for Aadhaar authentication is same as the one available with them in the customer’s profile, in order to prevent any fraud.

 

1. Offline verification through proof of possession of Aadhaar number:

 

 

The Company may carry out offline verification of a customer under the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (Aadhaar Regulations) if the customer is desirous of undergoing Aadhaar offline verification for identification purpose.

 

No such offline verification will be performed without obtaining the written consent of the customer in the manner prescribed in the Aadhaar Regulations.

The Company shall not collect, use or store an Aadhaar number of its customer for any purpose.

 

 

1. Aadhaar OTP based e-KYC:

 

 

The Company may carry out Aadhaar OTP based e-KYC in non-face-to-face mode with a specific consent from the customer for authentication through OTP. The transaction alerts, OTP, etc., shall be sent only to the mobile number of the customer registered with Aadhaar. For such borrowal account, the aggregate amount of term loans sanctioned shall not exceed rupees sixty thousand in a year. Accounts opened using OTP based e-KYC shall not be allowed for more than one year unless detailed customer due diligence is carried out.

 

1. Verification of equivalent e-document:

 

 

Where the customer submits an equivalent e-document of any Officially Valid Document (OVD), issued by the issuing authority of such document with its valid digital signature including documents issued to the digital locker account of the customer, the Company shall verify the digital signature as per the provisions of the Information Technology Act, 2000 and take live photo of the customer as specified under digital KYC in RBI regulations.

 

1. Verification through digital KYC:

 

 

The Company may carry out verification by capturing live photo of the customer and OVD or the proof of possession of Aadhaar, where offline verification cannot be carried out, along with latitude and longitude of the location where such live photo is being taken by the authorized officer of the Company as prescribed in RBI regulations.

 

1. Video based customer identification process (V-CIP):

 

 

The Company may undertake live V-CIP for the establishment of an account-based relationship with an individual customer after obtaining his informed consent and adhering to the procedures / minimum standards prescribed in RBI regulations. This process shall be treated as a face-to-face process for the purpose of customer identification.

 

1. Retrieval of KYC records from CKYCR:

 

 

Where a customer submits a KYC Identifier to the Company, with an explicit consent to download records from CKYCR, the Company may retrieve the KYC records online from the CKYCR using the KYC Identifier and the customer shall not be required to submit the same KYC records unless–

 

• There is a change in the information of the customer as existing in the records of
• the current address of the customer is required to be
• the Company considers it necessary in order to verify the identity or address of the customer, or to perform enhanced due diligence or to build an appropriate risk profile of the
• the validity period of documents downloaded from CKYCR has

 

 

10.       Customer Due Diligence Procedure in case of Sole Proprietorship

In case of Sole Proprietorship, CDD of Individual (Proprietor) shall be carried out. The documents as proof of Identity and activity are as per the Annexure III

 

11.      Customer Due Diligence Procedure in case Legal Entities

 

 

For opening an account of Legal Entities such as Partnership, Company, Trust Unincorporated association or a body of individuals, certified copies of documents as listed in Annexure III shall be obtained.

 

 

12.     Existing Customers

 

 

The requirements of the earlier sections are not applicable to accounts opened by existing customers, provided that the business process has previously verified the identity of the customer and the business process continues to have a reasonable belief that it knows the true identity of the customer. Further, transactions in existing accounts should be continuously monitored and any unusual pattern in the operation of the account should trigger a review of the due diligence measures.

 

13.   On-Going Due Diligence

 

 

Ongoing due diligence shall be carried out to ensure that the customers transactions are consistent with customers business and risk profile, source of funds.

 

14.   Periodic updation of KYC

 

 

The Company shall have a system of risk-based approach in place for periodical updation ofcustomer identification data after the account is opened ensuring that the information or data collected is kept up-to date and relevant particularly when there is a high risk. KYC updation will be carried out at a periodicity not less than once in ten years in case of low-risk category customers, not less than once in eight years in case of medium risk category customers and not less than once in two years in case of high-risk category customers from the date of opening of the account / last KYC updation.

 

Customers need not submit fresh KYC documents at the time of periodic updation, in case of no change in status with respect to their KYC information and a self-certification by the customer to that effect shall suffice in such cases. In case of change of address of such customers, a self- declaration of the new address shall be obtained from the customer through customer’s email-id registered with the Company, customer’s mobile number registered with the Company, digital channels, letter etc., and the declared address shall be verified through positive confirmation within two months by means of address verification letter, contact point verification, deliverables etc. The Company may at its discretion, obtain a copy of OVD or deemed OVD or the equivalent e- documents thereof for the purpose of proof of address, declared by the customer at the time of periodic updation.

 

Aadhaar OTP based e-KYC in non-face to face mode may be used for periodic updation of KYC, as per the procedure prescribed in RBI Regulations.

 

For customers other than Individual, the Company shall ensure that during the above process, Beneficial Ownership (BO) information available with it is accurate and shall update the same, if required, to keep it as up to date as possible. In case of change in KYC information of customers other than individual, the Company shall undertake the KYC process equivalent to that applicable for on boarding a new non-individual customer.

 

In case any existing customer fails to submit PAN or equivalent e-document or Form No.60, the Company shall temporarily cease operations in the account till the time the same is submitted by the customer. For the purpose of ceasing the operation of the account, only credit shall be allowed.

 

However, for customers who are unable to provide PAN or equivalent e-document or Form No.60 owing to injury, illness, or infirmity on account of old age or such like causes, the Company will continue operation of accounts for such customers subject to enhanced monitoring of the accounts.

 

In case of any update in the documents submitted by the customer at the time of establishment of business relationship / account-based relationship, the customers shall submit the updated.

documents to the Company within 30 days of the update, for the purpose of updating the records at the Company’s end.

 

15.   Enhanced Due Diligence

 

 

The Company is primarily engaged in retail finance. It does not deal with such category of customers who could pose a potential high risk of money laundering, terrorist financing or political corruption and are determined to warrant enhanced scrutiny. The Company shall conduct Enhanced Due Diligence in connection with all customers or accounts that are determined to pose a potential high risk and are determined to warrant enhanced scrutiny. The Company shall also undertake enhanced due diligence in case of non-face-to-face onboarding facilities (such as CKYCR, Digi Locker, equivalent e-document, etc.) for establishing the relationship with the customer without meeting the customer physically or through V-CIP. Such customers shall be categorized as high-risk customers and accounts opened in non-face to face mode shall be subjected to enhanced monitoring until the identity of the customer is verified in a face-to-face manner or through V-CIP.

Enhanced Due Diligence shall be coordinated and performed by the Company, who may engage appropriate outside investigative services or consult appropriate vendor sold databases when necessary. The Company shall decline to do business with or discontinue relationships with any customer when the Company cannot adequately complete necessary Enhanced Due Diligence or when the information received is deemed to have a significant adverse impact on reputational risk.

 

The following are the indicative list where the risk perception of a customer may be considered higher:

 

 

• Customers requesting frequent change of address/contact
• Sudden significant change in the loan account activity of the customers
• Frequent closure and opening of loan accounts by the

 

Enhanced due diligence may be in the nature of keeping the account monitored closely for a re- categorization of risk, updating of fresh KYC documents, field investigation or visit of the customer, etc.,

 

16.   Sharing KYC information with Central KYC Records Registry (CKYCR)

 

 

• In terms of PML Rules, the REs shall capture customer’s KYC records and upload onto CKYCR within 10 days of commencement of an account-based relationship with the
• Where a customer, for the purposes of establishing an account-based relationship, submits a KYC Identifier, with an explicit consent to download records from CKYCR, then SFIPL shall retrieve the KYC records online from the CKYCR using the KYC Identifier and the customer shall not be required to submit the same KYC records or information or any other additional identification documents or details, unless
  • there is a change in the information of the customer as existing in the
  • records of
  • the current address of the customer is required to be
  • considers it necessary in order to verify the identity or address of the customer, or to perform enhanced due diligence or to build an appropriate risk profile of the
  • the validity period of documents downloaded from CKYCR has

 

 

17.     Record Management

 

 

SFIPL shall take the following steps regarding maintenance, preservation and reporting of customer account information, with reference to provisions of PML Act and Rules.

1. Preserve the records pertaining to the identification of the customers and their addresses obtained while opening the account and during the course of business relationship, for at least five years after the business relationship is
2. maintain all necessary information in respect of transactions prescribed under PML Rule 3 so as to permit reconstruction of individual transaction, including the following:

• the nature of the transactions;
• the amount of the transaction and the currency in which it was denominated;
• the date on which the transaction was conducted; and
• the parties to the transaction.

 

1. Evolve a system for proper maintenance and preservation of account information in a manner that allows data to be retrieved easily and quickly whenever required or when requested by the competent
2. Make available the identification records and transaction data to the competent authorities upon
3. Maintain records of the identity and address of their customer, and records in respect of transactions in hard or soft format and
4. Shall maintain confidentiality of information as provided in Section 45NB of RBI Act, 1934, as required of
5. Periodicity of retention:

The following records shall be retained for a minimum period of five years after the business relationship is ended:

• Customer identification information (including information of beneficial owners) and residence identification information including the documentary evidence
• All other necessary records pertaining to the transactions that could be produced as evidence for prosecution of persons involved in criminal
• A description of the methods used to verify customer identity and of the resolution of any discrepancies in verification shall be maintained for a period of at least Ten (10) years after such a record was
• The above records shall be maintained either in hard or soft format and shall be made available to the competent authorities upon

 

18.   Resolution of Discrepancies

 

 

Each business process shall document and implement procedures to resolve information discrepancies and to decline or cease to do business with a customer when it cannot form a reasonable belief that it knows the true identity of such customer or cannot adequately complete necessary due diligence.

 

19.     Reporting

 

 

The business shall have a system of internal reporting of suspicious transactions, counterfeit transactions and cash transactions greater than Rs.2lakhs, whether such transactions comprise of a single transaction, or a series of transactions integrally connected to each other, and where such series of transactions take place within a month.

 

“Suspicious transaction” means a transaction whether made in cash which, to a person acting in good faith:

 

 

1. gives rise to a reasonable ground of suspicion that it may involve the proceeds of crime; or

 

1. appears to be made in circumstances of unusual or unjustified complexity; or
2. appears to have no economic rationale or bona fide purpose; or
3. gives rise to a reasonable ground of suspicion that it may involve financing of the activities relating to
4. Where the transactions are abandoned by customers on being asked to give some details or to provide documents

 

 

The principal officer shall furnish information of the above-mentioned transactions to Financial Intelligence Unit – India (FIU-IND) at the prescribed address in the formats prescribed in this regard.

 

The Company shall not put any restriction on operations in the accounts where a suspicious transaction report (STR) has been filed. The Company shall keep the fact of furnishing of STR strictly confidential and shall ensure that there is no tipping off to the customer at any level.

 

The Company shall endeavor to upload the KYC information pertaining to individuals / legal entities, as applicable from time to time, with Central KYC Records Registry (CKYCR) in terms of provisions of the Prevention of Money Laundering (Maintenance of Records) Rules, 2005.

 

20.   Risk Management

 

 

1. The Board of the Company is aware that while all customers will be of low risk profile given the nature of its business, unless belonging to a higher risk profile listed under CAP above and approved as an exception, it will apply various Anti Money Laundering measures keeping in view the risks involved in a transaction, account, or business relationship.

 

2. Designated Director: The Board nominates the Director and CEO as the “Designated Director” whose name, designation and address shall be communicated to the Financial Intelligence Unit- India (FIU-IND) in terms of the aforesaid Directions of

 

3. Principal Officer: The CFO, being the Principal Officer, shall be responsible for ensuring compliance, monitoring transactions, and sharing and reporting information as required under the law/regulations. His name, designation and address shall be communicated to the FIU-IND.

 

4. Compliance of KYC / ALM policy: SFIPL shall ensure compliance with KYC / ALM Policy through its senior management team who are responsible for effective implementation of this policy and procedures thereunder, ensure to verify the compliance be responsible for KYC / ALM

 

5. Review of Policy: This policy shall be reviewed from time to time and such changes as are required based on

 

regulatory changes may be approved by the CEO.

 

6. Employee Training: The Company on an ongoing basis educates the front-line staff, the branch staff, and the new joiners on the elements of AML / KYC / CFT through various training programs, training e- modules and e-mails. The Company shall ensure that, the staff dealing with KYC/AML/CFT matters have high integrity and ethical standards, good understanding of extant KYC/AML/CFT standards, effective communication skills and ability to keep up with the changing KYC/AML/CFT landscape. The management on an ongoing basis shall ensure an environment which fosters open communication and high integrity amongst the

 

7. Applicability to branches and subsidiaries outside India: The Company does not have operations/subsidiaries outside

 

 

 

 

 

 

 

 

 

 

 

Annexure – I

 

 

Indicative list for Risk Categorization

 

 

Low Risk Category

 

Individuals (other than High Net Worth) and entities whose identities and sources of wealth canbe easily identified and transactions in whose accounts by and large conform to the known profile,shall be categorised as low risk.

 

Illustrative examples are:

 

• Salaried employees whose salary structure is well-defined
• People belonging to lower economic strata of the society whose accounts show smallbalances and low turnover
• Governmentdepartmentsand Government-owned companies
• Statutory bodies& Regulators

 

 

Medium & High-Risk Category

 

Customers that are likely to pose a higher-than-average risk may be categorized as medium or high risk depending on customer’s background, nature and location of activity, country of origin, sources of funds and his client profile etc.

 

Illustrative examples of medium risk category customers are:

 

1. Non-Resident customers

 

1. High Net worth Individuals with more than 5 crores.

 

1. Trust, charities, NGO’s and Organization receiving donations
2. Companies having close family shareholding where ultimate beneficialownership

 

is not identifiable

 

1. Firms with ‘sleeping partners’

 

 

Illustrative examples of high-risk category customers are:

 

1. Politically Exposed Persons (PEPs) of Indian/Foreign Origin
2. Those with dubious reputation as per public information available
3. Accounts of bullion dealers and jewelers

 

Annexure – II

 

 

Customer Identification Requirements

 

 

Trust/Nominee or Fiduciary Accounts

 

 

In the case of any application from trust/nominee or fiduciary accounts, the Company determineswhether the customer is acting on behalf of another person as trustee/nominee or any other intermediary.

 

If in doubt of the persons behind the customer, the Company may insist on receipt of satisfactory evidence of the identity of the intermediaries and of the persons on whose behalf they are acting,as also obtain details of the nature of the trust or other arrangements in place. Company takes reasonable precautions to verify the identity of the trustees and the settlors of trust (including any person settling assets into the trust), grantors, protectors, beneficiaries, and signatories.

 

 

Accounts of companies and firms

 

 

company needs to be vigilant against business entities being used by individuals as a ‘front’ for transactions. The company should examine the control structure of the entity and identify the naturalpersons who have a controlling interest and who comprise the management.

 

These requirements may be moderated according to the risk perception e.g. in the case of a public company.

 

 

 

Accounts of Politically Exposed Persons (PEPs) resident outside India

 

 

Politically exposed persons are individuals who are or have been entrusted with prominent publicfunctions in a foreign country, including the Heads of States or of Governments, senior politicians,senior government/judicial/military officers, senior executives of state-owned corporations, important political party officials.

 

The Company offers products primarily to Indian residents only. The Company, if extending any finance to non- residents should check if he is PEP and check all the information available about the person in the public domain. Further, apart from performing normal due diligence, thecompany shall take reasonable measures to

 

establish the source of funds/wealth. The decision to transact with the PEP should be taken only by the Head of credit of the respective businesses supported by appropriate verification. The Company is also required to subject such accounts to enhanced monitoring on an ongoing basis. The above norms shall also be applied to the contractsof the family members or close relatives of PEPs.

 

In the event of an existing customer or the beneficial owner of an existing account, subsequently becoming PEP, the approval of the Head of respective businesses shall be obtained to continue the business relationship and subject the account to the KYC due diligence measures as applicable to the customers of PEP category including enhanced monitoring on an ongoing basis.

 

 

Identity of Beneficial Owner

 

 

The Company shall identify the beneficial owner and take all reasonable steps to verify his identity. The term “beneficial owner” has been defined as the natural person who ultimately owns or controls a customer and/or the person on whose behalf the transaction is being conducted and includes a person who exercises ultimate effective control over a juridical person. Government of India has since examined the issue and has specified the procedure for determination of Beneficial Ownership

 

• Where the customer is a company, the beneficial owner is the natural person(s), who, whetheracting alone or together, or through one or more juridical person, has a controlling ownership interest or who exercises control through other means.

 

Explanation:

 

 

1. “Controlling ownership interest” means ownership of or entitlement to more than tenpercent of shares or capital or profits of the

 

1. “Control” shall include the right to appoint a majority of the directors or to control themanagement or policy decisions including by virtue of their shareholding or management rights or shareholders agreements or voting

 

 

• where the customer is a partnership firm, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has ownership of/entitlement to more than ten percent of capital or profits of the

 

• where the customer is an unincorporated association or body of individuals, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has ownership of or entitlement to more than fifteen percent of the property or capital or profits of such association or body of
• where no natural person is identified under (a) or (b) or (c) above, the beneficial owner is the relevant natural person who holds the position of senior managing
• where the customer is a trust, the identification of beneficial owner(s) shall include identification of the author of the trust, the trustee, the beneficiaries with ten percent or more interest in the trust and any other natural person exercising ultimate effective control over the trust through a chain of control or In case the customer is acting on behalf of another person as trustee / nominee, the Company shall obtain satisfactory evidence of the identity of thepersons on whose behalf they are acting; and
• where the customer or the owner of the controlling interest is an entity listed on a stock exchange in India, or is a subsidiary of such a listed entity, or it is an entity resident in jurisdictions notified by the Central Government and listed on stock exchanges in such jurisdictions, it is not necessary to identify and verify the identity of any shareholder or beneficial owner of such

 

 

 

Annexure III

 

 

Customer Identification Procedure – KYC documents that may be obtained from customers.

 

 

 

 

Nature of customer

List of applicable documents

 

Individual

The Company shall obtain the following from an individual while establishing an account- based relationship or while dealing with the individual who is a beneficial owner, authorized signatory or the power of attorney holder related toany legal entity:   a)     Aadhaar number where the individual decides to submit his Aadhaarnumber voluntarily to the Company notified under first proviso to sub- section (1) of section 11A of the PML Act. b)     proof of possession of Aadhaar number where offline verification can be carried out; or c)      a certified copy of any OVD containing details of his identity and address or the equivalent e-document thereof; or d)     the KYC Identifier with explicit consent to download records from CKYCR. e)     the Permanent Account Number (PAN) or Form no.60; and f)      such other documents as specified by the Company from time to time.     List of OVDs: i)       Passport ii)      Driving license iii)    Proof of possession of Aadhaar number iv)    Voter’s identity card issued by the Election Commission of India v)      Job card issued by NREGA duly signed by an officer of the State Govt. vi)    Letter issued by the National Population Register containing details ofname and address.   Provided that: 1)     where the customer submits his proof of possession of Aadhaar number as an OVD, he may submit it in such form as are issued by the UIDAI. 2)     where the OVD furnished by the customer does not have updated address, the following documents shall be deemed to be OVDs for the limited purpose of proof of address: – i)         utility bill which is not more than two months old of any service provider (electricity, telephone, post-paid mobile phone, piped gas, water bill). ii)        property or Municipal tax receipt. iii)      pension or family pension payment orders (PPOs) issued to retired

 

 

employees by Government Departments or Public Sector Undertakings, if they contain the address. iv) letter of allotment of accommodation from employer issued by State Govt. or Central Govt. Departments, statutory or regulatory bodies, public sector undertakings, scheduled commercial banks,financial institutions and listed companies and leave and licenseagreements with such employers allotting official accommodation; 3)     the customer shall submit OVD with current address within a period of three months of submitting the documents specified at ‘(2)’ above.   4)     where the OVD presented by a foreign national does not contain the details of address, in such case the documents issued by the Governmentdepartments of foreign jurisdictions and letter issued by the Foreign Embassy or Mission in India shall be accepted as proof of address.   Explanation: A document shall be deemed to be an OVD even if there is a changein the name subsequent to its issuance provided it is supported by a marriage certificate issued by the State Government or Gazette notification, indicating such a change of name.

 

Sole Proprietary firms

1)     Customer due diligence of the individual proprietor shall be carried out as applicable / specified for Individual. 2)     In addition to the above, any two of the following documents or the equivalent e- documents there of as a proof of business/ activity in the name of the proprietary firm shall also be obtained: a)   Registration certificate including Udyam Registration certificate issued bythe Government. b)   Certificate/licence issued by the municipal authorities under Shop andEstablishment Act. c)   Sales and income tax returns. d)   CST/VAT/ GST certificate (provisional/final). e)   Certificate/registration document issued by Sales Tax/Service Tax/Professional Tax authorities. f)    IEC (Importer Exporter Code) issued to the proprietary concern by the office of DGFT or Licence/certificate of practice issued in the name of the proprietary concern by any professional body incorporated under a statute. g)   Complete Income Tax Return (not just the acknowledgement) in the nameof the sole proprietor where the firm’s income is reflected, duly authenticated/acknowledged by the Income Tax authorities. h)   Utility bills such as electricity, water, landline telephone bills, etc.     Explanation: In cases where the Company is satisfied that it is not possible to furnish two such documents, the Company may, at its discretion, accept only oneof those documents as proof of business/activity after recording the appropriate reason for accepting one document. The Company shall undertake contact point

 

 

	verification and collect such other information and clarification as would berequired to establish the existence of such firm and shall confirm and satisfy. itself that the business activity has been verified from the address of theproprietary concern.
Company	Certified copies of each of the following documents shall be obtained:   a)     Certificate of incorporation b)     Memorandum and Articles of Association c)      Permanent Account Number of the company d)     A resolution from the Board of Directors and power of attorney granted to its managers, officers, or employees to transact on its behalf. e)     Documents, as specified for Individual, relating to beneficial owner, the managers, officers, or employees, as the case may be, holding an attorneyto transact on the company’s behalf. f)      Names of the relevant persons holding senior management position (For the purpose of this policy, senior management means managing director,chief executive officer, manager, whole-time director, company secretaryand chief financial officer) g)     Address of the registered office and the principal place of business if it is different.
Partnership Firm	Certified copies of each of the following documents shall be obtained:   a)     Registration certificate b)     Partnership deed c)      Permanent Account Number of the partnership firm d)     Documents, as specified for Individual, relating to beneficial owner, managers, officers, or employees, as the case may be, holding an attorneyto transact on its behalf. e)     The names of all partners f)      Address of the registered office and the principal place of business if it is different.

 

Trust

Certified copies of each of the following documents shall be obtained:   a)     Registration certificate b)     Trust deed c)      Permanent Account Number or Form No.60 of the trust d)     Documents, as specified for Individual, relating to beneficial owner, managers, officers, or employees, as the case may be, holding an attorneyto transact on its behalf. e)     Names of the beneficiaries, trustees, settlor, and protector if any and authors of the trust. f)      Address of the registered office of the trust g)     List of trustees and KYC documents for those discharging the role as trustee and authorized to transact on behalf of the trust.

 

 

Unincorporated Association or a Body of Individuals

Certified copies of each of the following documents shall be obtained:   a)     Resolution of the managing body of such association or body ofindividuals b)     Permanent Account Number or Form No. 60 of the unincorporatedassociation or a body of individuals c)      Power of attorney granted to transact on its behalf. d)     Documents, as specified for Individual, relating to beneficial owner, managers, officers, or employees, as the case may be, holding an attorneyto transact on its behalf and e)     Such information may be required by the Company to collectively establish the legal existence of such an association or body of individuals. Explanation:   (i)     Unregistered trusts / partnership firms shall be included under the term ‘unincorporated association’. (ii)    Term ‘body of individuals’ includes societies.

Juridical persons not specifically covered above, such as societies, universities, and local bodies like village panchayats etc. or who purports to act on behalf of such juridical person or individual or trust

Certified copies of the following documents shall be obtained:   a)     Document showing name of the person authorized to act on behalf of theentity; b)     Documents, as specified for Individual, of the person holding an attorneyto transact on its behalf and c)      Such documents as may be required by the Company to establish thelegal existence of such an entity/juridical person.

 

 

Note: Notwithstanding the list of documents as stated above, in case of change, if any, in the regulations as notified by RBI from time to time, the list of documents as prescribed by RBI shall prevail over the above.

 

 

 

 

Annexure – IV

 

Illustrative list of activities which would be construed as suspicious transactions.

 

 

• Activities not consistent with the customer’s business, i.e. accounts with large volume of credits whereas the nature of business does not justify such
• Any attempt to avoid Reporting/Record-keeping Requirements/provides insufficient / suspicious information:
  • A customer who is reluctant to provide information needed for a mandatory report, to have the report filed or to proceed with a transaction after being informed that the report must be
  • Any individual or group that coerces/induces or attempts to coerce/induce the Company employee from not filing any report or any other
  • An account where there are several cash transactions below a specified threshold level toavoid filing of reports that may be necessary in case of transactions above the threshold level, as the customer intentionally splits the transaction into smaller amounts for the purpose of avoiding the threshold
• Certain Employees of the Company arousing suspicion:
  • An employee whose lavish lifestyle cannot be supported by his or her
  • Negligence of employees/willful blindness is reported
• Some examples of suspicious activities/transactions to be monitored by the operating staff:
  • Multiple accounts under the same name
  • Refuses to furnish details of source of funds by which initial contribution is made, sourcesof funds is doubtful etc,
  • There are reasonable doubts over the real beneficiary of the loan
  • Frequent requests for change of address