KYC NORMS : AN Overview


Way back to the second half of 2002, it is then RBI directed all the banks to implement the

KYC guidelines for all the new accounts that will be further getting into operation.

The main purpose of KYC norms was to restrict money laundering and terrorist financing when it was introduced in the late 1990’s in the United States. The US has has made changes in it’s major legislations-Bank Secrecy Act etc to make these norms effective.[1]

The KYC guidelines are issued by the RBI under Section 35A of the Banking Regulation Act,1949 and under Rule 9(14) of Prevention of Money laundering(Maintenance of Records) Rules,2005. Any bank contravenes with the said guidelines or any non-compliance would attract penalities under the Banking Regulation Act,1949.

However the guidelines issued by the RBI to the financial institutions or any other  will be subject to change by way of a Master Circular. The latest Master Circular that is available is  “DBR.AMLBC.No.15/14.01.001/2015-16”.

Objective of the KYC Norms : The main idea behind implementing KYC Norms is to avoid terrorist financing activities . It also helps the banks to know or understand who their customer is in order to avoid future risks.

Compliance Measures :  In the year 2002,when these were initially introduced there has been a lag in its implementation and hence there were certain measures adopted by the RBI for all the existing accounts too : Some of them includes :

1. Public Notice in  the national newspapers

2. Zonal Customer Identification

3.Individual notices to the customers with non-compliance

4. And a final notice in the newspapers for ensuring proper documentation within 7days from that particular day.


KYC Policy :

Now that banks or financial institutions has a facility to frame their KYC policies, but then the key criteria cannot be missed out.

1.Customer Acceptance Policy

2.Customer Identification Procedures

3.Monitoring of transactions

4.Risk Management [2]

All the above are nothing but due diligence measures that are generally taken by any bank/financial institution in order to make sure that no fraud takes place with respect to the transactions being operated in the bank. Proper scrutinization of documents that are provided by the customer will stand as a support to meet the objective of the KYC Norms.

Procedures again vary from a normal customer that one gets to know ,  non face-to-face customers(i.e customers who access through Internet banking/Mobile banking),additional documents maybe called upon for a better understanding of such customer.

Non-resident accounts can also be operated and special procedures are involved for he same(for foreign students).

Freezing of Accounts on Non-Compliance : Any  non-compliance thereof can lead to freezing of such account. However it is mandatory that a 3 month notice shall be served to the concerened customer detailing the subject-matter. A partial freezing is made on such account in which a 3months notice is served. If still the account tend to be in non-compliance after 6months , all the debits and credits would be disallowed  i.e the account cannot be operated further. In such a situation it is at the bank’s discretion to close such accounts. However reasons for such closure are to me mentioned clearly.

When the bank believes the account to be lacking a true identity, i.e in case of a suspicious account the bank should file a Suspicious Transaction Report(STR) with the Financial Intelligence unit-India under the Department of Revenue ,Ministry of Finance, Government of India.




The risk that is involved with the implementation of KYC can be categorised into 5 heads :

1.      Reputational risk

2.      Operational Risk

3.      Risks that arise legally

4.      Financial Risks

5.      Concentration Risk

1)Reputational Risk : Terrorist often resort to identity theft. The 9/11 terrorists had opened 14 accounts with a Florida Bank ,using false social security numbers and other documents.[3] Such instances cause immense damage to the reputation of that bank/financial institution. Future customers may avoid making business with that bank as such. Hence a reputational risk is always in place for bank and proper compliance with the norms must be taken care of.

2)Operational Risk : Operational risk is defined as the risk of loss resulting from adequate or failed internal processes ,people and systems or from external events.[4] To avoid these operational risks, as most of the operative part is in the hands of the bank staff, training must be provided on a strict pace. When every employee is aware of the basic issues to be taken care of, the risk may inturn decrease thereof.

3)Risks that arise legally :  As and when any business would attract penalities and adjudications on involving in illegal activities, its the same with the banks too. Not complying with the KYC Norms would lead to heavy penalties.

4)Financial Risks : There are financial risks involved in not complying with the KYC Norms because if so a bank gives a loan to a customer , and at the same time failed to identify the customer as such it is difficult for the bank to retrieve the load bank and may lose financially.

5)Concentration Risk : Banks usually tend to concentrate more so on a particular geographical area, or involving more into a particular kind of business activity in order to attract customers. Sudden downfall of suck concentration again leads to risk to the banks.



As earlier mentioned , documentation plays a pivotal role in identifying a customer as such. However the usual documentation we find slightly varies in accounts that are related to Companies ,Partnerhip firms, Trust Accounts , Accounts of unincorporated associations, Accounts of proprietors so on and so forth.

For Individual Accounts :

The proof of identities that are required in opening an individual account are PAN card, Passport(if available), Voters Identity , Any Job cards containing the Adhaar Number. These are mandatory .Any kind of utility bills or letter duly signed by any authorised Gazzette officer can be given if the bank insists.

Accounts for Companies :

 Generally for  Companies it would be Current accounts and the documents that had to be submitted while opening an account are : Certificate of Incorporation, Memorandum of Association , Any resolution that is made by the Board of Directors or say any officially valid document with respect to the managers,officers, employees etc.

Accounts for Partnership Firms :

A deed of partnership, registration certificate or any official documents that holds good are to be submitted.

Trust Accounts :

Trust Deed and a registration certificate.

Accounts of unincorporated Associations :

As a registration certificate cannot be obtained in case of unincorporated associations any resolutions made or any official document made with respect to the company or any document which in turn dictates the companies legal existence.

Proprietors Accounts :

All the certificates relating to tax liability, VAT ,registration, licence certificates, Sales or Income Tax returns need to be submitted in case of any proprietorship accounts. Extra diligence is involved here since proprietors hold huge amounts and operate huge sum transactions which has to be looked upon. Activity proofs are a must.



In the year 2013 all the three banks have been fined by the Reserve Bank of India with  5crores, 1 crore and 4.5 crores respectively in violating certain KYC Norms.

The RBI further detailed that in its investigation it found that the three top private banks in the country were not adhering to certain know your customer (KYC) norms and anti money laundering (AML) guidelines like risk categorisation and periodical review of risk profiling of account holders. The central bank also found that the banks were not filing cash transaction reports (CTRs) in respect of some cash transactions and were selling gold coins for cash beyond 50 thousand rupees.[5]

RBI also stated that the internal operations of the three banks were not to the mark.

The PAN numbers and where from the funds are being deposited in the accounts of the customers are all not taken care of by the banks –said the Central Bank.

However in this case no prima facie evidence has been obtained that an act of money laundering took place.

RBI gave these directions as suggestive measures stating : incentives should not be given to any operational managers of the banks and the information in regard to a customer must be taken seriously when informed by the other banks especially by the co-operative banks, since small account holders rests with the co-operative banks rather than the commercial banks.




The bank acting in compliance with the KYC Norms are undoubtedly benefitting the customers from a rural background.

Initially there wasn’t any awareness regarding these norms (be it employees or customers), it is mostly the weaker sections of the society who lack awareness. A flexibility is then provided to submit the concerned documents slowly so that the news reaches to a larger group. Employees were also being trained today in almost all the banks for a better work management as such. So an admission can be made that the negativity involved has almost reached to zero since today even the weaker sections provide all the required document due to the ongoing awareness that is created by every single bank that is in existence today. Boards with respect to the norms are displayed in banks even in the regional language and there are people or employees themselves detail regarding these if any person is unaware of.

“ KYC Guidelines are customer-friendly and the notion that KYC Norms are an impediment for  people from a rural background in availing banking facilities is not correct”.

Also to target the small account holders , especially the migrant workers RBI in the year 2013 relaxed the rules. It now abolished the lengthy procedures that banks insist upon to act on par with the KYC Norms by allowing just one identity proof in order to open an account. This mainly benefits the workers and daily workers since that it is really difficult for them to obtain two different proofs for identity and address as in most of them would be migrating from once place to another and so this incentive made a relief . Self-attestation with a credit limit of approximately 1lakh for an year and a minimal withdrawal of Rs.10,000 is also made available to the people with certain economic and social backgrounds.





1.      Risk management in electronic Banking, concepts and best practices – Jay Ram Konda Bagil (2007),Publisher – John Wiley & Sons (Asia) Pvt Ltd







1.Financial Express ( Article dated June 11th 2013 ,Column -Fe Beaureu-)

[1] (last visited on 2016-02-28 , 11:01pm)
[2] See generally “Master Circular-RBI/2015-16/42 , DBR.AML.BC.No.15/14.01.001/2015-16
[3] “Risk management in electronic banking:concepts and best practices, Page 199,200, Publisher-John Wiley &   Sons (Asia) Pvt Ltd –  Jaya Ram Kondabagil (2007)
[4] ( last visited on 2016-02-29 , 9:40pm)
[5]See generally “RBI fines Axis, ICICI and HDFC bank for KYC Norm breach”- Financial Express (Dated June 11th 2013)- Column :Fe Beaureu