RBI's 6 Latest KYC Guidelines Norms Changes 2025 | RBI's New KYC Amendments For High-risk Accounts Monitoring

The Reserve Bank of India (RBI) has recently introduced a set of significant amendments to the Know Your Customer (KYC) guidelines, effective from November 6, 2024. These changes represent a progressive step toward fortifying the Indian financial sector against emerging threats such as money laundering, terrorism financing, and data management challenges. The updated guidelines are an effort to streamline the KYC process, reduce redundancies, and improve the accuracy and integrity of customer information across financial institutions. The amendments also introduce new measures aimed at high-risk accounts, periodic customer information updates, and enhanced data-sharing protocols between financial institutions and centralized data repositories.

Synopsis of RBI’s Announcement of Amendments to KYC Guidelines

Page Contents

Effective Date: November 6, 2024, with immediate implementation
Purpose: To align KYC norms with recent legal changes and enhance clarity

Key Amendments:
Customer Acceptance Policy (Paragraph 10):

CDD procedure now applied at Unique Customer Identification Code (UCIC) level
Existing KYC-compliant customers don’t need fresh CDD for new accounts/services

Risk Monitoring (Paragraph 37):
Enhanced scrutiny for high-risk accounts clarified
Includes accounts with multiple cheque book requests, frequent small deposits

KYC Updation (Paragraph 38):
Term changed from “updation” to “periodic updation”
Risk-based timelines: 2 years for high-risk, 8 for medium-risk, 10 for low-risk customers

Central KYC Records Registry (CKYCR) Updates (Paragraph 56):
REs must update CKYCR within 7 days of receiving new customer information
CKYCR to notify linked entities about updates

Enhanced Monitoring of High-Risk Accounts:
Increased scrutiny for accounts with unusual patterns
Special attention to Multi-level Marketing (MLM) company accounts
Six-monthly review of risk categorization systems

Changes in UAPA Procedures (Annex II):
Central nodal officer designation changed from “Additional Secretary” to “Joint Secretary”

Impact:
Simplifies KYC process for existing customers
Enhances monitoring of high-risk accounts
Improves information sharing through CKYCR
Aligns with latest anti-money laundering and counter-terrorism financing regulations

These six amendments collectively aim to streamline KYC processes in India, enhance the effectiveness of customer identification measures, improve information sharing, and strengthen the overall anti-money laundering and counter-terrorism financing framework in India’s financial sector. They reflect the RBI’s ongoing efforts to balance regulatory compliance with operational efficiency and customer convenience.

What’s New in RBI’s 2024 KYC Guidelines To Align With Money Laundering Laws?

Here’s a detailed and comprehensive overview of the six amendments, detailing their descriptions, impacts, and key points for each change in the RBI’s KYC guidelines.

RBI’s KYC guidelines Amendment	Description	Impact	Key Points
1. Customer Acceptance Policy (Paragraph 10)	Customer Due Diligence (CDD) procedure to be applied at the Unique Customer Identification Code (UCIC) level	Simplifies process for existing customers opening new accounts or availing additional services	– No fresh CDD needed for existing KYC-compliant customers – Unique alphanumeric code (UCIC) assigned after initial KYC – Reduces redundancy in KYC processes – Improves efficiency for customers and institutions
2. Risk Monitoring (Paragraph 37)	Enhanced explanation of high-risk accounts and intensified monitoring requirements	Clarifies and emphasizes scrutiny of high-risk accounts	– Applies to accounts with multiple cheque book requests, frequent small cash deposits, or similar cheque patterns – Reinforces risk-based approach to customer due diligence – Requires reporting of suspicious cases to RBI and FIU-IND
3. KYC Updation (Paragraph 38)	Revision of term from “updation” to “periodic updation”	Establishes clear timelines for KYC updates based on risk category	– High-risk customers: at least once every 2 years – Medium-risk customers: once every 8 years – Low-risk customers: once every 10 years – Board approval required for updation systems
4. Central KYC Records Registry (CKYCR) Updates (Paragraph 56)	New requirements for updating and retrieving KYC records from CKYCR	Creates a more centralized and efficient KYC system	– Updates to CKYCR within 7 days of receiving new information – CKYCR notifies linked entities about updates – REs must retrieve updated records from CKYCR – Customers not required to resubmit KYC documents unless necessary
5. Enhanced Monitoring of High-Risk Accounts	Detailed guidelines on monitoring high-risk accounts	Strengthens defenses against financial crimes	– Increased scrutiny for accounts with unusual patterns – Special attention to Multi-level Marketing (MLM) company accounts – Six-monthly review of risk categorization systems – Mandatory reporting of suspicious activities
6. Changes in UAPA Procedures (Annex II)	Update to the designation of central nodal officer for UAPA	Aligns with latest government directives	– Designation changed from “Additional Secretary” to “Joint Secretary” – Reflects corrigendum issued by Government of India on April 22, 2024 – Ensures synchronization with UAPA implementation guidelines

RBI’s Revised KYC Master Directions – What you need to know?

Customer Acceptance Policy (Paragraph 10)

The RBI has introduced a significant change in how regulated entities (REs) handle Customer Due Diligence (CDD) for existing customers. The amendment specifies that REs must apply the CDD procedure at the Unique Customer Identification Code (UCIC) level. This means:

If an existing KYC-compliant customer of an RE wants to open another account or avail any other product or service from the same RE, there’s no need for a fresh CDD exercise as far as identification of the customer is concerned.
REs will assign a unique alphanumeric code (UCIC) to customers after conducting initial KYC and due diligence.
This change aims to reduce redundancy in KYC processes, improving efficiency for both customers and financial institutions.
It simplifies the onboarding process for additional services within the same institution, potentially leading to better customer experience and reduced administrative burden.

However, it’s important to note that this doesn’t completely eliminate the need for additional checks. REs may still need to perform additional verification or enhanced due diligence if there’s a change in the customer’s risk profile or if required by specific regulations for certain products or services.

Risk Monitoring (Paragraph 37)

The RBI has made a subtle but important change to the explanation regarding high-risk accounts. The statement “High risk accounts have to be subjected to more intensified monitoring” has been shifted to apply explicitly to sub-paragraphs (a) and (b) of paragraph 37. This change:

Clarifies and emphasizes the need for enhanced scrutiny of high-risk accounts.
Ensures a uniform understanding and application of intensified monitoring protocols.
Reinforces the risk-based approach to customer due diligence.

High-risk accounts now explicitly include:

Accounts of companies seeking a large number of cheque books.
Accounts with multiple small deposits (generally in cash).
Accounts with cheques bearing similar amounts/dates across the country.

REs are required to report such cases to the Reserve Bank of India (RNI) and other appropriate authorities such as the Financial Intelligence Unit-India (FIU-IND). This amendment strengthens the focus on detecting and preventing potential money laundering or other financial crimes.

KYC Updation (Paragraph 38)

The RBI has revised the terminology from “updation” to “periodic updation” in several clauses of Paragraph 38. This change:

Provides clarity on the timing and process for regular updates of customer KYC details.
Emphasizes the ongoing nature of KYC compliance.
Establishes a risk-based approach to KYC updates.

The periodic updation requirements are now clearly defined:

At least once every two years for high-risk customers.
Once every eight years for medium-risk customers.
Once every ten years for low-risk customers.

This risk-based approach ensures that resources are allocated efficiently, with more frequent checks on higher-risk customers. The Board of Directors of REs or an authorized committee must approve these systems as part of the RE’s internal KYC policy.

Central KYC Records Registry (CKYCR) Updates (Paragraph 56)

The RBI has introduced significant changes to how REs interact with the Central KYC Records Registry (CKYCR):

REs must update KYC records in the CKYCR within seven days of receiving updated information from a customer, or within the timeframe specified by the Central Government.
CKYCR will then notify other entities linked with the customer about the update.
Once CKYCR informs an RE about an update in a customer’s KYC record, the RE must retrieve the updated records from CKYCR and update their own records accordingly.
For new account-based relationships or periodic updates, REs should seek the KYC Identifier from the customer or retrieve it from CKYCR if available.
REs should not require customers to submit the same KYC records or information again unless there’s a change in KYC information or additional verification is needed.

This change aims to create a more centralized and efficient KYC system, reducing duplication of efforts across different financial institutions and ensuring more up-to-date customer information across the financial system.

Enhanced Monitoring of High-Risk Accounts

The RBI has provided more detailed guidelines on monitoring high-risk accounts:

Accounts showing unusual patterns, such as frequent small cash deposits or multiple cheque book requests, must undergo increased scrutiny.
REs must report suspicious activities to authorities like the RNI and FIU-IND.
Special attention should be given to accounts of Multi-level Marketing (MLM) companies.
REs should review their risk categorization systems every six months.

This amendment aims to strengthen the financial system’s defenses against money laundering, fraud, and other financial crimes by ensuring closer monitoring of potentially risky accounts.

Changes in UAPA Procedures (Annex II)

The RBI has updated the designation of the central nodal officer for the Unlawful Activities (Prevention) Act (UAPA):

The designation has been changed from “Additional Secretary” to “Joint Secretary” by the Government of India.
This change aligns with a corrigendum issued by the Government of India on April 22, 2024, regarding the implementation of Section 51A of the UAPA.

While this might seem like a minor administrative change, it’s significant because it ensures that RBI’s KYC guidelines are in sync with the latest government directives on combating terrorism financing and other unlawful activities.

What is the purpose of the six key Know Your Customer (KYC) guidelines amendments by the Reserve Bank of India (RBI)?

The primary purpose of the RBI’s amendments to the KYC guidelines is to enhance the overall security and transparency of India’s financial system. These amendments serve several key objectives:

Strengthening Anti-Money Laundering Measures: Money laundering remains a major challenge for global and domestic financial systems. Through these amendments, the RBI aims to strengthen anti-money laundering (AML) protocols, especially with respect to high-risk accounts. Enhanced monitoring and stricter due diligence procedures will enable financial institutions to identify and prevent money laundering activities more effectively, thus protecting the integrity of the Indian financial system.

Streamlining and Simplifying the KYC Process

One of the central purposes of these amendments is to make the KYC process more efficient and user-friendly for customers. By introducing the concept of Customer Due Diligence (CDD) at the Unique Customer Identification Code (UCIC) level, the RBI allows institutions to reuse a customer’s verified information across multiple accounts within the same financial institution. This change is expected to reduce redundancies, minimize customer inconvenience, and expedite the onboarding process for customers opening new accounts or accessing new services.

Ensuring Accurate and Up-to-Date Customer Information: To maintain the integrity of customer data, the amendments mandate periodic updates to KYC information. Financial institutions are now required to ensure that customer information is reviewed and kept current at regular intervals. This measure addresses the challenge of outdated customer records, reducing the risk of fraud and enhancing the accuracy of customer data across the financial system. By keeping records current, financial institutions can more accurately assess the risk profile of each customer, thereby ensuring better monitoring and compliance.

Enhanced Data Sharing and Inter-Agency Coordination

One of the significant aspects of these amendments is the requirement for financial institutions to share KYC data with the Central KYC Records Registry (CKYCR) within a specified timeframe. This data-sharing protocol aims to create a centralized, unified repository of KYC information, reducing duplication and allowing various institutions to access verified customer information quickly and efficiently. This centralized approach also enhances coordination among regulatory bodies and financial institutions, allowing for better monitoring of suspicious activities and ensuring that customer data is accurate across all institutions.

Alignment with International Standards and Laws

By aligning these KYC guidelines with the Prevention of Money Laundering (Maintenance of Records) Rules, 2005, and incorporating instructions from the Unlawful Activities (Prevention) Act, 1967, the RBI is ensuring that India’s financial system is in compliance with international anti-money laundering standards. This alignment strengthens India’s standing in the global financial market, signaling to international partners that India is committed to regulatory compliance and financial security. The incorporation of guidelines under the UAPA is especially significant in countering terrorism financing, a growing global concern. Through this alignment, India’s financial ecosystem becomes more resilient and compliant with global practices, which is essential in an interconnected world economy.

Facilitating Technological Innovation in Financial Compliance: The KYC amendments also underscore the RBI’s encouragement of technological innovation to meet compliance standards. With advancements in data management, artificial intelligence, and digital identity verification, financial institutions are now better equipped to implement the changes efficiently. By mandating periodic updates and centralized data-sharing, the RBI is essentially encouraging the financial sector to adopt more advanced data analytics, predictive monitoring, and digital KYC solutions, which will allow them to respond to compliance needs in real-time.

What are the main amendments made by RBI to the KYC guidelines?

The RBI introduced six key amendments, including changes to the Customer Acceptance Policy, Risk Monitoring, KYC Updation, Central KYC Records Registry (CKYCR) Updates, Enhanced Monitoring of High-Risk Accounts, and changes in UAPA Procedures.

How does the RBI’s KY Guidelines amendment to Customer Acceptance Policy affect existing customers?

Existing KYC-compliant customers of a regulated entity (RE) no longer need to undergo a fresh Customer Due Diligence (CDD) process when opening another account or availing additional services from the same RE.

What changes have been made to KYC updation requirements?

The term “updation” has been revised to “periodic updation,” with clear timelines based on customer risk categories: every 2 years for high-risk, 8 years for medium-risk, and 10 years for low-risk customers.

How has the Central KYC Records Registry (CKYCR) process been updated?

REs must update KYC records in the CKYCR within 7 days of receiving new information. The CKYCR will then notify other entities linked with the customer about the update.

What new RBI KYC requirements have been introduced for monitoring high-risk accounts?

High-risk accounts, such as those with frequent small cash deposits or multiple cheque book requests, must undergo increased scrutiny. REs must report suspicious activities to authorities like RBI and FIU-IND.

How has the designation of the central nodal officer for UAPA changed?

The designation has been changed from “Additional Secretary” to “Joint Secretary” in line with a government corrigendum issued in April 2024.

Can customers use non-face-to-face channels for KYC updation?

Yes, customers can use non-face-to-face channels like registered email, mobile number, ATMs, or digital banking for self-declaration if there’s no change in KYC information.

What happens if a customer’s address changes?

If only the address has changed, customers can provide the updated information through various channels. The bank will then verify the new address within two months.

What are the consequences of not completing re-KYC?

While banks have the right to close accounts if required KYC documents are not submitted, they typically first restrict transactions in the account. It’s important to note that if a customer has a central KYC registry number, re-KYC may not be necessary.

0/5 (0 Reviews)

6 key KYC amendments by the Reserve Bank of India (RBI) to the Know Your Customer (KYC) guidelines in India