Contents
1. Background. 2
2. Objectives 2
3. Scope. 2
4. Policy Standards and AML Program Structure. 3
4.3 Beneficial Owner (BO) 4
4.6 Customer Acceptance Policy (CAP) 5
4.7 Customer Identification Procedures (CIP) 7
4.8 Money Laundering and Terrorist Financing Risk Assessment 8
4.9 Risk Categorization. 8
4.10 AML Risk Mitigation Tools: 12
4.11 KYC and Customer Due Diligence (CDD) 12
5. Enhanced Due Diligence (“EDD”) 15
6. Politically Exposed Persons (“PEPs”) 17
7. Negative List 17
8. Sanctions List 17
9. Appointment of the Principal Officer (PO) / Money Laundering Reporting Officer (MLRO) & Designated Director. 18
10. Reporting to Financial Intelligence Unit-India (FIU-IND) 19
11. Reporting of Cash Transactions. 20
12. Suspicious Transactions- Monitoring and Reporting. 20
13. Central KYC Records Registry (CKYCR) - and reporting requirements under Foreign Account Tax Compliance Act (FATCA)/ Common Reporting Standards (CRS) 21
14. Record-keeping Requirements. 21
15. Hiring & Training of Employees and Customer Education. 22
16. Audit of the KYC & AML Program and other Reporting Requirements. 23
17. Consequences of Non-Compliance. 24
Annexure I 25
Annexure II 33
Know Your Customer and Anti-Money Laundering Policy
-
Background
Ummeed Housing Finance Private Limited (hereinafter referred to as “the Company” or “HFC” or “Lender” or “UHFPL” or “Ummeed” or “Regulated Entity/ RE”) is a Private Limited Company incorporated under the provisions of the Companies Act, 2013 and registered as a Housing Finance Company (“HFC”) with the National Housing Bank (“NHB”).
With the shifting of regulation of HFCs from NHB to RBI, now Reserve Bank of India’s (“RBI”) vide their circular dated May 19, 2020, made Master Direction - Know Your Customer (KYC) Direction, 2016, applicable to all HFCs. Subsequently, RBI vide circular dated February 17, 2021, re-iterated applicability of the above Master Direction - Know Your Customer (KYC) Direction, 2016 in the Master Direction – Non-Banking Financial Company – Housing Finance Company (Reserve Bank) Directions, 2021.
Accordingly, this Policy earlier prepared in terms of the NHB’s Guidelines on KYC & AML, and approved by the Board, is being reviewed in the context of the RBI’s Master Direction - Know Your Customer (KYC) Direction, 2016 and the amendments made thereto, as applicable to NBFCs (including HFCs).
-
Objectives
The present policy is designed with an objective to evolve the monitoring and reporting system as prescribed in the above said RBI’s Master Directions and other relevant regulations to follow certain customer identification procedures while undertaking a transaction either by establishing an account-based relationship or otherwise and monitor their transactions.
-
Scope
Applicability
The Know Your Customer and Anti-Money Laundering Policy (the Policy) shall be applicable to Ummeed as notified by the RBI from time to time. The Policy framed thereunder and approved by the Board shall also apply to any third parties relied upon or hired /outsourced by the Company to perform any of the requirements relating to KYC & Anti-Money Laundering (AML) Program.
This Policy establishes minimum requirements for the Company to establish, implement, and maintain an AML Program that is reasonably designed to (a) implement this Policy and (b) to ensure compliance with applicable AML laws, rules and regulations.
This Policy requires the Company and each Employee to:
-
-
-
Protect the Company from being used for money laundering or funding terrorist activities;
-
Conduct themselves in accordance with the highest ethical standards
-
Comply with the letter and the spirit of applicable AML Laws, and the Company’s AML Program and procedures;
-
Be vigilant and escalate AML procedures in respect of individuals/entities who attempt to violate or avoid KYC /AML, procedures or this Policy; and
-
Co-operate with AML-related law enforcement and regulatory agencies fully under applicable laws.
-
Designate officials for overall compliance of KYC and AML procedures and for reporting purposes to Financial Intelligence Unit (FIU-IND).
Failure to adhere to this Policy may subject employees to disciplinary action, including termination of employment. The employees who suspect unethical behavior should refer the matter to appropriate personnel as directed by their businesses’ policies and procedures.
Annual Review
The Policy shall be reviewed annually by the Board of Directors of the Company, to incorporate the changes as are required due to modifications in applicable directions, rules and regulations.
Implementation & Monitoring of Policy
The Audit Committee (AC) shall supervise the implementation and monitoring of the Policy. Amongst other matters, the AC would be responsible for:
-
-
-
Formulating and periodically reviewing the Policy in line with the applicable regulatory guidelines;
-
Reviewing the reports of Internal Audit and /or the feedback on the status of compliance submitted by the Principal Officer (PO) every quarter;
-
Reviewing the staff training program and also customer related educational/informational material on KYC/AML;
-
Reviewing quarterly reports relating to fraud prevention, control and reporting and recommending appropriate action to the Board.
Policy Approval
The Policy and any significant changes therein shall be approved by the Board of Directors of the Company. Prior to approval by the Board of Directors, the Policy and any significant changes shall also be reviewed by the Audit Committee of the Board, taking into account the feedback of Company’s Principal Officer and also based on internal audit report on implementation of KYC and AML procedures which have been brought under the scope of internal audit.
-
Policy Standards and AML Program Structure
4.1 The KYC and AML Policy has been prepared considering the following 4 key elements:
-
Customer Acceptance Policy (CAP)
-
Customer identification Procedures (CIP)
-
Monitoring of Transactions, and
-
Risk Categorization
-
-
For the purpose of the Policy, a ’Customer’ is defined as:
-
a person or entity (including an employee) that maintains an account and/or has a business relationship with the Company, including the walk-in customer;
-
one on whose behalf the account is maintained (i.e., the beneficial owner);
-
beneficiaries of transactions conducted by professional intermediaries, such as Stockbrokers, Chartered Accountants, Solicitors etc. as permitted under the law, and
-
any person or entity connected with a financial transaction which can pose significant reputational or other risks to the Company, say, a wire transfer or issue of a high value demand draft as a single transaction.
-
-
Beneficial Owner (BO)
-
Where the customer is a company, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical persons, has/have a controlling ownership interest or who exercise control through other means.
Explanation- For the purpose of this sub-clause-
-
“Controlling ownership interest” means ownership of/entitlement to more than 10 per cent of the shares or capital or profits of the company.
-
“Control” shall include the right to appoint a majority of the directors or to control the management or policy decisions including by virtue of their shareholding or management rights or shareholders agreements or voting agreements.
-
-
Where the customer is a partnership firm, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has/have ownership of/entitlement to more than 10 per cent of capital or profits of the partnership or who exercises control through other means.
Explanation – Term “control” shall include the right to control the management or policy decision.
-
-
-
Where the customer is an unincorporated association or body of individuals, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has/have ownership of/entitlement to more than 15 per cent of the property or capital or profits of the unincorporated association or body of individuals.
Explanation: Term ‘body of individuals’ includes societies. Where no natural person is identified under (a), (b) or (c) above, the beneficial owner is the relevant natural person who holds the position of senior managing official.
-
-
-
Where the customer is a trust, the identification of beneficial owner(s) shall include identification of the author of the trust, the trustee, the beneficiaries with 10 per cent or more interest in the trust and any other natural person exercising ultimate effective control over the trust through a chain of control or ownership.
-
-
-
Exemption from identification of BO: It is not necessary to identify and verify the identity of any shareholder or beneficial owner of such an entity. where the customer or the owner of the controlling interest is:
-
An entity listed on a stock exchange in India; or
-
An entity resident in jurisdictions notified by the Central Government and listed on stock exchanges in such jurisdictions; or
-
A subsidiary of such listed entities.
-
-
Certified Copy- Obtaining a certified copy by the Company shall mean comparing the copy of the proof of possession of Aadhaar number where offline verification cannot be carried out or officially valid document so produced by the customer with the original and recording the same on the copy by the authorised officer of the Company as per the provisions contained in the Act.
-
-
Obtaining the additional information other than the mandatory information for identification of customer, where the Company is aware that availability of sufficient customer information underpins all other AML procedures and should be seen as a critical element in the effective management of Money Laundering (ML) risks.
-
-
Customer Acceptance Policy (CAP)
The Company has developed a Customer Acceptance Policy (CAP) which lays down the criteria for the acceptance of Customers. In line with the RBI’s Master Direction - Know Your Customer (KYC) Direction, 2016, the Company has formulated Customer Acceptance Policy (CAP) which lays down the broad criteria for acceptance of customers which shall form an integral part of the Group wide AML Policy.
The features of the CAP are detailed below:
-
-
-
The Company will not open any account(s) in anonymous, fictitious or 'benami' name(s). Adequate customer due diligence (CDD) is a fundamental requirement for establishing the identity of the customer. Identity generally means a set of attributes which together uniquely identify a natural person or legal entity. CDD Procedure is followed for all the joint account holders, while opening a joint account.
-
Where Permanent Account Number (PAN) is obtained, the same shall be verified from the verification facility of the issuing authority. Similarly, if the GST number is available, then the Company will verify it using the search/verification facility provided by the issuing authority.
-
Where an equivalent e-document is obtained from the customer, the Company shall verify the digital signature as per the provisions of the Information Technology Act, 2000 (21 of 2000).
-
In order to avoid fictitious and fraudulent applications of the customers, and to achieve a reasonable degree of satisfaction as to the identity of the customer, the Company shall conduct appropriate basic due diligence.
-
The nature and extent of basic due diligence measures to be conducted at the time of establishment of account opening/relationship, would depend upon the risk category of the customers and involve collection and recording of information by using reliable independent documents, data or any other information. This may include identification and verification of the applicant and wherever relevant, ascertaining of occupational details, legal status, ownership and control structure and any additional information in line with the assessment of the ML risks posed by the applicant and the applicant’s expected use of The Company’s products and services.
-
For non-face to face customers, appropriate due diligence measures (including certification requirements of documents, if any) will be devised for identification and verification of such customers. The Company may rely, at their own option, on third party certification/introduction under the terms of the following outsourcing agreement.
(i) Records or the information of the customer due diligence carried out by the third party is obtained immediately from the third party or from the Central KYC Records Registry.
(ii) Adequate steps are taken by the Company to satisfy themselves that copies of identification data and other relevant documentation relating to the customer due diligence requirements shall be made available from the third party upon request without delay.
(iii) The third party is regulated, supervised or monitored for, and has measures in place for, compliance with customer due diligence and record-keeping requirements in line with the requirements and obligations under the PML Act.
(iv) The third party shall not be based in a country or jurisdiction assessed as high risk.
(v) The ultimate responsibility for customer due diligence and undertaking enhanced due diligence measures, as applicable, will be with the Company.
-
-
-
The purpose of commencing the relationship/opening of accounts shall be established and the beneficiary of the relationship/account shall also be identified.
-
The information collected from the customer shall be kept secure and confidential.
-
Appropriate Enhanced Due Diligence (EDD) measures will be adopted for customers, with a high-risk profile, especially those for whom the sources of funds are not clear, transactions carried through correspondent accounts and customers who are Politically Exposed Persons (PEPs), resident outside India and their family members/close relatives.
-
In respect of unusual or suspicious transactions/applications or when the customer moves from a lower risk to a high-risk profile, appropriate EDD measures shall be adopted.
-
The Company will ensure that the identity of the customer does not match with any person with known criminal background or with banned entities/ individual such as individual terrorists or terrorist organizations, etc. For this purpose, the Company maintains lists of individuals or entities issued by Reserve Bank, National Housing Bank, United Nations Security Council, other regulatory & enforcement agencies, internal lists as the Company may decide from time to time. Full details of accounts/ customers bearing resemblance to any of the individuals/entities in the list shall be treated as suspicious and reported.
-
The Company shall not open an account where it is unable to apply appropriate customer due diligence measures i.e., it is unable to verify the identity and /or obtain documents required due to non-cooperation of the customer or non-reliability of the data/information furnished to the Company. The Company also consider filing an STR to FIU-IND, if necessary, when it is unable to comply with the relevant CDD measures in relation to the customer
-
Where the Company is unable to apply appropriate KYC measures due to non-furnishing of information and /or non-cooperation by the customer, the Company may consider closing the account or terminating the business relationship. However, the decision to close an existing account shall be taken at a reasonably senior level, after giving due notice to the customer explaining the reasons for such a decision.
-
If it is suspected that money laundering or terrorist financing and it seems to believe that performing the Customer Due Diligence (CDD) process will alert the customer, the Company will not proceed with the CDD process. Instead, it should file a Suspicious Transaction Report (STR) to FIU-IND,.
-
Further, additional information that is not specified anywhere in this Policy, if required for the purposes of efficient implementation of this policy, can also be taken with the explicit consent of the customer.
The aspects mentioned in the CAP would be reckoned while evolving the KYC/AML procedures for various customers/products. However, while developing the KYC/CDD procedures, the Company shall ensure that its procedures do not become too restrictive or pose significant difficulties in availing its services by deserving general public, especially the financially and socially disadvantaged sections of society.
-
-
Customer Identification Procedures (CIP)
-
The Company shall obtain satisfactory evidence of the identity of the customer in the following cases:
-
-
-
-
If there is any perceived risks at the time of commencement of relationship/opening of account, or
-
when there is a doubt about the authenticity or adequacy of the customer identification data it has obtained, or
-
selling third party products as corporate agents, selling own products and any other product for more than rupees fifty thousand and transaction details of sale of third-party products and related records shall be maintained as prescribed in section 14 of this Policy i.e., Record-keeping Requirements or
-
when there is a reason to believe that a customer is intentionally structuring a transaction into a series of transactions below the threshold of rupees fifty thousand.
Such evidence shall be substantiated by reliable independent documents, data or information or other means like physical verification etc.
-
-
-
The company shall ensure that introduction is not to be sought while opening accounts.
-
In order to avoid customer inconvenience, under special circumstances, the Company may also rely on certain data/information available to itself or with external reliable sources for the purpose of establishing the identity of the customer. In such cases, a KYC report in a specified format shall be prepared and approved by an appropriate senior official, as may be specified in the KYC/AML procedures. The KYC report shall be stored properly along with other KYC documents.
-
For opening of small value accounts, informal customer segment and smaller/ Semi- urban/ rural location, the Company may, at its discretion, apply differential procedures and provide relaxation in documentation and CDD requirements based on alternate verifications/ documents.
-
Indicative guidelines on Customer Identification requirements are provided in Annexure 1.
-
Video based Customer Identification Process (V-CIP): A method of customer identification by an official of the Company by undertaking seamless, secure, real-time, consent based audio-visual interaction with the customer to obtain identification information including the documents required for CDD purpose, and to ascertain the veracity of the information furnished by the customer. Such process shall be treated as face to-face process for the purpose of the Master Direction issued by RBI.
-
-
Money Laundering and Terrorist Financing Risk Assessment
The Company shall undertake, that:
-
-
-
Periodic Risk Assessment’ exercise for ‘Money Laundering (ML) and Terrorist Financing (TF);
-
Risk assessment process should consider all the relevant risk factors, level of overall risk & type of mitigation to be applied;
-
Risk assessment process shall be properly documented and be proportionate to the nature, size, geographical presence, complexity of activities/structure, etc. of the Company;
-
Periodicity of risk assessment exercise shall be determined by the Board, or the Audit Committee and the Risk Management Committee to which power in this regard has been delegated, which should be reviewed at least annually;
-
Outcome of the exercise shall be put up to the Board/ Audit Committee;
-
A Risk-Based Approach (RBA) is to be adopted for the mitigation and management of identified risks in accordance with the provisions outlined in Board-approved policies, controls, and procedures as specified under the Risk Management Policy of the Company. This approach includes the incorporation of a Customer Due Diligence (CDD) Programme. The CDD Programme should take into consideration the Money Laundering (ML) and Terrorist Financing (TF) risks identified by Ummeed or through the National Risk Assessment, with due regard to the size of the business
-
Monitoring of implementation of the controls and enhance them if necessary.
-
-
Risk Categorization
Ummeed will categorize its customers into High, Medium, and Low risk categories based on the perceived Anti-Money Laundering (AML) risk. The risk categorization may be conducted using the following parameters based on the types of borrowers and the assessment of risk perception:
-
Customer’s identity
-
Social/financial status
-
Nature of business activity
-
Information about the customer’s business and their location
-
Geographical risk covering customers as well as transactions
-
Type of products/services offered
-
Delivery channel used for delivery of products/services
-
Types of transaction undertaken – cash, cheque/monetary instruments, wire transfers, forex transactions, etc.
In the process of considering customer identity, the ability to verify identity documents through online or other services offered by issuing authorities may also be taken into account.
The risk categorization of a customer and the specific reasons for such categorization will be kept confidential. Provided that various other information collected from different categories of customers relating to the perceived risk, is non-intrusive and the same is specified in the KYC Policy.
FATF Public Statement, the reports and guidance notes on KYC/AML issued by the Indian Banks Association (IBA), and other agencies, etc., may also be used in risk assessment.
-
-
-
Medium/High Risk from AML perspective- Customers that are likely to pose a higher-than-average risk to the Company may be categorized as medium or high risk depending on customer's background, nature and location of activity, country of origin, sources of funds and his client profile, etc. Such category of customers will include the following:
-
Politically Exposed Persons (PEP’s);
-
Non-Resident Indians;
-
Certain Non-Governmental Organizations (“NGOs”), Trusts and unregulated charities;
-
Money services businesses (“MSBs”), including licensed money transmitters and currency exchangers, and their owners;
-
Dealers in high value or precious goods, such as jewel, gem or precious metal dealers, antique dealers and auction houses, and their owners;
-
Casinos and other gambling businesses, their payment providers, and their owners;
-
Arms and ammunitions manufacturers and dealers;
-
Customers organized, doing business in, or that maintain financial accounts in, jurisdictions that pose a high risk of money laundering, drug trafficking, terrorism, terrorist financing, or corruption or jurisdictions that are not logical for the customer;
-
High Net Worth individuals, with Loan amount of more than Rs.3 crore;
-
Persons (individual or entity) known to the Business Unit to have been convicted of money laundering, drug trafficking, terrorist acts, terrorist financing or other serious crimes.
-
The Company will apply enhanced due diligence measures for higher risk customers, especially those for whom the sources of funds are not clear.
-
Low-Risk Customers: All other customers (other than Medium/High Risk category) whose identities and sources of wealth can be easily identified and by and large conform to the known customer profile, may be categorized as low risk. In such cases, only the basic requirements of verifying the identity and location of the customer are to be met.
-
Periodical Review: In terms of extant regulatory guidelines, the Company will put in place a system of periodical review of risk categorization of accounts and the need for applying enhanced due diligence measures in case of higher risk perception on a customer. The Company will carry out such review of risk categorization of customers at a periodicity of not less than once in six months.
-
Periodical Updation: The Company shall also introduce a system of periodical updation of customer identification data (including photograph/s) after the account is opened to ensure that the information or data collected is kept up-to-date and relevant, particularly where there is high risk. The periodicity of such updation will not be less than once in ten years in case of low-risk category customers, not less than once in eight years in case of medium risk categories and not less than once in two years in case of high risk categories.
-
Aadhaar OTP based e-KYC in non-face to face mode can be used for periodic updation. Declaration of current address, if the current address is different from the address in Aadhaar, shall not require positive confirmation in this case. The Company will, however, ensure that the mobile number for Aadhaar authentication is same as the one available with them in the customer’s profile, in order to prevent any fraud. It may be noted that the Company shall not be relying on OTP based verification in the account opening stage due to regulatory restrictions on credit limits, in such cases, till the verification is completed through normal CDD procedures.
[Following is the process for Updation / Periodic Updation of KYC in case of different types of Customers:
|
No Change in KYC Information
|
Change in Address
|
Individuals:
|
|
-
In case of a change only in the address details of the customer, a self-declaration of the new address shall be obtained from the customer through customer’s registered email-id/ registered mobile number/ digital channels (such as mobile application)/ letter; and the declared address will be verified through positive confirmation within two months, by means such as address verification letter, contact point verification, deliverables, etc.; OR
-
In certain cases, we may also obtain a copy of OVD or deemed OVD or the equivalent e-documents thereof, for the purpose of proof of address, declared by the customer at the time of periodic updation.
|
Non-Individual Customers (Company, Trust, Partnership, etc.)
|
-
In case of no change in the KYC information of such customers, a self-declaration in this regard shall be obtained through its registered email-id/ registered mobile number/ digital channels (such as mobile application)/ letter from an official authorized by such customer in this regard, board resolution, etc.
-
The company will also ensure during this process that Beneficial Ownership (BO) information available with them is accurate and shall update the same, if required, to keep it as up-to-date as possible.
|
|
-
-
-
Additional measures: In addition to the above, the Company will ensure that,
-
-
-
The KYC documents of the customer as per the current CDD standards are available. This is applicable even if there is no change in customer information but the documents available with the Company are not as per the current CDD standards. Further, in case the validity of the CDD documents available with the Company has expired at the time of periodic updation of KYC, the Company will undertake the KYC process equivalent to that applicable for on-boarding a new customer.
-
Customer’s PAN details, if available, will be verified from the database of the issuing authority at the time of periodic updation of KYC.
-
Acknowledgment is provided to the customer mentioning the date of receipt of the relevant document(s), including self-declaration from the customer, for carrying out periodic updation. Further, it shall be ensured that the information / documents obtained from the customers at the time of periodic updation of KYC are promptly updated in the records / database of the Company and an intimation, mentioning the date of updation of KYC details, is provided to the customer.
-
In order to ensure customer convenience, Company may consider making available the facility of periodic updation of KYC at its branches.
-
Any additional and exceptional measures, may also be taken in certain high-risk cases, such as requirement of obtaining recent photograph, requirement of physical presence of the customer, requirement of periodic updation of KYC only in the branch where account is maintained, a more frequent periodicity of KYC updation than the minimum specified periodicity etc.]
-
-
-
Customer Mobile Number Change Process: To ensure transaction alerts, OTP, etc. are sent to the correct mobile number, customers must register with the mobile number associated with their Aadhaar. If a customer requests a change in their registered mobile number, the following process must be followed:
-
-
-
The customer submits a written request for a mobile number change along with updated OVD documents (passport, driving license, voter ID card) through any e-mode or at a branch.
-
The concerned officer of the Company will verify the submitted OVD documents and compares them with the customer information available in the records.
-
The concerned officer of the Company checks that the updated mobile number is not already registered with another account or has been reported as lost or stolen.
-
If they find any discrepancies or doubts the authenticity of the documents, further verification may be requested, such as in-person verification or additional documents.
-
Once the concerned officer of the Company is satisfied with the verification process, the customer's mobile number is updated in their records, and a confirmation message is sent to the updated mobile number.
-
Transaction alerts, OTPs, etc. are sent only to the updated mobile number.
-
The Company will document the process followed for the mobile number change request and maintain the records as per regulatory requirements.
-
-
AML Risk Mitigation Tools:
Ummeed shall, inter alia, use the following tools to mitigate AML risk:
-
-
-
KYC documentation
-
Customer due diligence
-
Dedupe check
-
CIBIL Checks with credit scores
-
Reference checks
-
Tele verification
-
Field Investigation
-
Limit on amount of loan in cash
-
Suspicious transaction reporting
-
Checking whether amount of jewelry or loan is in line with disclosed sources of income and wealth
-
-
KYC and Customer Due Diligence (CDD)
CDD measures in case of individual customers
The Company will identify the beneficial owner and take all reasonable steps to verify their identity using reliable and independent sources of identification We will also conduct ongoing due diligence with respect to the business relationship with every client and closely examine transactions to ensure consistency with our knowledge of the customer, their business, and risk profile and the source of funds/wealth
Explanation: “On-going Due Diligence” means regular monitoring of transactions in accounts to ensure that those are consistent with Company’s knowledge about the customers, customers’ business and risk profile, the source of funds / wealth.
For undertaking CDD, following should be obtained from an individual while establishing an account-based relationship or while carrying out occasional transaction of an amount equal to or exceeding rupees fifty thousand, whether conducted as a single transaction or several transactions that appear to be connected, or any international money transfer operations or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity:
-
the Aadhaar number where,(i) he is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or he decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub- section (1) of section 11A of the PML Act; or the proof of possession of Aadhaar number where offline verification can be carried out; or the proof of possession of Aadhaar number where offline verification cannot be carried out or any OVD or the equivalent e- document thereof containing the details of his identity and address; and
-
the Permanent Account Number or the equivalent e-document thereof or Form No. 60 as defined in Income-tax Rules, 1962. Where Permanent Account Number (PAN) is obtained, the same shall be verified from the verification facility of the issuing authority; and
-
such other documents including in respect of the nature of business and financial status of the customer, or the equivalent e-documents thereof as may be required and its ownership and control
We can obtain KYC Identifier with explicit customer consent to download KYC records from CKYCR for the purpose of CDD. We will not use KYC documents downloaded from the CKYCR whose validity has lapsed for KYC purposes.
Provided that where the customer has submitted,
-
Aadhaar number, authentication of the customer’s Aadhaar number using e-KYC authentication facility provided by the Unique Identification Authority of India. Further, in such a case, if customer wants to provide a current address, different from the address as per the identity information available in the Central Identities Data Repository, he may give a self-declaration to that effect.
-
proof of possession of Aadhaar where offline verification can be carried out, the same shall be done.
-
an equivalent e-document of any OVD, then, shall verify the digital signature as prescribed.
-
any OVD or proof of possession of Aadhaar number, where offline verification cannot be carried out, verification to be carried out through digital KYC process as prescribed.
Provided further that in case e-KYC authentication cannot be performed for an individual desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 owing to injury, illness or infirmity on account of old age or otherwise, and similar causes, shall, apart from obtaining the Aadhaar number, perform identification preferably by carrying out offline verification or alternatively by obtaining the certified copy of any other OVD or the equivalent e-document thereof from the customer.
Note 1: When a customer submits proof of possession of Aadhaar number containing the number, ensure that the customer obscures or blacks out their Aadhaar number through appropriate means, where Aadhaar number authentication is not required as per our KYC policy.
Note 2: Biometric-based e-KYC authentication can be carried out by authorized officials, business correspondents, and business facilitators wherever allowed by the Reserve Bank in this behalf.
Note 3: The usage of Aadhaar and proof of possession of Aadhaar shall comply with the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits, and Services) Act, 2016, the regulations made thereunder, and amendments made from time to time.
Note 4: Authorized officials, business correspondents, and business facilitators of the Company wherever allowed by the Reserve Bank in this behalf, will perform Offline Verification of Aadhaar for identification purposes.
Note 5: When opening an account for a legal entity that is not a natural person, identify the beneficial owner(s), and follow reasonable steps as per Rule 9(3) of the Rules to verify their identity. Please note the following:
In cases of trust, nominee, or fiduciary accounts, obtain satisfactory evidence of the identity of intermediaries and the persons on whose behalf they are acting. Additionally, collect details of the nature of the trust or other arrangements in place.
CDD Measures for Legal Entities
In order to comply with our company’s KYC policy, we require certain documents to be provided for non-individual customers. Please find below the details for each type of entity:
Company: For opening an account of a company, we require certified copies or equivalent e-documents of the following:
-
-
Certificate of incorporation
-
Memorandum and Articles of Association
-
Permanent Account Number of the company
-
A resolution from the Board of Directors and power of attorney granted to its managers, officers or employees to transact on its behalf
-
Documents, as specified in Section 16 of the KYC Master Directions, relating to beneficial owner, the managers, officers or employees, as the case may be, holding an attorney to transact on the company's behalf
-
The names of the relevant persons holding senior management position
-
The registered office and the principal place of its business, if it is different.
Partnership Firms: For opening an account of a partnership firm, we require certified copies or equivalent e-documents of the following:
-
-
Registration certificate
-
Partnership deed
-
Permanent Account Number of the partnership firm
-
Documents, as specified in Section 16 of the KYC Master Directions, relating to beneficial owner, managers, officers or employees, as the case may be, holding an attorney to transact on its behalf
-
The names of all the partners
-
Address of the registered office and the principal place of its business, if it is different.
Trusts: For opening an account of a trust, we require certified copies or equivalent e-documents of the following:
-
-
Registration certificate
-
Trust deed
-
Permanent Account Number or Form No.60 of the trust
-
Documents, as specified in Section 16 of the KYC Master Directions, relating to beneficial owner, managers, officers or employees, as the case may be, holding an attorney to transact on its behalf
-
The names of the beneficiaries, trustees, settlor, protector, if any and authors of the trust
-
The address of the registered office of the trust
-
List of trustees and documents, as specified in Section 16 of the KYC Master Directions, for those discharging role as trustee and authorised to transact on behalf of the trust.
Unincorporated Associations or Bodies of Individuals: For opening an account of an unincorporated association or a body of individuals, we require certified copies or equivalent e-documents of the following:
-
-
Resolution of the managing body of such association or body of individuals
-
Permanent Account Number or Form No. 60 of the unincorporated association or a body of individuals
-
Power of attorney granted to transact on its behalf
-
Documents, as specified in Section 16 of the KYC Master Directions, relating to beneficial owner, managers, officers or employees, as the case may be, holding an attorney to transact on its behalf
-
Such information as may be required by us to collectively establish the legal existence of such an association or body of individuals.
In addition, for non-individual customers who are juridical persons or who purport to act on behalf of such entities, we require the following documents or equivalent e-documents to be obtained and verified:
-
-
Document showing name of the person authorized to act on behalf of the entity
-
Documents, as specified in Section 16 of the KYC Master Directions, of the person holding an attorney to transact on its behalf
-
Such documents as may be required by the Company to establish the legal existence of such an entity/juridical person.
In case of a Trust, Ummeed shall ensure that trustees disclose their status at the time of commencement of an account-based relationship or when carrying out transactions as specified in clause 4.7 (a) (4) of the Policy.
Furthermore, as per our policy, we advise customers to update any changes to the documents submitted at the time of establishment of business relationship or account-based relationship with the Company, as necessary. This update must be submitted to us within 30 days of the change in order to update our records.
-
Enhanced Due Diligence (“EDD”)
-
Enhanced Due Diligence (“EDD”) procedures will be implemented by the Company for higher risk customers and transactions with natural and legal persons (including financial institutions) from countries for which this is called for by the FATF.
-
The EDD procedures will aid the Company in:
-
Determining whether the customer appears to be engaged in legitimate business activities and has legitimate sources of funds.
-
Anticipating the customer’s usual and expected activity so that suspicious activity can be detected.
-
Higher-risk customers must be approved by a Zonal Credit Manager level or minimum grade of General Manager.
-
Customer transactions should be reviewed more closely at account opening and more frequently throughout the term of their relationship.
-
The Company’s EDD procedures will consider requiring additional information and documentation to be obtained on higher risk customers, such as:
-
Purpose of the account/End-use.
-
Source of funds and wealth.
-
Individuals with ownership or control over the account, such as beneficial owners, signatories, or guarantors.
-
Financial statements.
-
Banking references.
-
Domicile (where the business is organized).
-
Citizenship or nationality for individuals.
-
Proximity of the customer’s residence, place of employment, or place of business.
-
Description of the customer’s primary trade area and whether international transactions are expected to be routine.
-
Description of the business operations, the anticipated types, volumes and frequency of transactions, including currency and total sales, and a list of major customers and suppliers.
-
Explanations for changes in account activity.
-
The Company’s EDD procedures will consider requiring additional information and documentation to be obtained on higher risk customers periodically throughout the relationship, such as:
-
Updation of KYC documents every 2 years.
-
EDD is an ongoing process, and the Company will take measures to ensure that information is current and that appropriate risk-based monitoring occurs to ensure that any suspicious activity is escalated, analyzed, and reported, and that other appropriate action is taken.
-
Our authorized officer will verify the current address through positive confirmation before allowing operations in the account, PAN will be obtained from the customer and shall be verified, customers shall be categorized as high-risk customers and accounts opened in non-face-to-face mode shall be subjected to enhanced monitoring until the identity of the customer is verified in a face-to-face manner or through V-CIP (if such facility is provided), etc.
-
Politically Exposed Persons (“PEPs”)
Politically exposed persons are individuals who are or have been entrusted with prominent public functions by a foreign country, including the Heads of States/ Governments, senior politicians, senior government or judicial or military officers, senior executives of state-owned corporations and important political party officials.
The Company shall gather sufficient information on any person/customer of this category intending to establish a relationship and check all the information available on the person in the public domain.
-
Negative List
Our branches will maintain a negative list of persons to the extent possible, and after a thorough check of the client base, we will determine if any matches exist. If there is a match with a credit-related nature only (no other negativities associated with the name), the PO/MLRO or any other person with appropriate authority may approve the acceptance of the client/prospect.
-
Sanctions List
We will ensure compliance with statutory and regulatory requirements related to sanctions lists of individuals/groups. The list of such individuals/entities will be regularly updated based on advice received from government, statutory, regulatory authorities, or international bodies. This includes individuals/entities suspected of having terrorist links, as approved and periodically circulated by the aforementioned authorities.
We strictly refrain from engaging in transactions with customers whose identities match those of individuals with known criminal backgrounds or banned entities, as well as those reported to have links with terrorists or terrorist organizations identified by the relevant authorities. If any match is identified with an entity listed in the Sanctions List, we will meticulously follow the required procedures as dictated by legal, statutory, and regulatory requirements.
Additionally, our company officials will conduct checks to the extent applicable on the Company and based on specified parameters when establishing a customer relationship and periodically thereafter. This is done to verify whether individuals and entities listed in the designated list hold any funds, financial assets, or other assets in the form of bank accounts or similar financial instruments.
To the extent applicable on the Company, we will every day verify the 'UNSCR 1718 Sanctions List of Designated Individuals and Entities' available at [https://www.mea.gov.in/Implementation-of-UNSC-Sanctions-DPRK.htm]. This ensures that any modifications, such as additions, deletions, or other changes to the list, are taken into account. We also ensure compliance with the 'Implementation of Security Council Resolution on Democratic People’s Republic of Korea Order, 2017' as amended by the Central Government.
Furthermore, we refer to the updated published list of jurisdictions not fully or partially complying with the FATF Guidelines provided by the Financial Action Task Force (FATF). This is to ensure that none of our existing or new customers' credentials match the details of individuals/entities falling within non-compliance jurisdictions of FATF. Additionally, Ummeed will apply enhanced due diligence measures, which are effective and proportionate to the risks, to business relationships and transactions with natural and legal persons (including financial institutions) from countries for which this is called for by the FATF.
Moreover, we comply with orders, directions, guidelines, and lists issued by the appropriate authorities/regulatory bodies, including the Government of India, for the implementation of or obligations under:
-
Section 51-A of the Unlawful Activities (Prevention) (UAPA) Act, 1967.
-
Prevention and Suppression of Terrorism (Implementation of Security Council Resolutions) Order, 2007, as amended from time to time.
-
Freezing of Assets under Section 51A of UAPA, 1967, as per UAPA notification dated February 2, 2021 (Annex II of the KYC Master Direction). We submit the necessary details to the Nodal Officers for UAPA, as available on the website of the Ministry of Home Affairs (MHA).
-
Obligations under the Weapons of Mass Destruction (WMD) and their Delivery Systems (Prohibition of Unlawful Activities) Act, 2005 and related prescription made under KYC Master Directions (including Annex III of the KYC Master Direction).
-
Countermeasures when called upon to do so by any international or intergovernmental organization of which India is a member and accepted by the Central Government.
-
Appointment of the Principal Officer (PO) / Money Laundering Reporting Officer (MLRO) & Designated Director.
Principal Officer:
Designation of Principal Officer: A Senior Official of the Company at the management level, who shall not below the rank of General Manager or immediately below the level of MD or CEO, will be designated as the Principal Officer of the Company by the Board of Directors. The Principal Officer will be responsible for overseeing and managing the Anti-Money Laundering (AML) Implementation, ensuring compliance with Regulatory Directions, and managing and mitigating AML risks.
Explanation: The term “Senior Official” mean and include an official of the Company not below the rank of General Manager or immediately below the level of MD or CEO.
Communication of Principal Officer Information: The name, designation, contact details and address of the Principal Officer will also be communicated to the Financial Intelligence Unit of India (FIU-IND) , National Housing Bank (NHB) /and the Reserve Bank of India (RBI).
Key Responsibilities of the Principal Officer (PO)/ MLRO
-
-
The PO will develop effective AML programs, including programs to provide AML training to business personnel.
-
The PO will ensure to assist the respective business heads to assess the ways in which products (existing or under development) may be abused by money launderers.
-
The PO will be capable of assisting the respective business heads to evaluate whether any activity is suspicious under the Ummeed standard and under any applicable local law.
-
The PO will be monitoring the implementation of the company’s KYC/AML policy.
-
The PO will be reporting transactions and sharing information as required under the law.
-
The PO will be maintaining liaison with regulatory authorities.
-
The PO will ensure submission of periodical reports to the top Management/Board.
-
The PO will be organizing continual training of employees to make them aware and keep them up to date with requirements of PMLA and any amendments thereto.
-
The PO will review all reports required to be submitted to regulatory/law enforcement authorities.
-
The PO will be reporting to the FIU-IND.
-
The PO will be monitoring compliance and exception reporting.
Designated Director:
Designation of Designated Director: The Company will nominate a Designated Director to ensure overall compliance with Chapter IV of the Prevention of Money Laundering Act (PMLA) and the Rules. The Designated Director will be nominated by the Board and shall not be the Principal Officer. The Board may consider candidature of MD, WTD, or CEO of the company, for appointing anyone of them as the Designated Director for reporting purposes and the same shall be communicated to the FIU or other regulatory institutions (RBI & NHB).
Communication of Designated Director Information: The name, designation, address, and contact details of the Designated Director will be communicated to the FIU-IND, NHB /and the RBI.
Key Responsibilities of the Designated Director
-
-
Review reports to be submitted to the FIU.
-
Ensure compliance with issued guidelines.
-
Attend meetings and conferences organized by the FIU or other regulatory bodies.
-
Reporting to Financial Intelligence Unit-India (FIU-IND)
Section 12 of PMLA requires, every housing finance company to report information of transaction referred to in clause (a) of sub-section (1) of Section 12 read with Rule 3 of the PML Rules relating to cash and suspicious transactions etc. to the Director, Financial Intelligence Unit-India (FIU-IND). Company shall furnish to the Director, Financial Intelligence Unit-India (FIU-IND), information referred to in Rule 3 of the PML (Maintenance of Records) Rules, 2005 in terms of Rule 7 thereof.
The reporting formats and comprehensive reporting format guide, prescribed/ released by FIU-IND and Report Generation Utility and Report Validation Utility developed to assist reporting entities in the preparation of prescribed reports shall be taken note of. The editable electronic utilities to file electronic Cash Transaction Reports (CTR) / Suspicious Transaction Reports (STR) which FIU-IND has placed on its website shall be made use of by the Company, till installation /adoption of suitable technological tools for extracting CTR/STR from live transaction data.
The Principal Officers shall make suitable arrangement to cull out the transaction details from branches which are not yet computerized and to feed the data into an electronic file with the help of the editable electronic utilities of CTR/STR as have been made available by FIU-IND on its website “http://fiuindia.gov.in”.
The Principal Officer shall ensure there is no delay in reporting a transaction as the delay of each day in rectifying a mis-represented transaction beyond the time limit as specified in the Rule shall be constituted as a separate violation.
The Company shall refrain from imposing any restrictions on operations in the accounts solely based on the filing of Suspicious Transaction Reports (STRs). Ummeed, along with its directors, officers, and all employees, is obligated to maintain the confidentiality of records pertaining to all cash and suspicious transactions as referred to in Rule 3 of the Prevention of Money Laundering (Maintenance of Records) Rules, 2005. The company is committed to keeping such information strictly confidential and ensuring its confidentiality is upheld.
Robust software, throwing alerts when the transactions are inconsistent with risk categorization and updated profile of the customers shall be put in to use as a part of effective identification and reporting of suspicious transactions.
-
Reporting of Cash Transactions
-
-
Cash Transaction Report- In accordance with the requirements under PMLA, the Company will file Cash Transaction Report (CTR) for each month to FIU -IND by 15 days of the succeeding month. CTR should include the following:
-
all cash transactions of the value of more than rupees ten lakh or its equivalent in foreign currency;
-
all series of cash transactions integrally connected to each other which have been valued below rupees ten lakh or its equivalent in foreign currency where such series of transactions have taken place within a month and the aggregate value of such transactions exceeds rupees ten lakh
-
-
-
Counterfeit Currency Report - In addition to the above, all cash transactions, where forged or counterfeit Indian currency notes have been used as genuine will also be reported by the Company to FIU-IND as Counterfeit Currency Report (CCR) not later than seven working days from the date of occurrence of such transactions. These cash transactions should also include transactions where forgery of valuable security or documents has taken place.
-
-
-
According to the revised Master Directions, effective from February 17, 2021, the company shall ensure to furnish a quarterly report to the NHB along the lines of the Reserve Bank of India (RBI) Master Circular-Detection and Impounding of Counterfeit Notes dated July 01, 2020, as amended from time to time, and similar instructions issued by the Bank. The above report should be furnished to the NHB within 7 days of the end of the quarter. A "nil" report should be sent in case no counterfeit has been detected during the quarter. (Refer to instructions under para 108.2 Chapter XIV – Miscellaneous instructions of the Master Directions.)
-
Suspicious Transactions- Monitoring and Reporting
In accordance with suspicious transactions monitoring and reporting laws the Company will establish risk-based procedures and manual processes or automated systems, for monitoring transactions to identify, investigate, and escalate potentially suspicious activity; report suspicious activity to appropriate government authorities, and take other appropriate action, such as terminating a customer relationship. The Company’s Principal Officer is charged with the responsibility of coordinating and overseeing suspicious activity monitoring, including making reports to the FIU -IND.
The Company will file the Suspicious Transaction Report (STR) to FIU -IND within 7 days of arriving at a conclusion that any transaction, whether cash or non-cash, or a series of transactions integrally connected are of suspicious nature. The Principal Officer should record his reasons for treating any transaction or a series of transactions as suspicious. It should be ensured that there is no undue delay in arriving at such a conclusion once a suspicious transaction report is received from a branch or any other office. The Principal Officer will be responsible for timely submission of CTR and STR to FIU-IND.
An illustrative list of Suspicious Transactions is enclosed as Annexure II of the Policy.
Confidentiality and Prohibition against disclosing Suspicious Activity Investigations and Reports- The Company will maintain utmost confidentiality in investigating suspicious activities and while reporting STR to the FIU-IND/ higher authorities. A Company Employee shall hold in strict confidence and not disclose to any third party a STR, information from or related to a STR, or the fact that a STR has been filed. Internally, only Employees with a need to know, such as investigators, attorneys involved in the investigation, Employees who must review and approve the STR, and auditors, can have access to STR related information.
The Company will ensure that the customer is not tipped off on the STRs made by them to FIU- IND.
However, the Company may share the information pertaining to the customers with the statutory/ regulatory bodies and other organizations such as banks, credit bureaus, income tax authorities, local government authorities etc.
-
Central KYC Records Registry (CKYCR) - and reporting requirements under Foreign Account Tax Compliance Act (FATCA)/ Common Reporting Standards (CRS)
The company will upload the Know Your Customer (KYC) data with CERSAI in respect of new individual accounts (opened w.e.f. Nov 01, 2016). KYC information will be captured for sharing with the Central KYC Record Registry in the manner mentioned in the “Prevention of Money-Laundering (Maintenance of Records) Rules, 2005” (and amendments thereto). The Company shall keep the KYC data ready in digital format in the templates advised by NHB/ RBI of all our existing clients. The Loan Application forms of Retail and Commercial Credit clients may be revised, if required, to capture the data of clients in NHB/ RBI prescribed template in future. The existing clients be contacted to fill up the gaps, if any. The KYC data will be shared with CKYCR as and when advised by NHB. The company shall also take all steps to comply with the FATCA and CRS reporting requirements, as advised by Regulatory Authorities from time to time.
-
Record-keeping Requirements
-
The Company have a system of maintaining proper record of transactions as required with reference to provisions of PML Act and Rules, as mentioned below:
-
To maintain all necessary records of transactions between the Company and the customer, both domestic and international, for at least five years from the date of transaction, and the Company is committed to preserving records related to the identification of customers and their addresses, acquired during the account opening process and throughout the course of the business relationship. These identification records will be retained for at least five years after the termination of the business relationship
-
To make available the identification records and transaction data to the competent authorities upon request whereas, "records pertaining to the identification", “identification records”, etc., shall include updated records of the identification data, account files, business correspondence and results of any analysis undertaken.
-
To introduce a system of maintaining proper record of transactions prescribed under Rule 3 of Prevention of Money Laundering (Maintenance of Records) Rules, 2005 (PML Rules, 2005);
-
maintain records of the identity and address of their customer, and records in respect of transactions referred to in Rule 3 in hard or soft format.
-
all cash transactions of the value of more than rupees ten lakh or its equivalent in foreign currency;
-
all series of cash transactions integrally connected to each other which have been valued below rupees ten lakh or its equivalent in foreign currency where such series of transactions have taken place within a month and the aggregate value of such transactions exceeds rupees ten lakh;
-
all transactions involving receipts by non-profit organizations of rupees ten lakhs or its equivalent in foreign currency;
-
all cash transactions where forged or counterfeit currency notes or bank notes have been used as genuine and where any forgery of a valuable security or a document has taken place facilitating the transactions; and
-
all suspicious transactions whether or not made in cash and by way of as mentioned in the Rule 3(1) (D).
-
records of the identity of all clients of the Company shall be maintained for a period of eight years from the date of cessation of transactions between the clients and the Company.
-
-
Records to contain the specified information- The above records, in terms with Rule 3 of the PMLA Rules, to contain the following information:
-
the nature of the transactions;
-
the amount of the transaction and the currency in which it was denominated;
-
the date on which the transaction was conducted; and
-
the parties to the transaction.
-
-
The Company shall take appropriate steps to evolve a system for proper maintenance and preservation of information in a manner that allows data to be retrieved easily and quickly whenever required or when requested by the competent authorities.
-
Hiring & Training of Employees and Customer Education
At our Company, we understand that implementing KYC procedures may require us to seek personal information from our customers that they may not have been asked for before. This can sometimes lead to questioning from customers about the purpose of collecting such information. To address this, we prioritize educating our customers about the importance and objectives of our KYC procedures to alleviate any concerns they may have.
Employees: To ensure that we have the right people on our team, we have put in place a rigorous screening process as part of our hiring process, including a Know Your Employee/Staff policy. We also provide training on KYC/AML requirements and procedures to all employees, with a focus on different areas such as frontline staff, compliance staff, and those dealing with new customers. We make sure our staff is equipped to handle issues that may arise due to lack of customer education, and we have a dedicated team that is well-versed in our KYC/AML policies to ensure compliance.
To educate our customers and build their trust, we provide literature containing all relevant information about KYC and AML measures, which can be accessed directly or through our website. Our staff is always available to promptly explain why specific information is being requested and address any concerns or questions.
We believe in maintaining high standards of integrity and ethics, effective communication skills, and the ability to keep up with changing regulations for our employees. Therefore, we strive to develop an environment that fosters open communication and high integrity amongst our staff. Additionally, we have an ongoing employee training program that ensures our staff is adequately trained in our KYC/AML/CFT policies. The training has a different focus for frontline staff, compliance staff, and staff dealing with new customers. The front desk staff is specially trained to handle issues that may arise due to lack of customer education. We also ensure that our audit function is staffed with personnel who are well-versed in our KYC/AML/CFT policies and related issues for proper compliance.
Customers: We will provide our customers with literature that contains all relevant information regarding our KYC and AML measures, which can be made available directly or through our website. Our staff are trained and instructed to promptly attend to any queries or concerns our customers may have and explain the reasons for seeking specific information.
-
Audit of the KYC & AML Program and other Reporting Requirements
To provide reasonable assurance that its AML Program is functioning effectively, an audit of its AML Program will be done as part of the internal audit of the Company. The audit will be conducted on a regular basis. The audit will include testing of the effectiveness of elements of the AML Program, compliance with applicable AML Laws, and the Company’s related procedures.
The audit findings and compliance thereof will be put up before the Audit Committee of the Board on quarterly intervals till closure of audit findings.
The Company shall develop a system of audit for the IT framework and compliance with Rules 114F, 114G and 114H of Income Tax Rules.
The books of accounts of persons authorised by the Company, including brokers/ DSAs or the like, so far as they relate to brokerage functions of the company, shall be made available for audit and inspection whenever required.
Unique Customer Identification Code (UCIC)/ Customer ID (Cust ID):
To maintain a record of our individual customers, we will allot a Unique Customer Identification Code (UCIC) {i.e., Customer ID (Cust ID)} while entering into new relationships with them. Existing individual customers will also be allotted the UCIC.
In case of walk-in/occasional customers, we may not issue UCICs, provided we can identify such customers with frequent transactions and ensure that they are allotted UCICs.
Secrecy Obligations and Sharing of Information:
To maintain the confidentiality of customer information, we will maintain secrecy regarding the customer information that arises out of the contractual relationship between the customer and our Company.
Information collected from customers for the purpose of opening an account will be treated as confidential, and the details thereof will not be divulged for the purpose of cross-selling or for any other purpose without the express permission of the customer.
While considering requests for data/information from the Government and other agencies, we will ensure that the information being sought is not of such a nature as to violate the provisions of laws relating to secrecy in transactions. The exceptions to the above shall be as under:
-
Where disclosure is under compulsion of law
-
Where there is a duty to the public to disclose,
-
the interest of RE requires disclosure and
-
Where the disclosure is made with the express or implied consent of the customer.
Introduction of new Products/ Technologies
At our company, we recognize that the introduction of new products and technologies can introduce new risks that may not have been present before. As such, we will adopt a risk-based approach to identify and assess ML/TF risks associated with the development of new products and business practices, as well as the use of new or developing technologies. This means that we will analyze the potential risks associated with each new product or technology, and tailor our approach to managing those risks based on their severity.
In addition, we will conduct ML/TF risk assessments before introducing any new product, practice, service, or technology to identify any potential risks and take steps to mitigate them. To manage and mitigate the risks associated with the introduction of new products and technologies, we will adopt appropriate Enhanced Due Diligence (EDD) measures and transaction monitoring. By doing so, we will ensure that we are effectively managing any potential ML/TF risks and protecting our business and our customers.
-
Consequences of Non-Compliance
Failure to adhere to this Policy, the Company’s AML Program, shall subject the Company’s employees to disciplinary action, up to and including, termination of employment.
Updated Master Direction - Know Your Customer (KYC) Direction, 2016 of RBI shall be referred to for any policy gaps /better interpretation.
-
Customer Identification Minimum Requirements- Indicative Guidelines
Trust/Nominee or Fiduciary Accounts
There exists the possibility that trust/nominee or fiduciary accounts can be used to circumvent the customer identification procedures. The Company will determine whether the customer is acting on behalf of another person as trustee/nominee or any other intermediary. If so, The Company will insist on receipt of satisfactory evidence of the identity of the intermediaries and of the persons on whose behalf they are acting, as also obtain details of the nature of the trust or other arrangements in place. While opening an account for a trust, The Company will take reasonable precautions to verify the identity of the trustees and the settlors of trust (including any person settling assets into the trust), grantors, protectors, beneficiaries and signatories. In the case of a 'foundation', steps should be taken to verify the founder managers/ directors and the beneficiaries, if defined.
For opening an account of a trust, one certified copy of each of the following documents or the equivalent e-documents shall be obtained:
(a) Registration certificate;
(b) Trust deed;
(c) Permanent Account Number or Form No.60 of the trust;
(d) one copy of an OVD containing details of identity and address, one recent photograph and Permanent Account Numbers of Form 60 of the beneficial owner, managers, officers or employees, as the case may be, holding an attorney to transact on its behalf.
Accounts of companies and firms
The Company will be vigilant against business entities being used by individuals as a ’front’ for maintaining accounts with banks or REs. The Company will examine the control structure of the entity, determine the source of funds and identify the natural persons who have a controlling interest and who comprise the management. These requirements may be moderated according to the risk perception e.g. in the case of a public company it will not be necessary to identify all the shareholders.
For opening an account of a company/ firm, one certified copy of each of the following documents or the equivalent e-documents shall be obtained:
(a) Certificate of incorporation/ Registration Certificate;
(b) Memorandum and Articles of Association / Partnership deed;
(c) Permanent Account Number of the company/ firm;
(d) A resolution from the Board of Directors and/ or power of attorney granted to its managers, officers, Partner or employees to transact on its behalf;
(e) one copy of an OVD containing details of identity and address, one recent photograph and Permanent Account Numbers of Form 60 of the beneficial owner, the managers, officers, Partners or employees, as the case may be, holding an attorney to transact on the company’s/ Partnership behalf.
Client accounts opened by professional intermediaries
When the Company has knowledge or reason to believe that the client account opened by a professional intermediary is on behalf of a single client, that client will be identified as per procedure listed above or as per this policy.
Accounts of Politically Exposed Persons (PEPs)
Accounts of Politically Exposed Persons (PEPs), whether as customers or beneficial owners, will be subject to additional scrutiny by the Company beyond the standard customer due diligence process. The Company commits to gathering sufficient information on any individual or customer falling within the PEP category and intends to establish a relationship. This process includes a comprehensive check of all available information about the person in the public domain. To effectively manage the associated risks, the Company will maintain appropriate risk management systems designed to determine whether the customer or beneficial owner qualifies as a Politically Exposed Person. Prior to accepting a PEP as a customer, the Company will conduct identity verification and seek information regarding the sources of funds/wealth. The decision to open an account for a PEP will undergo a rigorous approval process, with the authorization granted by a Zonal Credit Manager or a minimum-grade General Manager, emphasizing the elevated level of scrutiny and approval for such cases. Furthermore, the Company extends these established norms to also apply to the accounts of family members or close associates of PEPs. This approach ensures a comprehensive due diligence process for individuals closely connected to Politically Exposed Persons.
Accounts of non-face-to-face customers
In the case of non-face-to-face customers, apart from applying the usual customer identification procedures, there will be specific and adequate procedures to mitigate the higher risk involved. Certification of all the documents presented will be insisted upon and, if necessary, additional documents will be called for as deems required by the Company for effective CDD and Identification per applicable RBI directions or PMLA or Rules made thereunder.
-
Indicative List of the Nature and Type of Documents/ Information
For purpose of this policy “Officially Valid Document” (OVD) shall means:
-
-
Passport;
-
Driving License;
-
Proof of Possession of Aadhaar Number;
-
Voter's Identity Card issued by the Election Commission of India;
-
Job card issued by NREGA duly signed by an officer of the State Government;
-
Letter issued by the National Population Register containing details of name and address;
Provided that:
-
-
-
Where the customer submits his proof of possession of Aadhaar number as an OVD, he may submit it in such form as are issued by the Unique Identification Authority of India;
-
Where the OVD furnished by the customer does not have updated address, the following documents or the equivalent e-documents thereof shall be deemed to be OVDs for the limited purpose of proof of address:
-
Utility bill which is not more than two months old of any service provider (electricity, telephone, post-paid mobile phone, piped gas, water bill);
-
property or Municipal tax receipt;
-
pension or family pension payment orders (PPOs) issued to retired employees by Government Departments or Public Sector Undertakings, if they contain the address;
-
letter of allotment of accommodation from employer issued by State Government or Central Government Departments, statutory or regulatory bodies, public sector undertakings, scheduled commercial banks, financial institutions and listed companies and leave and license agreements with such employers allotting official accommodation;
-
-
-
the customer shall submit OVD with current address within a period of three months of submitting the documents specified at “b” above
-
where its customer submits a proof of possession of Aadhaar Number containing Aadhaar Number, ensure that such customer redacts or blacks out his Aadhaar number through appropriate means.
Explanation: For the purpose of this clause, a document shall be deemed to be an OVD even if there is a change in the name subsequent to its issuance provided it is supported by a marriage certificate issued by the State Government or Gazette notification, indicating such a change of name.
-
KYC Documents List
Parameters
|
Features
|
KYC - Know Your Company
|
|
KYC-Photograph
|
|
KYC - Identity Proof (any one in addition to Address Proof)
|
-
For Individuals:
-
PAN Card or Form 60
-
Valid Passport (not expired)
-
Aadhar Card
-
Driving License
-
Voters ID Card
-
Job card issued by NREGA duly signed by an officer of the State Government
-
Letter issued by the National Population Register containing details of name and address
-
Identity Card /Certificate with Applicant’s Photograph issued by Government Body/ Regulatory or Statutory Authority/ Public Sector Undertaking/ Scheduled Commercial Banks and Public Financial Institution
-
Photo debit card / Bank account statement 1st Page/ Passbook with Photographs issued by a Bank & Bank Stamp on the Photo
-
Valid Arms license issued by Central / State government / Union Territory with Name, Photograph and signature (Identity Proof)
-
Letter issued by a Gazetted Officer with a duly attested photograph of the Applicant
|
|
-
For Non-Individuals/ business entities:
-
PAN or Form 60
-
Shops & Establishment Certificate /Trade License Certificate
-
MSME Registration Certificate
-
GST Registration Certificate
-
Registered Partnership Deed (for firms) / Memorandum of Association (MOA) for companies
-
Export-Import Code Certificate
-
Professional qualification Certificate and Degree Certificate for professionals with photo (For Proprietorship Firms)
-
Last available Income Tax Assessment order
-
Latest available Wealth Tax Assessment order
-
Certificate Issued by SEZ, STP, EHTP, DTA and EPZ in the name of the entity mentioning the address allotted
-
Any other certificate of registration issued by professional bodies such as ICAI / ICSI / ICWAI in the name of the firm
-
TDS Certificate in the name of entity issued by Scheduled Commercial Banks, FI & FIIs, MFs, PSUs (Central & State), Govt. Dept., Local Self Government (Municipal Corporation etc.) and Government Bodies
-
Factory Registration Certificate
|
Date of Birth Proof (any one)
|
-
Valid Passport (not expired)
-
PAN Card
-
Aadhar Card
-
Voter ID Card clearly mentioning the exact date of birth
-
Driving License
-
Birth Certificate (issued by Government body)
-
School Leaving certificate (10th)
-
Employee ID Card clearly mentioning the exact date of birth (only for PSU/Govt. employees)
-
Letter issued by a Gazetted Officer with a duly attested photograph of the person
-
High School Mark Sheet/ High School Passing Certificate
|
KYC- Residence / Office Address proof (any one in addition to Identity Proof)
|
-
For Individuals (Following OVD Documents can be collected)
-
Valid Passport (not expired)
-
Driving License
-
Voters ID card
-
Aadhar Card
-
Job card issued by NREGA duly signed by an officer of the State Government
-
Letter issued by the National Population Register containing details of name and address
Following Documents can also be considered as an Address Proof for “Low Risk” Customers with condition that the Officially Valid Documents (OVD) listed above with updated address shall be collected within 3 (three) months of submission:
-
Ration Card
-
Utility bill (Electricity, Landline Telephone, Post Paid Mobile, Piped Gas line, Water) from latest 2 (two) months from date of application.)
-
Rent agreement on stamp Paper subject to positive Residence FI (at the same address as mentioned on rent agreement (registered or notarized)
-
Bank Statements 1st Page/ Passbook reflecting address of borrowers of any commercial bank (Nationalized / Scheduled commercial bank)
-
Sale Deed of the property, if owned
-
Certificate issued by ward officer, maintaining election roll certifying address of the applicant
-
Property tax bill / receipt
-
Letter issued by a Gazetted Officer with a duly attested photograph of the person
|
|
-
Non-Individuals / Business entities
-
Shops & Establishment Certificate
-
Trade License Certificate
-
MSME/ SSI Registration Certificate
-
GST Registration
-
Registered Partnership Deed (for firms) with business address mentioned
-
Certificate of Incorporation issued by MCA/Memorandum of Association (MOA) for companies
-
Export-Import Code Certificate
-
Factory Registration Certificate
-
Letter from existing banker (restricted to a Scheduled Commercial Bank & Scheduled Co-operative Banks). Letter has to be obtained in original on Bank’s letterhead paper bearing the authorizing officers name and signature along with the stamp of the bank. The verification done should be for the name, photograph and address of the individual.
-
Letter issued by a gazette officer with a duly attested photograph of the person
|
KYC - Constitution documents
|
-
Private Ltd Company/closely Held Public Ltd Company:
-
Certificate of Incorporation
-
MOA & AOA of the company
-
Form 32/ DIR 12
-
Annual return filed with ROC
-
List of Directors & Shareholding pattern duly certified by CA
|
-
Partnership firm:
-
Partnership Deed- certified by all partners that it is the latest deed as on date.
-
Dissolution Deed- certified by current partners that it is the latest deed as on date.
-
License issued by the Registering authority like Certificate of Practice issued by ICAI, ICWAI, Institute of Company Secretaries of India, Indian Medical Council, Food and Drug Control Authorities, etc.
Sole Proprietary Firms
If the Proprietorship firm is party to the agreement at least any one of the below documents needs to be mandatorily collected from the firm and a positive FI at the address of proprietary concern is mandatorily required.
[“Registration certificate” as a proof of business/ activity in the name of the proprietary firm includes “Udyam Registration Certificate (URC) issued by the Government”.]
i) Proof of the name, address and activity of the concern, like registration certificate (in the case of a registered concern), certificate/license issued by the Municipal authorities under Shop & Establishment Act, sales and income tax returns, GST certificate, certificate / registration document issued by Sales Tax / Service Tax / Professional Tax authorities, License issued by the Registering authority like Certificate of Practice issued by Institute of Chartered Accountants of India, Institute of Cost Accountants of India, Institute of Company Secretaries of India, Indian Medical Council, Food and Drug Control Authorities, etc.
ii) Any registration / licensing document issued in the name of the proprietary concern by the Central Government or State Government Authority / Department. NBFCs/RNBCs may also accept IEC (Importer Exporter Code) issued to the proprietary concern by the office of DGFT as an identity document for opening of account.
iii) The complete Income Tax return (not just the acknowledgement) in the name of the sole proprietor or where the firm's income is reflected, duly authenticated/ acknowledged by the Income Tax Authorities.
iv) Utility bills such as electricity, water, and landline telephone bills in the name of the proprietary concern.
However, in case the FI is not done at firm’s address then we need to collect two documents out of above-mentioned documents instead of one document as KYC for the sole proprietorship firm.
|
Signature Verification
|
-
Signature Verification is mandatory for all applicants or signatories on behalf of applicants like Partnership firm/Pvt Ltd companies.
-
Any one of the following to be considered for signature verification:
-
Banker’s sign. Verification
-
Passport copy
-
PAN card
-
Driving license with photograph & signature.
-
Ration Card with the signature of the customer
-
Debit Card bearing the signature (embossed on the front) of the applicant and should be the same as in the Application Form.
-
Copy of registered sales deed bearing signature of the applicant / co applicant / guarantor / authorised signatory as the case may be.
-
Employee’s Identity Card provided such identity card bears the signature of the employee (only employees of PSU, Scheduled Commercial banks, Insurance Companies, State & Central government)
-
Signature Verification to be taken for borrower/co-borrower for PDC / SPDC issued
-
Banker’s Letter (Banker Verification) - Letter from existing banker (restricted to a Scheduled Commercial Bank & & Scheduled Co- operative Banks). Letter has to be obtained in original on Bank’s letterhead or on plain paper with the seal of the bank affixed on it bearing the authorizing officers name and signature along with the stamp of the bank. The verification done should be for the name and signature of the individual
-
In cases where the co applicant / guarantor is illiterate and is not able to furnish any one of the stipulated signature verification documents, a memorandum duly signed / thumb impression affixed by an illiterate
person as per the format defined may be accepted as valid signature verification document. {An officer of the Company shall certify under his/ her signature that the Applicant/ Co-applicant) has affixed his/ her signature or thumb impression in his/ her presence.}
|
-
AMLA Documents List:
As per norms prescribed under the “Anti Money Laundering Act & Other Applicable Rules”, we have divided our borrower’s under below mentioned two categories:
-
“HIGH RISK”- Applicant (whose income is considered) has a net worth of more than Rs 100 lakhs or they are HUF/Trust/Society.
-
“LOW RISK” —Applicant (whose income is considered) has a net worth of less than Rs 100 lakhs.
*Applicant whose income is considered need to sign & submit a declaration/Undertaking confirming his/her net worth.
AMLA requirements are in addition to the KYC requirement and are applicable for all loans — we need to collect any one or more of the following documents to satisfy both ID proof and Address Proof
HIGH RISK
-
Passport (unexpired)
-
Voters’ Identity Card
-
UID (AADHAR card)
-
Job card issued by NREGA duly signed by an officer of the State Government,
-
Valid Driving License (unexpired)
-
PAN Card
We need to collect at least one or more of the above mentioned six documents for AMLA which provides complete ADDRESS and ID PROOF of any one of the APPLICANTS. For example, if PAN is collected for ID, another one of the six dox will be required as support for address proof. In case the Applicant or Co-applicant is/ is not individual but firm/Company/trust, then similar documents are required for the authorized signatory. ADDRESS documents for AMLA purpose may be for any address i.e., present, communication or permanent address (without impacting our KYC requirements).
Further we need relationship proof with other co applicant’s so that we don’t need their individual AMLA document, if the relationship does not exist than we need to follow the above-mentioned guideline for all applicants individually.
LOW RISK
-
Passport (unexpired)
-
Voters’ Identity Card
-
UID (AADHAR card)
-
Job card issued by NREGA duly signed by an officer of the State Government,
-
Valid Driving License (unexpired)
-
PAN Card
-
Identity card with applicant's Photograph issued by Central/State Government Departments, Statutory/Regulatory Authorities, Public Sector Undertakings, Scheduled Commercial Banks, and Public Financial Institutions
-
Letter issued by a Gazetted Officer, with a duly attested photograph of the person.
In addition to the above-mentioned documents for LOW-RISK Customers, the below mentioned documents (s. no. 9-14) can also be taken as Officially Valid document as Address Proof for only LOW Risk Customer.
-
Utility bill which is not more than two months old of any service provider (electricity, telephone, postpaid mobile phone, piped gas (government supply), water bill);
-
Property or Municipal Tax receipt;
-
Bank account or Post Office savings bank account statement;
-
Pension or family pension payment orders (PPOs) issued to retired employees by Government Departments or Public Sector Undertakings if they contain the address.
-
Letter of allotment of accommodation from employer issued by State or Central Government departments, statutory or regulatory bodies, public sector undertakings, scheduled commercial banks, financial institutions, and listed companies. Similarly, leave and license agreements with such employers allotting official accommodation; and
-
Documents issued by Government departments of foreign jurisdictions and letter issued by Foreign Embassy or Mission in India.
We need to collect at least one or more of the above mentioned eight documents for AMLA which provides complete ADDRESS and ID PROOF of any one of the APPLICANTS. For example, if PAN is collected for ID, another one of the eight dox will be required as support for address proof. In case the Applicant or Co-applicant is/are not individual but firm/Company/trust, then similar documents are required for the authorized signatory. ADDRESS documents for AMLA purpose may be for any address i.e. present, communication or permanent address (without impacting our KYC requirements).
However, in all cases where Address Proof is taken from document no. 9-14 ; in all such cases a second proof for ID needs to be taken as listed in document no.1-8)
c. Digital KYC Process
For the purpose of this section:
“Digital KYC” means the capturing live photo of the customer and officially valid document or the proof of possession of Aadhaar, where offline verification cannot be carried out, along with the latitude and longitude of the location where such live photo is being taken by an authorised officer of our company as per the provisions contained in the Act.
“Equivalent e-document” means an electronic equivalent of a document, issued by the issuing authority of such document with its valid digital signature including documents issued to the digital locker account of the customer as per rule 9 of the Information Technology (Preservation and Retention of Information by Intermediaries Providing Digital Locker Facilities) Rules, 2016.
“Video based Customer Identification Process (V-CIP)”: a method of customer identification by an official of the Company by undertaking seamless, secure, real-time, consent based audio-visual interaction with the customer to obtain identification information including the documents required for CDD purpose, and to ascertain the veracity of the information furnished by the customer. Such process shall be treated as face-to-face process for the purpose of this Policy.
In case a customer applies for digital KYC process then:
-
The original OVD is required to be presented.
-
Live photograph of the customer shall be taken and the same photograph is embedded in the Customer Application Form (CAF).
-
Other guidelines as per the directions of RBI are followed while capturing the Photograph and OVD documents.
-
OTP validation, shall be carried out for successful singing of authorized officer on the declaration.
-
Thereafter, the Application shall give information about the completion of the process and submission of activation request and also generate the transaction-id/reference-id number of the process. Transaction-id/reference-id shall be intimated to the customer for future reference. Verification shall be done by our officer and CAF shall be digitally signed.
Illustrative List of Suspicious Transactions pertaining to Housing Loans:
-
-
Customer is reluctant to provide information, data, documents;
-
Submission of false documents, data, purpose of loan, details of accounts;
-
Refuses to furnish details of source of funds by which initial contribution is made, sources of funds is doubtful etc.;
-
Reluctant to meet in person, represents through a third party/Power of Attorney holder without sufficient reasons;
-
Approaches a branch/office of a HFC, which is away from the customer’s residential or business address provided in the loan application, when there is HFC branch/office nearer to the given address;
-
Unable to explain or satisfy the numerous transfers in the statement of account/ multiple accounts;
-
Initial contribution made through unrelated third party accounts without proper justification;
-
Availing a top-up loan and/or equity loan, without proper justification of the end use of the loan amount;
-
Suggesting dubious means for the sanction of loan;
-
Where transactions do not make economic sense;
-
There are reasonable doubts over the real beneficiary of the loan and the flat to be purchased;
-
Encashment of loan amount by opening a fictitious bank account;
-
Applying for a loan knowing fully well that the property/dwelling unit to be financed has been funded earlier and that the same is outstanding;
-
Sale consideration stated in the agreement for sale is abnormally higher/lower than what is prevailing in the area of purchase;
-
Multiple funding of the same property/dwelling unit;
-
Request for payment made in favour of a third party who has no relation to the transaction;
-
Usage of loan amount by the customer in connivance with the vendor/builder/developer/broker/agent etc. and using the same for a purpose other than what has been stipulated.
-
Multiple funding / financing involving NGO / Charitable Organisation / Small / Medium Establishments (SMEs) / Self Help Groups (SHGs) / Micro Finance Groups (MFGs)
-
Frequent requests for change of address;
-
Overpayment of instalments with a request to refund the overpaid amount;
-
Legal structure of client has been altered numerous times (name changes, transfer of ownership, change of corporate seat);
-
Unnecessarily complex client structure;
-
Individual or classes of transactions that take place outside the established business profile, and expected activities/ transaction unclear;
-
Unusual financial transactions with unknown source;
-
Payments received from un-associated or unknown third parties and payments for fees in cash where this would not be a typical method of payment;
-
Investment in real estate at a higher/ lower price than expected.
-
Clients incorporated in countries that permit bearer shares.
Illustrative List of Suspicious Transactions pertaining to Builder/ Project Loans:
-
Builder approaching the HFC for a small loan compared to the total cost of the project;
-
Builder is unable to explain the sources of funding for the project;
-
Approvals/sanctions from various authorities are proved to be fake;
-
Management appears to be acting according to instructions of unknown or inappropriate person(s);
-
Employees numbers or structure out of keeping with size or nature of the business (for instance the turnover of a company is unreasonably high considering the number of employees and assets used);
-
Clients with multijurisdictional operations that do not have adequate centralized corporate oversight;
-
Advice on the setting up of legal arrangements, which may be used to obscure ownership or real economic purpose (including setting up of trusts, companies or change of name/corporate seat or other complex group structures);
-
Entities with a high level of transactions in cash or readily transferable assets, among which illegitimate funds could be obscured.
Read More