AML - KYC guidelines

 AML (Anti-Money Laundering) and KYC (Know Your Customer) guidelines are regulatory measures put in place by financial institutions and governments to combat money laundering, terrorist financing, and other financial crimes. These guidelines aim to ensure that banks and other financial institutions have a thorough understanding of their customers' identities, sources of funds, and transaction activities.

AML Guidelines

AML guidelines provide a framework for financial institutions to implement robust policies, procedures, and controls to prevent, detect, and report suspicious activities. They require institutions to establish and maintain effective systems for customer due diligence, risk assessment, monitoring of transactions, and reporting of suspicious transactions to the relevant authorities.

Objectives of Anti Money Laundering:

(a) To prevent criminal elements from using the financial system for money laundering activities.

(b) To prevent spread of criminal activities in society.

(c) To safeguard the economy from financial crimes.

(d) To prevent terrorists from gaining access to financial resources.

Stages in Money laundering

Money laundering typically involves three stages: 

These stages are designed to conceal the illicit origin of funds and make them appear legitimate.

Placement: In this initial stage, the illicit funds are introduced into the financial system. It involves converting cash proceeds from illegal activities into more manageable and legitimate forms, such as bank deposits, investments, or purchases of assets like real estate or luxury goods. The goal is to physically place the illicit funds into the financial system without raising suspicion.

Layering: The layering stage involves creating a complex web of transactions and multiple layers of financial activity to obfuscate the audit trail and confuse investigators. The launderer engages in a series of transactions, such as wire transfers, moving funds between accounts, buying and selling assets, creating offshore shell companies, or using intermediaries, with the intention of disguising the origin and ownership of the funds. This stage aims to create a convoluted paper trail to make it difficult for authorities to trace the illegal proceeds.

Integration: In the final stage, the laundered funds are integrated back into the legitimate economy, making them appear as lawful assets. At this stage, the funds are mixed with legitimate funds, making it challenging to distinguish between the illicit and legitimate wealth. The launderer may invest the funds in businesses, real estate, or other ventures, making it seem like legitimate income or investments.

It's important to note that money laundering techniques can be sophisticated and continually evolve to exploit vulnerabilities in the financial system. Authorities, regulatory bodies, and financial institutions implement various measures and regulations to detect and prevent money laundering activities, such as implementing AML (Anti-Money Laundering) and KYC (Know Your Customer) procedures, transaction monitoring systems, and reporting suspicious activities to regulatory authorities.

In India, the primary legislation related to Anti-Money Laundering (AML) and Know Your Customer (KYC) guidelines is the Prevention of Money Laundering Act, 2002 (PMLA) based on FATF (Financial Action Task Force) and the rules and regulations issued thereunder. The PMLA was enacted to prevent money laundering activities and to confiscate and seize proceeds of crime.

Under the PMLA, the key regulatory authority responsible for implementing AML and KYC guidelines is the Financial Intelligence Unit-India (FIU-IND). FIU-IND serves as the central national agency for receiving, analyzing, and disseminating information relating to suspicious transactions and activities to the appropriate authorities.

The Reserve Bank of India (RBI), as the central bank and regulator of the banking sector, plays a significant role in enforcing AML and KYC requirements for banks and financial institutions. RBI has issued various circulars, guidelines, and master directions, including the "Master Direction - Know Your Customer (KYC) Direction, 2016," which lays down the KYC requirements for banks and other entities regulated by RBI.

The obligations under PMLA require the banks to mitigate ML/FT risks. Banks are required to take appropriate measures for the following purposes:

• To know/understand the customers and their financial dealings better.

• To detect and report suspicious activities to FlU-India as per the laid down procedures.

• To comply with applicable laws and regulatory guidelines.

• To adequately train the staff in KYC/AML procedures.

These make it difficult for criminals to abuse banks for ML/FT as their activities are closely monitored. They mitigate ML/FT risks as criminals would avoid vigilant banks.

KYC Guidelines

KYC guidelines, focus on obtaining accurate and up-to-date information about customers to establish their identity and assess the risk they pose in terms of money laundering or terrorist financing. Financial institutions are required to verify customers' identities using reliable documents and information and keep records of these verification processes.

Who is a customer?

A ‘customer’ from KYC norms perspective differs in from the traditional meaning of ‘customer’:

• It includes not just the person in whose name the dealings are carried out with the bank, but also those who actually act for such person.

• It covers not only the account holders and those having continued relationship, but also those who avail of any service on one-off basis.

For the purpose of KYC requirements, a bank needs to include a wide range of persons availing various services, like:

• A bank account including fixed deposits

• Credit facilities (fund-based or non-fund based)

• Remittance facility on stand-alone basis even once or multiple times

• Demat account (Bank is a Depository Participant)

• PPF account or Pension Fund account

• Third party product (e.g. insurance, mutual fund)

• Safe custody services or safe deposit locker services

• Receiving remittances for payouts.

Besides, the following persons are also considered ‘customer’:

• In case of entities availing services - their beneficial owners

• In case of accounts maintained by Professional Intermediaries for their clients - beneficiaries of the transaction.

KYC Policy is a comprehensive document that contains norms related to handling of the customer’s business, organization set-up for various responsibilities, creating awareness among customers and staff. The key elements of KYC Policy are:

1. Customer Acceptance Policy,

2. Customer Identification Procedures,

3. Risk Management, and

4. Monitoring of Transactions

Some banks may have two distinct documents covering KYC Policy (pertaining to Customer Identification and Customer Due Diligence) and AML/CFT Policy (pertaining to Monitoring of Transactions and Reporting to FIU).

The pillars of KYC (Know Your Customer) are the fundamental principles and practices that form the basis of effective customer due diligence and risk management in financial institutions. The key pillars of KYC include:

Customer Identification Program (CIP): This pillar focuses on verifying the identity of customers through reliable and independent documentation, such as government-issued identification cards, passports, or national identity cards. It involves collecting and verifying customer information, including their name, address, date of birth, and other relevant details.

Customer Due Diligence (CDD): CDD involves assessing the risk associated with a customer by understanding their nature of business, sources of funds, and expected transaction patterns. This pillar requires financial institutions to gather information about the customer's background, purpose of the account, and anticipated transactions. Higher-risk customers may require enhanced due diligence (EDD) measures.

Risk Assessment: Conducting a risk assessment is crucial to determine the level of risk associated with a customer and the overall risk exposure of the institution. This pillar involves implementing risk-based policies and procedures to identify, mitigate, and manage the risk of money laundering, terrorist financing, and other financial crimes.

Ongoing Monitoring: KYC is not a one-time process but requires continuous monitoring of customer transactions and activities. Financial institutions must establish systems and controls to detect and report suspicious transactions, monitor changes in customer behavior, and ensure that customer information is up to date.

Reporting of Suspicious Activities: This pillar emphasizes the obligation of financial institutions to report any suspicious transactions or activities to the appropriate regulatory authorities. Financial institutions are required to have mechanisms in place to identify and report suspicious transactions promptly, in line with local laws and regulations.

Employee Training and Awareness: Financial institutions must invest in training their employees to enhance their understanding of KYC requirements, the identification of red flags, and the reporting of suspicious activities. Regular training programs help ensure compliance with KYC regulations and promote a culture of vigilance against financial crime.

By adhering to these pillars, financial institutions can effectively mitigate the risk of money laundering, terrorist financing, and other illicit activities, while fostering a secure and compliant environment for their customers.

Documents needed from customers for KYC 

Identity Proof: A valid government-issued identity document with a photograph is typically required. This can include a passport, national ID card, driver's license, or Aadhaar card (in the case of India).

Address Proof: Documents that establish your residential address are needed. This can include utility bills (electricity, water, gas) bank statements, rent agreement, voter ID card, or Aadhaar card (with current address).

Photograph: Recent passport-sized photographs may be required to be submitted along with the KYC application.

PAN (Permanent Account Number): In countries like India, a PAN card is often mandatory for KYC compliance, especially for financial and investment-related activities.

Financial Information: Depending on the type of account or service being accessed, you may need to provide information related to your income, occupation, source of funds, and employment details.

In conclusion to avoid money laundering 

• All financial sector businesses and certain non-financial sector businesses are required to comply with the obligations under PMLA. 

• These pertain to customer identification, due diligence, reporting of specified transactions (including suspicious transactions) to FlU-Ind, and maintaining records.

• The reports to FlU-Ind are Cash Transaction Reports(CTR), Cross Border Wire Transfer Report (CBWTR), Non-Profit Organisation Transaction Report (NTR), Counterfeit Currency Report (CCR), and Suspicious Transactions Report (STR).

• Banks need to assess at least once a year ML/FT risks from various sources, undertake risk categorisation of customers, products/ services, delivery channels, regions/ countries of operations and transactions handled, and adopt risk based approach in both customer due diligence and transaction monitoring.

• Banks need to exercise appropriate diligence in handling transactions or customers connected with FATF identified high risk and weak countries. Banks also need to conduct adequate due diligence when providing or availing correspondent banking services with banks in other countries.