Saturday 19 June 2021
- Advertisement -

RBI amends KYC norms to further leverage video-based customer identification process

A regulated entity should conform to the RBI guidelines on minimum baseline cyber security and resilience framework for banks

The Reserve Bank (RBI) on 10 May amended its master direction on know your customer to further leverage the video-based customer identification process (V-CIP) and simplify the process of periodic updation of KYC.

V-CIP is an alternative method of customer identification with facial recognition and customer due diligence by an authorised official of the regulated entity. The seamless, secure and live method involves receiving informed-consent from the customer based audio-visual interaction with him to be sanguine about his identity.

The RBI said regulated entities may undertake V-CIP to carry out customer due diligence (CDD) in case of new customer on-boarding for individual customers, proprietor in case of proprietorship firm, authorised signatories and Beneficial Owners (BOs) in case of Legal Entity (LE) customers.

Among others, RBI regulated entities (REs), include banks, NBFCs, and payment system operators.

REs may undertake V-CIP for conversion of existing accounts opened in non-face to face mode using Aadhaar OTP based e-KYC authentication, and updation or periodic updation of KYC for eligible customers.

The central bank has specified certain minimum standards which regulated entities will have to follow while opting to undertake V-CIP.

As per the amended provisions, an RE should have complied with the RBI guidelines on minimum baseline cyber security and resilience framework for banks.

“The technology infrastructure should be housed in own premises of the RE and the V-CIP connection and interaction shall necessarily originate from its own secured network domain. Any technology related outsourcing for the process should be compliant with relevant RBI guidelines,” it said.

The RE should ensure end-to-end encryption of data between customer device and the hosting point of the V-CIP application, as per appropriate encryption standards. The customer consent has to be recorded in an auditable and alteration proof manner.

It further said each RE should formulate a clear work flow and standard operating procedure for V-CIP and ensure adherence to it. The V-CIP process should be operated only by officials of the RE specially trained for this purpose.

The authorised official should record audio-video as well as capture photograph of the customer present for identification. The official can obtain the identification information using OTP based Aadhaar e-KYC authentication, offline verification of Aadhaar for identification, KYC records downloaded from CKYCR or equivalent e-document of Officially Valid Documents (OVDs) including documents issued through DigiLocker.

Further, the RE will have ensure to redact or blackout the Aadhaar number. 

Publishing partner: Uprising

Sirf News needs to recruit journalists in large numbers to increase the volume of news stories. Please help us pay them by donating. Click on the button below to contribute.

Sirf News is now on Telegram as well. Click on the button below to join our channel (@sirfnewsdotcom) and stay updated with our unique approach to news

Chat with the editor via Messenger

Related Articles

Stay Connected

22,042FansLike
2,817FollowersFollow
17,900SubscribersSubscribe
- Advertisement -

Latest Articles

Translate »
[prisna-google-website-translator]
%d bloggers like this: