As per the RBI guidelines, it is crucial for Re-KYC to be conducted on a regular basis. Financial institutions, including banks and NBFCs, are required to carry out Re-KYC in alignment with a risk-based methodology. Re-KYC, while a regulatory necessity aimed at maintaining the accuracy and currency of customer data, has inadvertently opened doors for fraudsters to exploit unsuspecting victims by posing as bank representatives. Customers are assessed and categorized based on various risk factors such as identity, credit appetite, social and financial standing, business activities, etc., and are then classified into various risk profiles: High Risk, Moderate Risk, and Low Risk. High Risk customers are required to undergo Re-KYC every 2 years, Moderate Risk customers every 8 years, and Low Risk customers every 10 years. Compliance with the RBI’s Customer Identification and Risk Categorization Process is mandatory. Failure to adhere to these protocols can lead to penalties and directives for corrective measures. Persistent non-compliance could result in severe penalties akin to those faced by entities like Paytm. However, the leniency with which banks and NBFCs have approached the Re-KYC process has significantly contributed to fraud incidents. Notably, 70% of frauds occur post-KYC, underscoring the necessity for Re-KYC and continuous customer monitoring to map out and mitigate potential fraud risks.
The Root of the Issue: Re-KYC Process Vulnerabilities:
Proposed Solution: Strengthening the Re-KYC Strategy: