Adoption of KYC norms by NBFC

KYC Norms

The Reserve Bank of India, also referred to as RBI, is the country’s central bank and a regulatory agency in charge of establishing policies and overseeing the country’s banking industry. Along with banks, other NBFCs in the finance industry must follow the RBI’s rules as needed. In 2004, the Reserve Bank of India[1] made comprehensive KYC implementation for customer identification and verification mandatory for all financial institutions. Since then, a number of modifications have been made, the most recent of which concerns the approval of the video KYC solution in 2021. Here We discuss Adoption of KYC norms by NBFC.


In order to identify and validate a customer while creating a bank account or during customer onboarding, a process known as KYC, or know-your-customer, is used. Additionally, in order to continue operating normally, all financial companies, including banks and NBFCs, must adhere to the RBI KYC norms. eKYC is a digital process that only requires the customer’s 12-digit Aadhaar number to verify their identity. Once a citizen enrols in the UIDAI’s Aadhaar initiative, the organisation collects and stores their data for authentication purposes in a secure database. 

These facts include the following: 

  • Demographic data: Name, Date of Birth (Verified) or Age (Declared), Address, Gender, Mobile Number (Optional), and Email ID (Optional) are the demographic details.
  • Biometric data: ten fingerprints, iris scan, and live facial image 

The increase in financial fraud, particularly money laundering and financing of terrorism, was the driving force behind the introduction of KYC norms. Using KYC, financial institutions can identify consumers who might pose a risk to the company and deny their applications accordingly. The RBI’s KYC norms not only stop money laundering and terrorism financing, but they also safeguard financial companies from fraud.

Types of eKYC

There are two varieties of eKYC: online and offline. 

  1. eKYC offline procedures include:
  2. When a consumer downloads an Aadhaar XML file from the UIDAI website and gives it to a verifier, it contains their unique identifying information. 
  3. When a customer’s Aadhaar card’s QR code is scanned to receive authentication data, this method is known as QR-code authentication.
  4. NBFCs had access to both of these techniques, but each had its own shortcomings. 
  5. Online methods for eKYC include:
  6. OTP-based authentication, which requires the consumer to enter an OTP that was issued to their Aadhaar-registered mobile number in order to be authorised, is one of the online techniques for eKYC. 
  7. Biometric authentication involves using a scanner to gather the customer’s biometric data and then comparing it to data stored in the UIDAI database.
READ  NBFCs Leveraging Fintech to Build a Customer-Centric Business Model

NBFCs are allowed to use online KYC procedures. However, they must pay a transaction fee of 20 rupees for each eKYC verification that is carried out.         

New Aadhaar Licence Procedure For NBFCs

  1. The RBI informed the chairpersons and CEOs of NBFCs of the revised requirements for applying for an Aadhaar licence to use KYC online for client identification via the client’s Aadhaar number in a notification sent on September 13, 2021. 
  2. According to the Prevention of Money Laundering Act of 2002, the Central Government may issue a notification after consulting with UIDAI and the competent authorities to permit non-banking entities to conduct client authentication using online KYC.
  3. Due to a supreme court decision from 2018 that raised concerns about the risks of online KYC and prohibited its use for client authentication of any contract, NBFCs were previously completely prohibited from using the Aadhaar online KYC facility.
  4. After that, Section 11A was inserted, and the PMLA (2002) was amended for the following:
  5. The banking businesses use Aadhaar KYC norms for authentication.
  6. The central government will let non-banking entities adopt eKYC after consulting with UIDAI.

Furthermore, Section 11A permits the Ministry of Finance to publish notifications allowing non-banking financial institutions to employ eKYC as long as they adhere to the instructions for applying.

Application for KYC License Process by NBFCs

The Ministry of Finance published a notification to exercise its authority under the aforementioned rules, outlining the procedure for authorising companies other than banks to use the UIDAI’s authentication services. 

  1. To use the KYC norms as services offered by UIDAI, NBFCs must submit an application for an Aadhaar authentication licence, according to the RBI’s announcement. This licence may be a sub-KUA or KYC User Agency (KUA) licence. 
  2. Both of these licences will be awarded by UIDAI, and organisations wishing to obtain them, such as NBFCs, providers of payment systems, and users of payment systems, must submit an Aadhaar Licence application to UIDAI. 
  3. The competent regulator, the RBI, can receive this application through email. The application should be addressed specifically to the Chief General Manager In-Charge of the Department of Regulation at RBI. 
  4. The application is sent to UIDAI for additional review after being scrutinised and given the regulator’s approval. The central government will authorise the applicant to execute eKYC on the basis of recommendations from UIDAI, and UIDAI will supply the required authorisations to do so.
  5. Payment of Aadhaar licence fees and adherence to the Aadhaar Act’s regulations are prerequisites for these authorisations.
  6. In the final step, the UIDAI will issue an authorisation to use UIDAI’s authentication facility.
READ  A Complete Analysis of RBI Exposure Norms for NBFC in India

As the financial sector’s regulator, the Reserve Bank of India has issued the notification allowing all NBFCs to carry out client Aadhaar number authentication utilising the KYC capability. The application form requests various information regarding the applicant, including confirmation that the entity is adhering to the Data Security Regulations 2016 of UIDAI and other relevant guidance/circulars issued by UIDAI from time to time with regard to privacy and security norms.

What guidelines are included in the video KYC RBI?

Financial institutions, including banks and NBFCs, employ video KYC as a special way of customer identification. In an audio-visual contact between the consumer and a trained official, the customer is asked to provide their live photo and other identification documents for ID verification.

Video KYC was certified by the RBI as a recognised means of ID verification for banks and other NBFCs in May 2021. The RBI’s video KYC update includes the following:

  1. The customer’s image ought to be a live image.
  2. Checking a clean PAN image against official records is recommended.
  3. It is necessary to perform a face match between the customer’s ID and photo.
  4. The live location of the customer must be geotagged.
  5. The financial RE’s domain must start the video engagement.
  6. A date and time stamp must be added to the video and kept in a secure location.
  7. The offline Aadhaar verification document must not be more than three days old.
  8. Both the consumer and the RE representative must be present at the interaction.
  9. Only an Aadhaar card with a mask may be used.
  10. Customers’ express prior consent should be obtained.
READ  Conversion of a Nidhi Company into a Full-Fledged NBFC Company

What NBFCs can expect from eKYC?

eKYC offers NBFCs and their clients a number of benefits. Here are several advantages NBFCs may get by transitioning from traditional paper-based KYC verification to electronic KYC. 

Immediate Verification –Customers are almost immediately validated. By digitising KYC verification, eKYC cuts the verification process from taking 10 to 20 days to only a few minutes. It has led to a sharp increase in efficiency and time savings for enterprises and a precipitous drop in operational costs estimated at 90%. 

High Security – Customer data is safe, and fraud is prevented because of biometric technologies used for KYC verification and data security procedures for the Central Identities Data Repository (which holds Aadhaar information). 

Paperless records –No identification documents are needed for eKYC because the Aadhaar database immediately has all the data needed to validate a consumer. It has been demonstrated that doing so increases productivity and audit efficiency while reducing reliance on paper-based documentation. 

Customers are more likely to complete the authentication process and not abandon it midway because of the simplicity of the eKYC channel, which contributes to a 60% decrease in KYC drop-offs. 

Market expansion and financial accessibility –In India, the UIDAI database has all of the personal data. Business owners no longer need to invest significant sums of money in extending their markets because eKYC is immediately integrated with this database. 

Customers having Aadhaar can be promptly verified, which requires little setup on the part of the verifier. Because it makes it simple for clients to create accounts and get credit, firms can utilise KYC norms to grow cost-effectively into new areas and attract more people to the official financial sector.


According to the aforementioned notification, Non-Banking Financial Companies, Payment System Providers, or Payment System Participants may submit an application to the RBI as long as they abide by the privacy and security standards established by UIDAI. In order to comply with FATF rules and stop money laundering, terrorism financing, and financial fraud through identity verification services, RBI is getting stricter and stricter over time.

Read our Article: What are the Regulatory Requirements of Non-Banking Financial Company in India?

Trending Posted