What changed
RBI observed laxities in banks' implementation of KYC/AML/CFT guidelines, particularly in risk categorization, customer profile updation, and alert monitoring. It now mandates a time-bound completion of these processes for all existing customers, with a deadline of March 31, 2013.
What it means for you
Banks must urgently review and update customer risk profiles to meet regulatory standards, reducing operational risk exposure. Non-compliance could leave banks vulnerable to money laundering and terrorism financing risks, potentially attracting supervisory action.
What you must do
- Complete risk categorization and profile updation for all existing customers by March 31, 2013.
- Establish a system for periodic review of risk categorization and customer identification data.
- Ensure robust monitoring and closure of alerts in accounts to strengthen KYC/AML/CFT compliance.
- Conduct internal audits to verify compliance with RBI guidelines in letter and spirit.
Who it affects
All scheduled commercial banks (excluding RRBs), Local area banks, KYC/AML compliance teams, Branch operations and customer onboarding staff
What is the deadline for completing risk categorization and profile updation?
The deadline is end-March 2013, as per the Monetary Policy Statement 2012-13 and RBI circular dated June 8, 2012.
Why is RBI emphasizing this now?
RBI observed laxities in banks' implementation of KYC/AML guidelines, which increases operational risk and vulnerability to money laundering and terrorism financing.
Which banks are covered by this circular?
All scheduled commercial banks (excluding Regional Rural Banks) and local area banks are required to comply.