What changed
RBI observed that NBFCs are not effectively implementing KYC/AML/CFT guidelines, leaving them vulnerable to operational risk. The central bank now mandates a time-bound completion of risk categorisation and customer profile updates for all existing customers, with a deadline of end-March 2013.
What it means for you
NBFCs must urgently review and update customer risk profiles and identification data to meet regulatory standards. Failure to comply could increase operational risk and invite supervisory action. This directive reinforces the importance of KYC/AML/CFT measures in protecting the financial system.
What you must do
- Complete risk categorisation and profile updates for all existing customers by end-March 2013.
- Implement a system for periodic review of risk categorisation and customer identification data.
- Ensure compliance with KYC/AML/CFT guidelines in both letter and spirit to mitigate operational risk.
- Monitor and close alerts in accounts promptly as part of AML/CFT measures.
Who it affects
All Non-Banking Financial Companies (NBFCs), Residuary Non-Banking Companies (RNBCs)
What is the deadline for completing risk categorisation and profile updates?
The deadline is end-March 2013, as per the RBI circular dated July 26, 2012.
Why is RBI emphasising this now?
RBI observed laxities in KYC/AML implementation among NBFCs, which leaves them vulnerable to operational risk. This directive aims to strengthen compliance.
Does this apply to all NBFCs?
Yes, the circular is addressed to all Non-Banking Financial Companies and Residuary Non-Banking Companies.