What changed
Earlier, full KYC updation was required every 5 years for low-risk and every 2 years for high/medium-risk customers. Now, full KYC is required every 10 years for low-risk, every 8 years for medium-risk, and every 2 years for high-risk customers. Additionally, positive confirmation (via email, letter, phone, etc.) is needed every 2 years for medium-risk and every 3 years for low-risk customers.
What it means for you
Banks can reduce the compliance burden for low and medium-risk customers by extending full KYC cycles, but must maintain ongoing due diligence and transaction monitoring. The new rules require banks to update KYC policies and ensure strict adherence, especially for high-risk customers who still face 2-year full KYC cycles. Fresh photographs must be obtained when minor customers become major.
What you must do
- Revise your bank's KYC policy to reflect the new periodicity: full KYC every 10 years for low-risk, 8 for medium-risk, and 2 for high-risk customers.
- Implement a system for positive confirmation every 2 years for medium-risk and every 3 years for low-risk customers using email, letter, phone, or visits.
- Ensure ongoing due diligence and transaction monitoring for all customers, especially high-risk ones.
- Update procedures to obtain fresh photographs from minor customers upon reaching majority.
Who it affects
All Scheduled Commercial Banks (excluding RRBs), Local Area Banks, All India Financial Institutions
What is the new full KYC updation period for low-risk customers?
Full KYC exercise must be done at least every ten years for low-risk individuals and entities, as per the July 2013 circular.
Do we still need to do positive confirmation for low-risk customers?
Yes, positive confirmation (via email, letter, phone, etc.) is required at least every three years for low-risk customers, in addition to the full KYC every ten years.
What about minor customers turning major?
Fresh photographs must be obtained from minor customers when they become major, as per the updated instructions.