The Reserve Bank of India, on 29th May 2019, introduced certain amendments to the Know Your Customer (KYC) – Master Direction 2016[1] in furtherance of an Ordinance amending the Aadhaar (Targeted Delivery of Financial and Other Subsidies Benefits and Services) Act 2016 (“Aadhaar Act”), Prevention of Money Laundering Act 2005 and the Indian Telegraph Act 1885.
1. Key Amendments
- Proof of possession of Aadhaar number has been added to the list of Officially Valid Documents (“OVD”) with a proviso that where the customer submits ‘Proof of possession of Aadhaar number’ as OVD, he may submit it in such form as are issued by the Unique Identification Authority of India (“UIDAI”).
- Banks have been allowed to carry out Aadhaar authentication/ offline-verification of an individual who voluntarily uses his Aadhaar number for identification purposes.
- Regulated Entities[2] other than banks may identify a customer through offline verification under the Aadhaar Act with his/her consent. Regulated Entities (“RE”) shall ensure that the customers (non-Direct Benefit Transfer beneficiaries) while submitting Aadhaar for customer due diligence, redact or blackout their Aadhaar number.
2. Impact
Customer Due Diligence
Banks are now allowed to undertake e-KYC authentication (a facility provided by the UIDAI) for customers who are desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 based on their Aadhaar numbers. Additionally, Banks are also allowed to carry out Aadhaar Authentication[3]/Offline-Verification[4] for customers who voluntarily use Aadhaar number for identification purposes.
For the time being, the use of Aadhaar Authentication is restricted only to Banks. Regulated Entities (other than banks) can, however, carry out offline verification of a customer if he or she is desirous to undergo Aadhaar offline verification for identification purposes.
It is important to note that in case the Aadhaar number is not required to be collected as per section 7 of the Aadhaar Act, the Regulated Entities need to ensure that the customers redact or blackout the Aadhaar number while submitting the proof of possession of Aadhaar Number. While the obligation to redact or blackout the Aadhaar Number is on the customer, the master directions are unclear on the process/means that must be adopted by the customers.
Given that the Aadhaar Judgement (Justice K.S. Puttaswamy and Ors. vs. Union of India (UOI) and Ors), struck down Section 57 these amendments are a positive attempt to address the gaping hole in India’s regulation of the financial services industry.
Footnotes:
- https://rbidocs.rbi.org.in/rdocs/notification/PDFs/NOTI190B865EC9E06464105A4A9318119A7455B.PDF
- Regulated Entities” mean
- all Scheduled Commercial Banks (SCBs)/ Regional Rural Banks (RRBs)/ Local Area Banks (LABs)/ All Primary (Urban) Co-operative Banks (UCBs) /State and Central Co-operative Banks and any other entity which has been licensed under Section 22 of Banking Regulation Act, 1949, which as a group shall be referred as ‘banks’
- All India Financial Institutions (AIFIs)
- All Non-Banking Finance Companies (NBFCs), Miscellaneous Non-Banking Companies (MNBCs) and Residuary Non-Banking Companies (RNBCs).
- All Payment System Providers (PSPs)/ System Participants (SPs) and Prepaid Payment Instrument Issuers (PPI Issuers)
- All authorised persons (APs) including those who are agents of the Money Transfer Service Scheme (MTSS), regulated by the Regulator.
3. “Authentication” means the process by which the Aadhaar number along with demographic information or biometric information of an individual is submitted to the Central Identities Data Repository for its verification and such Repository verifies the correctness, or the lack thereof, on the basis of information available with it;
4. “Offline Verification” (as defined in the Aadhaar and Other Law (Amendment) Ordinance, 2019,) means the process of verifying the identity of the Aadhaar number holder without authentication, through such offline modes, as may be specified by the Aadhaar regulations.
For any comments or queries, do reach out to us
