Know your Customer (KYC) and anti-money laundering (AML) policy

Summary of the Policy

Policy Name
Know Your Customer and Anti Money Laundering Policy
Issue and Effective Date
25/04/2024
Date of next review
26/04/2025
Periodicity of review
Annually
Owner / Contact
Compliance Department
Approved
Board of Directors
Annexure
  • List of KYC documents for different type of customers - Annexure - A
  • Procedure for obtaining identification information for undertaking CDDas Annexure - B
  • Indicative list for risk categorization as Annexure - C

Index

1.
Introduction
2.
Objective
3.
Definitions
4.
Key Elements
a.
Customer Acceptance Policy (CAP)
b.
Customer Identification Policy
c.
Monitoring of Transactions
d.
Risk Management
5.
Designated Director
6.
Principal Officer
7.
Money Laundering and Terrorist Financing Risk Assessment by Regulated Assessment
8.
Due Diligence of Business Partners
9.
Identification of Beneficial Ownership
10.
Record Retention
11.
Reporting to Central KYC Registry (CKYCR)
12.
General
Annexure A - List of KYC documents for different type of customers
Annexure B - Procedure for obtaining identification information for undertaking CDD

Glossary

RBI
Reserve bank of India
CAP
Customer Acceptance Policy
CIP
Customer Identification Procedures
PMLA
Prevention of Money Laundering Act
PEP
Politically Exposed Person
KYC
Know Your Customer
AML
Anti-Money Laundering
MoneyGear
Moneygear Fintech Private Limited
NBFC
Non-Banking Financial Companies
CTR
Cash Transaction Report
STR
Suspicious Transaction Report
FIU - IND
Financial Intelligence Unit - India
CIBIL
Credit Information Bureau (India) Limited
UIDAI
Unique Identification Authority of India
OVD
Officially Valid Document
CERSAI
Central Registry of Securitization Asset Reconstruction and Security Interest
CDD
Customer Due Diligence
NRI
Non Resident Indian
PIO
Person of India Origin
V-CIP
Video based Customer Identification Process
LE
Legal Entity
UCIC
Unique Customer Identification Code

1. Introduction

The master direction on Know Your Customer (KYC) issued by theReserve Bank of India and Anti-Money Laundering (AML) standards advised all Non-banking financial companies ensure that a proper policy framework on KYC and AML measures be formulated and put in place with the approval of the Board of the company.

In view of the master direction on Know Your Customer DBR.AML.BC.No.81/ 14.01.001/ 2015-16 dated February 25, 2016, with any amendment/re-enactment there of issued by Reserve Bank of India from time to time and Prevention of Money Laundering Act, 2002 ("Act") read with the Prevention of Money laundering (Maintenance of Records) Rules, 2005("Rules") with any further amendments/ re-enactments thereof issued from time to time, the Board of Directors of MoneyGear FINTECH PRIVATE LIMITED has adopted a policy on Know Your Customer (KYC) &Anti-Money Laundering (AML) norms.

Moneygear Fintech Private Limited (hereinafter referred to as "the Company" or "MoneyGear") is a Non-Deposit taking Non-Systematically important Non- Banking Finance Company registered with the Reserve Bank of India ("RBI") to carry out the business of a Non-banking financial company with an objective to provide financial assistance to the individuals, MSMEs, and Corporates.

This policy is applicable to all categories of products and services offered by the Company.

2. Objective

Objective of RBI guidelines is to prevent NBFCs being used, intentionally or unintentionally by criminal elements for money laundering activities.

The guidelines also mandates making reasonable efforts to determine the true identity and beneficial ownership of accounts, source of funds, the nature of customer's business, reasonableness of operations in the account in relation to the customer's business, etc. which in turn helps the Company to manage its risks prudently.

Accordingly, the main objective of this policy is to enable the Company to have positive identification of its customers.

3. Key Definitions

  1. "Act" and "Rules" means the Prevention of Money-Laundering Act, 2002 and the Prevention of Money-Laundering (Maintenance of Records) Rules, 2005, respectively and amendments thereto.
  2. "Authentication", in the context of Aadhaar authentication, means the process as defined under sub-section (c) of section 2 of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
  3. "Board" means Board of Directors of the Company.
  4. "Central KYC Records Registry" (CKYCR) means an entity defined under Rule 2(1)(aa) of the Prevention of Money Laundering Rules, to receive, store, safeguard and retrieve the KYC records in digital form of a customer.
  5. "Certified Copy" means a comparative copy of the proof of possession of Aadhaar number where offline verification cannot be carried out or officially valid document so produced by the customer with the original and recording the same on the copy by the authorized officer of the company.
  6. "Company" means Moneygear Fintech Private Limited
  7. "Customer" means a person who is engaged in a financial transaction or activity with a company and includes a person on whose behalf the person who is engaged in the transaction or activity, is acting.
  8. "Customer Due Diligence (CDD)" means identifying and verifying the customer and the beneficial owner.
  9. "Designated Director" means Managing Director or a whole-time Director, or any director duly authorised by the Board of Directors of the Company to ensure overall compliance with the obligations imposed under chapter IV of the Prevention of Money Laundering Act and the Rules;
    Explanation:
    1. For the purpose of this clause, the terms "Managing Director" and "Whole-time Director" shall have the meaning assigned to them in the Companies Act, 2013.
    2. "Directors" means individual Directors or Directors on the Board of the Company.
  10. "Digital KYC" means the capturing live photo of the customer and officially valid document or the proof of possession of Aadhaar, where offline verification cannot be carried out, along with the latitude and longitude of the location where such live photo is being taken by an authorised officer of the RE as per the provisions contained in the Act.
  11. "Digital Signature" shall have the same meaning as assigned to it in clause (p) of subsection (1) of Section (2) of the Information Technology Act, 2000.
  12. "Equivalent e-document" means an electronic equivalent of a document, issued by the issuing authority of such document with its valid digital signature including documents issued to the digital locker account of the customer as per rule 9 of the Information Technology (Preservation and Retention of Information by Intermediaries Providing Digital Locker Facilities) Rules, 2016.
  13. "Know Your Client (KYC) Identifier" means the unique number or code assigned to a customer by the Central KYC Records Registry.
  14. "Non-face-to-face Customers" mean customers who open accounts without visiting the branch/offices of the Company or meeting the officials of the Company.
  15. "Officially Valid Document" (OVD) means Passport, Driving license, Proof of possession of Aadhaar Number, Voter's Identity Card issued by the Election Commission of India, Job card issued by NREGA duly signed by an officer of the State Government and letter issued by the National Population Register containing details of name and address.

    "Provided also that where the client submits his proof of possession of Aadhaar number as an officially valid document, he may submit it in such form as are issued by the Unique Identification Authority of India".

    Explanation:
    For the purpose of this clause, a document shall be deemed to be an OVD even if there is a change in the name subsequent to its issuance provided it is supported by a marriage certificate issued by the State Government or Gazette notification, indicating such a change of name.
  16. "Person" includes an individual, a Hindu undivided family, a Company, a firm, an association of persons, a body of individuals, whether incorporated or not, or every artificial juridical person, not falling within any one of the above persons any agency, office or branch owned or controlled by any of the above persons.
  17. "Periodic Updation" means steps taken to ensure that documents, data, or information collected under the CDD process are kept up-to-date and relevant by undertaking reviews of existing records at the periodicity prescribed by the Reserve Bank or act or rules.
  18. "Principal Officer" means an officer nominated by the Company, responsible for furnishing information as per Rule 8 of the Rules.
  19. Politically Exposed Persons ("PEP") Politically Exposed Persons are Persons who are or have been entrusted with prominent public functions in India or foreign country, e.g., Heads of States or of Governments, senior politicians (eg. MPs, MLAs, MLC, Municipal Counsellors, Panchayat President, Members), senior government/judicial/military officers, senior executives of state-owned corporations, all political party officials, Political Parties, etc.
  20. "Regulated Entities" (REs) means: all Scheduled Commercial Banks (SCBs)/ Regional Rural Banks(RRBs)/ Local Area Banks (LABs)/ All Primary (Urban) Co-operative Banks (UCBs)/State and Central Cooperative Banks (St CBs / CCBs) and any other entity which has been licensed under Section 22 of Banking Regulation Act, 1949, which as a group shall be referred as 'banks' All India Financial Institutions (AIFIs) All Non-Banking Finance Companies (NBFC)s, Miscellaneous Non-Banking Companies (MNBCs) and Residuary Non-Banking Companies (RNBCs). All Payment System Providers (PSPs)/ System Participants (SPs) and Prepaid Payment Instrument Issuers (PPI Issuers) All authorized persons (APs) including those who are agents of Money Transfer Service Scheme (MTSS), regulated by the Regulator.
  21. "Suspicious Transaction" means a "transaction", including an attempted transaction, whether or not made in cash, which, to a person acting in good faith: gives rise to a reasonable ground of suspicion that it may involve proceeds of an offense specified in the Schedule to the Act, regardless of the value involved; or appears to be made in circumstances of unusual or unjustified complexity, or appears to not have an economic rationale or bonafide purpose, or gives rise to a reasonable ground of suspicion that it may involve financing of the activities relating to terrorism.
    Explanation: Transaction involving financing of the activities relating to terrorism includes transactions involving funds suspected to be linked or related to, or to be used for terrorism, terrorist acts or by a terrorist, terrorist organization or those who finance or are attempting to finance terrorism.
  22. "Transaction" means a purchase, sale, loan, pledge, gift, transfer, delivery or the arrangement thereof and includes:
    1. Opening of an account, or
    2. Deposit, withdrawal, exchange, or transfer of funds in whatever currency, whether in cash or by cheque, payment order or other instruments or by electronic or other non-physical means, or
    3. The use of a safety deposit box or any other form of safe deposit, or
    4. Entering into any fiduciary relationship, or
    5. Any payment made or received, in whole or in part, for any contractual or other legal obligation, or
    6. Establishing or creating a legal person or legal arrangement.
  23. "Video-based Customer Identification Process (V-CIP)" means a method of customer identification by an official of the company by undertaking seamless, secure, real-time, consent based audio-visual interaction with the customer to obtain identification information including the documents required for CDD purpose, and to ascertain the veracity of the information furnished by the customer.

All other expressions unless defined herein shall have the same meaning as have been assigned to them under the applicable Master direction on NBFC or the Reserve Bank of India Act, or the Prevention of Money Laundering Act and Prevention of Money Laundering (Maintenance of Records) Rules, any statutory modification or re-enactment thereto or as used in commercial parlance, as the case may be.

4. Key Elements

The Company has framed its KYC policy incorporating the following four key elements:

  1. Customer Acceptance Policy
  2. Customer identification Procedures
  3. Monitoring of Transactions
  4. Risk Management

For the purpose of the KYC policy, a ‘Customer' is defined as per Clause 3 i.e., Definitions.

a) Customer Acceptance Policy (CAP)

“MoneyGear” lays down criteria for acceptance of customers. While taking the decision to grant any facilities to the customers as well as during the continuation of any facilities the following norms and procedures will be followed by the company.

The Customer Acceptance Policy will ensure that explicit guidelines are in place on the following aspects of customer relationship in the Company.

  1. No loan account is opened in anonymous or fictitious / benami name(s). The Company shall insist on sufficient proof about the identity of the customer to ensure his physical and legal existence at the time of accepting the application form from any customer.
  2. Documentation requirements and other information to be collected in respect of different categories of customers depending on perceived risk and keeping in mind the requirements of PML Act, 2002 and guidelines issued by Reserve Bank from time to time.
  3. Parameters of risk perception are clearly defined in terms of the nature of business activity, location of customer and his clients, mode of payments, volume of turnover, social and financial status etc., to enable categorization of customers into low, medium, and high risk. Customers requiring very high level of monitoring, e.g. Politically Exposed Persons may, if considered necessary, be categorized even higher.
  4. CDD procedure is applied at the unique customer identification number level. This way, if an existing KYC compliant customer wishes to avail another loan from the Company, there will be no need for a fresh CDD exercise.
  5. Customers would be categorized as low, medium and high risk.
  6. No transaction or account-based relationship is undertaken without following the CDD procedure.
  7. CDD procedure is applied at the UCIC level. This way, if an existing KYC compliant customer wishes to avail another loan from the Company, there will be no need for a fresh CDD exercise.
  8. The mandatory information to be sought for KYC purposes while opening an account and during the periodic updation, is specified.
  9. The Company will not open an account or close an existing account where it is unable to apply appropriate customer due diligence measures i.e. it is unable to verify the identity and /or obtain documents required as per the risk categorization due to non-cooperation of the customer or non reliability of the data / information furnished to the Company. It may, however, be necessary to have suitable built-in safeguards to avoid harassment of the customer. For example, the decision to close an account will be taken at a reasonably high level after giving due notice to the customer explaining the reasons for such a decision.
  10. CDD Procedure is followed for all the joint accountholders, co-applicants and guarantor(s) while opening a joint account.
  11. Circumstances in which a customer is permitted to act on behalf of another person/entity will be clearly spelt out in conformity with the established law and practices, as there could be occasions when an Loan account is operated by a mandate holder or where an account may be opened by an intermediary in a fiduciary capacity.
  12. A system is required to be put in place for periodical review of risk categorization of accounts and the need for applying enhanced due diligence measures in case of higher risk perception on a customer. Such review of risk categorization of customers should be carried out at regular intervals as prescribed by Risk Department of the company.
  13. Where an equivalent e-document is obtained from the customer, the company will verify the digital signature as per the provisions of the Information Technology Act, 2000.

In compliance of above requirements the employees and staffs of the company make sure that the while complying with the aforementioned requirement does not result in any type of harassment or inconvenience to bona fide and genuine customers who should not feel discouraged while dealing with the Company and the adherence of customer acceptance policy must not result in denial of the company’s services to general public, especially to those, who are financially or socially disadvantaged.

b) Customer Identification Procedures (CIP)

Customer identification means identifying the customer and verifying his/ her identity by using reliable, independent source documents, data or information. Company need to obtain sufficient information necessary to establish, to their satisfaction, the identity of each new customer, whether regular or occasional, and the purpose of the intended nature of relationship.

  1. The first requirement of customer identification procedures to be satisfied is that a prospective customer is the person who he / she claims to be.
  2. The second requirement of customer identification procedures is to ensure that sufficient information is obtained on the nature of the business that the customer expects to undertake, and any expected or predictable pattern of transactions.
  3. Identity shall be verified for:
    1. The named account holder.
    2. Beneficial owners.
    3. Signatories to an account.
    4. Intermediate parties.

Copies of the documents produced as Proof of Identity and Address shall be obtained and retained with the Company, wherein a responsible Company Official has to attest such copies certifying that the Originals thereof have been verified.

The periodicity of updating of customer’s identification data should be done once in ten years in case of low risk category customers, once in eight years in case of medium risk category customers and once in two years in case of high risk categories.

Besides risk perception, the nature of information / documents required would also depend on the type of customer(individual, corporate etc). An indicative list of the nature and type of documents/information that may be relied upon for customer identification is given in Annexure  A.

Also, the information collected from the customer for the purpose of opening of account should be kept as confidential and any details thereof should not be divulged for cross selling or any other purposes.

It will be ensured that information sought from the customer is relevant to the perceived risk, is not intrusive, and is inconformity with the guidelines issued in this regard. Any other information from the customer should be sought separately with his / her consent and after opening the account

Video - Customer Identification Procedure

As per the section 18 of the amended Master Direction on KYC dated 10th May 2021, the company shall undertake V-CIP to carry out the following:

  1. CDDin case of new customer on-boarding for individual customers, proprietor incase of proprietorship firm, authorised signatories and Beneficial Owners (BOs) in case of Legal Entity (LE) customers. Provided that in case of CDD of a proprietorship firm, the Company shall also obtain the equivalent e-document of the activity proofs with respect to the proprietorship firm, as mentioned inSection 28 of the Master Directions on KYC, apart from undertaking CDD of the proprietor.
  2. Conversion of existing accounts opened in non-face to face mode using Aadhaar OTP based e-KYC authentication as per Section 17 of the Master Directions on KYC.
  3. Updation / Periodic updation of KYC for eligible customers.

Further theCompany shall adhere to the minimum standards specified in the MasterDirections amendment w.r.t V-CIP infrastructure, procedure, record and data management.

The Company shall take assistance of Banking Correspondents (BCs) in facilitating the V-CIP only at the customer end. However, the company shall maintain the details of the BC assisting the customer, in case the service of BCs are utilized. The ultimate responsibility for customer due diligence will be the Company


Video - Customer Identification Procedure

“MoneyGear”may undertake live V-CIP, to be carried out by an official of the “MoneyGear”,for establishment of an account based relationship with an individual customer, after obtaining his informed consent and shall adhere to the following stipulations:
Further, the Company shall adhere to the minimum standards specified in the Master Directions amendment w.r.t V-CIP infrastructure, procedure, record, and data management.

The Company shall take the assistance ofBanking Correspondents (BCs) in facilitating the V-CIP only at the customer end. However, the company shall maintain the details of the BC assisting the customer, in case the service of BCs is utilized. The ultimate responsibility for customer due diligence will be the Company.

  1. The official of the “MoneyGear” performing the V-CIP shall record video as well as capture a photograph of the customer present for identification and obtain the identification through Offline Verification of Aadhaar.
  2. “MoneyGear” shall capture a clear image of the PAN card to be displayed by the customer during the process, except in cases where e-PAN is provided by the customer. The PAN details shall be verified from the database of the issuing authority.
  3. Live location of the customer (Geotagging) shall be captured to ensure physical presence in India.
  4. The official of the “MoneyGear” shall ensure that the photograph of the customer in the Aadhaar / PAN details matches with the customer undertaking the V-CIP and the identification details in Aadhaar / PAN shall match with the details provided by the customer.
  5. The official oft he “MoneyGear” shall ensure that the sequence and/or type of questions during video interactions are varied in order to establish that the interactions are real-time and not pre-recorded.
  6. All accounts opened through V-CIP shall be made operational only after being subject to concurrent audit, to ensure the integrity of process. RE shall ensure that the process is a seamless, real-time, secured, end-to-end encrypted audiovisual interaction with the customer and the quality of the communication is adequate to allow identification of the customer beyond doubt. RE shall carry out the liveliness check in order to guard against spoofing and such other fraudulent manipulations.
  7. To ensure security, robustness and end to end encryption, the REs shall carry out software and security audit and validation of the V-CIP application before rolling it out.
  8. The audio visual interaction shall be triggered from the domain of the RE itself, and not from third party service provider, if any. The V-CIP process shall be operated by officials specifically trained for this purpose. The activity log along with the credentials of the official performing the V-CIP shall be preserved.
  9. "MoneyGear” shall ensure that the video recording is stored in a safe and secure manner and bears the date and time stamp.
  10. "MoneyGear” are encouraged to take assistance of the latest available technology, including Artificial Intelligence (AI) and face matching technologies, to ensure the integrity of the process as well as the information furnished by the customer. However, the responsibility of customer identification shall rest with the “MoneyGear”.
  11. "MoneyGear” shall ensure to redact or blackout the Aadhaar number in terms of Section 16.

Further, the Company shall adhere to the minimum standards specified in the Master Directions amendment w.r.t V-CIP infrastructure, procedure, record, and data management.

The Company shall take the assistance ofBanking Correspondents (BCs) in facilitating the V-CIP only at the customer end. However, the company shall maintain the details of the BC assisting the customer, in case the service of BCs is utilized. The ultimate responsibility for customer due diligence will be the Company.

Customer Due Diligence Procedures (CDD)

The true identity and bonafide of existing and potential customers opening loan accounts with the Company is of paramount importance. Basic background information must be obtained.

Procedure for Obtaining Identification Information
For undertaking CDD, the Company will obtain the information from an individual, Sole Proprietary Firms, partnership firms, and Legal Entities while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorized signatory, or the power of attorney holder related to any legal entity. A detailed procedure to be followed by the Company is attached as Annexure - B.

c) Monitoring of Transactions

Ongoing monitoring is an essential element of effective KYC procedures. The Company can effectively control and reduce its risk only if it has an understanding of the normal and reasonable activity of the customer so that it can identify transactions that fall outside the regular pattern of activity. However, the extent of monitoring will depend on the risk sensitivity of the account. Since the Company may not have any deposit accounts, this situation will not arise, but the Company shall pay special attention to depleting financial ratios, adequacy of collaterals etc. The Company will put in place a system of half-yearly review of risk categorization of all outstanding accounts and the need for applying enhanced due diligence measures.

The Company must pay special attention to all complex, unusually large transactions and all unusual patterns which have no apparent economic or visible lawful purpose. The Company must also have an understanding of the normal and reasonable activity of the customer so that they have the means of identifying transactions that fall outside the regular pattern of activity in order to effectively control and reduce the risk. Transactions that involve large amounts of cash inconsistent with the normal and expected activity of the customer should be noted and must be reported.

The Company will ensure that record of transactions in the accounts is preserved and maintained as required under Section 12 of the PML Act, 2002 and Rule 3, 4, and 5 of thePMLA Rules 2005 (Refer Point 8 for maintenance of records and Point 9 for preservation of records under the PML Act) in a separate register at the registered office of the Company in physical or electronic form and make it available to the regulatory and investigating authorities. It will also ensure that transactions of suspicious nature and/or any other type of transaction notified under section 12 of the PML Act, 2002, and Rules 3, 4, and 5 of thePMLA Rules, 2005 is reported to the appropriate law enforcement authority.

d) Risk Management

The Board of Directors of MoneyGear has ensured adopt a risk-based approach to ensure that an effective KYC programme is put in place by establishing appropriate procedures and ensuring their effective implementation. The company will adhere to the following for effective implementation of Risk Management.

The Company’s internal control and compliance functions have an important role in evaluating and ensuring adherence to the KYC policies and procedures. The compliance function will provide an independent evaluation of the Company’s policies and procedures, including legal and regulatory requirements.

  1. Originals of the KYC documents shall be verified by officials of the Company and copies thereof shall be obtained and retained with the Company. Such copies shall be attested by theCompany officials certifying that they have been verified with the originals.
  2. KYC documents so obtained shall be properly arranged and filed in order so that they shall be available for verification any time.
  3. Company’s Internal Auditors/Management shall ensure an independent evaluation of compliance of KYC/AML policy including legal and regulatory requirements. They shall reportLapses observed in this regard as Irregularities in their Audit Reports.
  4. Adverse features noted by the Internal Auditors/ Management shall be brought to the attention of the Principal Officer.
  5. Summary of serious Irregularities/deviations shall be placed before the Audit Committee of the Board by the Internal Audit Department at quarterly intervals.
  6. Review of implementation of KYC/AML guidelines shall also be placed before the AuditCommittee of the Board by the Principal Officer at quarterly intervals.
  7. The Company shall have an on-going employee training programme so that members of the staff are adequately trained in KYC/AML procedures.
  8. The Principal Officer designated by the Company in this regard shall have responsibility in managing oversight and coordinating with various functionaries in the implementation ofKYC/AML Policy.
  9. Designated Director shall be responsible for the overall compliance with the obligations under the Act and Rules.

Risk Profiling

  1. “MoneyGear” to devise a procedure for creating Risk Profiles of their new customers based on risk categorization. The Company shall categorize the customers according to the risk perceived to facilitate undertaking due diligence for the purpose of risk categorization. The customer profile shall contain amongst others information relating to the customer’s identity, social/ financial status, nature of the business activity, information about the customer’ clients’ business and their location, etc.
  2. Further, the Company shall seek information from its customers which is relevant for the loan and is in conformity with the guidelines. The customer’s profile with the Company shall remain a confidential document and the information shall not be divulged for cross-selling or any other purpose.
  3. MoneyGear shall categorize the risk profile of individual customers into 2 (two)basic categories in order of the profile. The categories are as below:
Risk Category

Category of Customers

Low Risk Customers

Individuals (other than High Net Worth) and entities whose identities and sources of wealth can be easily identified and transactions in whose accounts by and large conform to the known profile may be categorised as low risk.In such cases, the policy requires only the basic requirements of verifying the identity and location of the customer.

Medium Risk Customers / High Risk Customers

Customers that are likely to pose a higher than average risk to the Company may be categorised as medium or high risk depending on the customer's background, nature and location of activity, country of origin, sources of funds and his client profile, etc. TheCompany will apply enhanced due diligence measures based on the risk assessment, thereby requiring intensive ‘due diligence' for higher risk customers, especially those for whom the sources of funds are not clear.

  1. The extent of due diligence requirement will vary from case to case as the same will depend upon risk perceived by the Company while granting credit facilities to customers.
  2. For the purpose of preparing customer profile only such relevant information from the customers will be sought based on which the Company can easily decide about the risk category in which the customers are to be placed.
  3. “MoneyGear” has formulated an indicative list of customers and their respective risk categories. The same is attached as Annexure - C to this Policy.

PERIODIC UPDATION OF KYC

- As per the requirement of the amended Master Direction on KYC dated 10th May 2021, the Company has adopted a risk-based approach for periodic updation of KYC in the following manner:

S.No.
Basis of Risk Category

Frequency

1

High Risk Customer

Once every two years from the date of opening of the account / last KYC updation.

2

Medium Risk Customer

Once every eight years from the date of opening of the account / last KYC updation.

3

Low Risk Customer

Once every ten years from the date of opening of the account / last KYC updation.

  1. The company shall obtain self-declaration from Individual customers and non-Individual customers in case of no change in their KYC details. However, in case of change in address of individual customer a self-declaration of such change and proof of new address to be obtained from customer’s registered email id and the declared address shall be verified through positive confirmation within two months, by means such as address verification letter, contact point verification, deliverables etc.
  2. The Company may obtain a copy of OVD or deemed OVD or the equivalent e-documents thereof, as defined in Section 3(a)(xiii) of Master Direction on KYC, for the purpose of proof of address, declared by the customer at the time of periodic updation.
  3. In case of change in KYC information of non-individual customer, the Company shall undertake a KYC process which shall be equivalent to on-boarding a new customer.

5. Designated Director

MoneyGear shall appoint ‘Designated Director’ who will be responsible for overall compliance with the obligation imposed under Chapter IV of the PML Act.

6. Principal Officer

MoneyGear shall appoint ‘Principal Officer’ who will be responsible for reporting all transactions and sharing of information. He / She will also be responsible to ensure that proper steps are e taken to fix accountability for serious lapses and intentional contraventions of the KYC guidelines.


Maintenance of records of transactions and reporting

“MoneyGear” has a system of maintaining a proper record of transactions prescribed underRule 3 of PMLA rules and transaction, procedure, manner of maintaining transactions, and manner of furnishing prescribed under rule 3, 4, 5, 6, 7 and 8 of PML Rules 2005 mentioned below:

  1. All cash transactions of the value of more than rupees ten lakh or its equivalent in foreign currency.
  2. All series of cash transactions integrally connected to each other which have been valued below rupees ten lakh or its equivalent in foreign currency where such series of transactions have taken place within a month and the aggregate value of such transactions exceeds rupees ten lakh.
  3. All transactions involving receipts by non-profit organizations of rupees ten lakhs or its equivalent in foreign currency.
  4. All suspicious transactions, where forged or counterfeit currency notes or bank note shave been used as genuine and where any forgery of a valuable security has taken place.
  5. All suspicious transactions whether or not made in cash and by way of as mentioned in the Rules.

The records shall be preserved in the following manner:

  1. The nature of transactions.
  2. The amount of the transaction and the currency in which it was denominated.
  3. All transactions involving receipts by non-profit organizations of rupees ten lakhs or its equivalent in foreign currency.
  4. The date on which the transaction was conducted.
  5. The parties to the transaction.

The information in respect of the transactions referred to in clauses I, II and III referred above will be submitted to the Director - FIU every month by the 15th day of the succeeding month.

The information in respect of the transactions referred to in clause IV referred above will be furnished promptly to the Director - FIU in writing, or by fax or by electronic mail not later than seven working days from the date of occurrence of such transaction.

The information in respect of the transactions referred to in clause V referred above will be furnished promptly by the Director - FIU in writing, or by fax or by electronic mail not later than seven working days on being satisfied that transaction is suspicious.

Strict confidentiality will be maintained by the Company and its employees of the fact offurnishing / reporting details of such suspicious transactions.

As advised by the FIU-IND, New Delhi; the Company will not be required to submit 'NIL' reports in case there are no Cash / Suspicious Transactions, during a particular period.

The required information will be furnished by the Company directly to the FIU-IND, through the designated Principal Officer.

REPORTING REQUIREMENTS TO FINANCIAL INTELLIGENCE UNIT - INDIA

“MoneyGear” shall furnish to the Director, Financial Intelligence Unit-India (FIU-IND),information referred to in Rule 3 of the PML (Maintenance of Records) Rules, 2005 in terms of Rule 7 thereof.

Explanation: In terms of Third Amendment Rules notified September 22, 2015 regarding amendment to sub rule 3 and 4 of rule 7, Director, FIU-IND shall have powers to issue guidelines to the REs for detecting transactions referred to in various clauses of sub-rule (1)of rule 3, to direct them about the form of furnishing information and to specify the procedure and the manner of furnishing information.

The reporting formats and comprehensive reporting format guide prescribed/ released by FIU-IND and Report Generation Utility and Report Validation Utility developed to assist reporting entities in the preparation of prescribed reports shall be taken note of. The editable electronic utilities to file electronic Cash Transaction Reports (CTR) / SuspiciousTransaction Reports (STR) which FIU-IND has placed on its website shall be made use of byREs which are yet to install/adopt suitable technological tools for extracting CTR/STR from their live transaction data. The Company’s Principal Officers, whose all branches are not fully computerised, shall have suitable arrangement to cull out the transaction details from branches which are not yet computerized and to feed the data into an electronic file with the help of the editable electronic utilities of CTR/STR as have been made available by FIU-INDon its website http://fiuindia.gov.in.

While furnishing information to the Director, FIU-IND, delay of each day in not reporting a transaction or delay of each day in rectifying a misrepresented transaction beyond the time limit as specified in the Rule shall be constituted as a separate violation. The Company shall not put any restriction on operations in the accounts where an STR has been filed. TheCompany shall keep the fact of furnishing of STR strictly confidential. It shall be ensured that there is no tipping off to the customer at any level.

However, robust software throwing alerts when the transactions are inconsistent with risk categorization and updated profile of the customers shall be put in to use as a part of effective identification and reporting of suspicious transactions.

The Principal Officer can also report information relating to cash and suspicious transactions if detected, to the Director, Financial Intelligence Unit-India (FIU-IND) as advised in terms of the PML rules, 2005 in the prescribed formats at the following address:

Director, FIU-IND,
Financial Intelligence Unit, India,
6th Floor, Hotel Samrat, Chanakyapuri,
New Delhi – 110021A copy of information furnished shall be retained by the Principal Officer for the purposes of official record.

The Company shall keep the fact of furnishing of STR strictly confidential. It shall been sured that there is no tipping off to the customer at any level.
However, robust software throwing alerts when the transactions are inconsistent with risk categorization and updated profile of the customers shall be put in to use as a part of effective identification and reporting of suspicious transactions.

7. MONEY LAUNDERING AND TERRORIST FINANCING RISK ASSESSMENT

  1. The Company shall carry out ‘Money Laundering (ML) and Terrorist Financing (TF)Risk Assessment’ exercise periodically to identify, assess and take effective measures to mitigate its money laundering and terrorist financing risk for clients, countries or geographic areas, products, services, transactions or delivery channels, etc. The assessment process will consider all the relevant risk factors before determining the level of overall risk and the appropriate level and type of mitigation to be applied. While preparing the internal risk assessment, the Company will take cognizance of the overall sector-specific vulnerabilities, if any, that the regulator/supervisor may share with theCompany from time to time.
  2. The risk assessment exercise by the Company shall be properly documented and be proportionate to the nature, size, geographical presence, complexity of activities/structure, etc. of the Company. Further, the periodicity of risk assessment exercise shall be determined by the Board of the company, in alignment with the outcome of the risk assessment exercise. However, it will be reviewed at least annually.
  3. The outcome of the exercise shall be put up to the Board or any committee of the Board to which power in this regard has been delegated and will be available to competent authorities and self-regulating bodies.

The Company shall apply a Risk Based Approach (RBA) for mitigation and management of the identified risk and have Board approved policies, controls and procedures in this regard.Further, the company shall monitor the implementation of the controls and enhance them if necessary.

8. DUE DILIGENCE OF BUSINESS PARTNERS

  1. Verify Identity:
    1. Obtain and file legible copies of corporate formation and registration documents or public company prospectuses and government filings.
    2. PAN card of the Directors etc.
    3. Wherever possible (in the case of privately owned entities), arrange for a recommendation from legal counsel to the company.
    4. Wherever possible (in the case of privately owned entities), obtain from appropriate government entity confirmation of due incorporation and existence of the corporation.
    5. Wherever possible (in the case of privately owned entities), Verify the identity of All directors, Shareholders, UBO of body corporate through various online sources. The following due diligence must also be performed on prospective Business Partners.
  2. Verify Source of Income:
    1. Research for the Company details in available news or business databases and obtain all corporate earnings information available.

The Company shall maintain files on each Business Partner with copies of all data obtained and memorialize in writing all the verification efforts. These files may be maintained electronically and should be accessible quickly when needed.

Purposeful Implementation

The purpose of adopting the above measures and norms while taking decisions on the issue of customer acceptance is twofold. Firstly, the Company should not suffer financially at later stage due to lack of proper due diligence exercise and lack of information which is the exclusive possession of the customers.

  1. Secondly, to curb and prevent any such practice by the customers which is aimed to achieve unlawful objectives or any other practice by which the financial institutions can be used to perpetuate any criminal or unlawful activities. However, at the same time, this policy does not aim or intend to deny the benefit of financial services to those who genuinely need such services / facilities due to real lack of their own sufficient financial resources.

9. IDENTIFICATION OF BENEFICIAL OWNERSHIP

The Company will determine the beneficial ownership and controlling interest in case of applicants who are not individuals and the KYC of the beneficial owners will be completed. In the case of beneficial owners, Yes/No authentication provided by UIDAI shall suffice.

Applicable

Guidelines

When the client is a company

The beneficial owner is the natural person(s),who, whether acting alone or together, or through one or more juridical person, has a controlling ownership interest or who exercises control through other means.

  • Ownership of / entitlement to more than 25 % of shares or capital or profits of the company
  • Control shall include the right to appoint majority of the directors or to control the management or policy decisions including by virtue of their shareholding or management rights or shareholders agreements or voting agreements.
Where the client is a partnership firm or a company

The beneficial owner is the natural person(s),who, whether acting alone or together, or through one or more juridical person

Ownership of / entitlement to more than 15% of the capital or profits of the partnership.

Low Risk Customers

Individuals (other than High Net Worth) and entities whose identities and sources of wealth can be easily identified and transactions in whose accounts by and large conform to the known profile may be categorised as low risk.In such cases, the policy requires only the basic requirements of verifying the identity and location of the customer.

There are certain indicative guidelines issued by RBI from time to time for customer identification requirements for matters such as Trust / Nominee or Fiduciary Accounts,Accounts of companies & firms, Client Accounts opened by professional intermediaries,Accounts of Politically Exposed Persons resident outside India and Accounts of non-face-to-face customers. The Company will adhere to these guidelines to the extent applicable.

10. RECORDS RETENTION

Records pertaining to identification of the customer and their address obtained while opening their loan account and during course of business relationship will be preserved five years from the date of transaction between a client and the reporting entity accordance with the Section 12 of the PLM Act, 2002 and the records mentioned under clause (e) of sub section 1 of PMLA rules2005 shall retain for a period of at least five years after the business relationship has ended or the account has been closed, whichever is later.

11. REPORTING TO CENTRAL KYC REGISTRY (KYC)

The customer KYC information will be shared with the CKYCR in the manner mentioned in theRBI Directions in the RBI’s KYC templates prepared for ‘individuals’ and ‘Legal Entities (LE)’ as the case may be with Central Registry of Securitization Asset Reconstruction and SecurityInterest of India (CERSAI).

The customer information related to LEs (Legal Entities) will be submitted to CKYCR for accounts of LEs (Legal Entities) opened on or after commencement of NBFI business activities. Further, during periodic updation, customers’ KYC details will be migrated to currentCustomer Due Diligence (CDD) standards.

If a customer submits KYC Identifier, with explicit consent to download records from CKYCR,KYC records could be retrieved online from CKYCR and customer will not be required to submit any KYC records unless in the following events:
KYC Identifier generated by CKYCR will be communicated to the Individual/LE.

  1. There is a change in information of customer as existing in the records of CKYCR.
  2. The current address of customer needs to be verified.
  3. It is considered necessary to verify identity or address of customer, or to perform enhanced due diligence or to build an appropriate risk profile of the client.

KYC Identifier generated by CKYCR will be communicated to the Individual/LE.

12. GENERAL

The Company shall ensure that the provisions of PMLA and the Rules framed thereunder and the Foreign Contribution and Regulation Act, 1976, wherever applicable, are adhered to strictly.Where the Company is unable to apply appropriate KYC measures due to non-furnishing of information and /or non-cooperation by the customer, the Company may consider closing the account or terminating the business relationship after issuing due notice to the customer explaining the reasons for taking such a decision. Such decisions need to be taken at a reasonably senior level.

ANNEXURE - A

List of KYC Documents for Different Types of Customers

1. Accounts of Individuals

  1. Permanent Account Number (with photo and signature) or Form 60.
  2. One certified copy of an Officially Valid Document (OVD”) containing details of the borrower’s identity for legal name, and any other names used and address:
    1. Proof of possession of Aadhaar number in such form as are issued by the Unique Identification Authority of India.
    2. Valid Indian Passport (with photo and signature)
    3. Valid Voter’s ID card issued by the Election Commission of India
    4. Valid Permanent Driving License (with photo and signature)
    5. Letter issued by the National Population Register containing details of name and address.

In case of OVD furnished by the customer does not contain updated address, the following documents shall be deemed to be OVD for limited purpose of proof of address:

  1. Bank Account Statement
  2. Letter from any recognised public authority
  3. Utility Bill not more than two months old (electricity, telephone, post-paid mobile phone, piped gas, water bill) of any service provider
  4. Property or Municipal tax receipt

The following documents may be obtained in addition to OVD subject to the satisfaction of the Company:

A copy of the borrower’s marriage certificate issued by the State Government or Gazette notification representing the change in name of the borrower along with a certified copy of theOVD in the existing name of the person shall be obtained for proof of address and identity to establish an account-based relationship or to periodically update records in case the borrower change their names on account of marriage or otherwise.

  1. Property (including land) registration document containing photograph, name, signature and address.
  2. Letter from employer (subject to satisfaction of the Company).

Signature Proof:

  1. Valid Indian Passport
  2. Valid PAN card
  3. Valid Permanent Driving license
  4. Banker's letter/ verification letter/ ECS verification in original on Bank’s letter head bearing the authorising officer’s name and signature along with the stamp of the bank. In case the Bank refuses to give the signature verification on the Bank’s letter head, then Signature/ECS verification shall be obtained in the format prescribed for the said purpose.
  5. Property registration document containing photograph, name, signature and address

2. Accounts of Proprietary Concerns

1. Permanent Account Number (with photo and signature) or Form 60.

B. One certified copy of an Officially Valid Document (OVD”) containing details of the borrower’s identity for legal name, and any other names used and address:

  1. Proof of possession of Aadhaar number in such form as are issued by the UniqueIdentification Authority of India.
  2. Valid Passport (with photo and signature)
  3. Valid Voter’s ID card issued by the Election Commission of India
  4. Valid Permanent Driving License (with photo and signature)
  5. Letter issued by the National Population Register containing details of name and address.

Entity Documents:

  1. Proof of the name, address and activity of the entity, like GST certificate or Shop &establishment license or any registration/licensing document issued in the name of the proprietary concern by the Central Government or State Government Authority / Department.
  2. Utility bills such as electricity, water, and landline telephone bills in the name of the proprietary concern.

3. Accounts of Partnership Firms

Documents of partner:

  1. Pan card of all the partners
    1. Address proof as applicable for an individual account.
    2. The two latest passport size photographs.

Partnership firm Documents:

  1. Permanent Account Number of the partnership firm.
  2. Proof of the name, address and activity of the entity, like GST certificate or Shop & establishment license or Any registration / licensing document issued in the name of the partnership firm by the Central Government or State Government Authority / Department.
  3. Partnership deed
  4. Authority Letter signed by all the partners.
  5. The complete Income Tax return of last three years if it is applicable or such lesser period (not just the acknowledgement) in the where the firm's income is reflected duly authenticated / acknowledged by the Income Tax Authorities.
  6. Utility bills such as electricity, water, and landline telephone bills in the name of the partnership firm.
  7. Any other prescribed equivalent e-documents.

4. Accounts of Companies

  1. Basic documents of company i.e. Certificate of incorporation, Memorandum & Articles of Association, Permanent Account Number of the company & Any license or registration certificate by central government state government or any regulatory authority of India.
  2. Resolution by the Board of Directors to obtain a loan from MoneyGear and authority to any director or employee to act on behalf of the company.
  3. One Proof of identity (PAN CARD), Proof of address, and a Colored recent passport size photograph of the authorized person.
  4. List of Directors as on date.
  5. List of Shareholders.
  6. Financials statement along with the statutory company’s auditor report of the latest preceding completed financial year.
  7. Income tax return of last 3 years or such a lesser period as may be applicable along with the Tax audit report.
  8. Any other prescribed equivalent e-documents.

ANNEXURE - B

Procedure for Obtaining Identification Information for Undertaking CDD

The Company shall obtain the following information from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorized signatory or the power of attorney holder related to any legal entity:

  1. Offline verification of a customer may be carried out, if the customer desires to undergo Aadhaar offline verification for identification purpose. Offline Verification means the process of verifying the identity of the Aadhaar number holder without authentication, through such offline modes as may be specified by the Aadhaar regulations.
  2. Accounts opened using OTP based e-KYC shall not be allowed for more than one year unless identification as per Annexure - B, V-CIP is carried out.
  3. If Aadhaar details are used for V-CIP, the process shall be followed in its entirety including fresh Aadhaar OTP authentication.
  4. The Company may undertake V-CIP to carry out:
    1. CDD in case of new customer on-boarding for individual customers, proprietor in case of proprietorship firm, authorised signatories and Beneficial Owners (BOs) in case of Legal Entity (LE) customers.
    2. Provided that in case of CDD of a proprietorship firm, the Company shall also obtain the equivalent e-document of the activity proofs with respect to the proprietorship firm, as mentioned in Annexure A, apart from undertaking CDD of the proprietor.
    3. Conversion of existing accounts opened in non-face to face mode using Aadhaar OTP based e-KYC authentication shall be subject to conditions laid down in Master Directions, updated from time to time. i. Updation / Periodic updation of KYC for eligible customers.
    4. Updation /Periodic updation of KYC for eligible customers.
  5. In case the CDD is outsourced, then the records or the information of the customer due diligence carried out by the third party should be obtained within reasonable time from the third party or from the Central KYC Records Registry.
  6. Incase the CDD is outsourced, the decision making functions of determining compliance with KYC norms should not be outsourced.
  7. CDD procedure should be applied at the UCIC level and if an existing KYC complaint customer of the Company desires to open another account, there shall be no need for a fresh CDD exercise.
  8. Incase the identity information relating to the Aadhaar number or PermanentAccount Number submitted by the customer does not have a current address, other current address proof defined under Annexure-A shall be obtained from the customer for this purpose.
  9. CDD procedure shall be followed for all joint account holders, while opening a joint account.
  10. The Company can establish relationship with Politically Exposed Persons (PEPs) provided that:
    1. Sufficient information including information about the sources of funds accounts of family members and close relatives is gathered on the PEP.
    2. The identity of the person shall have been verified before accepting the PEP as a customer.
    3. The decision to open an account for a PEP is taken at a senior level in accordance with the Company’s Customer Acceptance Policy; senior level for this purpose shall include HOD & above.
    4. All such accounts are subjected to enhanced monitoring on an on-going basis.
    5. In the event of an existing customer or the beneficial owner of an existing account subsequently becoming a PEP, senior management’s approval is obtained to continue the business relationship.

The CDD measures as applicable to PEPs including enhanced monitoring on an on-going basis are applicable.

ANNEXURE - C

Indicative List for Risk Categorization

High-Risk Customers

  1. Individuals and entities in various United Nations' Security Council Resolutions(UNSCRs) such as UN 1267 etc.
  2. Individuals or entities listed in the schedule to the order under section 51A of theUnlawful Activities (Prevention) Act, 1967 relating to the purposes of prevention of, and for coping with terrorist activities.
  3. Individuals and entities in watch lists issued by Interpol and other similar international organizations; - Customers with dubious reputation as per public information available or commercially available watch lists; - Individuals and entities specifically identified by regulators, FIU and other competent authorities as high-risk.
  4. Customers conducting their business relationship or transactions in unusual circumstances, such as significant and unexplained geographic distance between the institution and the location of the customer, frequent and unexplained movement of accounts to different institutions, etc.
  5. Politically exposed persons (PEPs), customers who are close relatives of PEPs and accounts of which a PEP is the ultimate beneficial owner.
  6. Non-face-to-face customers.
  7. High net worth individuals.
  8. Firms with 'sleeping partners'.
  9. Companies having close family shareholding or beneficial ownership.
  10. Complex business ownership structures, which can make it easier to conceal underlying beneficiaries, where there is no legitimate commercial rationale.
  11. Shell companies which have no physical presence in branch locations. The existence simply of a local agent or low-level staff does not constitute physical presence.
  12. Accounts for "gatekeepers" such as accountants, lawyers, or other professionals for their clients where the identity of the underlying client is not disclosed to the Company.
  13. Client Accounts managed by professional service providers such as law firms, accountants, agents, brokers, fund managers, trustees, custodians etc.
  14. Gambling/gaming including “Junket Operators” arranging gambling tours.
  15. Jewelers and Bullion Dealers; - Dealers in high value or precious goods (e.g. gem and precious metals dealers, art and antique dealers and auction houses, estate agents and real estate brokers).
  16. Customers engaged in a business which is associated with higher levels of corruption(e.g., arms manufacturers, dealers and intermediaries).
  17. Customers engaged in industries that might relate to nuclear proliferation activities or explosives.
  18. Customers that may appear to be Multi-level marketing companies etc.
  19. Individual, who is a prisoner in jail.

Medium Risk Customers

  1. Stock brokerage
  2. Import / Export
  3. Gas Station
  4. Car / Boat / Plane Dealerships
  5. Electronics (wholesale)
  6. Travel Agency
  7. Telemarketers
  8. Providers of telecommunications service, internet café, International direct dialing (IDD) call service

Low Risk Customers
All other customers (other than High and Medium Risk category) whose identities and sources of wealth can be easily identified and by and large conform to the known customer profile, maybe categorized as low risk. In such cases, only the basic requirements of verifying the identity and location of the customer are to be met.

About Us
Moneygear Fintech Private Limited is a Non-Banking Financial Company (NBFC), having obtained its Registration certificate from RBI.
Reach Us At
Timings
Monday - Saturday
10:00AM - 06:00PM
Sunday Closed
General Resources
PoliciesFAQsPrivacy PolicyOur Team
Pages
Our AppAbout UsContact Us
MoneyGear Android app store link QR codeGet it on Google Play Store badge
Regulatory Resources
Know your Customer (KYC) and Anti-Money Laundering (AML) PolicyGrievance Redressal Policy
Information Technology / Information Security PolicyInterest Rate Policy
Fair Practices CodePreservation of Documents PolicyOutsourcing of Financial Services Policy
©2024 Moneygear Fintech Private Limited. All Rights Reserved.