Know Your Customer

Know Your Customer (KYC) is a process and regulation by which banks obtain and verify information about the identity and address of the customers. KYC is a critical part of banking operations worldwide and in India, mandated by RBI, aimed at preventing illicit use of the banking system.

KYC Objectives

The primary objective of KYC guidelines is to ensure that banks know the true identity of their customers and ascertain that the money in the accounts is from legitimate sources. By doing so, banks help prevent and combat problems like money laundering, terrorist financing, fraud, and identity theft. In other words, KYC stops criminals from using fake or anonymous accounts for illegal activities. It also protects genuine customers by ensuring no one else can impersonate them to open/operate accounts.

In India, KYC norms were introduced in early 2000s and have since been tightened in line with global Anti-Money Laundering (AML) standards. Every bank must comply with KYC norms under the Prevention of Money Laundering Act (PMLA). From the customer’s perspective, KYC means you must provide proof of your identity and address when opening a bank account (or even for other financial services like mutual funds, insurance, etc.) and update these details periodically or when changes occur.

Documents Required for KYC

To fulfil KYC, certain official documents are accepted by banks to verify identity and address. These are known as OVDs (Officially Valid Documents) as per RBI. According to RBI’s simplification guidelines, a single document that bears both name and address can serve for both identity and address proof. The list of OVDs for KYC include:

• Passport (Valid)
• Driving Licence (Valid)
• Voter’s Identity Card (Election Commission ID)
• PAN Card (Permanent Account Number card issued by the Income Tax Department)
• Aadhaar (Aadhaar Letter/Card issued by UIDAI) – note: Aadhaar is not mandatory by law for bank accounts if one has other OVDs, but in practice it’s widely used.
• NREGA Job Card (issued by Govt. authority, for rural employment guarantee scheme)
• Letter from National Population Register (NPR) with name and address details.

These documents are typically required in self-attested photocopy and the bank will verify the originals. For address proof, if the address on ID is current, that suffices; if not, additional address proof like recent utility bills (electricity, phone, gas) not older than 2-3 months can be provided. Nowadays, e-KYC is also prevalent: if you authorize the bank, it can fetch your details from UIDAI (Aadhaar database) electronically. Also, PAN card is mandatory for opening most bank accounts (to link for tax purposes), so even if PAN isn’t an address proof, it is taken as an identity number in addition to the OVD for address.

In summary, when you open an account, you’ll typically submit: PAN card, Aadhaar (or any OVD) for ID and address, a recent passport-sized photo, and fill out KYC details in the form. For minors, KYC of the guardian is taken. For joint accounts, KYC of all holders is done. NRI accounts require passport, visa, and overseas address proofs, etc., as additional.

Periodic Updation Norms

KYC is not a one-time process. Banks are required to keep customer information up-to-date. Over time, a customer’s situation might change (address change, expired documents, etc.), and risk profiles might change. RBI prescribes periodic KYC updation (re-KYC) at defined intervals based on the risk category of the customer:

• For High-risk customers: At least every 2 years. (High risk could be accounts with large transactions, business accounts, or those with higher risk of money laundering as per bank’s internal policy.)
• For Medium-risk customers: At least every 8 years.
• For Low-risk customers: At least every 10 years.

These are the maximum intervals; banks can do it more frequently but not less. In effect, most regular individual accounts fall in low risk (10-year cycle) and some in medium (8-year cycle). High risk might be rare for normal people unless flags are there.

Periodic KYC updation usually involves the bank reaching out to the customer when due, asking for confirmation of existing details or submission of fresh address/ID proofs if needed. If your ID documents on record are still valid and there is no change in address, often a simple self-declaration of “no change” can be given (or online confirmation) in lieu of resubmitting documents. In case of changes (new address, renewed passport, etc.), new documents have to be provided. Banks are now generally easing re-KYC by allowing it through online channels, mail, or in branch with minimal hassle.

Failure to Update

If a customer does not comply with KYC update requests after repeated reminders, the bank may temporarily freeze or suspend operations in the account (as per PMLA Rules) until KYC is updated. This is to enforce compliance. Therefore, it’s in the customer’s interest to keep their KYC information current with the bank.

KYC Registration Agencies (KRAs)

The Damodaran Committee on Customer Service in Banks, chaired by M. Damodaran, was constituted by the Reserve Bank of India to review banking services and recommend consumer-centric reforms. The Committee proposed several measures aimed at improving transparency, customer protection, and ease of banking, including clearer disclosure of charges, stronger grievance redressal mechanisms, and better use of technology. In the context of Know Your Customer (KYC) norms, the Committee made a significant recommendation for the creation of a centralised, third-party KYC data repository, so that customers would not be required to repeatedly submit the same documents to multiple financial institutions. This recommendation laid the conceptual foundation for a shared KYC infrastructure, reducing customer inconvenience while strengthening compliance.
Building on this approach, the capital markets regulator Securities and Exchange Board of India operationalised the concept of a centralised KYC system through the introduction of KYC Registration Agencies (KRAs). In January 2012, SEBI launched India’s first KRA at the Bombay Stock Exchange. KRAs maintain a central electronic repository of KYC records that can be accessed by banks, mutual funds, brokers, and other regulated entities, subject to consent. The system avoids duplication of KYC processes, ensures interoperability across market participants, brings uniformity in customer identification, and has since been expanded with features such as Aadhaar-based e-KYC and periodic KYC updates, making compliance more efficient and customer-friendly.