AML Compliance Guidelines: India
Simplifying the complexities of AML/CFT compliance
Regulatory Bodies in India
The regulators which oversee AML include:
- The Directorate of Enforcement (ED): A specialized financial investigation agency under the Department of Revenue, Ministry of Finance, Government of India, that enforces the Foreign Exchange Management Act,1999 (FEMA) and the Prevention of Money Laundering Act, 2002 (PMLA) to curb foreign exchange and money laundering crimes.
- The Financial Intelligence Unit (FIU): India’s national agency responsible for receiving, processing, analyzing, and disseminating information relating to suspect financial transactions to enforcement agencies and foreign FIUs.
- The Reserve Bank of India (RBI): India’s central bank, which formulates and enforces regulations for banks to prevent money laundering, combat the financing of terrorism, and ensure safe banking practices.
- Securities and Exchange Board of India (SEBI): The regulator for the securities market in India. It formulates and enforces regulatory and supervisory norms to prevent fraudulent and manipulative practices, including anti-money laundering standards for capital market intermediaries.
The Prevention of Money Laundering Act (PMLA) 2002
Offense of Money Laundering (Section 3):
- This section defines the crime of money laundering. It states that anyone directly or indirectly involved in processing property derived from criminal activity or concealing the illicit origin of such property commits the crime of money laundering.Banking Companies, Financial Institutions, and Intermediaries (Sections 12-15)
Obligations of banks and other entities (Section 12):
- This section mandates banking companies, financial institutions, and intermediaries to maintain records of all transactions, verify and maintain records of all clients, and furnish information to the Financial Intelligence Unit – India (FIU-IND).
Powers of the Director to impose fine (Section 13):
- The Director can impose fines on banks and other entities if they, and their employees, fail to comply with the provisions of Section 12.
Adjudicating Authority’s jurisdiction (Section 14):
- The Adjudicating Authority has jurisdiction in cases where banks and other entities fail to comply with Section 12.
Appellate Tribunal’s jurisdiction (Section 15):
- The Appellate Tribunal can hear appeals against orders of the Adjudicating Authority relating to non-compliance by banks and other entities.
Agreements with Foreign Countries (Section 57):
- The Central Government, under the provisions of the Act, can enter into agreements with foreign countries for enforcing the provisions of PMLA 2002.
- The government can also exchange information for the prevention of offenses under this Act or under the corresponding law in force in that country.
The Prevention of Money Laundering (Maintenance of Records) Rules, 2005
Maintenance and preservation of record (Rule 3):
- This rule mandates the type and extent of records to be maintained and their preservation duration.
- Nature of Records: Detailed records of all transactions, whether they be individual transactions or a series, need to be preserved. This would include details like the nature and value of the transaction, parties involved, and the method or channel of transaction.
- Preservation Duration: Records related to transactions and client identification have to be maintained for a period of five years.
- Data Accuracy: Details need to be accurate, with specific obligations on ensuring that the client’s identity is cross-verified, updated, and reflected accurately in transactions.
Manner of Verification (Rule 5):
- Individuals: Verification of an individual’s identity should be done via documents like passport, driving license, PAN card, voter’s ID, etc. These provide a clear identification of the individual with photographs and address details.
- Companies: In the case of companies, verification would involve checking the Certificate of Incorporation, Memorandum and Articles of Association, PAN, and proof of address. Additionally, the principal officers and management personnel’s identities need verification.
- Partnership Firms and Trusts: For these entities, registration certificates, partnership deeds, trust deeds, etc., are essential. Again, the identity of partners, trustees, beneficiaries, etc., need verification.
Identification of clients (Rule 6):
- Existing Clients: In the case of existing clients, additional identification is required only if there’s any doubt about the authenticity, adequacy, or verifiability of the previously obtained client details.
- Client Due Diligence (CDD) Procedure: A risk-based approach is used for CDD, taking into account client type, business relationship, location, and the nature of the services.
- Failure to Establish Identity: If an entity cannot establish a client’s identity, it shouldn’t open an account, commence business relations, or perform any transaction. Also, any suspicious failure in client identity verification should be reported.
Maintenance of records of transactions (Rule 8):
- Cash Transactions: All cash transactions, where forged or counterfeit currency notes have been used, need recording. Additionally, integrally connected cash transactions in one month that aggregate on either side to Rs.10 lakh or more should be recorded.
- Suspicious Transactions: Both suspicious and potentially suspicious transactions, irrespective of the amount, need to be reported. This includes complex, unusually large, and patterns of transactions with no apparent economic rationale.
Reporting to Financial Intelligence Unit-India (Rule 9):
- Cash Transaction Report (CTR): Banking companies, financial institutions, and intermediaries should report monthly cash transactions that are over Rs.10 lakh to FIU-IND.
- Suspicious Transaction Report (STR): Regardless of the cash limits mentioned, if any transaction appears suspicious or has no apparent economic rationale, it must be reported.
- Transfer of Information: Electronically submitted data should be machine-readable and encrypted. In case of paper-based reports, they should be sent to the FIU-IND’s postal address.
- Retention of Data: The reported data should be stored and maintained for a period of five years.
Master Direction on Know Your Customer (KYC) Direction, 2016
Customer Due Diligence (CDD) Procedure (Part B):
- The section details the process of obtaining sufficient information about the identity and beneficial ownership of the customer. CDD is the foundational step in AML compliance.
Periodic Updation (Part B, Section 17):
- The emphasis here is on periodically updating the KYC details of all account holders. Regular monitoring ensures that suspicious transactions are flagged and reported, serving AML goals.
Enhanced Due Diligence (EDD) (Part B, Section 18):
- Specifically focuses on customers who are categorized as higher risk. It calls for enhanced monitoring and due diligence for such accounts, which is crucial for AML measures.
Monitoring of Transactions (Part B, Section 23):
- Regular monitoring of transactions is mandated to ensure consistency with the customer’s profile. This is key for detecting patterns related to money laundering or terrorist financing.
Risk Management (Part C):
- The section requires banks to have a risk categorization (low, medium, high) for customers based on their location, nature of business activity, transaction profile, etc. This classification aids in detecting and preventing money laundering activities.
KYC for Cross Border Wire Transfers (Part B, Section 22):
- Special mention of due diligence for cross-border wire transfers to safeguard against international money laundering and terrorism financing activities.
Reporting Requirements (Part D):
- Banks and financial institutions are required to furnish certain reports like the Cash Transaction Report (CTR) and the Suspicious Transaction Report (STR) to the Financial Intelligence Unit-India (FIU-IND). Timely reporting of suspicious activities is a key element in AML efforts.
KYC for Foreign Portfolio Investors (FPIs) (Part B, Section 24):
- Lays out specific KYC requirements for FPIs, recognizing the increased risks associated with money laundering in international investments.
Maintenance of Records (Part E):
- Detailed provisions on maintaining records of transactions prescribed under the Prevention of Money Laundering (PML) rules, 2005. This includes maintaining records of all cash transactions of the value of more than Rs.10 lakh or its equivalent in foreign currency.
Introduction of Central KYC Records Registry (CKYCR) (Part G):
- Centralization of KYC records is aimed at reducing duplication and making verification processes more efficient, which indirectly aids in AML by providing a unified repository for verification.
Internal Controls (Part H):
- Highlights the need for banks to have ongoing employee training programs so that the members of staff are adequately trained in KYC procedures and AML standards.