Tuesday, June 6, 2023
Support Our Journalism
HomeBud Expert OpinionsHow Sitharaman can live up to her Budget promise of KYC simplification

How Sitharaman can live up to her Budget promise of KYC simplification

Our response to KYC problems has been to bring technology to streamline processes. The problem is that they often don’t work as well as one would have hoped.

Text Size:

Our lived experience suggests that KYC or Know-Your-Customer is burdensome. Address proofs are hard to come by, especially if one migrates to a new city. One KYC does not seem to ever be enough — each new transaction requires a fresh KYC process. Economic growth comes as much from innovation as from reducing frictions in the process-of-doing-business. By announcing the intention to simplify the KYC processes in her Budget Speech, Finance Minister Nirmala Sitharaman has recognised this reality. As the finance ministry begins to implement a risk-based framework, it will be useful to remind ourselves of the origins of KYC. Key areas such as address proof requirements and enforcement processes should become the focus of our reform effort.

The origins of KYC

There was, and continues to be, a general consensus that activities such as money laundering (ML), terrorism finance (TF), and weapons proliferation (WP) could be kept under check if financial flows supporting these activities could be identified, and thwarted at the right time.

A multilateral global body, the Financial Action Task Force (FATF), was set up in 1989 to issue standards, including those on customer identification and verification, that member countries could adopt. Member countries have to translate these into laws and regulations for their jurisdiction. After the 9/11 attacks, money laundering, terrorism finance, and weapons proliferation achieved more prominence than before. In 2002, Indian regulators had also implemented customer identification requirements under the Prevention of Money Laundering Act (PMLA) 2002. India became a member of the FATF in 2010, and since then our requirements under the PMLA have continuously been updated to also comply with the FATF guidelines.

FATF recommendations, however, provide countries flexibility on designing their KYC. For example, the FATF task force suggests that countries adopt a risk-based approach to identify and assess risks. That is, countries should identify the risk of money laundering or terrorism finance across sectors (or thresholds for transactions), and place different obligations on entities based on the risks identified. In fact, the FATF allows member countries to completely exempt certain types of transactions or financial institutions if the risk of money laundering/terror financing/weapons proliferation is low.

While FATF allows for a risk-based approach, India chose to not follow it. There are three main problems with how we do KYC: a) over-emphasis on address proof, b) incomplete technological solutions, and c) poor design of enforcement actions. These may be important constituents for change as we move toward simplification of our KYC processes.

Also read: Budget 2023: ‘Infrastructure, digital, green’ — buzzwords that dominated Sitharaman’s speech

Reduce the burden of address proof

An address proof is a requirement for pretty much every transaction in India. While regulators have made efforts to expand the list of officially valid documents that can serve as address proof, the question to ask is, why do we need them in the first place? These are not coming from the FATF — other countries have adopted liberal definitions of address, especially for low-risk transactions, including just a post box (PO) box number (the US), date of birth (Australia), a contact address with no insistence on “permanent address” (Germany). Rationalising the requirement of address proof should be the first step for KYC simplification. This could be done by not requiring a permanent address, but just a correspondence address. This could also be done by mandating all financial regulators to rely on the KYC that has already been done when opening a bank account.

Improve the design of penalties

Non-compliance of KYC regulation carries penalties. But penalties should be proportionate – that is, how stringent they are should vary with the seriousness of the offence. This does not seem to be the case with the Indian framework at present. Penalties often range from high fines to criminal sanctions and the possibility of cancellation of business licenses. There is also no appellate mechanism against regulatory orders. The lack of an appeals mechanism for RBI-regulated entities violates due processes. It is no surprise then that financial institutions choose to play it safe. The risk-averse strategy in an environment of poor enforcement is to conduct due diligence even though it may not be required.

Simplification of KYC is related to improving state capacity in regulation. The Finance Minister has already recognised the importance of decriminalisation in her Budget Speech. The design of penalties should be proportionate, and reasoned orders should be publicly available. The government should also constitute an appeals process from RBI decisions. Many of these recommendations were made by the Financial Sector Legislative Reforms Commission (FSLRC). The time to implement them in the context of KYC regulations may be here.

Also read: Budget 2023: Database to counter terror & organised crime gets 128% hike, CAPFs lose out

Moving beyond technology solutions

Our response to KYC problems has been to bring technology to streamline some of these processes. The problem is that they often don’t work as well as one would have hoped. For example, video and eKYC have not been implemented across the board. They rely on technology that can often be exclusionary itself. They may create new privacy risks. They may also not be as cheap as is made out to be. More importantly, they don’t solve the root cause – a bad design of policy and enforcement processes. The use of DigiLocker and account aggregators may solve some of the frictions. The real solution, however, is in getting us to a place where tech solutionism is not required. Recognising the need for a ‘risk-based’ approach is a step in the right direction.

Renuka Sane is research director at Trustbridge, which works on improving the rule of law for better economic outcomes for India. Views are personal.

(Edited by Anurag Chaubey)

Subscribe to our channels on YouTube & Telegram

Support Our Journalism

India needs fair, non-hyphenated and questioning journalism, packed with on-ground reporting. ThePrint – with exceptional reporters, columnists and editors – is doing just that.

Sustaining this needs support from wonderful readers like you.

Whether you live in India or overseas, you can take a paid subscription by clicking here.

Support Our Journalism

Most Popular