Asheeta RegidiJan 21, 2020 09:08:21 IST
KYC has been a thorn in the side of the financial industry, particularly since the Supreme Court’s bar on Aadhaar based eKYC. The permitted voluntary use of Aadhaar brought in initial relief, as did allow minimum KYC m-wallets again. The RBI’s latest norms now provide the industry with an urgent necessity- digital KYC which makes the process paperless, and video KYC which additionally makes it remote. Along with the advantages of the new norms, the innovation they enable and next steps, such as extending these advantages to business KYC, are looked at here.
How does it work?
The new norms implement the digital KYC brought in by the Finance Ministry last August, and additionally introduce video KYC. To briefly describe the process, this uses either Aadhaar eKYC, Aadhaar based offline verification or a process combining a live photo of the customer, of his Officially Valid Document (‘OVD’) and his geo-location coordinates. In the video KYC process, the details are captured using an encrypted audiovisual encounter, which should come from the requesting entity’s domain, such as a bank-issued smartphone application.
Throughout the process, equivalent e-documents can be used, be it of the OVD, the PAN card (which must be provided in all cases) and any business/ financial documents that are prescribed. This allows, for instance, the use of the Digi Locker for KYC.
Going paperless and remote for customer KYC
The immediate benefit of a paperless form of KYC is the decreased costs (Aadhaar based eKYC had reduced costs of Rs.150-200 per KYC for physical KYC to Rs 20 per KYC). Video KYC brings in the additional benefit of being completely remote, since digital KYC still requires a visit either to the customer’s doorstep or a touch point. Video KYC also needs no wet signatures, a requirement in the last step of the digital KYC process (on a printed customer application form- the requesting entity retains a scanned copy and the customer retains the original).
Video KYC in particular thus presents a significant advantage for achieving scale, which has become a crucial factor in the success of fintech initiatives today, and for financial inclusion, since it provides a cost-effective method of achieving compliance even in remote locations.
Bringing in innovation and leveraging data
Several fintech companies have brought in new-age digital identity and authentication technologies for KYC compliance, which utilise artificial intelligence, blockchain and cloud-based API technology, to name a few. Some of these are already in use in other sectors, like the use of video KYC to open mutual fund accounts. These norms provide such innovation with the required fillip, particularly given that the RBI has specified the use of face matching technology and AI in the process.
The bringing in of such technology will also present new use cases in the future, such as extending the use of facial recognition as authentication technology for other financial services, like at bank branches, for ATM services or even payments at Point of Sale terminals. The amount of data and related analysis also present scope for new ways in which the data can be leveraged, such as for new age risk mapping, using machine learning for false positive screening, using robotics for dealing with huge volumes of content and unstructured data, and so on. Privacy concerns, naturally, follow, and the possible new uses with the customer rights under the data protection law will need to be weighed.
The scope for innovation is thus tremendous, and among the reasons why the RBI’s regulatory sandbox has specified a focus on digital KYC technology. To start with, the RBI should allow digital KYC to become remote as well. Also, at present neither process is completely free of human involvement, and in the future one will hopefully see fully automated KYC processes as well.
Easing business KYC as well
One major drawback of the new norms is that they ease KYC for individuals only, excluding business KYC. The one respite is that the use of equivalent e-documents has been permitted across all categories, including businesses. While this does bring in some relief, KYC processes are still quite cumbersome at the enterprise level, requiring physical visits to complete in-person verification and signatures, repeating KYC compliance across different financial regulators and entities, etc.
For instance, opening a mutual fund account from a registered bank account requires a repeat of the KYC process. Similarly, in its recent proposed norms for payment gateways, the RBI has proposed mandating KYC compliance for merchant on-boarding, despite the fact that merchants would have already undergone this process while opening their bank accounts.
The video KYC format of the RBI actually draws from last year’s recommendations of the U.K. Sinha Committee on Micro, Small and Medium Enterprises, originally made in the context of extensive recommendations to help business KYC become digital and remote. Several other important suggestions were also made here, such as enabling Centralised-KYC at the enterprise level (like the C-KYC register for individuals), allowing inter-usable KYC across financial regulators and entities. Another was to enable API-based verification of documents from government databases (MCA, GST, etc.) in the KYC process, to be treated as Original Seen and Verified (OSV), and thus removing the need for physical verification. Yet another recommendation was to create a Universal Enterprise ID along the lines of Aadhaar, enabling verification along the lines of Aadhaar based OTP verification for businesses.
Taking RBI’s steps on KYC further for business and individual KYC
Immediately, the RBI norms on digital and video KYC should be extended to the enterprise level to simplify compliance processes there too. This would in fact be a very welcome step in the upcoming Budget. The other recommendations made by the U.K. Sinha Committee also need to be considered on a priority.
Even at the individual level, further steps along the lines of the recommendations of the Steering Committee on Fintech Issues and the Nilekani Committee on Digital Payments should be considered. These include, for instance, enabling C-KYC properly by mandating the upload of KYC data across entities, and creating a consent-based KYC sharing process which removes the need to duplicate KYC, say, when an individual purchases an insurance policy from a registered bank account. Enabling such KYC sharing with entities like fintech companies as well will also be a major boost for the API-based banking services that are coming in.
With the hope that there is more to come, these new norms of the RBI on KYC are extremely welcome.
The author is the Head of Fintech Policy at Cashfree.
Welcome to Tech2 Innovate, India’s most definitive youth festival celebrating innovation is being held at GMR Grounds, Aerocity Phase 2, on 14th and 15th February 2020. Come and experience an amalgamation of tech, gadgets, automobiles, music, technology, and pop culture along with the who’s who of the online world. Book your tickets now.