RBI Permits NBFCs, PSOs Authorization for Aadhaar e-KYC
RBI has announced that it has solicited applications to get the Aadhaar e-KYC authentication license from NBFCs, payment system providers, and payment system participants.
Credit and Financial Offers for MSME: Allowing Non-Banking Financial Companies (NBFCs) and Paid System Operators (PSOs) to get Aadhaar’s Reserve Bank of India’s (RBI) authentication license would enable MSME lenders to speed up onboard borrowers’ time and disburse their credit to them. In a notice, the central bank stated the NBFCs and PSOs ‘want to receive the KUA (KYC User Agency License) license or KUA (Upon KUA Authentication),’ granted by the UIDAI, might submit their request.”
In order to employ authentication services of Aadhar other than financial organisations, the Finance ministry released on May 9, 2019, a comprehensive process for the processing of applications pursuant to Section 11A of the PML Act, 2002.
“This will improve the borrowing experience. The customer embarking procedure, verification of KYC etc., as provided by in the legislation, involves several phases. This is frequently time-consuming because the borrower gives copies of documentation, which are then checked and examined, and so forth. It is advantageous in that sense. The consumer becomes much more interested in the offer when the friction is gone. We are assessing the license extremely carefully,” CEO Arun Nayyar told Financial Express Online.
The offer by RBI would undoubtedly benefit micro-business owners, according to Monish Anand who owns MyShubhLife. “The advantage for such tiny and micro companies is clearly going to be that when you lend to such companies, KYC is vital to owners as much as it is to other companies. The authentication license additionally helps to ease the lending procedure and also to minimise the financing period. Today, KYC is paper-based and validation is a chore, while e-KYC, authentication based on the OTP, renders the whole process speedier and simplifies the process by instantaneously allowing authentication. This will enable lenders to bring in more MSME borrowers,” Anand said
RBI’s authentication application format seeks information on the number of customers at the end of the last three financial years and processes currently used to identify customers (e.g. the certified copy of officially valid documents, offline verification) as well as information on data breach incidents including a cyber violation.
“This helps to raise credit since we already have many self-helping groups linked to the banking sector that are trying to raise credit. Thus the procedure of identification and financing is a beneficial overall step. But government funding did not go far enough, for loans must finally be paid with interest while moratoria is of little help,” said by Shashi Singh, CEO, SS Exports, and Chairman of the Indian Women Entrepreneurs’ Consortium.
“When you use Aadhaar to make eKYC a seamless client onboard procedure it will aid with an easy payment system instead of the tedious physical CYC doc validation process. Rajiv Ranjan, the Founding Director, Paisa Dukan, said that the new strategy by the RBI will assist to reach more MSME bonds and reduce the time spent on the loan application.”
Aadhaar e-KYC Authentication License Notification for RBI
In accordance with the Laundering of Money Act 2002 (Section 11A), the government may by notice validate Aadhaar customer numbers in companies other than banking companies utilising the e- KYC tool offered by the Indian Unique Identification Authority. The notice is nevertheless given only once the UIDAI and the relevant regulating body have been consulted.
In addition, in a declaration, the RBI stated that the Revenue Department, Ministry of Finance, had given a thorough mechanism for dealing with applications under Section 11A for Aadhaar authentication services by non-banking firms.
RBI further stated that non-banking companies, Payment system suppliers and payment system participants seeking an Aadhaar Authentication License- KYC User Agency (KUA) or Unique Identification Authority of India license could submit an application for submission to UIDAI for subsequent submission to that department.
Protocol for submitting Section 11A applications for usage by organisations other than banking corporations of Aadhaar authentication services
The method has been established by the Ministry of Finance on 9 May 2019, Department of Revenue. For entities that attempt to authenticate the client Aadhaar number using an e-authentication facility, the following method is established:
Applications for use of Aadhaar authentication services by the parties involved should be made to the relevant regulator pursuant to Section 11A of the PML Law 2002. In which information must be acquired from the candidate, the regulator might specify any format.
- Examination by Regulator
In order to guarantee that the requirements under Article 11A of the Act & any other requirements established by the regulator and those under the law are satisfied, the regulator shall evaluate applications before it submitting the specified fees. If the suggested purpose for aadhaar authentication is required, the relevant regulator must forward the request with a recommendation to UIDAI.
It may be noted that if it is determined that the applicant has failed to comply with the necessary terms, an application may be refused.
- Examination by UIDAI
When applications from different regulators are presented, the Indian Unique Identification Authority shall examine them, if any. When applications have been received. The recommendations made by the competent regulator should be considered for each application. UIDAI must indicate any format in which the applicant is needed to provide further information to award Authentication User Agency/E-KYC User Agency license. UIDAI must provide any extra information.
The assessment would be done according to the principles of privacy and security set forth in the UIDAI established in the Aadhaar Act and the rules laid out in that Act.
Once the review is finished, UIDAI will transmit its recommendations to the Revenue Department for notice in accordance with Section 11A of the Money Laundering Act 2002, together with further requirements, if applicable.
- Notification by the Central Government
When the Central State is satisfied with the regulator’s and UIDAI’s recommendations that the petitioner has satisfied all the requirements set out in Section 11A, a notice may authorise the applicant to carry out authentication in accordance with Section 11A, paragraph (a).
- Issuance of Authorization
UIDAI would grant the authorization necessary for the applicant to perform authentication in accordance with the license given by the Central Government. The payments shall be paid and the terms and conditions of the KUA/AUA license in line with the Aadhaar Act shall be complied with.
As noted above, the Aadhaar authentication license – KYC User Agency (KUA) License or Sous-KUA Licensed by the Unique Identification Authority of India are able to submit a request for further submission to UIDAI to the dedicated department, including non-banker financing companies, payments system operators, and payment system participants.
The Reserve Bank further said that the requests may be sent via mail. The RBI website has supplied the application forms.
Possible effects granting the Aadhaar e-KYC Authentication license to NBFCs and PSOs
Enabling NBFCs and PSOs to receive an authentication license from Aadhaar e-KYC would assist MSME lenders to speed up the amount of time they need to buy in and lend to borrowers.
In addition, one of the experts stated that it would improve the borrowing experience. The customer’s onboarding procedure, KYC testing, etc are at different phases. Often, it takes time to obtain documentation that is reviewed and tested by the borrower. The manual procedure is removed and it might be useful in that way.
Customer Acceptance Policy Strategy
A Customer Acceptation Policy is established by REs. REs should ensure, without prejudice to the generality of the feature contained in Customer Accepting Policy:
- In an anonymous or fictional name no account is established.
- If the RE cannot use the required CDD actions, either because the client fails to cooperate, or because the documents/information submitted by the customer are not reliable, the account will be not created.
- Without following a CDD method, there is no transaction or account-based relationship.
- The required information for KYC purposes will be given once you establish your account and update your account regularly.
- The customer shall, after the account has been established, acquire ‘optional’/additional information, with the explicit agreement.
- The CDD method at the UCIC level must be applied by REs. There is no requirement for fresh CDD exercises if a current RE client of a KYC wants to create another account with the same RE.
- All joint account holders are monitored by CDD Procedure and a common account is opened.
- Circumstances, when a client is allowed to act for another individual or entity, are clearly described.
- An appropriate mechanism is in place to guarantee that the customer’s identification does not match any individual or company whose name appears in the sanctions lists published by the Bank of India Reserve.
- The same shall be confirmed from the verification facility of the issuing body where Permanent Account Number (PAN) is obtained.
- If the client receives a comparable e-document, RE verifies the digital signature pursuant to the requirements of the Information Technology Act 2000 (21 of 2000).
- No banking/financial facility shall be denied to general members of the public, especially those financially or socially impaired, by the customer acceptance policy.
Risk Management Plan
REs must have a risk-based strategy, including the following, for risk management.
- Based on the evaluation and perception of risks for RE, customers are classified as low, medium and high-risk categories.
- The categorization of risks must be based on factors such as client identification, social/financial position, the kind and location of the business, etc. When evaluating customer identification, it may also be possible for issuing authorities to validate identity papers via the internet or other services.
Provision of the non-intrusive nature and the same is defined in KYC policy as many other types of customers’ information seen in connection with the risk.
Explanation: FATF Public statement, KYC/AML reports produced by the IBA, guidelines distributed by the RBI to the cooperative banks, etc. can also be utilised in risk assessments. Explanatory information can be provided by the RBI.
On 13 September 2021, the Reserve Bank issued a Notice of Authentication on the Aadhaar e-KYC License. The contract was given to the Presidents and CEOs of all NBFCs and payment services providers.