Banks, lenders wary as RBI tags centralised KYC as high risk
May 24, 2023
Synopsis
This has put off banks and other large lenders as they may now have to use video KYC or physical KYC, which are costlier, to authenticate their customers.
Centralised Know Your Customer (c-KYC) database, which was conceived as a solution to all the KYC challenges for financial institutions, has been tagged as high risk by the Reserve Bank of India (RBI).
This has put off banks and other large lenders as they may now have to use video KYC or physical KYC, which are costlier, to authenticate their customers.
“Such customers (onboarded through c-KYC and DigiLocker) shall be categorised as high-risk customers and accounts opened in non-face-to-face mode shall be subjected to enhanced monitoring until the identity of the customer is verified in face-to-face manner or through V-CIP (video-based customer identification process),” the RBI said in its April 28 update to the master direction on KYC.
C-KYC had attained quick popularity in the financial services sector given its utility and customer convenience.
As per records from Central Registry of Securitisation Asset Reconstruction and Security Interest of India (Cersai), which manages the registry, there are around 5,000 institutions using the database that contains around 700 million KYC records.
So, even if a bank uses c-KYC to onboard a customer, it will eventually have to use video KYC or physical check to authenticate the person.
Two senior bankers said the regulator’s move will push up the eventual cost of doing KYC on these customers.
Industry estimates suggest that a video KYC can cost anywhere between Rs 15 to Rs 30, depending on the complexity of the process. In comparison, searching data on the c-KYC registry is free and downloading the data costs around Rs 1.10.
A high-risk customer needs to be re-KYCed every six months, which will be a recurring cost for the lenders.
Interestingly, the directive declaring c-KYCed customer as high-risk ones has only come from the RBI that regulates banking. Regulators of insurance and broking, for example, have not yet issued any such directions.
For lenders, the ideal scenario would have been to do a c-KYC check and be done with it. But given the regulatory diktat, now they have to eventually do a video verification, which will push up costs.
Look for simplicity
Before offering any service, every financial institution is mandated to undertake a due diligence on the customer. Historically, they have taken physical copies of their identity cards, PAN cards, etc. to validate them. Now, with entire systems going digital, financial institutions typically ask customers for documents digitally and validate them through Aadhaar or over a video call with a banks’ agent.
But every financial institution needs to do it separately for each and every customer they onboard.
With c-KYC, they can fetch any customer details from the data repository and validate the applicant without having to ask for their documents repeatedly. All the customer needs to do is to have a one-time KYC with any of the financial institutions like banks, wallets, insurance companies or stock brokers and give permission to share their data with the c-KYC registry.
But now with the latest diktat from the regulator, banks might want to go back to just using video KYC.
“It is not clear as to why the central bank tagged customers onboarded through c-KYC as high risk, maybe the regulator has visibility over something that we cannot see,” said one of the bankers mentioned above.
Industry insiders ET spoke to said c-KYC perhaps has a long way to go in order to stabilise and ensure there are no issues around identity frauds and data misuse.
“We really had much higher expectations from c-KYC data, but what I can say is the data that we get from the repository is not as per our expectations,” said Harshvardhan Lunia, chief executive officer, Lendingkart Technologies, a digital lending company.
However, fintechs and many NBFCs continue to use this service as a part of the digital KYC offerings. Large banks, which are extremely careful about the kind of customers they are onboarding, might want to stay away.
Concerns over data quality
A top executive at a fintech, which works as a technology service provider to banks and NBFCs, said the quality of data which one gets from the repository is bad. “Most of the time the documents have been scanned in a way that they cannot be read, images cannot be matched… How do we check frauds then?” he said.
He explained that the c-KYC search API asks for PAN number and date of birth to throw up results. But PAN number and date of birth is easily available in the public domain and can be replicated by a fraudster.
“With the rapid adoption of c-KYC, the RBI wants to ensure that the right customer is onboarded with the right set of consent,” said Wriju Ray, cofounder of Mumbai-based identity verification startup Idfy. “What we see is that banks are doing a c-KYC check and then moving on to a video KYC to check liveness and face match or a physical KYC where a branch officer or a business correspondent does a physical check,” he added.
[The Economic Times]