The Reserve Bank of India (RBI) has made it mandatory for all Regulated Entities (REs)—including banks, NBFCs, and fintechs—to use the Central KYC Registry (CKYCR) for customer onboarding and periodic KYC updates. RBI has also introduced monthly adhoc returns to monitor compliance, with strict supervisory action warned against non-compliant entities.
The directive covers all onboarding channels—branch, digital, and assisted—ensuring CKYCR becomes the single reference point for customer identification across India’s financial ecosystem.
RBI’s Stand on CKYC
RBI has reiterated that the Central KYC Registry (CKYCR) must be the first step in all onboarding journeys. Regulated Entities are required to:
Search and download CKYC IDs for new customers during onboarding.
Upload KYC records to generate CKYC IDs where none exist.
Ensure customers are onboarded only via CKYC IDs, without reliance on other OVDs (Officially Valid Documents) wherever possible.
This move strengthens compliance, reduces duplication, and ensures consistency across the financial sector.
Channels Covered Under the Mandate
The RBI circular applies to all modes of customer onboarding and periodic updates, including:
Branch: Physical or hybrid journeys initiated at branch level.
Business Correspondents (BCs): Assisted banking channels.
V-CIP (Video KYC): Remote video-based verification processes.
Digital Channels: Tab, mobile, app-based, fintech integrations, web platforms, and Digilocker-based onboarding.
Other Modes: Any alternate or assisted customer journey.
This ensures uniform CKYCR adoption across all possible customer touchpoints.
Monthly Reporting Requirement
All REs must now file monthly returns to RBI, disclosing:
Number of Customers Onboarded.
Out of these, how many involved CKYC ID search and download.
How many had a new CKYC ID generated via upload.
How many were onboarded only through CKYC ID (without other OVDs).
The central database will allow RBI to identify non-compliant entities quickly and track sector-wide implementation.
Supervisory Action for Non-Compliance
RBI has made it clear that entities failing to comply with the CKYC mandate could face stringent supervisory actions, including:
Regulatory Inspections: Detailed supervisory audits of KYC and onboarding practices.
Penalties & Fines: Monetary penalties under the RBI Act and PMLA compliance norms.
Operational Restrictions: Possible restrictions on customer onboarding until compliance gaps are rectified.
Management Accountability: Directives to Boards and senior management for corrective actions and accountability.
Reputational Consequences: Public naming of non-compliant entities, impacting credibility with customers and investors.
These measures underline RBI’s zero-tolerance approach toward KYC/AML compliance gaps.
Why This Matters for NBFCs and Fintechs
For NBFCs, fintechs, and other REs, this directive is a compliance priority. Non-compliance could invite regulatory scrutiny and punitive actions. Entities must:
Immediately audit their CKYCR integration across all onboarding channels.
Strengthen reporting and governance frameworks to ensure monthly accuracy.
Seek expert support to design systems that meet regulatory expectations.
Call to Action
NBFCs and fintechs must act immediately to avoid compliance lapses. For detailed guidance on CKYCR compliance and to implement robust frameworks, reach out to GenZCFO for expert advisory solutions.
