Bharuwa Financial Services Private Limited (BFSPL) is a dynamic Non-Banking Financial Company (NBFC) poised to make a significant impact in the retail and MSE sector, specifically focusing on Personal Loans, Vehicle Loans, Housing Loans, and loans to the Micro SME Sector. BFSPL is dedicated to promoting women's empowerment, fostering employment generation, and uplifting the socio-economic status of the underprivileged population. The organization's mission aligns closely with the United Nations Sustainable Development Goals (SDGs), particularly those related to poverty alleviation, gender equality, and economic growth.
Reserve Bank of India has issued Master Direction- Know Your Customer (KYC) Direction, 2016 including comprehensive guidelines on Know Your Customer (KYC) norms and Anti-Money Laundering (AML) standards and has advised all NBFCs to ensure that a proper policy framework on KYC and AML measures be formulated and put in place with the approval of the Board.
Accordingly, in compliance with the guidelines issued by RBI from time to time, the following KYC & AML policy of the Company is approved by the Board of Directors of the Company
To ensure compliance with the RBI guidelines on KYC and Anti-Money Laundering (AML). To prevent the use of our services for money laundering, terrorist financing, and other illegal activities.To protect the company from being used by unscrupulous and criminal elements.
To understand the customer’s risk profile and source of funds.Aadhaar number” shall have the meaning
assigned to it in clause (a) of section 2 of the Aadhaar (Targeted Delivery of Financial and
Other Subsidies, “Act” and “Rules” means the Prevention of
Money-Laundering Act, 2002 and the Prevention of Money-Laundering (Maintenance of Records)
Rules, 2005, respectively and amendments thereto. Authentication”, in the context of Aadhaar
authentication, means the process as defined under sub-section (c) of section 2 of the
Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act,
2016. “Central KYC Records Registry” (CKYCR) means
an entity defined under Rule 2(1) of the Rules, to receive, store, safeguard and retrieve
the KYC records in the digital form of a customer. “Designated Director" means a person
designated by the Company to ensure overall compliance with the obligations imposed under
chapter IV of the PML Act and the Rules and shall include: Digital KYC” means the capturing live photo
of the customer and officially valid document or proof of possession of an Aadhaar, where
offline verification cannot be carried out, along with the latitude and longitude of the
location where such live photo is being taken by an authorized officer of the “BFSPL” as per
the provisions contained in the Act. “Digital Signature” shall have the same
meaning as assigned to it in clause (p) of subsection (1) of section (2) of the Information
Technology Act, 2000 (21 of 2000). Equivalent e-document” means an electronic
equivalent of a document, issued by the issuing authority of such document with its valid
digital signature including documents issued to the digital locker account of the customer
as per rule 9 of the Information Technology (Preservation and Retention of Information by
Intermediaries Providing Digital Locker Facilities) Rules, 2016. “Know Your Client (KYC) Identifier” means
the unique number or code assigned to a customer by the Central KYC Records Registry. Officially Valid Document” (OVD) means the
passport, the driving licence, proof of possession of Aadhaar number, the Voter's Identity
Card issued by the Election Commission of India, job card issued by NREGA duly signed by an
officer of the State Government and letter issued by the National Population Register
containing details of name and address. “Customer” means a person who is engaged in
a financial transaction or activity with BFSPL and includes a person on whose behalf the
person who is engaged in the transaction or activity, is acting. “Walk-in Customer” means a person who does
not have an account-based relationship with the BFSPL but undertakes transactions with the
BFSPL Customer Due Diligence (CDD)” means
identifying and verifying the customer and the beneficial owner. “Customer identification” means undertaking
the process of CDD. “FATCA” means Foreign Account Tax Compliance
Act of the United States of America (USA) which, inter alia, requires foreign financial
institutions to report about financial accounts held by U.S. taxpayers or foreign entities
in which U.S. taxpayers hold a substantial ownership interest. Customer Acceptance Policy (CAP) Customer Identification Procedures (CIP)
Monitoring of Transactions Risk Management BFSPL shall adhere to the following guidelines
No account is opened in an anonymous or
fictitious/benami name.
No account is opened where the BFSPL is
unable to apply appropriate CDD measures, either due to non-cooperation of the customer or
non-reliability of the documents/information furnished by the customer.
No transaction or account-based relationship
is undertaken without following the CDD procedure.
The mandatory information to be sought for
KYC purpose while opening an account.
‘Optional’/additional information, is
obtained with the explicit consent of the customer after the account is opened.
BFSPL shall apply the CDD procedure at the
UCIC level. Thus, if an existing KYC compliant customer desires to open another account
there shall be no need for a fresh CDD exercise.
CDD Procedure is followed for all the joint
account holders, while opening a joint account.
Circumstances in which, a customer is
permitted to act on behalf of another person/entity, is clearly spelt out.
BFSPL shall put a suitable system in place
to ensure that the identity of the customer does not match with any person or entity, whose
name appears in the sanctions lists circulated by Reserve Bank of India.
Where Permanent Account Number (PAN) is
obtained, the same shall be verified from the verification facility of the issuing
authority.
Where an equivalent e-document is obtained
from the customer, BFSPL shall verify the digital signature as per the provisions of the
Information Technology Act, 2000 (21 of 2000).
Accept customers after verifying their
identity and address as per prescribed documentation.
Categorize customers based on their risk
profile and take appropriate measures.
Not to open accounts or establish business
relationships where the customer’s identity cannot be verified.
Commencement of an account-based
relationship with the customer. When there is a doubt about the authenticity
or adequacy of the customer identification data it has obtained. Selling third-party products as agents,
selling their own products, payment of dues of credit cards/sale and reloading of
prepaid/travel cards and any other product for more than rupees fifty thousand. For the purpose of verifying the identity of
customers at the time of commencement of an account-based relationship, Company, shall at
their option, rely on customer due diligence done by a third party, subject to the following
conditions: Records or the information of the customer
due diligence carried out by the third party is obtained within two days from the third
party or from the Central KYC Records Registry. Adequate steps are taken by Company to
satisfy themselves that copies of identification data and other relevant documentation
relating to the customer due diligence requirements shall be made available from the third
party upon request without delay. The third party is regulated, supervised or
monitored for, and has measures in place for, compliance with customer due diligence and
record-keeping requirements in line with the requirements and obligations under the PML Act.
He is desirous of receiving
any benefit or subsidy under any scheme notified
under section 7 of the Aadhaar (Targeted Delivery of Financial and Other
subsidies, Benefits and Services) Act, 2016 (18 of 2016); or He decides to submit his
Aadhaar number voluntarily to a bank or any RE
notified under the first proviso to sub-section (1) of section 11A of the
PML Act; or The proof of possession of an Aadhaar number where offline verification can be carried out; or
The proof of possession of an Aadhaar number where offline verification cannot be carried out or any OVD or the equivalent e-document thereof containing the details of his identity and address; and
The Permanent Account Number or the equivalent e-document thereof or Form No. 60 as defined in Income-tax Rules, 1962.
Such other documents including in respect of the nature of business and financial status of the customer, or the equivalent e-documents thereof as may be required by the Company.
Proof of possession of Aadhaar under clause (aa) above where offline verification can be carried out, the RE shall carry out offline verification.
An equivalent e-document of any OVD, the RE shall verify the digital signature as per the provisions of the Information Technology Act, 2000 (21 of 2000) and any rules issues thereunder and take a live photo as specified under
Any OVD or proof of possession of an Aadhaar number under clause (ab) above where offline verification cannot be carried out, the RE shall carry out verification through digital KYC as specified under Provided that for a period not beyond such date as may be notified by the Government for a class of REs, instead of carrying out digital KYC, the RE about such class may obtain a certified copy of the proof of possession of Aadhaar number or the OVD and a recent photograph where an equivalent e document is not submitted
REs may undertake V-CIP to carry out: (Customer Identification process)
CDD in case of new customer on boarding for individual customers, proprietor in case of proprietorship firm, authorised signatories, and Beneficial Owners (BOs) in case of Legal Entity (LE) customers.
Provided that in the case of
CDD of a proprietorship firm, REs shall also
obtain the equivalent e-document of the activity proofs with respect to the
proprietorship firm, as mentioned in Section 28, apart from undertaking CDD
of the proprietor. Conversion of existing
accounts opened in non-face to face mode using
Aadhaar OTP based e-KYC authentication as per Section 17. Updating/Periodic updating
of KYC for eligible customers. In case of offline verification of Aadhaar using XML file or Aadhaar Secure QR Code, it shall be ensured that the XML file or QR code generation date is not older than 3 days from the date of carrying out V-CIP.
Further, in line with the prescribed period of three days for usage of Aadhaar XML file / Aadhaar QR code, Company shall ensure that the video process of the V-CIP is undertaken within three days of downloading / obtaining the identification information through CKYCR / Aadhaar authentication / equivalent e-document, if in the rare cases, the entire process cannot be completed at one go or seamlessly. However, Company shall ensure that no incremental risk is added due to this.
If the address of the customer is different from that indicated in the OVD, suitable records of the current address shall be captured, as per the existing requirement. It shall be ensured that the economic and financial profile/information submitted by the customer is also confirmed from the customer undertaking the V-CIP in a suitable manner.
RE shall capture a clear image of PAN card to be displayed by the customer during the process, except in cases where e-PAN is provided by the customer. The PAN details shall be verified from the database of the issuing authority including through Digi locker.
Use of printed copy of equivalent e-document including e-PAN is not valid for the V-CIP.
The authorised official of the RE shall ensure that photograph of the customer in the Aadhaar/OVD and PAN/e-PAN matches with the customer undertaking the V-CIP and the identification details in Aadhaar/OVD and PAN/e-PAN shall match with the details provided by the customer.
All matters not specified under the paragraph but required under other statutes such as the Information Technology (IT) Act shall be appropriately complied with by the RE.
Regularly monitor
transactions to identify and report suspicious activities. Implement robust software
for real-time monitoring and alerts. Maintain records of
transactions as per regulatory requirements. Customers shall be
categorised as low, medium and high-risk category, based on the assessment
and risk perception of the RE. Risk categorisation shall be
undertaken based on parameters such as customer’s identity, social/financial
status, nature of business activity, and information about the customer’s
business and their location etc. While considering customer’s identity, the
ability to confirm identity documents through online or other services
offered by issuing authorities may also be factored in. The following steps shall be
taken by the Company regarding maintenance, preservation, and reporting of
customer account information, concerning provisions of the PML Act and Rules
Preserve the records about
the identification of the customers and their addresses obtained while
opening the account and during the course of the business relationship, for
at least five years after the business relationship is ended. Make available the
identification records and transaction data to the competent authorities
upon request. Reporting Requirements to Financial Intelligence Unit - India
REs shall furnish to the
Director, Financial Intelligence Unit-India (FIU-IND), information referred
to in Rule 3 of the PML (Maintenance of Records) Rules, 2005 in terms of
Rule 7.
Report suspicious
transactions to the Financial Intelligence Unit-India (FIU-IND). Ensure timely submission of
CTR (Cash Transaction Report) and STR (Suspicious Transaction Report) as per
regulatory timelines. The RE shall develop an application for digital KYC process which shall be made available at customer touch points for undertaking KYC of their customers and the KYC process shall be undertaken only through this authenticated application of the REs.
The access of the Application shall be controlled by the REs and it should be ensured that the same is not used by unauthorized persons. The application shall be accessed only through login-id and password or Live OTP or Time OTP controlled mechanism given by REs to its authorized officials.
The customer, for KYC, shall visit the location of the authorized official of the RE or vice-versa. The original OVD shall have the customer.
The RE must ensure that the Live photograph of the customer is taken by the authorized officer and that the same photograph is embedded in the Customer Application Form (CAF). Further, the system Application of the RE shall put a watermark in readable form having CAF number, GPS coordinates, authorized official’s name, unique employee Code (assigned by REs) and Date (DD:MM: YYYY), and time stamp (HH:MM: SS) on the captured live photograph of the customer.
The digital platform shall have the feature only a live photograph of the customer is captured and no printed or video-graphed photograph of the customer is captured. The background behind the customer while capturing a live photograph should be white and no other person shall come into the frame while capturing the live photograph of the customer.
Similarly, the live photograph of the original OVD or proof of possession of Aadhaar where offline verification cannot be carried out (placed horizontally), shall be captured vertically from above, and water-marking in readable form as mentioned above shall be done. No skew or tilt in the mobile device shall be there while capturing the live photograph of the original documents.
The live photograph of the customer and his original documents shall be captured in proper light so that they are clearly readable and identifiable.
Thereafter, all the entries in the CAF shall be filled as per the documents and information furnished by the customer. In those documents where a Quick Response (QR) code is available, such details can be auto-populated by scanning the QR code instead of manually filing the details. For example, in the case of physical Aadhaar/e- Aadhaar downloaded from UIDAI where a QR code is available, the details like name, gender, date of birth, and address can be auto-populated by scanning the QR available on Aadhar/e-Aadhaar.
Once the above-mentioned process is completed, a One Time Password (OTP) message containing the text that ‘Please verify the details filled in form before sharing OTP’ shall be sent to customer’s own mobile number. Upon successful validation of the OTP, it will be treated as customer signature on CAF (customer acceptance form). However, if the customer does not have his/her own mobile number, then mobile number of his/her family/relatives/known persons may be used for this purpose and be clearly mentioned in CAF. In any case, the mobile number of authorized officers registered with the RE shall not be used for customer signature. The RE must check that the mobile number used in customer signature shall not be the mobile number of the authorized officer.
The authorized officer shall provide a declaration about the capturing of the live photograph of customer and the original document. For this purpose, the authorized official shall be verified with One Time Password (OTP) which will be sent to his mobile number registered with the RE. Upon successful OTP validation, it shall be treated as authorized officer’s signature on the declaration. The live photograph of the authorized official shall also be captured in this authorized officer’s declaration.
Subsequent to all these activities, the Application shall give information about the completion of the process and submission of activation request to activation officer of the RE, and also generate the transaction-id/reference-id number of the process. The authorized officer shall intimate the details regarding transaction-id/reference-id number to customer for future reference.
The authorized officer of the RE shall check and verify that: - (i) information available in the picture of document is matching with the information entered by authorized officer in CAF. (ii) live photograph of the customer matches with the photo available in the document and (iii) all of the necessary details in CAF including mandatory field are filled properly, On successful verification, the CAF shall be digitally signed by authorized officer of the RE who will take a print of CAF, get signatures/thumb-impression of customer at appropriate place, then scan and upload the same in system. Original hard copy may be returned to the customer.
Banks may use the services of Business Correspondent (BC) for this process.
Conduct regular training programs for
employees on KYC, AML, and CFT (Combating Financing of Terrorism). Ensure employees are aware of their
obligations and the procedures for reporting suspicious activities.
This policy shall be reviewed annually or as
and when required by changes in regulatory guidelines. Ensure the policy is updated to reflect
changes in law, regulations, and industry practices.
Aadhaar cardPassportPermanent Account Number
(PAN) cardVoter's Identity CardDriving LicenseJob Card issued by NREGA
duly signed by an officer of the State GovernmentLetter issued by the
National Population Register containing details of name and addressAadhaar cardPassportVoter's Identity Card (PAN)
cardDriving LicenseUtility bills (electricity,
telephone, post-paid mobile phone, piped gas, water bill) not more than two
months oldProperty or Municipal Tax
receiptBank account or Post Office
savings bank account statementPension or family pension
payment orders (PPOs) issued to retired employees by Government Departments
or Public Sector Undertakings, if they contain the addressLetter of allotment of
accommodation from employer issued by State or Central Government
departments, statutory or regulatory bodies, public sector undertakings,
scheduled commercial banks, financial institutions and listed companies.
Letter issued by Employer
confirming address proof.Proof of the name, address,
and activity of the concern Registration certificate (in
the case of a registered concern) Certificate/license issued
by the municipal authorities under Shop and Establishment Act Sales and income tax returns
CST/VAT certificate Certificate/registration
document issued by Sales Tax/Service Tax/Professional Tax authorities. IEC (Importer Exporter Code)
issued to the proprietary concern by the office of DGFT (Director General of
Foreign Trade) The complete Income Tax
return (not just the acknowledgment) in the name of the sole proprietor
where the firm's income is reflected, duly authenticated/acknowledged by the
Income Tax authorities Registration certificate.
Partnership deed PAN card of the partnership
firm An officially valid document
in respect of the person holding an attorney to transact on its behalf Certificate of incorporation
Memorandum and Articles of
Association PAN card of the company
A resolution from the Board
of Directors and power of attorney granted to its managers, officers, or
employees to transact on its behalf Certificate of registration,
if registered
Trust deed PAN card of the trust
An officially valid document
in respect of the person holding an attorney to transact on its behalf