At any given point, there are hundreds of customers whose KYC validity expires. However, there could be a bunching-up of action as the RBI had asked banks not to insist on KYC in the wake of the second wave of the pandemic. The requirement of updating KYC norms is not just for banks but every regulated financial entity as it is part of anti-money laundering laws. This includes finance companies, mutual funds, broking houses and depositories.
Bankers said that for customers in low-risk accounts, KYC needs to be updated once every 10 years. However, those classified as high-risk will need to update their account once every two years. Besides this, dormant and inactive accounts also require fresh KYC updates to unfreeze or reactivate the accounts. Although for most customers the requirement is to update only once in 10 years, bankers say that more frequent updates are required because in some cases the documents submitted might not be part of the list of official valid documents. Also, where customers have changed the account and the communication returned to the bank, the KYC would have to be done afresh.
In a circular to all banks on May 2021, the RBI had said, “Keeping in view the current Covid-related restrictions in various parts of the country, regulated entities are advised that in respect of the customer accounts where periodic updating of KYC is due and pending as on date, no restrictions on operations of such account shall be imposed till December 31, 2021, for this reason alone, unless warranted under instructions of any regulator/ enforcement agency/court of law.”
While there are a number of options now for regulated entities to comply with KYC norms (video KYC, sharing of documents via DigiLocker), many have still not complied. Another problem is that given the number of phishing attacks that are taking place using the KYC as a bait, customers have turned wary of these messages or calls.
