Customer due diligence lies at the heart of India’s financial regulatory framework. The RBI, through its Master Direction on KYC (updated periodically), together with the PMLA and its Rules, mandates that all regulated entities undertake robust processes to verify customer identity, monitor transactions, and report suspicious activity. For NBFCs, compliance with these obligations is direct and statutory. LSPs, while not directly regulated under PMLA, must align their onboarding and data-collection processes with the NBFC’s KYC/AML framework.

<aside>

⚖️ KYC and AML compliance represent not only a legal requirement but also the foundation of financial integrity. Robust due diligence is critical for investor trust, borrower protection, and regulatory confidence.

</aside>

<aside>

⚠️ Penalties & Crackdowns

RBI imposed monetary penalties on several NBFCs in 2024 for KYC lapses, including non-compliance with Know Your Customer norms. For example, Hewlett Packard Financial Services (India) was fined ₹10.4 lakh, SMFG India Credit Company Ltd (formerly Fullerton India) was penalized ₹23.1 lakh, and Muthoot Vehicle & Asset Finance Ltd was fined ₹7.9 lakh.

</aside>

1️⃣ Legal and Regulatory Basis

2️⃣ Core Components of KYC Compliance

3️⃣ AML Obligations

4️⃣ Roles of NBFCs and LSPs

5️⃣ Technology and Security Standards

6️⃣ Compliance Risks & Penalties

<aside>

⚠️ Note the disclaimers regarding the document's limitations and the need for professional legal advice.

</aside>

After customer verification is complete, the next focus is ensuring transparency, fair treatment, and borrower protection. Proceed to Step 5: Fair Lending & Customer Protection.

Or return to Step 3: RBI’s Digital Lending Guidelines.