The Securities and Exchange Board of India (‘SEBI’) has notified (on April 6, 2022) additional guidelines for the implementation of SEBI KYC (Know Your Client) Registration Agency (KRA) Regulations, 2011 (“Guidelines”).
Under the Guidelines, it is stipulated that KRAs shall continue to act as repository of KYC data in the securities market and shall additionally be responsible for storing, safeguarding and retrieving the KYC documents and submit to the Board or any other statutory authority as and when it required by such authority.
Further, KRAs shall now have to independently validate records of those clients (existing as well as new) whose KYC has been completed using Aadhaar as the Official Valid Document (“OVD”). The records of clients who have completed KYC using non-Aadhaar OVD shall be validated only upon receiving the Aadhaar Number.
The process of validation by such KRAs shall be accomplished by authenticating the following details:
1. Aadhaar through the Unique Identification Authority of India (UIDAI) authentication/verification mechanism;
2. Mobile number and e-mail ID using OTP validation (only in cases here mobile number and e-mail ID provided by client are not lined with the Aadhaar);
3. PAN card has to be authenticated by using the Income Tax Database.
KRAs have further been directed to develop systems/mechanisms, in consultation with SEBI and in co-ordination with each other. They have been directed to follow uniform internal guidelines detailing aspects of identification of KYC attributes and procedures for KYC validation.
The guidelines further state that systems of Registered Intermediaries (RIs) and the KRAs shall have to be integrated to facilitate seamless movement of KYC documents to and from the RIs to the KRAs. The KRAs have further been directed to promptly inform the respective RIs of deficiency/inadequacy in client’s KYC documents, if any, that is observed for validation.
Additionally, upon successful completion of KYC validation, a unique client identifier called KRA identifier shall be assigned by KRA to the client and such KRA identifier may be used by the client for opening of account with any other intermediary, without having to repeat the KYC process for smoother facilitation.
The KRA is further directed to validate the KYC records of new clients (who have used Aadhaar as an OVD) within a period of 180 days from July 1, 2022. The KRA further has to update the records of new clients within two working days of receipt of the KYC records by KRAs. Furthermore, the KRAs shall advise the clients of such receipt of KYC records within two working days by post or email, while maintaining the proof of dispatch.
It is to be noted that clients whose KYC records are not found to be valid by KRA after undertaking the validation process, shall be allowed to transact in securities market only after their KYC is validated.
In cases where the KYC is based on non-Aadhaar OVD, the KRA shall only store such records and same shall not be validated by KRAs unless the Aadhar number is provided by the client.
Lastly, the guidelines mention that the validation of all KYC records (new and existing) shall commence from July 1, 2022.