Starting January 1st, 2023, all classes of Life, General & Health Insurance have to follow KYC procedures. IRDAI mandates Aadhaar based KYC, Digital KYC, Video KYC, CKYC as accepted forms of KYC. 

IRDAI has recently launched Master guidelines on Anti-Money laundering/ Counter Financing of Terrorism, according to which insurers will have to follow Customer identification Procedures while establishing an account/client based relationship and monitor every transaction.

Money Laundering is a process or activity of moving illegally acquired money through financial systems so that it appears to be legally acquired

These Guidelines would be applicable for all classes of Life, General or Health Insurance business carried out by the “Insurers‟ except Re-insurance business carried out by the “Indian Insurance company‟ or “foreign company‟ in India.

These guidelines would come into force from 1st January 2023.

All the insurers have to formulate a AML/CFT policy which has to be approved by the insurer’s board and conveyed to all staff members/agents which will be revised as and when required based on the risk exposure and experience.

The insurer board will have to consist of a designated director and principal officer who shall take care of the compliance and their contact details have to be shared with IRDAI and FIU-IND within 7 days of its effect.

The policy should cover a customer due diligence system in place for identifying, monitoring, and timely reporting of suspected ML and TF transactions to FIU-IND and law enforcement authorities.

The policy should have a clause for all the intermediaries/representatives of insurers making KYC norms mandatory and take actions against defaulters.

KYC Norms for Insurers

Following rules have to be incorporated in the policy as KYC norms:

  1.  They have to obtain requisite details for proper identification of new/existing customers.
  2.  For every individual and beneficiary, identity proof, address proof and recent photograph is mandatory.
  3.  If the individual is a Juridical person, insurer will have to verify his/her legal status by taking additional proofs of Legal form, existence, address of registered office, authorised individual identity proof who is purporting on behalf, beneficial owners.
  4.  If the individual submits an Aadhaar card for identification and wants to provide a different current address, then only self declaration is needed.
  5.  Individuals who are not able to perform Aadhaar based authentication due to injury, illness or old age or otherwise, they may submit officially valid documents at the time of commencement of Account based relationship.
  6. Necessary KYC shall be done for the existing customers time to time basis the adequacy of previously obtained data
  7. Re-KYC of existing customers can be done in 2 years for a low risk customer and in 1 year for a high risk customer.

Accepted forms of KYC

Any one of the following KYC methods which can be performed by insurer:

  1.  Aadhaar based KYC through Online authentication
  2. Aadhaar based KYC through Offline authentication
  3. Digital KYC as per PML rules
  4. Video based identification process
    – Insurers may undertake live VBIP by developing an application (HyperVerge VKYC) which facilitates KYC process either online or face-to-face in-person verification through video
  5. CKYC
    – KYC identifiers wherever submitted can be used to pull KYC documents from CERSAI’s registry. KYC documents to be collected only if the information has changed
    – For online Authentication
       – The redacted Aadhar Number (Last four digits)
      – Demographic details
      – The fact that Authentication was done
    – For offline Verification
      – KYC data
      – Redacted Aadhaar number (Last four digits)
    – Insurers shall file the electronic copy of the client’s KYC records with CKYCR within 10 days after the commencement of the relationship
  6. Submitting OVD along with PAN/Form 60 (This step is compulsory and is needed along with all the modes of KYC)

As part of on-going CDD, insurers should monitor any remittances made for further risk assessment and take action as considered necessary. Risk categorization to also include parameters such as customer’s identity, social/financial status, nature of business activity, and information about the clients’ business and their location (Confirm customer’s identity and the identity of the documents)

For Politically Exposed Persons (PEP), the proposal has to be reviewed by the insurer’s senior management and lay down appropriate on-going risk management procedures.

Insurer should not enter into contract with a customer whose identity matches with any person in the UN sanction list or with banned entities and those reported to have links with terrorists or terrorist organizations.

Insurers to periodically check the MHA website for an updated list of banned entities.

A list of individuals and entities subject to UN sanction measures would be circulated to the insurers through Life/ General Insurance Council, on receipt of the same from the Ministry of External Affairs (MEA). This is in addition to the list of banned entities compiled by the Ministry of Home Affairs (MHA) that have been circulated to the insurers till date.

With the possibility of an increase in foreign players & domestic companies entering the insurance sector, the IRDAI thought it prudent to update the rules pertaining to AML (Anti-Money Laundering) and CFT (Counter Financing of Terrorism). These guidelines replace the rules issued in 2013 & remove the exemptions for companies from the older guidelines. The changes to the IRDAI AML/CFT guidelines definitively ensure complete KYC for all retail insurance customers across India, understand those customers to help serve them better and make sure there is no money laundering or terrorist financing going on in insurance businesses through identity verification services