Following the comprehensive Video KYC FAQ, here is a quick summary of how to deploy the Video KYC solution into your client onboarding flow to remain compliant with the steps specified by the regulator. The Video KYC process can be split into three pillars (Before, During and After) taken from the V-CIP process defined in the master KYC circular published by RBI on 09 January 2020.

Video KYC

.

The first pillar of the process (Before Video KYC) is to ensure that the steps conform to the V-CIP regulations and complies with the broader KYC/AML facets of customer onboarding. To this end, the regulator has provided the following guidelines.

.

  1. The Video KYC software to be deployed should undergo vulnerability, security and audit validation to ensure robustness and end to end encryption.
  2. Regulated entities shall ensure that the audit visual communication is seamless, real-time, encrypted and secured between the customer and the official conducting V-CIP.
  3. Keeping the strength of communication networks, connectivity and bandwidth, the regulated entities should ensure that the quality of the video is adequate to establish identification of the customer beyond doubt.
  4. To avoid fraudulent transactions, the video session with the customer should originate from the domain of the regulated entity and not originate from a third-party system. This would mean that the whole system is deployed on-premises of the regulated entity.
  5. Prior to establishing the video call, the regulated entity must ensure that the customer doing the V-CIP is physically present in India (geotagging check).

.

The second pillar of the process (During Video KYC) to ensure that the regulated entity follows all of the compliance processes set out by the regulator during the V-CIP.

.

  1. The Video KYC call must be completed by a trained official. Regulated entities cannot outsource this process to business correspondents. However, REs can take the help of business correspondents to help customers complete this process from the customer end. This would make sense as many wouldn’t have a device or economic or educational means to undertake video verification and REs can take the help of the BCs to help customers complete V-CIP with the Bank official. While this would need physical presence of the business correspondent with the customer, the process of verification would still be seamless and paperless.
  2. The regulated entity completes Aadhaar eKYC or Aadhaar Offline during the video kyc. Many have missed the point by allowing Aadhaar Offline to be completed prior to starting the video call. However, the regulation makes it clear that the “official of the RE performing the V-CIP shall record video as well as … obtain the identification information … either OTP based Aadhaar e-KYC authentication or Offline Verification of Aadhaar for identification.” Furthermore, this will ensure that the Aadhaar Offline document is no more than 3 (three) days old as per regulations.
  3. The Bank official should capture a live photograph and PAN card of the customer. However, customer can share an e-PAN instead of a physical PAN in which case a photo of the PAN is not needed. In both cases, the PAN needs to be verified against the issuing authorities for its validity.
  4. The official also should match the live face against the face in PAN and Aadhaar to verify that the customer performing the V-CIP is the true owner of the identification document presented during the video kyc call.
  5. The official of the regulated entity shall ensure that the questions and the sequence are varied in order to establish that the audiovisual interactions are not spoofed.

.

The third pillar of the process (After Video KYC) is the safeguards and audit checks that the regulated entities must carry out to ensure that the video call passes concurrent audit checks as laid down by the regulator.

.

The bank official ensures that sufficient liveness checks are carried out to ensure that the person completing the steps and the video kyc is real and establishes the identity of the customer beyond doubt. The regulator encourages sufficient use of technology alongside human intelligence to ensure that fraudulent transactions are prevented and that controls are stronger for the official completing video kyc.

  1. The regulated entity ensures that the video recording is stored in a safe and secure manner and bears the date and time stamp of the video kyc call.
  2. If Aadhaar is presented during the video call, any static image of the Aadhaar card and Aadhaar card in the video is redacted or masked as per UIDAI regulators with respect to Aadhaar.
  3. The entire activity log and the metadata captured during the video kyc along with the credentials of the official performing the video kyc shall be preserved.
  4. And finally, all accounts opened through V-CIP shall be made operational only after being subject to concurrent audit (meaning that the V-CIP process undergoes thorough examination and audits and best practices laid down by the regulated entity in compliance with the regulations).

.

Talk to an expert today >

About: FRSLABS is an award-winning research and development company focussed on identity verification and fraud prevention solutions for businesses. We are building the next generation video KYCOCRface verificationidentity verification and IRSF fraud prevention solutions to benefit a billion people.

Tagged with:
 

Customer onboarding is critical.
Don't make it better, make it the best.