12 August 2024


Notifications & Circulars

Ministry of Finance 

06.12.2022

Commercial

Entities onboarded to perform authentication under the Aadhaar Act, 2016 for the purposes of Section 11A of PMLA are permitted to do so by using e-KYC setu system

MANU/REVU/0116/2022

1. In exercise of the powers conferred by sub-section (1) of section 11A of the Prevention of Money-laundering Act, 2002 (15 of 2003), in consultation with Unique Identification Authority of India (UIDAI), the Reserve Bank of India, the Securities Exchange Board of India, the Insurance Regulatory Authority of India and the Pension Fund Regulatory Authority of India, being the appropriate regulator, the Central Government, being satisfied that it is necessary to do so, hereby notifies that entities onboarded to perform authentication under the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 (18 of 2016)(hereinafter referred to as the Aadhaar Act) for the purposes of section 11A of the Prevention of Money-laundering Act, 2002 using the e-KYC setu system be permitted to do so, after being satisfied that the e-KYC setu system complies with the standards of privacy and security under the Aadhaar Act.

2. The e-KYC setu shall be a system put in place by National Payments Corporation of India (NPCI) to enable verification of identity of a client or its beneficial owner by a reporting entity through authentication under the Aadhaar Act without disclosing the Aadhaar number of the individual to the reporting entity.

3. NPCI shall ensure that the authentication is carried out using the Aadhaar number of the client as per the regulations laid down by UIDAI, without disclosing full Aadhaar number to the reporting entity, and after carrying out authentication, NPCI shall share the last four digits of the Aadhaar number of the client, alongwith his demographic details made available to it by UIDAI, digitally signed by it, with the reporting entity and the reporting entity shall carry out identification of the client based on the details provided by the client and NPCI.

4. UIDAI may carry out such verification, including physical verification, as it may deem fit to ensure that the system put in place by NPCI is in compliance with the regulations issued by them and the requirements laid down by them and in case the UIDAI comes to a conclusion that additional measures are required to bring the system in compliance with regulations and other requirements, if any, it may issue such directions to be complied with in such time as it may deem fit.

5. (i) A list of entities on boarded for the purpose of carrying out the authentication using the e-KYC setu shall be maintained by NPCI at http://npci.org.in/e-KYCsetu/ including the date from which they have been on-boarded.

(ii) Before on-boarding any entity for this purpose, NPCI shall ensure that the entity satisfies all the requirements for carrying out authentication through the e-KYC setu.

(iii) NPCI shall also ensure that the entity has requisite regulatory clearance, if required, to carry out the financial business for which it intends to authenticate identity of its clients.

6. Access to the e-KYC setu system to an entity, which,-

(a) is no longer desirous of carrying out authentication of its clients using e-KYC setu;

(b) is found to be in breach of the requirements laid down by NPCI or UIDAI for verification of its clients using e-KYC setu;

(c) is no longer allowed to carry out the financial business by the appropriate regulator; or

(d) does not carry out verification of any client for a period of six months,

shall be discontinued by NPCI and a separate list of such entities shall be maintained at http://npci.org.in/e-KYCsetu/ including the date from which the access has been discontinued alongwith the reasons for such discontinuation and at any stage, if UIDAI, NPCI or appropriate regulator comes to the conclusion that access to the e-KYC setu system to any entity should be discontinued, it shall inform the same to NPCI immediately in this regard and NPCI shall deny access to such entity forthwith.

7. The details of entities onboarded and entities discontinued shall be notified by NPCI to UIDAI and the appropriate regulator within seven days of such action.

8. This notification shall come into force from the date of its publication in the Official Gazette.

Tags : E-KYC setu Permission

Share :