🛡️ Reserve Bank of India (Know Your Customer (KYC)) (Amendment) Directions, 2025
Ref: RBI/2025-26/51 | Date:
June 12, 2025
Amends: RBI KYC Directions, 2016
 |
The Reserve Bank of India has amended the Master Direction on KYC (2016) to further enhance customer convenience, improve regulatory efficiency, and strengthen consumer protection mechanisms. These changes are issued under a confluence of enabling provisions across several legislations, including the Banking Regulation Act, RBI Act, FEMA, PMLA Rules, and the Payment and Settlement Systems Act.
The 2025
amendments focus on easing the burden on low-risk customers, introducing
digital-friendly KYC practices, and enforcing structured communication
protocols for periodic KYC updation.
2. What's
Changed?
➤
A. Relaxation for Low-Risk Individual Customers
One of the key
changes introduced is in respect of individual customers classified as
"low-risk". For such customers:
- Regulated Entities (REs) are permitted to allow
all transactions even if their KYC is overdue.
- However, REs are mandated to ensure KYC is
updated either:
- within one year of the due date,
or
- by June 30, 2026, whichever
is later.
- This relaxation applies retrospectively,
meaning customers whose KYC is already overdue can also benefit from this
window.
- Simultaneously, REs are expected to maintain ongoing
monitoring of such accounts to detect any unusual activity.
This update aims to reduce disruptions for compliant, low-risk customers, particularly senior citizens and financially included rural populations, while still maintaining the integrity of the financial system.
➤
B. Business Correspondents (BCs) Empowered to Support KYC Updation
The amendment
introduces a major operational enhancement: Banks can now use Business
Correspondents (BCs) to collect self-declarations from customers for KYC
updates, provided the only change is either "no change" or a
"change in address."
Here’s how it
works:
- The customer can give a self-declaration
along with necessary documents to an authorised BC.
- This can be collected:
- in electronic form after
biometric e-KYC authentication, or
- in physical form, until
digital capabilities are fully rolled out.
- The BC is responsible for:
- verifying and authenticating
the documents,
- forwarding them promptly to
the bank branch, and
- providing the customer with an acknowledgment
of receipt.
- The bank must then update the KYC record and intimate
the customer once updated.
Importantly, even though BCs are now a channel for facilitation, the ultimate responsibility for KYC compliance rests with the bank. This addition is expected to ease the compliance process, especially in remote areas and for less tech-savvy customers.
➤
C. Mandatory Advance and Post-Due Intimations for KYC Updation
This is perhaps
the most customer-centric enhancement in the amendment.
REs are now required
to proactively remind customers to update their KYC — both before
and after the due date:
- Prior to the due date:
At least three advance intimations must be sent, using multiple communication channels. One of these must be a physical letter. - After the due date (if the customer hasn’t
complied):
A further set of three reminders, including one physical letter, must be sent at reasonable intervals.
The
communication must include:
- Easy-to-understand instructions on how to update
KYC,
- Details of the escalation mechanism for
help, and
- Consequences for not complying.
All communication — whether electronic or physical — must be duly recorded in the RE’s systems for audit trail purposes.
🔔 REs are directed to fully implement this system by January 1, 2026. This will ensure a robust trail of due diligence, aiding both regulatory compliance and customer experience.
3. Compliance
Actionables for Regulated Entities
To
operationalize these changes, REs should:
- Review and revise their KYC Policy and
internal SOPs in alignment with the 2025 amendment.
- Identify customers classified as low-risk
and update internal flags accordingly.
- Strengthen BC infrastructure to support digital
documentation and biometric e-KYC.
- Develop or refine a centralized KYC
communication workflow — covering SMS, email, and physical mail.
- Log all customer notifications and maintain
evidentiary records for inspection and audit.
- Align customer-facing communication templates with
regulatory expectations, especially regarding language simplicity and
escalation protocols.
These KYC
amendments underscore RBI’s dual objective — simplifying compliance for
genuine customers while preserving the integrity of the financial
ecosystem. The shift toward a customer-first model, combined with digital
integration and clear communication protocols, reflects a strategic evolution
of the KYC framework.