Skip to content Skip to sidebar Skip to footer
NBFC
Let's Talk
NBFC
Close
NBFC Compliances

AML & KYC Compliance Checklist for NBFCs

Updated:June 2, 2025
AML & KYC Compliance

Inside This Article

With financial fraud and money laundering risks on the rise, Non-Banking Financial Companies (NBFCs) must strictly comply with Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations. The Reserve Bank of India (RBI) and the Financial Intelligence Unit – India (FIU-IND) enforce these compliance measures to ensure financial integrity, prevent fraud, and protect the Indian economy from illicit activities.

Non-compliance can result in hefty penalties, operational restrictions, and reputational damage. In 2024, FIU-IND imposed significant fines on multiple NBFCs, reinforcing the need for robust AML & KYC frameworks.

In this blog, we provide:

  • A detailed AML & KYC compliance checklist for NBFCs.
  • RBI & FIU-IND guidelines for AML & KYC adherence.
  • Consequences of non-compliance and real-world case studies.
  • Best practices to ensure full compliance and avoid penalties.

Why is AML & KYC Compliance Important for NBFCs?

NBFCs are prime targets for money laundering, financial fraud, and identity theft. They must implement strict AML & KYC measures to:

AML & KYC Compliance

  • Prevent financial crimes & detect suspicious transactions.
  • Ensure customer identity verification & risk profiling.
  • Comply with RBI & FIU-IND reporting obligations.
  • Avoid penalties & legal actions for regulatory violations.
  • Enhance business credibility and build trust with financial institutions.

Example: In October 2024, FIU-IND fined PC Financial Services ₹2,000 crore for violating AML & KYC norms and transferring funds to China without regulatory approval【source

AML & KYC Compliance Checklist for NBFCs

Customer Due Diligence (CDD) & KYC Compliance

  • Verify customer identity (KYC) before onboarding.
  • Obtain PAN, Aadhaar, Passport, Voter ID, or any RBI-approved document for KYC verification.
  • Conduct Video KYC (V-KYC) for remote onboarding.
  • Store KYC documents digitally and ensure data security.
  • Periodically revalidate KYC details for high-risk customers.
  • Report customers who fail to provide KYC documentation to FIU-IND.

Regulatory Reference: RBI Master Direction – KYC 2023 mandates KYC updates every two years for high-risk customers, eight years for medium-risk, and ten years for low-risk customers.

Enhanced Due Diligence (EDD) for High-Risk Customers

  • Classify customers into Low, Medium, and High-Risk Categories.
  • Identify Politically Exposed Persons (PEPs) and conduct strict due diligence.
  • Perform background checks for customers with multiple loan defaults.
  • Monitor transactions of individuals from high-risk countries as per FATF guidelines.
  • Escalate high-risk transactions for manual review before loan approval.

Case Study: In 2023, an NBFC was penalized for granting loans to entities linked to financial fraud without proper EDD verification.

Monitoring & Reporting Suspicious Transactions to FIU-IND

  • Monitor all transactions exceeding ₹10 lakh.
  • Identify unusual account behavior or multiple small transactions (structured transactions).
  • Detect high-value cash transactions with no legitimate business purpose.
  • Flag accounts where customer identities do not match their financial behavior.
  • Submit Suspicious Transaction Reports (STRs) to FIU-IND within the prescribed time.
  • Ensure real-time fraud detection using AI-based monitoring tools.

Regulatory Reference: As per Prevention of Money Laundering Act (PMLA), 2002, NBFCs must report suspicious activities, large cash transactions, and cross-border fund transfers.

Transaction Limits & Cross-Border Monitoring

  • Report cash transactions over ₹10 lakh to FIU-IND.
  • Monitor cross-border transactions above ₹5 lakh to prevent illicit fund transfers.
  • Verify source of funds for large transactions before processing.
  • Identify unusual transactions in inactive accounts.
  • Maintain detailed transaction records for 5+ years for regulatory audits.

Compliance with CERSAI & CKYC Norms

  • Register all secured loans with CERSAI to prevent fraudulent lending.
  • Upload borrower details to CKYC (Central KYC Registry) within 3 days of loan disbursement.
  • Maintain a unified KYC record to avoid duplication & fraud risks.
  • Ensure NBFC compliance with CKYC guidelines for seamless credit history tracking.

Regulatory Reference: CERSAI & CKYC registration is mandatory for NBFCs as per RBI’s KYC Master Direction, 2023.

Internal AML Policy & Compliance Framework

  • Develop a company-wide AML/KYC policy approved by the Board.
  • Assign a Principal Compliance Officer responsible for AML reporting.
  • Implement AI-driven fraud detection systems for real-time monitoring.
  • Conduct quarterly internal audits to detect compliance gaps.
  • Train employees on RBI KYC norms, AML rules, and fraud detection techniques.

Tip: Many NBFCs use AI-powered compliance management software to detect fraud & automate reporting.

Consequences of Non-Compliance with AML & KYC Regulations

What happens if an NBFC fails to follow AML & KYC guidelines?

  • Regulatory Penalties: RBI imposes fines up to ₹10 Lakh per day for violations.
  • License Cancellation: FIU-IND can blacklist or suspend NBFC licenses.
  • Reputational Damage: Customers & investors lose trust in non-compliant NBFCs.
  • Increased Fraud Risks: Poor compliance makes NBFCs vulnerable to financial crimes.

Recent Example: In January 2025, FIU-IND imposed a ₹9.27 crore fine on Bybit Fintech Ltd. for operating without AML compliance【source】.

How to Stay Fully AML & KYC Compliant?

  • Register with FIU-IND & submit STRs on time.
  • Implement AI-based AML transaction monitoring tools.
  • Conduct regular internal audits & KYC verification.
  • Monitor high-risk transactions & prevent money laundering.
  • Train compliance officers & employees on AML guidelines.

Need an expert to handle your NBFC AML & KYC compliance?
Schedule a Compliance Consultation with Our Experts!

Stay AML Compliant & Protect Your NBFC from Regulatory Risks!

Final Thoughts

With RBI tightening AML & KYC regulations, NBFCs must adopt a proactive compliance approach. A strong AML & KYC framework helps prevent fraud, ensures regulatory compliance, and enhances customer trust.

By following this comprehensive compliance checklist, NBFCs can:
✔ Avoid hefty penalties & license restrictions.
✔ Ensure full compliance with RBI, FIU-IND & PMLA norms.
✔ Build a fraud-free & trusted financial ecosystem.

Need NBFC compliance assistance? Let’s connect!

📞 Call Us: +91 93287 18979 | 🌐 Visit: nbfcadvisory.com

Tags:
0Likes

Leave a comment

You May Also Like

CIBIL, Experian, CRIF High Mark, and Equifax
NBFC Compliances
Understanding CIBIL, Experian, CRIF High Mark, and Equifax in India
CKYC
NBFC Compliances
Is CKYC Mandatory for NBFCs?

We at NBFC Advisory are your true partners for your NBFCs growth. From providing a licence for your NBFC to Monitoring and providing legal and strategic advisory for your Non-Banking Financial Company, our experts are there for the overall development of all you need for your NBFC.

NBFC Registration Takeover Compliances Virtual CFO

+91 6351715544
info@nbfcadvisory.com