What changed
RBI now requires RRBs to formally identify and assess ML/TF risks across customers, countries, geographies, products, services, transactions, and delivery channels. This goes beyond earlier KYC/AML circulars that only required customer risk profiling and enhanced due diligence. Boards must approve risk management policies, and enhanced measures apply to medium or high-risk items.
What it means for you
RRBs must adopt a structured, board-approved risk-based approach to combat money laundering and terror financing. This means allocating resources more efficiently by focusing on higher-risk areas. Non-compliance can attract penalties under the Banking Regulation Act, 1949.
What you must do
- Identify and assess ML/TF risks for customers, geographies, products, services, transactions, and delivery channels.
- Develop board-approved policies, controls, and procedures to manage and mitigate these risks.
- Apply enhanced due diligence and monitoring for medium or high-risk customers, products, and services.
- Use IBA's guidance on risk-based transaction monitoring and high-risk indicators as a reference.
- Acknowledge receipt of this circular to your regional RBI office.
Who it affects
All Regional Rural Banks (RRBs), Board of Directors of RRBs, Compliance and AML teams at RRBs, Risk management departments at RRBs
What is the key new requirement in this circular?
RRBs must now assess ML/TF risks for customers, geographies, products, services, transactions, and delivery channels, and have board-approved policies to manage these risks.
Can RRBs use external guidance for risk assessment?
Yes, RBI suggests using IBA's May 2011 report on Parameters for Risk Based Transaction Monitoring and its KYC/AML guidance note as a reference.
What happens if an RRB does not comply?
Non-compliance may attract penalties under Section 35A of the Banking Regulation Act, 1949 read with relevant PMLA rules.