Doubts over whether PMLA needs to be amended or IT Act put electronic KYC on par with physical verification
Several months after it was launched with much fanfare, the Unique Identification Authority of India’s (UIDAI) ambitious plan to substitute physical verification with electronic KYC as a means to avail government services including opening bank accounts is yet to take off as there are doubts on the current legal sanctity of it.
The matter has now been referred to law ministry for an opinion.
While the authority’s is arguing that the Prevention of Money Laundering Act (PMLA) doesn’t need to be amended to make e-KYC legal as the Information Technology Act already permits it, the Finance ministry agrees but says that the PMLA Rules will have to be changed. Meanwhile, banks which have to finally implement it have a completely different concern – security.
An official of UIDAI, which is implementing the Aadhaar or the UID project, said that according to the Section 3 of the Information Technology Act of the country, any physical document is equal to the electronic record so PMLA doesn’t need to be amended. “But, to be sure the matter has been referred to the law ministry, which will give its view soon,” the official added.
The person, who did not wish to be identified, added that though finance ministry and UIDAI are on the same page on the issue, the matter has been referred to the law ministry to just get some clarity.
When implemented, the e-KYC will enable citizens to open a bank account by just giving their Aadhaar number and authenticating themselves using their biometrics as the Reserve Bank of India (RBI) has notified the Aadhaar number as a valid proof of address and identity. The information sent by the bank to the UID server will verify whether the information given is authentic or not. The service can also be used to avail of other government services which require authentication.
A finance ministry official said that amendment in the PMLA would not be required as it is already covered under Information Technology Act. Another official added that for the purpose of allowing online authentication of Aadhaar only the PMLA Rules would need to be changed and not the Act.
“There is no need to go to Parliament as this issue can be addressed through the Rules. We are working on it,” the official told Business Standard.
While making its case for e-KYC, UIDAI has been arguing that it will save administrative costs as banks and other government departments incur huge expenditure while storing and verifying physical documents. It will also be more fool-proof as compared to paper records which can be easily forged, it says.
Also, given the government’s current push towards roll out of the direct cash transfer project in the country, if approved, e-KYC could also fast track seeding of bank accounts with the Aadhaar number to ensure smooth linkage with the Aadhaar payment bridge which will facilitate the flow of government subsidy money directly into the back accounts of the beneficiaries.
While bankers agree with the possible advantages of e-KYC, security concerns are denting their confidence in the new system. An executive director with a public sector bank said the bank will be more comfortable if the information sits on its server.
“There should be proper security. The government is trying to work out a solution.” The person added that the benefits of e-KYC could not be ignored as it would save substantial space on the servers of the banks and help in faster seeding of Aadhaar with bank accounts.
“It is feasible but the only question is whether to use our system for authentication of Aadhaar or to use UIDAI’s system. Both the systems are different and the government is trying to integrate those,” said an executive director with another state-run bank.
He added security of the data was the biggest concern of the banks in e-KYC as the UIDAI system has not been tested yet, and thus banks want the authentication to pass through their security gateway. On its part, UIDAI is assuring banks that upon receiving the customer’s consent, the authority can enable the KYC data to be stored on the banks servers also.