RBI Gives Stark Warning Against Emerging KYC Fraud

  • Richard Marley
  • September 14, 2021
  • 2 minutes read
  • 411

RBI states that sensitive details should not be disclosed via unverified or unauthorised channels/websites, or even applications in case it is requested. 

With online frauds on the rise, the Reserve Bank of India (RBI) has issued a strict warning to the public against emerging KYC fraud schemes. 

In a press release attached to a tweet on September 13, RBI cautioned customers against sharing information such as account login details, personal information, copies of KYC documents, card information, PIN, password, and OTP with unidentified persons or agencies.

“Such details should not be shared through unverified/unauthorised websites or applications. In case they receive any such requests, customers are requested to get in touch with their bank/branch,” said the RBI.

The usual methods of executing KYC fraud involve the use of SMS (smishing attacks), fraudulent calls, and phishing attempts to convince the customer into sharing certain Personally Identifiable Information (PII). In some instances, a fraudulent link was also provided to customers in the name of KYC verification.

RBI added that Reporting Entities have been advised that in respect of customer accounts where periodic updation of KYC is due and pending as on date, no restrictions on operations of such account shall be imposed till December 31, 2021, for this reason alone, unless warranted under instructions of any regulator/ enforcement agency/court of law, etc.”  

Once legitimate KYC information is acquired from the customers, criminals use it to carry out fraudulent activities such as identity theft, account takeovers, and more. In most cases, victims become aware of the schemes only after the fraud has been committed under their name. In order to avoid this, RBI advises customers to stay vigilant, especially when disclosing data-sensitive information. 

Suggested Read: KYC in 2021 – Shaking Things Up in the Financial World