A Nandivardhan Group Company
KYC & AML Policies
Magnet Financial Services Private Limited
1. Background
Magnet Financial Services Private Limited (“the Company”) is a company incorporated under the Companies Act and registered with the Reserve Bank of India as a Non-Banking Financial Company (NBFC). The Company is engaged in the business of providing credit facilities to individuals and non-individual customers, including self-employed persons, small businesses, and other eligible borrowers, against acceptable collateral and/or based on assessed repayment capacity and cash flows, in accordance with applicable regulatory guidelines.
The Reserve Bank of India (RBI) has issued comprehensive Master Directions on Know Your Customer (KYC) and Anti-Money Laundering (AML) standards, including obligations under the Prevention of Money Laundering Act, 2002 (PMLA) and rules framed thereunder. RBI has directed all NBFCs to formulate and implement a Board-approved KYC & AML framework covering customer identification, due diligence, monitoring, reporting, and record keeping.
Accordingly, this KYC & AML Policy has been approved by the Board of Directors of Magnet Financial Services Private Limited. This Policy applies to all products, services, delivery channels, offices, and employees of the Company.
2. Objective
The primary objective of KYC and AML guidelines is to prevent NBFCs from being used, intentionally or unintentionally, by criminal elements for money laundering, terrorist financing, fraud, or other unlawful activities.
The guidelines require regulated entities to make reasonable efforts to determine:
True identity of customers
Beneficial ownership
Source of funds
Nature of business
Purpose of relationship
Reasonableness of transactions
Accordingly, the objectives of this Policy are:
a) To prevent the Company from being used for money laundering or terrorist financing
b) To enable the Company to understand customers and their financial dealings
c) To establish effective controls for detecting and reporting suspicious activities
d) To ensure compliance with RBI, PMLA, and other applicable laws
e) To implement risk-based customer due diligence
f) To ensure proper employee training on KYC/AML/CFT procedures
This Policy applies across all branches and offices of the Company.
3. Definition of Customer
For the purpose of this Policy, a Customer means a person or entity that:
Engages in a financial transaction with the Company, or
Establishes or intends to establish a business relationship, or
Acts on behalf of another person in a transaction
This includes borrowers, co-borrowers, guarantors, beneficial owners, and authorized signatories.
4. Customer Acceptance Policy (CAP)
The Company shall follow a structured Customer Acceptance Policy to ensure that only legitimate and identifiable customers are onboarded.
4.1 Customer Profile
Customer profile shall include information relating to:
Identity
Financial and social status
Nature of occupation/business
Geographic location
Source of funds
Expected transaction pattern
Only relevant and non-intrusive information proportionate to risk category shall be collected. Customer profile data shall remain confidential and shall not be used for cross-selling without consent.
4.2 Non-Discrimination
Customer acceptance procedures shall not be so restrictive as to deny financial services to genuine customers, particularly those who are financially or socially disadvantaged. Risk-based flexibility shall be applied consistent with regulatory norms.
4.3 Mandatory Conditions
The Company shall ensure:
No account/loan is opened in fictitious or benami names
No relationship is established where CDD cannot be completed
Sanctions list screening is conducted (UN, RBI, Government lists)
Suspicious cases are reported through STR filing
If identity cannot be verified due to non-cooperation or unreliable documentation, the relationship shall not be established.
5. Risk Management Framework
The Company shall maintain a Board-approved risk-based KYC/AML framework with:
Management oversight
Internal controls
Segregation of duties
System controls
Staff training
Compliance monitoring
Risk assessment shall consider:
Customer type
Geography
Product type
Delivery channel
Transaction pattern
Source of funds
Customer information shall remain confidential and not used beyond lawful purposes.
Risk Categorization
Customers shall be categorized into:
Low Risk
Medium Risk
High Risk
Based on:
Background
Nature of activity
Country of origin
Source of funds
Ownership structure
Transaction behavior
Business heads may deviate from indicative categorization with documented justification.
6. Customer Identification Procedure (CIP)
Customer Identification means verifying identity using reliable and independent documents or data.
CIP shall be completed before loan disbursement or account activation.
The Company shall:
Verify identity using OVD documents
Maintain verification records
Screen against sanctions/terror lists
Record purpose of relationship
The Company shall not rely solely on third-party KYC for onboarding unless permitted under RBI rules and supported by compliant arrangements.
Enhanced Due Diligence shall be applied where higher risk is identified.
7. Customer Due Diligence (CDD)
The Company shall conduct CDD proportionate to risk.
Individuals — Required Documents
PAN or Form 60
One Officially Valid Document (OVD) for identity/address
Photograph
Aadhaar offline verification (where permitted)
Digital KYC / Video KYC where applicable
If OVD lacks current address, alternate address proof may be accepted with follow-up OVD within prescribed period.
Non-Individuals
CDD for:
Proprietorships
Partnerships
Companies
Trusts
LLPs
Associations
shall include constitutional documents, authorization proofs, and beneficial owner identification.
8. Verification Methods
Customer identity verification shall be completed using both documentary and, where required, non-documentary methods based on risk.
8.1 Documentary Verification
Verification shall be conducted using Officially Valid Documents (OVDs) as permitted under RBI KYC Master Directions. Certified copies shall be obtained and verified against originals by authorized officials. Verification records shall include:
Name and address
Identification number
Date and place of verification
Name and code of verifying official
8.2 Non-Documentary Verification
Where appropriate, additional verification methods may include:
Physical or video contact with customer
Field verification visits
Independent database checks
Credit bureau validation
Bank account verification
Reference checks with financial institutions
Financial statements review
If discrepancies remain unresolved, the Company shall decline or discontinue the relationship.
9. Periodic Updation of KYC (Ongoing Due Diligence)
KYC records shall be updated periodically based on risk category:
Low Risk — at least once every 10 years
Medium Risk — at least once every 8 years
High Risk — at least once every 2 years
Updation shall include:
PAN/Form 60 refresh
OVD refresh
Address confirmation
Beneficial ownership review
Risk re-categorization
For low-risk customers with no change, self-certification may be accepted where permitted by regulation.
10. Ongoing Monitoring of Transactions
Ongoing monitoring is an essential element of AML control.
The Company shall monitor transactions to ensure they are consistent with:
Customer profile
Source of funds
Nature of activity
Risk categorization
Special attention shall be paid to:
Complex transactions
Unusually large transactions
Transactions lacking economic rationale
Structuring to avoid thresholds
High-risk accounts shall be subject to enhanced monitoring.
Automated or rule-based alert systems may be used where feasible.
11. Money Laundering & Terrorist Financing Risk Assessment
The Company shall conduct periodic ML/TF risk assessments covering:
Customer segments
Products and services
Delivery channels
Geographic exposure
Transaction types
Risk mitigation measures shall be Board-approved and reviewed at least annually by the Risk Management Committee.
12. Enhanced Due Diligence (EDD)
Enhanced Due Diligence shall be applied to high-risk customers and scenarios, including:
Politically Exposed Persons (PEPs)
Complex ownership structures
Unusual transaction behavior
Frequent address or profile changes
Suspicious activity indicators
EDD measures may include:
Additional identity documents
Source of funds verification
Wealth assessment
Field investigations
Closer transaction monitoring
Senior management approval
The Company shall not establish relationships where EDD cannot be satisfactorily completed.
13. Politically Exposed Persons (PEP)
PEPs include individuals entrusted with prominent public functions domestically or internationally.
EDD shall include:
PEP screening
Source of funds checks
Reputation checks
Senior management approval before onboarding
Ongoing enhanced monitoring
If an existing customer becomes a PEP, relationship continuation requires fresh approval and re-risking.
14. Non Face-to-Face Customers
Where onboarding is conducted without physical presence, the Company shall apply:
Digital KYC / Video KYC
Additional verification controls
Enhanced monitoring
Non-face-to-face onboarding shall comply strictly with RBI V-CIP and Digital KYC rules.
15. Record Retention
The Company shall maintain:
Transaction records — minimum 5 years from transaction date
KYC records — minimum 5 years after relationship closure
Records shall include:
Transaction nature
Amount and currency
Date
Parties involved
Records shall be maintained in retrievable format and produced to authorities when required.
16. Reporting to FIU-IND
The Company shall report to Financial Intelligence Unit – India:
Cash Transaction Reports (CTR)
Suspicious Transaction Reports (STR)
Counterfeit currency reports
Terror financing suspicion reports
“SUSPICIOUS TRANSACTION” includes transactions that:
Lack economic rationale
Appear unusually complex
Suggest criminal proceeds
Suggest terror financing
Are abandoned after scrutiny
The Principal Officer shall ensure timely electronic filing in prescribed formats.
17. CIP Notice to Customers
Customers shall be informed that:
Identity verification is mandatory
Documents are required under law
Transactions are monitored
Suspicious activity may be reported
Notice may be provided through forms, website, or onboarding screens.
18. Existing Customers
Existing customers shall be subject to:
Ongoing monitoring
Periodic KYC updation
Re-CDD upon trigger events
Risk reclassification where required
19. Customer & Staff Education
The Company shall:
Educate customers on KYC requirements
Train staff regularly on AML/KYC obligations
Conduct refresher programs
Train new employees at induction
20. Governance & Responsibility
Designated Director
A Board-designated Director shall oversee PMLA compliance.
Principal Officer
A senior official shall be appointed as Principal Officer responsible for:
FIU reporting
Regulatory liaison
AML oversight
(Insert Names & Designations before publishing.)
21. Employee Screening & Training
The Company shall maintain employee screening procedures and periodic AML training programs. Staff negligence or wilful blindness shall trigger disciplinary action.
22. Suspicious Activity Indicators (Illustrative)
Examples include:
Structuring transactions below reporting thresholds
Refusal to provide source of funds
Multiple related accounts
Frequent profile changes
Transactions inconsistent with business
Attempts to influence staff not to report
23. Compliance & Audit Oversight
Senior Management oversees KYC compliance
Internal Audit verifies adherence
Audit findings reported to Audit Committee quarterly
Compliance function performs independent review
KYC decision authority shall not be outsourced
24. Central KYC Registry (CKYCR)
Customer KYC data shall be uploaded to CKYCR as per RBI templates and timelines through CERSAI systems.
25. Video KYC (V-CIP)
Where Video KYC is used, the Company shall comply with RBI V-CIP rules including:
Live video capture
PAN verification
Geo-tagging
Liveness checks
Time stamp records
Encrypted storage
Trained officials only
Concurrent audit checks
Responsibility for identification remains with the Company.