Principal Officer

Managing director

CISO

Any of the above

Customers shall be categorised as low, medium and high-risk category

Risk categorisation shall be undertaken based on parameters such as customer’s identity, social/financial status, nature of business activity, and information about the customer’s business and their location,

The risk categorisation of a customer and the specific reasons for such categorisation shall be kept confidential

All of the above

1. Commencement of an account-based relationship with the customer.

1. When there is a doubt about the authenticity or adequacy of the customer identification data it has obtained.

1. REs shall ensure that introduction is not to be sought while opening accounts.

All the above

2

5

7

4

56

65

45

76

1. There must be a specific consent from the customer for authentication through OTP.

As a risk-mitigating measure for such accounts, REs shall ensure that transaction alerts, OTP, etc., are sent only to the mobile number of the customer registered with Aadhaar. REs shall have a board approved policy delineating a robust process of due diligence for dealing with requests for change of mobile number in such accounts

1. As regards borrowal accounts, only term loans shall be sanctioned. The aggregate amount of term loans sanctioned shall not exceed rupees sixty thousand in a year.

All the above

5

3

4

6