HDFC Bank Faces INR 75 Lakh Fine from RBI for Defying Customer KYC Instructions

The Reserve Bank of India (RBI) fined HDFC Bank INR 75 lakh after discovering that the bank had not followed certain of the guidelines outlined in the RBI's Know Your Customer (KYC) master guidance. Notably, the RBI is referring to a KYC master circular that was last modified on November 6, 2024, having been issued on February 25, 2016. In a March 26, 2025, press release, the RBI said that HDFC Bank Limited (the bank) had been fined INR 75.00 lakh (Rupees Seventy-Five Lakh only) by an order dated March 24, 2025, for failing to comply with specific guidelines the RBI had given regarding "Know Your Customer (KYC)." In accordance with Section 47A(1)(c) read with Section 46(4)(i) of the Banking Regulation Act, 1949, the RBI was granted the authority to impose this penalty.

How it all Begin?

The RBI went on to clarify in its statement that the bank's financial status as of March 31, 2023, was the subject of a Statutory Inspection for Supervisory Evaluation (ISE 2023) of the bank. A notice was sent to the bank asking it to provide justification for why it should not be penalised for its failure to follow the RBI's instructions, based on supervisory findings of non-compliance and related correspondence. The RBI made it clear that this financial penalty is specifically tied to regulatory compliance shortcomings and has nothing to do with the legitimacy of any transactions or agreements the bank has made with its clients. Furthermore, the penalty has no bearing on any further actions the RBI may take against HDFC Bank.

HDFC Fails to Provide Satisfactory Response

In its official statement, the RBI stated that, among other things, it determined that the following charges against the bank were upheld, justifying the imposition of a monetary penalty, after taking into account the bank's response to the notice and other submissions made by the bank. Based on its evaluation and perception of risk, the bank did not assign some of its customers to the low, medium, or high risk categories. Rather than assigning a Unique Customer Identification Code (UCIC) to every customer, the bank assigned numerous UCICs to certain consumers.

Why Banks Need to Follow RBI’s KYC Guidelines?

Reiterating the January 2004 instructions, the "Know Your Customer" guidelines were released in February 2005 in response to the Financial Action Task Force's (FATF) recommendations on combating the financing of terrorism (CFT) and anti-money laundering (AML) standards. These guidelines are now the global norm by which regulatory bodies formulate anti-money laundering and anti-terrorism funding strategies. International financial ties now require that the nation's banks, financial institutions, and NBFCs adhere to these requirements. The Reserve Bank's Department of Banking Operations and Development has provided banks with comprehensive guidelines based on the Financial Action Task Force's recommendations and the Basel Committee on Banking Supervision's paper on Customer Due Diligence (CDD) for banks, with indicative suggestions where deemed necessary. NBFCs are equally subject to these rules.

Therefore, it is recommended that all NBFCs adopt it with appropriate modifications based on their activities and make sure that, within three months of the date of this circular, a proper policy framework on "Know Your Customer" and anti-money laundering measures is developed and implemented with the Board's approval. Before December 31, 2005, NBFCs were urged to make sure they were completely in compliance with the guidelines.