The Enforcement Directorate (ED) has not found any violation under the Foreign Exchange Management Act (FEMA) during the inquiry of Paytm Payments Bank Limited (PPBL) transactions. The Reserve Bank of India (RBI) has the authority to take action against certain other instances of alleged non-compliance, according to the sources privy to the matter.
On January 31, the RBI had issued a circular barring PPBL from taking further deposits, top-ups or undertaking credit transactions into its customer accounts, wallets, FASTags, and National Common Mobility Cards (NCMC) after February 29. The deadline has now been extended till March 15.
Also read: Paytm Payments Bank meltdown, its meaning | Explained
The action was taken on the basis of the Comprehensive System Audit report and a subsequent compliance validation report of the external auditors’ reports disclosing “persistent non-compliances and continued material supervisory concerns in the bank, warranting further supervisory action”.
The ED was also asked to scrutinise the financial transactions under the scanner. The agency investigates suspected violations or offences under the FEMA and the Prevention of Money Laundering Act (PMLA).
According to sources, as there is no PMLA scheduled offences involved in the case of PPBL, money laundering investigation cannot be done. “If no crime is made out, there is also no generation of ‘proceeds of crime’ and so, PMLA does not apply,” said a government official. Therefore, the ED looked into the transactions to determine if there was any violation under the FEMA provisions.
KYC compliance
It is learnt that the ED examined more than 50 lakh wallets/accounts, largely having small deposits, which did not reveal any foreign exchange rule contravention. The other alleged violations mainly pertained to Know Your Customer (KYC) compliance and other issues, on which the RBI is empowered to take action. The ED findings have been reported to the RBI with certain observations as regards some other payment banks, apart from PPBL, third party application providers, and payment aggregators as well, a source said. The RBI may take appropriate action in this regard.
The areas of concern flagged by the agency include slackness in adherence to KYC norms such as the processes involving user or merchant onboarding, document collection and authentication, anti-money laundering measures, merchant category code assignment, and National Payments Corporation of India’s regulatory compliance.
Among the other aspects are processes for identification of ultimate beneficial ownership, politically exposed persons, KYC adherence related to setting up of virtual accounts, strict monitoring and periodic reporting of suspect transactions to the authorised agencies such as the Financial Intelligence Unit.
Given that vulnerabilities like possible misuse of Application Programming Interfaces (API) keys and URL spoofing may lead to financial fraud, full-fledged adoption of Information Technology audit framework as prescribed by the agencies concerned has also been recommended.