KYC Norms in Banking: The Complete JAIIB PPB Guide for 2026
KYC norms in banking sit at the heart of every banking relationship, and the JAIIB PPB paper tests them in almost every session. KYC norms in banking are not a one-time form-filling exercise; they form a continuous risk-management discipline that protects the bank, the customer and the financial system. This guide covers everything from the four elements of KYC to the latest periodic-updation rules.
The Four Elements of the KYC Policy
Under the RBI Master Direction, the KYC norms in banking require every bank's policy to contain four building blocks: a Customer Acceptance Policy, Customer Identification Procedures (CIP), Risk Management, and Monitoring of Transactions. The Customer Acceptance Policy lays down the conditions for on-boarding — for example, no account is opened in an anonymous or fictitious name, and none where identity cannot be verified.
Customer Identification means establishing identity and verifying it using reliable, independent documents or data. Risk Management requires the bank to categorise customers and apply due diligence proportionate to risk. Monitoring ensures the actual transaction pattern matches the customer's declared profile. For PPB, be able to list all four elements in order, because direct one-mark questions ask for them. Rehearse these on our PPB practice tests, which mirror the exam's style.
Risk Categorisation and Customer Due Diligence
Banks classify customers into low, medium and high risk categories based on identity, social and financial status, nature of business and country of origin. The depth of Customer Due Diligence (CDD) varies with the category. Low-risk customers attract simplified diligence, whereas high-risk customers such as politically exposed persons, non-residents and trusts attract Enhanced Due Diligence (EDD). Applying the right level is central to sound KYC norms in banking.
A frequent exam point is the treatment of Politically Exposed Persons (PEPs): accounts need senior-management approval, the source of funds must be established, and the relationship needs closer monitoring. Candidates should also know the beneficial owner — the natural person who ultimately owns or controls a legal entity, generally identified at a 10% threshold for companies and 15% for partnerships and trusts. These thresholds are tested verbatim. Reinforce them with our KYC terminology match game.
Officially Valid Documents and Video-KYC
For identity and address, banks rely on Officially Valid Documents (OVDs): passport, driving licence, Voter ID, PAN (for identity only), the Aadhaar number subject to consent, and the NREGA job card. Where an OVD lacks the current address, a supplementary document such as a utility bill is permitted for a limited period, and PAN or Form 60 is mandatory for most accounts.
The big practical shift is Video-based Customer Identification Process (V-CIP), which lets banks complete KYC remotely through a live, consent-based video interaction with geo-tagging and liveness checks. The detailed master direction is issued by the Reserve Bank of India. Candidates should connect V-CIP to the broader theme of digital banking and financial inclusion. Knowing both the document list and the digital methods gives full coverage of this section. Build deeper coverage with our JAIIB preparation course.
Periodic Updation and the AML Linkage
KYC is never "done". Banks must carry out periodic updation based on risk: at least once every ten years for low-risk customers, every eight years for medium-risk, and every two years for high-risk customers. If there is no change in information, a self-declaration suffices. Failure to update can lead to the account being restricted, which is why customers are reminded well in advance.
KYC norms in banking feed directly into Anti-Money Laundering (AML) obligations under the Prevention of Money Laundering Act. Banks must file Cash Transaction Reports, Suspicious Transaction Reports and other reports with the Financial Intelligence Unit (FIU-IND). For PPB, the examiner wants you to see KYC as the first line of defence in the AML chain rather than a stand-alone task. Tie these threads together and you will handle any case-study question. Stay current via our IIBF news tracker.
Exam Strategy and Quick Revision
For PPB, build a quick sheet covering the four KYC elements, the three risk categories with their updation periods, the beneficial-owner thresholds and the OVD list. These factual points generate the bulk of the KYC questions in every session.
In the final week, practise applying the rules to short scenarios — for example, deciding which due-diligence level a given customer attracts — rather than only memorising definitions. Watch for negatively-phrased questions and read each stem twice. Combine this disciplined revision with our timed PPB mock tests and the explainers on our study blog, and the KYC section becomes a dependable scorer.
What are the four key elements of a KYC policy?
Customer Acceptance Policy, Customer Identification Procedures, Risk Management, and Monitoring of Transactions. Direct one-mark questions often ask candidates to list all four.
What is Enhanced Due Diligence and when is it applied?
EDD is deeper scrutiny applied to high-risk customers such as PEPs, non-residents and trusts. It includes establishing the source of funds and closer ongoing monitoring.
How often must KYC be updated?
At least every ten years for low-risk, eight years for medium-risk and two years for high-risk customers. A self-declaration is enough if there is no change in information.
What is V-CIP?
Video-based Customer Identification Process — a consent-based, live video method of completing KYC remotely with geo-tagging and liveness checks, widely used for digital account opening.
Common Pitfalls and Final Tips
A frequent mistake in the JAIIB PPB paper is memorising rules without being able to apply them to a scenario. Examiners often wrap the four KYC elements, the risk-category updation periods and the beneficial-owner thresholds inside a short case, so practise translating each concept into a worked example rather than reciting it. Another common slip is confusing closely related terms, so keep a running list of easily-mixed concepts and test yourself on the distinctions until they are automatic.
In the final week, prioritise active recall over passive reading: attempt full-length mocks under timed conditions, review every incorrect answer, and revisit only the topics where you stumble. Manage the clock carefully in the exam hall by flagging difficult questions and returning to them rather than losing momentum on a single item. Read each question stem twice, since negatively-phrased options such as "which is NOT" trip up even well-prepared candidates.
Finally, link your study to current developments, because the exam increasingly tests recent regulatory changes alongside core theory. Combine this disciplined approach with our timed JAIIB PPB mock tests, the quick-revision match games and the detailed explainers on our study blog, and you will walk into the exam confident and well-prepared.
Conclusion
Master the four elements, the risk categories, the OVD list, video-KYC and periodic updation, and you will comfortably clear the KYC questions in PPB. Treat KYC norms in banking as a living process linked to AML, not a static checklist. Put your knowledge to the test with a timed PPB mock, and revise the latest highlights on our exam blog.
Take a free mock test, download chapter PDFs, or watch a video class — all included on iibf.store.
