Video-KYC and Digital Customer Onboarding: RBI Norms 2026

Video-KYC digital customer onboarding — this guide gives you the latest 2026 information, key dates, eligibility, fees and study tips for the Digital Banking exam.

Video-KYC and digital customer onboarding have transformed how Indian banks welcome new customers. As a banking professional preparing for the IIBF DIGITALBANKI exam. You need to understand not just the technology behind video-KYC, but the precise RBI regulatory framework that governs it. The Reserve Bank's approach to digital identity verification has evolved dramatically—from strict branch-only norms to a robust. Secure video authentication ecosystem that now underpins India's neo-banking revolution.

This guide unpacks the current RBI norms for video-KYC and digital customer onboarding in 2026. Including compliance checkpoints, security mandates, and real-world implementation patterns your bank (or the banks you'll advise) must follow. Whether you're a relationship manager. Operations officer, or compliance specialist, this deep dive will cement your exam readiness and deepen your grasp of modern customer acquisition in digital banking.

What is Video-KYC and Why It Matters in Digital Banking

Video-KYC is a customer identification process conducted through a secure, encrypted video call between the customer and a trained bank official or automated system. Unlike e-KYC (electronic KYC using Aadhaar or PAN alone). Video-KYC adds a real-time, human-in-the-loop verification layer that confirms the customer's identity, ownership of documents, and authenticity of the onboarding intent.

The RBI's shift toward video-KYC stems from two critical drivers. First, the rapid growth of digital-only banks and fintech platforms demanded a KYC method that worked without requiring customers to visit a branch. Second. Regulatory feedback showed that video verification—when properly conducted—matches or exceeds the security and fraud-detection quality of in-branch KYC, whilst dramatically reducing onboarding friction.

For you as a DIGITALBANKI aspirant. The key insight is this: video-KYC is not a shortcut to KYC; it's a regulated alternative pathway with its own set of compliance obligations. The RBI framework specifies who can conduct video-KYC, what documents are acceptable, how consent must be recorded, and what happens if a customer fails verification. Understanding these nuances is essential because exam questions often test your ability to spot non-compliant video-KYC scenarios.

The adoption of video-KYC also aligns with India's broader digital banking ecosystem. When combined with UPI, CBDC, and account aggregator frameworks, video-KYC enables seamless, paperless account creation within minutes. Read more on this in our UPI Ecosystem in India: Architecture, Players & Security guide to see how payment systems depend on robust customer onboarding.

RBI Framework for Video-KYC: Current Norms and Compliance Rules

The RBI's master circular on Know Your Customer (KYC) norms, last updated as per the latest notification, governs video-KYC operations. The framework permits video-based customer identification for new account opening, subject to stringent conditions. Here's what you must know:

• Eligibility: Only banks holding a current banking licence may conduct video-KYC. Non-banking entities (NBFC-AAs, fintech platforms) must partner with a licensed bank or use a specialised third-party KYC provider authorised by the RBI.
• Document Requirements: The customer must present an original or certified copy of an approved identity document (Aadhaar, PAN, passport, driving licence, or voter ID). The bank official must visually verify the document's authenticity during the video call.
• Consent and Recording: The customer must give explicit, informed consent to be recorded. The video session must be encrypted, timestamped, and securely stored for at least 5 years (aligned with the Prevention of Money Laundering Act, 2002).
• Single Point of Entry Rule: As per RBI guidance, video-KYC may be used for either the first account with a bank or, in certain cases, for additional products. Cross-bank video-KYC (using one bank's video-KYC record to open an account at another bank) is still under regulatory scrutiny; check the latest RBI notification before advising customers.
• Limits on Video-KYC Accounts: Accounts opened via video-KYC face initial transaction limits (typically ₹100,000 per transaction and ₹1,000,000 per month for remittances) until the customer upgrades to in-person verification or a reasonable period has elapsed without fraud flags.

A critical compliance point: video-KYC does not exempt the bank from Enhanced Due Diligence (EDD) or Politically Exposed Person (PEP) screening. If a customer's background triggers EDD protocols, video-KYC alone is insufficient; the bank must initiate branch-based verification or request additional documents before proceeding.

For deeper learning on payment systems and their relationship to customer onboarding, take the Developments in Payment Systems in India and Digital Banking — Chapter Test to reinforce how KYC feeds into the broader digital banking chain.

The Technology Stack Behind Video-KYC: Security and AI Integration

Modern video-KYC platforms blend several technologies to ensure security, speed, and compliance. Understanding this stack strengthens your grasp of how digital banking infrastructure works—a key theme in the DIGITALBANKI syllabus.

Encryption and Secure Transmission: All video streams must use TLS 1.2 or higher encryption. Banks typically use ISO/IEC 27001-certified KYC service providers to handle the video infrastructure. Ensuring that customer biometric data and document images never reside on unsecured networks.

AI and Machine Learning for Document Verification: Many banks now deploy AI/ML models to detect document forgeries, tamper signs, and inconsistencies in real time. These systems flag suspicious documents during the video call, prompting the bank official to ask follow-up questions or request additional proof. The RBI encourages this innovation but mandates that final approval must always rest with a human decision-maker—automated approval without human review is non-compliant.

Biometric Verification: Some banks integrate live facial recognition during video-KYC to verify that the person in the video matches the photograph on the identity document. This reduces impersonation fraud significantly. However. Facial recognition data is classified as sensitive personal data under the Digital Personal Data Protection (DPDP) Act, 2023; the bank must obtain explicit consent and store it in secure, segregated systems.

To explore AI and ML applications in banking more fully, watch Developments in Digital Technology Part 2, which covers analytics and AI use cases in customer onboarding and fraud prevention.

Liveness Detection: The system must confirm that the video feed is live (not a pre-recorded video or deepfake). Banks use liveness checks—asking the customer to perform random actions (blink, smile, turn head) during the call—to confirm genuine presence. This is a regulatory expectation, though not yet mandated in explicit RBI circulars.

Digital KYC Methods: Video-KYC vs. e-KYC vs. In-Branch KYC

The RBI permits three primary KYC pathways for account opening in India. Confusing these is a common exam pitfall, so let's clarify:

• e-KYC (Electronic KYC): The fastest route, using Aadhaar-based verification through the UIDAI's services. A bank customer can open a savings account in minutes using just Aadhaar number and OTP verification. No video, no document exchange. Suitable for low-risk, high-volume retail onboarding. Transaction limits apply until the customer upgrades or provides additional documents.
• Video-KYC: A middle ground: faster than in-branch, more document-rich than e-KYC alone. The customer interacts with a bank official via video; the officer verifies identity documents, confirms address, and performs liveness checks. Typically takes 15–30 minutes. Requires consent recording and encryption. Higher transaction limits than e-KYC post-upgrade.
• In-Branch KYC: The traditional, gold-standard method. The customer visits the branch, presents original documents, and meets the bank officer face-to-face. No transaction limits from day one. Highest compliance comfort for the bank, but lowest speed and customer convenience. Used for high-risk profiles, PEPs, and Suspicious Activity Report (SAR) investigations.

A crucial regulatory point: the RBI's stance is that all three methods are equally valid for compliance purposes, provided they follow the prescribed norms. The choice should depend on customer risk profile, transaction intent, and the product being opened. For a savings account with modest limits, e-KYC or video-KYC suffices. For a high-value investment account, in-branch KYC or video-KYC with EDD is safer.

Watch Developments in Payment Systems in India Part 1 to understand how these KYC methods feed into India's larger digital banking ecosystem, including UPI and CBDC adoption.

The account aggregator framework also depends on robust initial KYC. If you'd like to deepen your knowledge of how accounts are linked and consented across fintech platforms, review our Account Aggregator Framework: NBFC-AA, FIP, FIU & DEPA Explained for IIBF article.

Data Privacy, DPDP Act Compliance, and Best Practices for Bankers

Video-KYC involves the collection and processing of highly sensitive personal data: facial biometrics, identity document scans, residential address, and recorded video sessions. The Digital Personal Data Protection Act, 2023 (DPDP Act) now governs how banks must handle this data. As a DIGITALBANKI aspirant and future banker, understanding DPDP compliance in video-KYC contexts is non-negotiable.

Consent under DPDP Act: Before conducting video-KYC. The bank must obtain the customer's informed, explicit consent specifying: (i) the data being collected (biometrics, documents, video), (ii) how it will be used (identity verification, fraud prevention, regulatory compliance), and (iii) who will process it (bank staff, third-party KYC vendor, compliance team). A blanket consent clause is not sufficient; consent must be granular and withdrawable.

Data Minimisation Principle: Collect only what you need for KYC. If facial recognition is not necessary for your bank's process, do not collect it. Store video records for the statutory 5-year period, then securely delete them. Do not re-use video-KYC data for marketing purposes without fresh, explicit consent. Violations attract penalties up to ₹500 crore under the DPDP Act.

Third-Party Risk Management: Many banks outsource video-KYC to specialised service providers (e.g., NSDL, CDSL, or fintech KYC platforms). Under the DPDP Act and RBI regulations, the bank remains the data controller and is liable if the vendor breaches data. Contracts with vendors must include stringent data protection clauses, audit rights, and incident-reporting obligations.

Cybersecurity Measures: The RBI's cybersecurity framework (set out in recent circulars on Information Security) mandates that video-KYC platforms use: encryption (TLS 1.2+). Multi-factor authentication for staff access, regular penetration testing, and incident response plans. Audit the vendor's ISO 27001 and SOC 2 certifications before onboarding.

Regulatory Reporting: If a video-KYC system experiences a data breach. The bank must notify the RBI (Cyber Security and Operational Resilience Division) and the customer within 72 hours, as per RBI guidelines. Failure to report is itself a compliance violation. For customer consent and grievance management, the bank must designate a Data Protection Officer (DPO) if it processes large-scale video-KYC data.

To reinforce your understanding of digital technology trends and the evolving regulatory landscape, enroll in Marketing of Digital Banking Products, which touches on customer communication and data handling in the context of product launches.

Related Video Classes

PDF Study Notes & Cheat Sheets

Practice Tests & Mock Exams

Frequently Asked Questions

Final Word

Video-KYC and digital customer onboarding are at the heart of modern Indian banking. You've now learned the RBI framework, compliance obligations, technology stack, and DPDP Act requirements that govern this critical process. Whether you're building a digital onboarding strategy at your bank or preparing for your DIGITALBANKI exam. This knowledge is essential—it differentiates confident, compliant bankers from those who cut corners.

The next step is to reinforce these concepts through active learning. Take our Internet / Online Banking — Chapter Test to assess your grasp of digital customer interactions, then challenge yourself with the New Developments in Digital Banking: Fintech, Blockchain, Cloud, Analytics & AI — Chapter Test to connect video-KYC with emerging fintech ecosystems. Download the unit 8 PDF notes for a structured revision summary. Your DIGITALBANKI success depends on moving from passive reading to active practice—so start testing yourself today, and watch your confidence soar.

For more on “video-KYC digital customer onboarding”, explore our free mock tests and chapter notes on iibf.store.

Bookmark this page — we keep our “video-KYC digital customer onboarding” guidance current as IIBF revises its rules.

Still researching “video-KYC digital customer onboarding”? Always confirm the latest position on the official IIBF site first.

Practise exam-style questions on “video-KYC digital customer onboarding” free on iibf.store to lock in the concept.

Save this “video-KYC digital customer onboarding” guide and revisit it during your revision week.

Our free notes cover “video-KYC digital customer onboarding” alongside the wider syllabus in one place on iibf.store.

Source: Indian Institute of Banking & Finance — iibf.org.in