Kepto Fintech Pvt. Ltd.

1. Introduction

This KYC Policy outlines the standards, procedures, and regulatory requirements followed by Kepto Fintech Pvt. Ltd. (“Company”, “We”, “Our”) for customer identity verification, risk assessment, and onboarding.

The policy ensures compliance with:

• RBI Master Directions – KYC
• Prevention of Money Laundering Act (PMLA), 2002
• NPCI BBPS Guidelines
• FIU-IND reporting norms
• Information Technology Act, 2000
• Digital Personal Data Protection Act, 2023

We are committed to maintaining a transparent, secure, and compliant onboarding framework to protect users and the financial ecosystem from fraud, money laundering, and other illegal activities.

2. Objective of the KYC Policy

The objectives of this KYC Policy are:
- To verify the identity and address of users before providing services
- To establish risk-based customer profiling
- To prevent misuse of the platform for illegal financial activity
- To comply with all regulatory and audit requirements
- To ensure transparency in transactions through proper documentation

3. Scope

This policy applies to:
- Individual customers
- Merchants, corporates, banks, and NBFCs using our solutions
- BBPS bill pay users
- API-integrated business partners
- Employees handling KYC and customer operations

4. Customer Identification Program (CIP)

As part of the onboarding process, Kepto Fintech collects and verifies customer information to establish identity.

5. KYC Types

6. KYC Verification Methods

Kepto Fintech follows approved verification procedures:
- Online document verification
- Aadhaar eKYC / Offline KYC (XML/Paperless)
- PAN verification
- Bank account/IFSC validation
- Video KYC (where enabled)
- Automated face-match and liveliness checks
- Manual verification for business users

7. Customer Risk Categorization

Customers are classified into 3 categories:

8. Ongoing Monitoring

Kepto Fintech continuously monitors:
- Suspicious or irregular patterns
- Large or unusual transactions
- BBPS anomalies
- Attempted identity fraud
- Transactions inconsistent with profile

Automated systems generate alerts for internal review.

9. Re-KYC & Periodic Review

As mandated by RBI:
- Re-KYC is conducted periodically based on risk classification
- Dormant users may be required to update KYC before reactivation
- Documents are validated again if expired or suspected to be incorrect

10. Data Privacy & Confidentiality

All KYC information is protected with strong encryption and stored securely as per Data Protection Act, 2023, IT Act, 2000, and RBI cybersecurity norms.
We do not share KYC data with any unauthorized third party. Data is retained for minimum 5 years or as required by PMLA guidelines.

11. User Responsibilities

Users must:
- Provide valid and accurate information
- Not submit forged or tampered documents
- Update their details in case of changes
- Cooperate during verification or re-verification

Submission of false information may result in suspension or legal action.

12. Rejection & Suspension

Kepto Fintech reserves the right to reject KYC if documents are invalid or unclear, suspend accounts with suspicious or fraudulent KYC, demand additional verification, or terminate access in serious violations.

13. Compliance Officer

The Company has appointed a KYC/AML Compliance Officer responsible for ensuring adherence to KYC norms, reviewing risk classifications, auditing KYC processes, and coordinating with regulatory authorities (FIU-IND).

14. Policy Review & Updates

This KYC Policy is reviewed annually or earlier if regulations change. Revised versions are published on the website.

15. Contact Information

For KYC-related support:

Kepto Fintech Pvt. Ltd.
501, Business Bay Tower, Andheri East, Mumbai – 400059 Maharashtra, India
Email: compliance@keptofintech.com
Phone: 6377605341

Email : compliance@keptofintech.com
Website : www.keptofintech.com