[Analysis] SEBI Proposes Simplified KYC and KRA Framework | Key Reforms

SEBI KYC Reforms proposed in January 2026 seek to simplify client onboarding and rationalise the KYC framework for KYC Registration Agencies (KRAs). Through its consultation paper dated January 16, 2026, SEBI has outlined measures to reduce repetitive compliance, strengthen data governance, and improve operational efficiency across the securities market, while continuing to safeguard investor protection. This article analyses the key proposals and their implications for intermediaries and market participants.

Table of Contents

1. Introduction
2. Background and Rationale
3. SEBI’s Key Proposals
4. Overview of Key Proposals
5. Conclusion

1. Introduction

On January 16, 2026, SEBI released a Consultation Paper proposing measures to simplify client onboarding and rationalise the risk management framework for KYC Registration Agencies (KRAs). This initiative aims to reduce repetitive compliance requirements, improve data governance, and enhance operational efficiency in India’s securities market, without compromising security or investor protection.

The key proposals include centralising supplementary information at KRAs, enabling seamless sharing of client information among intermediaries, relaxing verification requirements for current address, delinking KYC records held by intermediaries, easing overseas address proof requirements for OCI cardholders residing in India, and simplifying documentation for name change.  Together, these measures seek to create a more streamlined, secure and client-friendly onboarding ecosystem for both clients and intermediaries.

2. Background and Rationale

On October 12, 2023, SEBI issued a Master Circular regarding the ‘Know Your Client’ norms to be followed by intermediaries in the securities market. These KYC norms are aligned with the provisions of the Prevention of Money Laundering (Maintenance of Records) Rules, 2005 and the KRA Regulations.

Based on market feedback, SEBI felt the need to review the client onboarding process and strengthen the risk management framework at KRAs, with a focus on customer identification and due diligence. Accordingly, a Working Group was constituted comprising industry participants and Market Infrastructure Institutions to address the relevant issues and make recommendations for the effective utilisation of infrastructure and records.

3. SEBI’s Key Proposals

Based on the recommendations of the Working Group, certain modifications are proposed to the KYC Master Circular. The proposals are as follows

3.1 Re-KYC and Sharing of KYC Information Among Intermediaries

As per Regulation 16(b) of the KRA Regulations, it is the responsibility of an intermediary to upload updated information on the system of KRA, upon receipt of information about a change in KYC details and the status of the clients.

Further, Regulation 15(f) of the KRA Regulations, inter alia, requires KRAs to disseminate updates, if any, in the information about a client, to all intermediaries that avail of the services of the KRA in respect of that client.

However, there is a need to specify a defined time limit, within which all KYC records must be reviewed. This is especially relevant for KYC records of minors upon attaining majority, or for KYC records whose Officially Valid Documents (OVDs) validity date has expired.

To address the issue of outdated KYC records, SEBI has proposed that all KYC records maintained by KRAs must be reviewed once every 5 years from the date of account creation or last update.

Further, KRAs will be required to send prior intimation to intermediaries that have fetched the KYC record from their system if:

1. The KYC information has not been updated in the last 5 years.
2. The validity of the OVD in the KYC record has expired, or
3. The KYC pertains to a minor who has attained 18 years of age.

Further, once a client updates KYC details with any one intermediary, the updated information will be shared across all other intermediaries linked to that client through the KRA system.

3.1.1 Meaning of Know Your Client (KYC) and KYC Registration Agencies (KRAs)

Know Your Client (KYC) means the procedure specified by the Board of identifying and verifying the Proof of Address, Proof of Identity and compliance with rules, regulations, guidelines, and circulars issued by the Board or any other authority for Prevention of Money Laundering from time to time.

KYC Registration Agencies (KRAs) is a company formed and registered under the Companies Act, 2013 and which has been granted a certificate of registration under the SEBI [KYC (Know Your Client) Registration Agency] Regulations, 2011 and which shall be deemed to be an ‘intermediary’ in terms of the provisions of the SEBI Act, 1992.

Comments

SEBI’s proposal seeks to ensure that KYC records remain current and reliable by introducing a clear review timeline and automated alerts. Once a client updates KYC with any one intermediary, the information will flow to all other linked intermediaries through the KRA, avoiding the need for clients to make multiple KYC updates with different intermediaries. This will help intermediaries stay compliant in a more structured manner while making the KYC process simpler and more convenient for clients.

3.2 Option for Providing an Alternate Email Id and Mobile Number

The extant Central Know Your Customer Records (CKYCR) template allows the client to provide one telephone number each for residence, office and mobile and one email ID. The intermediary verifies the client’s KYC details.

Paragraph 97 of the KYC Master Circular provides that the KRA must verify the client’s mobile number and email ID. KRAs usually record the status of a validated mobile number based on Aadhaar linkage, OTP-based validation, or delivery-based validation.

To provide clients with flexibility and capture alternative details, an option to record alternate mobile numbers and email addresses may be added to the Account Opening Form (AOF).

Accordingly, SEBI has proposed allowing clients to provide alternate mobile numbers and email IDs in Part II of the AOF, in addition to primary contact details. Further, where the client’s mobile number is available in the KRA system, is linked to Aadhaar, and has been verified, intermediaries accessing such information will not be required to verify the mobile number again independently.

Comments

SEBI’s proposal aims to improve communication reliability by allowing clients to provide alternate contact details in the KYC framework. It will enhance reachability for intermediaries, give clients greater flexibility, and reduce the risk of failed communications or service disruptions.

3.3 Delinking of KYC Records in KRAs by Intermediaries

Once the account-based relationship between an intermediary and a client for a SEBI-regulated activity ceases, the intermediary should promptly update the KRA records as ‘account closed’.

While intermediaries are required to update changes in a client’s KYC information in the KRA system, there are no explicit provisions requiring them to update the KRA when the client closes the account. This creates a systemic concern, especially since the KRA may continue to disseminate updated client information to such intermediaries.

To mitigate the risk of sharing information with intermediaries who no longer have a relationship with the client, SEBI has proposed a process to delink KYC records from intermediaries in the KRA system.

Further, intermediaries will be required to inform the KRA within 3 working days from the date of account closure, and the KRA must update its records or delink the relevant KYC record within 2 working days of receipt of such information.

Comments

This move is expected to strengthen data governance and confidentiality in the securities market by ensuring that client information is accessible only to active and authorised intermediaries. It also reduces the risk of misuse or unauthorised access to sensitive KYC data and enhances overall investor protection. Further, it brings greater operational clarity and accountability for intermediaries in managing client records.

3.4 Relaxation in the Requirement of Overseas Address Proof for OCI Card Holders Residing in India

As per paragraph 20 of the KYC Master Circular, NRIs and foreign nationals are required to submit a copy of their passport/OCI/Persons of Indian Origin (PIO) card, along with proof of overseas address at the time of account opening.

The Overseas Citizen of India (OCI) card provides a lifelong, multiple-entry visa permitting indefinite stay and travel in India. Accordingly, an OCI cardholder may reside in India for a longer period. However, even if an OCI cardholder residing in India has proof of residence in India, he/she must still provide proof of residence for an overseas address.

To simplify the onboarding process for OCI cardholder clients, SEBI has proposed relaxing KYC requirements for OCI cardholders residing in India. The requirement to submit proof of overseas address may be made optional. Such clients will not be required to submit overseas address proof if they can provide proof of residence in India for more than 182 days.

Comments

SEBI’s proposal aims to address practical difficulties faced by OCI clients settled in India who may not maintain an active overseas address. It is expected to reduce documentation hurdles and onboarding delays for intermediaries, while ensuring that effective KYC is maintained through Indian residence proof.

3.5 Relaxation in the Requirement of Submission of Documents for Name Change

At present, clients are required to submit multiple documents as proof of name change, which may be onerous and time-consuming.

As per paragraph 19 of the KYC Master Circular, a client is mandatorily required to submit a copy of a gazette notification or a marriage certificate issued by the State Government indicating a change of name.

Even where the client has updated their name in the PAN and Aadhaar databases, under the extant regulatory framework, the client is still required to submit additional documents as proof of name change while updating the KYC record with the intermediary.

To ease clients’ KYC record updates with intermediaries, they should not be required to submit additional documents as proof of a name change if the change has already been recorded in the PAN and Aadhaar databases.

Accordingly, clients who have already updated their names in PAN and Aadhaar databases will not be required to submit separate gazette notifications or marriage certificates for KYC updates.

Comments

SEBI’s proposal aims to eliminate duplication in documentation by allowing intermediaries to rely on PAN and Aadhaar for verifying name changes. This will reduce verification workload and compliance friction for intermediaries, while also making KYC updates simpler and less burdensome for clients.

3.6 Relaxation in the Source Verification of Current Address

Presently, all attributes of a KYC record must be verified by a KRA from official sources for the KYC record to be tagged as “validated”.

In the account-opening form, a client must provide proof of address and current address. As per paragraph 96 of the KYC Master Circular, a KRA is required to verify the name, address and Permanent Account Number (PAN) of a client within 2 days of receipt of the KYC record.

Since the account opening form gives an option to a client to provide two addresses, viz., proof of address and current address, verification of both addresses with official sources may not always be feasible for a KRA due to the non-availability of a technical solution for source validation of addresses.

To ease the process of account opening for the client, intermediary and the KRA, SEBI has proposed that source verification of a client’s current address will not be a precondition for tagging a KYC record as ‘validated’, if the proof of address of such a client is already source verified.

Comments

SEBI’s proposal aims to bring operational clarity by removing the need for dual address source verification where one address is already validated. This is expected to streamline KYC processing, reduce delays for intermediaries, and ensure a smoother, faster onboarding experience for clients.

3.7 Centralisation of Supplementary Information at KRAs

KYC comprises the Client Identification Process (CIP)[1], captured in Part I of the Account Opening Form (AOF), covering identity and address, and Customer Due Diligence (CDD), captured in Part II, which includes supplementary details such as income range, place and country of birth, occupation, and education. This structure is consistent across intermediaries for client onboarding.

Under the extant regulatory framework, paragraphs 5 and 6 of the KYC Master Circular prescribe Part I of the AOF as CIP. Further, paragraph 96 mandates KRAs to verify and validate the information uploaded by intermediaries. In contrast, paragraph 101 enables intermediaries to fetch such validated records from the KRA, thereby facilitating the reuse of verified client information and reducing duplication at the CIP level.

However, the supplementary information captured as part of CDD is presently neither standardised nor centralised at the KRA level. As a result, clients continue to provide the same information to every intermediary they approach.  It is also observed that source validation of all such supplementary information by intermediaries or KRAs may not always be feasible.

In view of the above, and to ease the account opening process while better utilising the existing KRA infrastructure, SEBI has proposed that certain supplementary information submitted by clients in Part II of the AOF, which is common across intermediaries, be stored at the KRA level and made shareable.

Accordingly, the following information, currently collected in Part II of the AOF, must also be submitted by intermediaries to the KRA:

• Income range
• Net worth and date of net worth
• Place and country of birth
• Politically Exposed Persons (PEP) status
• Occupation

SEBI has proposed standardising income brackets into uniform slabs ranging from 0-5 lakh, Rs 5-10 lakh, Rs 10-50 lakh, Rs 50 lakh-1 crore, Rs 1-2 crore, and above Rs 2 crore to bring consistency in risk profiling.

Further, intermediaries will be required to collect additional client details in Part II of the Account Opening Form (AOF), in addition to business-specific information. These include the Central KYC (CKYC) number, if available, DigiPIN (a geo-coded digital address introduced by the postal department), and the expiry date of officially valid documents (OVDs), such as a passport, driving license, or email ID.

3.7.1 Meaning of Client Due Diligence (CDD)

Client Due Diligence (CDD) shall have the same meaning as assigned to it under Rule 2 (1) (b) of the Prevention of Money Laundering (Maintenance of Records) Rules, 2005. i.e., due diligence carried out on a person who is engaged in a financial transaction or activity with a reporting entity and includes a person on whose behalf the person who engaged in the transaction or activity is acting.

Comments

SEBI’s proposal aims to streamline the KYC framework by centralising key supplementary client information at the KRA level and standardising income slabs across intermediaries. This will reduce repetitive client disclosures, ensure uniformity in data capture and risk profiling, and enhance operational efficiency for intermediaries.

Further, SEBI’s proposal also seeks to strengthen the quality and usability of KYC records by requiring the capture of additional standardised client identifiers, such as the CKYC number, DigiPIN, and OVD expiry dates.

4. Overview of Key Proposals

S. No.	Key Proposals	Existing Norms	Proposed Changes	Remarks
1	Re-KYC and sharing of KYC information/update  among intermediaries	There is no defined time limit for reviewing all KYC records.	Mandatory review of all KYC records once every 5 years from the date of account creation/last update.	Prevents outdated KYC and reduces repetitive updates by introducing a time-bound review mechanism and enabling seamless sharing of updated information across intermediaries
2.	Option for providing alternate contact details	Only one mobile number and one email ID are permitted in the CKYCR template.	Option to provide alternate mobile number and email ID in the AOF in addition to primary contact details	Enhances communication reliability by allowing intermediaries to reach clients even when primary contact details are unavailable or inactive
3.	Delinking of KYC records by intermediaries	No specific provision as of now	Mandatory delinking of KYC records within prescribed timelines after account closure	Prevents the sharing of client information with intermediaries that no longer have a relationship with the client, thereby strengthening data privacy and governance
4.	Relaxation in the requirement of overseas address proof for OCI cardholders residing in India	Overseas address proof is mandatory even when the OCI resides in India	Overseas address proof is optional if OCI resides in India for more than 182 days	Addresses practical difficulties faced by OCI clients settled in India and reduces avoidable documentation and onboarding delays
5.	Relaxation in the requirement of submission of documents for name change	A Gazette notification or marriage certificate issued by the State Government is mandatorily required for a change of name	The requirement of submitting a marriage certificate or gazette notification made optional if the client has undertaken a name change in PAN and Aadhaar	Eliminates duplication in documentation and enables intermediaries to rely on government-verified databases for name change verification
6.	Relaxation in the source verification of the current address	Both proof of address and current address require source verification	Source verification of the current address is not mandatory if proof of address is already verified	Brings operational clarity and reduces delays in KYC validation, where one address has already been reliably verified
7.	Centralisation of supplementary information at KRAs	The supplementary information is not standardised at the KRA level; therefore, the client continues to provide the same information to every intermediary.	Some of the supplementary information, which is common across intermediaries, must be stored at the KRA level and must be shareable.	Reduces repetitive data collection from clients, improves uniformity in risk profiling and enables better use of existing KRA infrastructure

5. Conclusion

SEBI’s proposals reflect a decisive move towards a more streamlined, technology-driven and client-centric KYC framework. By reducing duplication, strengthening data governance, centralising key information at KRAs and limiting unnecessary sharing of client data with intermediaries, the proposed changes aim to balance regulatory strictness with ease of doing business.

If implemented, these measures are expected to enhance investor protection, improve operational efficiency for intermediaries, and significantly simplify the client onboarding and KYC maintenance process across the securities market. Comments on these proposals may be submitted by February 6, 2026.

---

[1] Client Identification Process (CIP) is a part of client due diligence for the purpose of verification of identity of the person.