Subject: Original Issue Date: 08.11.

2010
KYC & AML Policy Policy No.: 4.0
Last revision date: 13.05.2019

HOME FIRST FINANCE COMPANY INDIA LIMITED

(‘Home First’)

KYC & AML POLICY

1
 KNOW YOUR CUSTOMER [KYC] & ANTI MONEY LAUNDERING
MEASURES POLICY

1. INTRODUCTION

This policy had initially been formulated pursuant to the notification issued by the
National Housing Bank Know Your Customer (KYC) Guidelines and Anti-Money
Laundering Standards vide its notifications/Circular No. NHB (ND)/DRS/Pol-
No.13/2006 dated 10th April, 2006. The Board of Directors of the Company in its
meeting held in November, 2010 had approved and adopted the “Know Your
Customer & Anti Money Laundering Measure Policy” (KYC & AML Policy) to
know/understand their customers and their financial dealings better which in turn help
them manage their risks prudently and prevent HFCs from being used, intentionally or
unintentionally, by criminal elements for money laundering activities

As part of the best corporate practices and to be in lines with the amendment in the
guidelines issued by the National Housing Bank from time to time Home First
Finance Company India Limited (HFFC) revises the “KYC & AML Policy” from
time to time.

As per NHB guidelines on KYC & AML policy HFC is required to have in place a
KYC & AML Policy for its lending / credit operations / financial dealings in line with
extant guidelines framed therein. Keeping this in view the Company has framed its
KYC & AML Policy in accordance with NHB guidelines as issued from time to time.
The policy has the following four key elements:

a. Customer Acceptance Policy;

b. Customer Identification Procedures;
c. Monitoring of Transactions; and
d. Risk management.

2. POLICY FUNDAMENTALS AND DEFINITION

a. For the purpose of KYC Guidelines, a “customer” shall be defined as:

i. A person or entity that maintains an account and/or has a business relationship

with the Company.
ii. One on whose behalf the account is maintained (i.e. the beneficial owner);
iii. Beneficiaries of transactions conducted by professional intermediaries such as
Stock Brokers, Company Secretaries, Chartered Accountants, Solicitors etc. as
permitted under the law, and
iv. Any person or entity connected with a financial transaction which can pose
significant reputation or other risks to the Company, say a wire transfer or issue of
a high value demand draft as a single transaction.

2
b. “Central KYC Records Registry” (CKYCR) means an entity defined under
Rule 2(1)(aa) of the Rules, to receive, store, safeguard and retrieve the KYC
records in digital form of a customer.

c. “Designated Director” means a person designated by the Company to ensure

overall compliance with the obligations imposed under chapter IV of the PML Act
and the Rules and shall include, the Managing Director or a whole-time Director,
duly authorized by the Board of Directors

Explanation. - For the purpose of this clause, the terms "Managing Director" and
"Whole-time Director" shall have the meaning assigned to them in the Companies
Act, 2013.

d. “Officially valid document” (OVD) is defined to mean the passport, the driving
license, the permanent account number card, the Voter’s Identity Card issued by
the Election Commission of India or any other document as may be required by
the Company. In case a Customer does not have a PAN, Form 60, duly signed by the
Customer along with a valid identity proof and signature proof, should be accepted

e. “Principal Officer” means an officer nominated by the Company, responsible for

furnishing information as per rule 8 of the Rules.

f. “Suspicious transaction” means a transaction including an attempted transaction,

whether or not made in cash, which, to a person acting in good faith,:
i. gives rise to a reasonable ground of suspicion that it may involve proceeds of
an offence specified in the Annexure II to this Policy and Schedule to the
PMLA Act, regardless of the value involved; or
ii. appears to be made in circumstances of unusual or unjustified complexity; or
iii. appears to not have economic rationale or bona-fide purpose; or
iv. gives rise to a reasonable ground of suspicion that it may involve financing of
the activities relating to terrorism.

3. Customer Acceptance Policy (CAP)

The Customer Acceptance Policy will ensure the following aspects of customer
relationship

(i) No account is opened in anonymous or fictitious/benami name(s);

(ii) Risk in terms of the location of customer and his clients and mode of payments
are duly checked;

a. volume of turnover, social and financial status, etc. will form the basis for
categorization of customers into low, medium and high risk

3
 b. customers requiring very high level of monitoring, e.g. Politically Exposed
Persons will be given due consideration

(iii) Documentation requirements and other information will be collected in respect of

different categories of customers depending on perceived risk and guidelines
issued from time to time; Declaration will be taken from the customer that the
proceedings/transactions are not in violation of the PML Act, 2002 and NHB
regulations in this regard.

(iv) Not to open an account or close an existing account where the Company is unable
to apply appropriate customer due diligence measures, i.e. the Company is unable
to verify the identity and /or obtain documents required as per the risk
categorisation due to non co-operation of the customer or non reliability of the
data/information furnished to the Company.

(v) Permanent Address proof from new applicants will be collected. The documents
which can be accepted as proof of address are mentioned in Annexure.

(vi) For existing customers who wish to preclose their loan account with HFFC
following will be collected:

a. Permanent Address proof (As per Annexure I)

b. A declaration from the customer regarding source of funds being used for pre-
closure of the loan account.
c. Closure of the loan account authority will be restricted to authorized person at
the branch.

(v) In the following circumstances, the account may be operated by a mandate holder
or the account may be opened by an intermediary in a fiduciary capacity hence
the customer is permitted to act on behalf of another person/entity, in conformity
with the established law and practices:

a. if applicant is NRI/PIO
b. if applicant is a limited company.
c. if applicant is a partnership firm

(vi) Any other circumstance where it is not possible for the applicant to be present at
the branch location physically available. Necessary checks before any loan
disbursement will be carried out through FI agency so as to ensure that the
identity of the customer does not match with any person with known criminal
background or with banned entities such as individual terrorists or terrorist
organizations, etc.

4
 (vii) The Company will prepare a profile for each new customer during the credit
appraisal based on risk categorization as mentioned in this policy and as per credit
risk policy and operations manual. The customer profile will contain information
relating to the customer's identity, social/financial status, nature of business
activity, information about his clients' business and their location, etc. The nature
and extent of due diligence will depend on the risk perceived by the Company. At
the time of credit appraisal of the applicant the details are recorded along with his
profile based on meeting with the applicant apart from collection of applicable
documents; this will be as per our credit and product norms which are
incorporated in the operation manual and are in practice. However, while
preparing customer profile, the Company will seek only such information from the
customer which is relevant to the risk category and is not intrusive.

The customer profile will be a confidential document and details contained therein
shall not be divulged for cross selling or for any other purposes against monetary
consideration. The Company will continue to share our client data with CIBIL and
empanelled FI agencies and such other organizations/entities subject to
confidentiality clause, since the purpose of sharing this information is to ensure
risk minimization.

(viii) As per KYC policy, for acceptance and identification, customers are categorized
broadly into low risk, medium risk, and high risk categories:-
Categorization of customers into various risk segments is done at the time of on -
boarding the customer. We have formulated a policy to monitor customers in these
risk categories on an ongoing basis.

KYC Risk Categorization Policy

The Company shall devise a procedure for creating risk profiles of their new customers
based on risk categorization. Company follows a practice of carrying out a detailed
physical verification of the customer seeking information relating to the customer’s
identity, residential status, social/financial status, nature of business activity, information
about customer’s client and their location etc. The nature and extent of due diligence will
depend on the risk perceived by HFFC. However, while doing the customer verification,
HFFC will seek only such information from the customer which is relevant to the loan and
is not intrusive. The customer information will be a confidential.

Given the nature of our business and its focus on the lower income section of the society, the
Company shall categorize the customers according to the risk perceived and ticket size:

Ticket Size Risk Category

Loan Amount upto 15 Lakh Low Risk Category
Loan Amount 15 Lakh to 25 Lakh Medium Risk Category
Loan Amount above 25 Lakh / High net worth High Risk Category
individuals /NRI profile
Note: Increase/Decrease in loan amount will also result in change of customer’s risk profile .

5
KYC Risk Review:

KYC Risk Categorization will be reviewed by the Credit Committee on half-yearly basis.

HFFC holds the right to change the risk profile of the customer from Low to Medium,
Low to High or Medium to High, if one of the following event occurs:
a) HFFC has a doubt about the authenticity/veracity or the adequacy of the previously
obtained customer identification data.
b) More than two requests received for the address change from the same customer
within a timespan of two years.
c) More than two requests received for the contact number change from the same
customer within a time span of two years.
d) Change in Indian Citizenship.
e) In the event of an existing customer subsequently becoming a PEP (politically exposed
persons), the Company will obtain necessary approval of the management to continue the
business relationship with such person and if in the affirmative than the company to undertake
enhanced monitoring at regular period.

Our exposure to any of our clients is subject to our credit risk policy and operations manual
of the company. However, for customer acceptance, KYC is a prerequisite for a credit risk
grading.

Periodic KYC Updation:

Periodic KYC updation shall be carried out at least once in every two years for high risk
customers, once in every eight years for medium risk customers and once in every ten years for
low risk customers as per the NHB guidelines.

6
4. Customer Identification Procedure (CIP)

A. Customer identification means identifying the customer and verifying his/ her / its
identity by using reliable, independent source documents, data or information
while establishing a relationship. The Company will obtain sufficient information
such as Voter ID card, PAN number, Passport etc. necessary to establish, to our
satisfaction, the identity of each new customer, whether regular or occasional and
the purpose of the intended nature of relationship. While considering customer’s
identity, the ability to confirm identity documents through online or other services
offered by issuing authorities shall also be factored in.

It will be ensured that due diligence is observed based on the risk profile of the
customer in compliance with the extant guidelines in place and the same will be
available for verification. Besides risk perception, the nature of information/
documents required will also depend on the type of customer (individual,
corporate etc). For customers that are natural persons, the Company has to obtain
sufficient identification data to verify the identity of the customer, his
address/location, and also his recent photograph. The Company collects identity
proof, bank account details and property documents and HFFC has empanelled FI
agencies who independently verify the applicant's occupation, residence and
documents as applicable.

For customers that are legal persons or entities, the Company will:

a. verify the legal status of the legal person/ entity through proper and relevant
documents.
i. verify that any person purporting to act on behalf of the legal person/entity is
so authorized and identify and verify the identity of that person and

7
 For (i) & (ii) Memorandum of Association and board resolution will be collected
to ensure that the person purporting to act on behalf of the legal person/entity is
authorized to do so, apart from applicable field/document investigations. In case
of partnership firm, a copy of partnership deed alongwith the registration
certificate of the firm, if registered and power of attorney in favour of the person
purporting to act on behalf of the firm shall be collected

In order to authenticate the identity of the person so purporting to represent the

Company / Firm, Signature verification / attestation shall be done either from the
Banker or copy of passport, driving license or pan card to be taken.

ii. Understand the ownership and control structure of the customer and determine
who are the natural persons who ultimately control the legal person. For this
The Company will collect Shareholding letter duly certified by the Company
Secretary/company's Auditor/Chartered accountant and Necessary Resolution /
authorisation etc

B. Due diligence for High risk customer identification will be as follows:

1. Non-resident customers, due diligence including email verification of employment

of the customer, collection of a local guarantor & power of attorney alongwith
their identification proofs and verification of their residence/office will be done, if
found necessary.

2. High net worth individuals, with less than three years’ occupational track record
due diligence including personal discussion with the applicant, analysis of bank
statement and financial statements will be done, details of client profile, sources of
fund will be obtained, if required.

3. Trusts, charities, NGOs and organizations receiving donations, as and when such
cases are received due diligence to be undertaken as for other cases in the high
risk categories.

4. Companies having close family shareholding or beneficial ownership, due

diligence including personal discussion with the applicant will be done. In case of
company's proportionate income being considered to the extent of the customer's
Shareholding in the company- board resolution authorising the director(s) to sign
on behalf of the company will be collected. Also signature verification of the
person(s) issuing the board resolution will be collected, if necessary.

5. Firms with 'sleeping partners', due diligence including personal discussion with
the applicant will be done. If income of the partnership firm is being considered,
then the Company will collect a letter signed by all the partners authorising the

8
 concerned partner(s) to sign on behalf of the partnership to be continued. Also
signature verification of the person(s) issuing this authority letter will be collected,
if necessary.

6 Politically exposed persons (PEPs) of foreign origin, same due diligence as

NRI/PIO to be undertaken, though the Company is not doing cases of applicants of
foreign origin. Only cases of applicants of Indian Origin working abroad are done.

6. Non-face to face customers, due diligence including telephonic/personal

discussions be done, if required. Information from reliable sources will be
obtained for establishing the existence of the person.

7. Those with dubious reputation as per public information available, etc. If found
dubious then the case will not be entertained.

8. Self Employed applicants with returns more than 6 Lacs due diligence will include
the details of client profile, personal discussion with the applicant, analysis of
bank statement and financial statements,sources of fund will be obtained, if
required.

C. Customer identification requirements in respect of a few typical cases,

especially, legal persons requiring an extra element of caution are given below:

(i) Trust Nominee or Fiduciary Accounts:

There exists the possibility that trust/nominee or fiduciary accounts can be used to
circumvent the customer identification procedures. Hence, as and when such cases
are received, the Company will determine whether the customer is acting on
behalf of another person as trustee/nominee or any other intermediary. If so, the
Company may insist on receipt of satisfactory evidence of the identity of the
intermediaries and of the persons on whose behalf they are acting, as also obtain
details of the nature of the trust or other arrangements in place. In the case of a
'foundation', steps will be taken to verify the founder managers/directors and the
beneficiaries, if defined.

(ii) Accounts of companies and firms

The Company will be careful while processing the cases of business entities
specially to establish that individuals are not using those entities for maintaining
accounts with it. The Company shall seek information, if required, on the control
structure of the entity, source of funds and the natural persons who carry a
controlling interest in the management. These requirements may be moderated as

9
per our credit risk policy and guidelines of the operations manual, for e.g. in the
case of a public company it will not be necessary to identify all the shareholders.

(iii) Client accounts opened by professional intermediaries

When the Company has knowledge or reason to believe that the client account
opened by a professional intermediary like Direct Selling Agent or Direct selling
team or any other sales intermediary by whatever name called is on behalf of a
single client, that client will be identified. Where the Company relies on the
'customer due diligence' (CDD) done by an intermediary like Field investigation
agency or technical agency or lawyer or any other operation processing
intermediary by whatever name called, the Company will ensure that the
intermediary is having a bonafide identity with an established track record.

(iv) Accounts of Politically Exposed Persons (PEPs) resident outside India

Politically exposed persons are individuals who are or have been entrusted with
prominent public functions in a foreign country, e.g. Heads of States or of
Governments, senior politicians, senior government/judicial/military officers,
senior executives of state- owned corporations, important political party officials,
etc. The Company will gather sufficient information as available on any
person/customer of this category intending to establish a relationship and check all
the information available on the person in the public domain. The Company will
verify the identity of the person and seek information about the sources of funds
before accepting the PEP as a customer. The above norms may also be applied to
the accounts of the family members or close relatives of PEPs

(v) Accounts of non-face-to face customers:

In the case of non-face-to-face customers, apart from applying the usual customer
identification procedures, The Company will do telephonic/personal discussion
with the applicant, if necessary. Applicant will be met by the Sales representative
of the Company and will fill up the meeting sheet on that basis to mitigate the
higher risk involved, as applicable. Certification of all the documents presented
may be insisted upon and, if necessary, additional documents may be called for
and applicable verification of these documents will be done. In the case of cross-
border customers, there is the additional difficulty of matching the customer with
the documentation and the Company may have to rely on third party
certification/introduction. In such cases, it will be ensured that generally the third
party is a regulated and/or supervised entity with an established track record.
Hence apart from the existing due diligence for such customers The Company
may take resident Indian Co-applicant as a party to the loan proposal or a local
resident guarantor to the loan with identity verification.

10
 An indicative list of the nature and type of documents that may be relied upon for
customer identification is given in the Annexure I.

5. Monitoring of Transactions

a. Ongoing monitoring is an essential element of effective KYC procedures.

Since the Company is a housing finance company and all our loans are tenure
based with a fixed/variable installment paid through electronic clearing system
(ECS) mandate or postdated cheques our monitoring structure will be relevant
to our nature of operations. The Company will pay special attention to all
unusually large transactions involving large cash and the Company has
introduced cash transaction reporting system above Rupees ten lacs. Risk
categorization as is mentioned in this policy may be updated as and when
required by the management. In case of overdue/default accounts where there
is scope for meeting or vetting the profile of this customer again, due diligence
if found necessary will be carried out. Subsequent to our sanction, during the
period of part disbursement till full disbursement if any unusual
transaction/development comes to our knowledge relating to money
laundering the same will be verified and notified as required, The Company
will ensure that a record of transactions in the accounts is preserved and
maintained as required in terms of section 12 of the PML Act, 2002. The
Company will ensure that transactions of suspicious nature as defined in
Annexure II and/or any other type of transaction notified under section 12 of
the PML Act, 2002, is reported to the appropriate law enforcement authority,
as and when detected by our officials through the Principal Officer.

b. The Company will maintain proper record in accordance with the PML Act,
2002, of all cash transactions (deposits and withdrawals) of Rupees Ten Lakh
and above. As a matter of policy, the Company does not accept cash receipts
over Rupees Thirty Five Thousand, No loan is disbursed in cash and No
monthly installment above Rupees Ten Lakh is accepted in cash. Any
transactions of suspicious nature as per Annexure II are to be reported to the
Principal Officer immediately. In addition thereto, the Braches shall on
monthly basis furnish a certificate to the Principal Officer evidencing that
neither such prohibited transactions and/nor cash transaction as specified in
the policy have taken place.

c. There will be level-wise categorization of customers i.e. Low, Medium and High.such
levels will be decided on the basis of risk element involved in each case which will be
determined by considering the following information.

Low Risk Category:

Transactions carried out with low risk category customers are monitored on a
daily basis. Transactions are analyzed to see if any of the following
conditions are triggered:
11
a) Repayment made via cash for more than 3 months consecutively
b) Any repayment made in cash of value more than Rs 50,000
c) Any pre-payments in cash of value more than Rs 50,000
d) Any repayment or pre-payment via Demand Draft of value more than Rs 2
lakhs

If any of the above conditions are triggered, then the respective ac count
would be converted from Low Risk to Medium Risk.

Medium Risk Category:

Transactions carried out with medium risk category customers are monitored on a
daily basis. Transactions are analyzed to see if any of the following conditions are
triggered:
a) Repayment made via cash for more than 3 months consecutively
b) Any repayment made in cash of value more than Rs 50,000
c) Any pre-payments in cash of value more than Rs 50,000
d) Any repayment or pre-payment via Demand Draft of value more than Rs 5
lakhs
e) Cumulative cash payments totaling to more than Rs 5,00,000 in a given financial
year.

If any of the above conditions are triggered, then the respectiv e account would be
converted from Medium Risk to High Risk.

High Risk Category:

Transactions carried out with high risk category customers are monitored on a
quarterly basis. Transactions are analyzed to see if any of the following conditions
are triggered:

a) Repayment made via cash for more than 6 months consecutively

b) Any repayment made in cash of value more than Rs 100,000
c) Any pre-payments in cash of value more than Rs 100,000

Any repayment or pre-payment via Demand Draft of value more than Rs 10 lakhs,
other than loan closure.
Cumulative cash payments totaling to more than Rs 5,00,000 in a given financial year

If any of the above conditions are triggered, then the respective account would be
flagged off as "alert"

12
Maintenance and Preservation of records

Home First Finance Company India Limited has a system for proper maintenance and
preservation of account information in a manner that allows data to be retrieved easily and
quickly whenever required or when requested by the competent authorities. HFFC will maintain
for at least ten years from the date of cessation of transaction between the compand the client,
all necessary records of transactions, both domestic or international, which will permit
reconstruction of individual transactions (including the amounts and types of currency involved if
any) so as to provide, if necessary, evidence for prosecution of persons involved in criminal
activity.

HFFC will also ensure that records pertaining to the identification of the customer and his / her
address (e.g. copies of documents like passports, identity cards, driving licenses, PAN, utility bills
etc.) obtained while opening the account and during the course of business relationship, are
properly preserved for at least ten years after the business relationship is ended. The
identification records and transaction data will be made available to the competent authorities
upon request.

Monitoring Risk Categorisation

An half yearly review will be done by the Credit Committee for all the loans to determine the
changes in behaviour of any loan vis--vis the initial risk categorization. This will be done for all
the live loans. Accounts will be updated with the revised risk categorization based on a senior
management review and approval from the CEO. Whenever there is a change in the risk category of
any client, the same will be communicated to him/her through message within 30 days of making
such a change.

Since the loans given by the Company are long term in nature going up to 25 years, the Company
will monitor the account performance for a minimum of three years prior to making any change
in the risk category. This is to ensure that periodic cash flow issues which many a customer may
face do not impact his category since they affect performance of the loan only for a brief period.
However, if the Credit Head does feel that a particular customer should be re-categorised due to
some extremely adverse circumstances, then he/she can recommend change in the risk
categorization even before 3 years.

6. Risk Management

a. Internal Audit:

The Company's internal audit department will evaluate and ensure adherence to
the KYC policies and procedures. As a general rule, the compliance function will
provide an independent evaluation of the Company's own policies and procedures,

13
 including legal and regulatory requirements. Internal Auditors may specifically
check and verify the application of KYC procedures at the branches and comment
on the lapses observed in this regard. The compliance in this regard will be put up
before the Audit Committee of the Board along with their normal reporting
frequency. A compliance conformation from Branch will be obtained by the
Principal Officer.

b. Employee Training:

The Company will have an ongoing employee training program so that the
members of the staff are adequately trained in KYC procedures. Training
requirements will have different focuses for frontline staff, compliance staff and
staff dealing with new customers so that all those concerned fully understand the
rationale behind the KYC policies and implement them consistently.

c. Customer Education:

The Company will educate the customer on the objectives of the KYC programme
so that customer understands and appreciates the motive and purpose of collecting
such information.

7. Introduction of New Technologies:

The Company will pay special attention to any money laundering threats that may
arise from new or developing technologies including on-line transactions that may
favour anonymity, and take measures, if needed, to prevent their use in money
laundering schemes as and when online transactions are started /accepted by the
Company.

8. E-KYC service:

The e-KYC service of Unique Identification Authority of India (UIDAI) shall be accepted as a valid
process for KYC verification under the PML Rules, as information containing demographic
details and photographs made available from UIDAI as a result of e-KYC process shall be treated
as an ‘Officially Valid Document’, and transfer of KYC data, electronically to the Company from
UIDAI, shall be accepted as valid process for KYC verification.

The Company shall obtain authorisation from the individual user authorising UIDAI by
way of explicit consent to release his/her identity/address through biometric
authentication to the Company.

14
 The Company may provide an option for One Time Pin (OTP) based eKYC process for
onboarding of customers. Accounts opened by using OTP based eKYC, shall be
subject to the following conditions:

a. There must be a specific consent from the customer for authentication through
OTP.
b. Only term loans shall be sanctioned. The aggregate amount of term loans
sanctioned shall not exceed rupees sixty thousand in a year.
c. The loan account opened using OTP based eKYC shall not be allowed for more
than one year within which Customer Due Diligence (CDD) procedure has to be
completed. If the CDD procedure is not completed within a year, no further
debits shall be allowed.
d. A declaration shall be obtained from the customer to the effect that no other
account has been opened nor will be opened using OTP based KYC neither with
the Company for other transaction nor with any other financial institution.
Further, while uploading KYC information to CKYCR, the Company shall clearly
indicate that such accounts are opened using OTP based eKYC and other
financial institutions shall not open accounts based on the KYC information of
accounts opened with OTP based eKYC procedure.
e. The Company shall have strict monitoring procedures including systems to
generate alerts in case of any noncompliance/ violation, to ensure compliance
with the above mentioned conditions.

The Company shall print/download directly, the prospective customer’s eAadhaar

letter from the UIDAI portal if such a customer knows only his/her Aadhaar number
or if the customer has only a copy of Aadhaar downloaded from a place/source
elsewhere, provided the prospective customer is physically present in the branch/
office of the Company.

f. KYC for the Existing Accounts:

The Company will apply the KYC norms to the existing customers of loan
accounts on the basis of materiality and risk envisaged by it for those existing loan
accounts. For deposits the guideline is already in place as advised by NHB, vide
their circular NHB(ND)/DRS/Pol-No.02/2004-05 dated August 25, 2004. The
Company will ensure that term/recurring deposit accounts or accounts of similar
nature are treated as new accounts at the time of renewal and are subject to revised
KYC procedures.

g. Non-Cooperation by the customer in respect of KYC norms:

Where The Company is unable to apply appropriate KYC measures due to non-
furnishing of information and /or non-cooperation by the customer, The

15
 Company will follow up with the existing identified customers for KYC
compliance, Closure decision if at all is required will depend upon our internal
assessment and will be taken at a Senior Level of Zonal Heads/ GM and above
only after issuing due notice to the customer explaining the reasons for taking
such a decision.

h. Sharing KYC information with Central Registry of Securitisation Asset

Reconstruction and Security Interest of India (CERSAI)- ?? to be checked

The Government of India has authorised the Central Registry of Securitisation

Asset Reconstruction and Security Interest of India (CERSAI), to act as, and to
perform the functions of the Central KYC Record Registry vide the Gazette
Notification No. S.O. 3183(E) dated November 26, 2015. The Company shall
capture the KYC information for sharing with the Central KYC Record Registry
in the manner mentioned in the “Prevention of Money-Laundering (Maintenance
of Records) Rules, 2005” (and amendments thereto), as required by the revised
KYC templates prepared for individuals and non-individuals/legal entities, as the
case may be.

The Company shall upload the KYC data pertaining to all new individual accounts
opened on or after from April 1, 2017 with CERSAI in terms of the provisions of
the Prevention of Money Laundering (Maintenance of Records) Rules, 2005.

i. Applicability to branches and subsidiaries outside India:

The above guidelines will also apply to the branches and majority owned
subsidiaries located abroad, especially, in countries which do not or insufficiently
apply the FATF Recommendations, to the extent local laws permit as and when
the Company opens overseas branches. When local applicable laws and
regulations prohibit implementation of these guidelines, the same will be brought
to the notice of National Housing Bank and RBI.

j. Appointment of Principal Officer:

The Company as designated Head of Finance as the Principal Officer. Principal

Officer is located at our Corporate Office and will be responsible for monitoring
and reporting of all transactions and sharing of information as required under the
law. He will maintain close liaison with enforcement agencies, HFCs and any
other institution which are involved in the fight against money laundering and
combating financing of terrorism. He will also ensure that there is proper system
of fixing accountability for serious lapses and intentional circumvention of
prescribed procedures and guidelines. However, any such action has to be
documented and placed before the management committee of the company.
Principal Officer will also report any unusual matter/information to the

16
 management committee of the company as and when it occurs.

k. Appointment of Designated Director

The Company has appointed Director & CEO as the Designated Director. The
Designated Director is located at our Corporate Office and will be responsible for
ensuring overall compliance with the obligations imposed under Chapter IV of the
Prevention of Money Laundering Act, 2002.

l. Maintenance of Records of Transactions (As per Rule 3 of the Prevention of

Money Laundering Rules 2005):

The Company will maintain proper record of the under mentioned transactions:

a. All cash transactions of the value of more than rupees one million or its
equivalent in foreign currency, though by policy The Company do not accept
cash deposits in foreign currency.
b. All series of cash transactions integrally connected to each other which have
been valued below rupees one million or its equivalent in foreign currency
where such series of transactions have taken place within a month.
c. All cash transactions where forged or counterfeit currency notes or bank notes
have been used as genuine and where any forgery of a valuable security has
taken place; any such transactions.
d. All suspicious transactions as specified in the Annexure.

m. Information to be preserved:

The Company will maintain the following information in respect of transactions

referred to in the preceding point on “Maintenance of records of transactions”

a. The nature of the transactions.

b. The amount of transactions and currency in which it was denominated.
c. The date on which the transaction was conducted and
d. Parties to the transactions

The Company sanctions and disburses files on the system; hence it has a system
for proper maintenance and preservation of account information in a manner that
allows data to be retrieved easily and quickly whenever required. However, the
Company will maintain account information for at least ten years from the date of
cessation of transaction between the company and the client, all necessary records
of transactions, both domestic or international, which will make available
individual transactions (including the amounts and types of currency involved if
any) so as to provide, if necessary, evidence for prosecution of persons involved in
criminal activity.

17
 The Company will ensure that records pertaining to the identification of the
customer and his address (e.g. copies of documents like passports, identity cards,
driving licenses, PAN, utility bills etc.) obtained while opening the account and
during the course of business relationship, are properly preserved for at least ten
years after the business relationship is ended. Apart from this, the application
form, copy of loan agreement, NOC, other document either photocopy or
cancelled original copy will be kept for next ten years after the full closure of the
account. However, preservation and maintenance of the documents will be in
paper form and a soft copy.

The identification of records and transaction data will be made available to the
competent authorities upon request only through the principal officer under this
policy with his approval.

n. Reporting to Financial Intelligence Unit – India

The Principal officer will report information relating to cash and suspicious
transactions if detected to the Director, Financial Intelligence Unit-India (FIU-
IND) as advised in terms of the PMLA rules, in the prescribed formats as
designed and circulated by NHB at the following address:

Director, FIU-IND,

Financial Intelligence Unit-India,

6th Floor, Hotel Samrat,
Chanakyapuri
New Delhi-110021

o. Miscellaneous

a. Compliance under Foreign Contribution (Regulation) Act, 1976

The Company shall also ensure that provisions of the Foreign Contribution
(Regulation) Act (FCRA), 1976 are duly adhered to. FCRA regulate the
acceptance and utilization of foreign contribution or foreign hospitality received
by certain specified persons or associations such as candidates for election,
journalist, Judges/Government servants, political party, etc.

However, law permits certain persons or associations to accept the foreign

contribution with the approval of the Central Government, as per the provisions of
FCRA. In those cases, copy of approval or letter of intimation shall be taken from
the customer.

18
POLICY ON STAFF ACCOUNTABILITY

A Company’s internal control and operating procedures are intended to detect and
prevent improper activities. However, achieving complete safety against irregularities
may not be possible.
Thus, the Company intends to formulate and establish a Staff Accou ntability Framework.

1. OBJECTIVE

The aim of an organization in conducting the exercise of staff accountability should

be to safeguard the larger interest of the organization by ensuring that the
organization’s business is conducted in accordance with the laid down rules and
procedures and without jeopardizing its interest. The primary importance is, to
identify areas of deficiencies and initiate corrective measures to protect the
organisation’s interest.
Discretionary powers have been vested in various functionaries to carry out
assigned tasks in fulfillment of organizational goals. It is fundamental and
unavoidable that there should be accountability for their action. Thus accountability
follows delegation. However, no need of penalty should arise as long as the actions
are within the framework of laid down procedure and the actions are not
detrimental to the interest of the organization. Decisions taken on the basis of
available data, at the material time, for business development / achievement of
corporate objectives always contain an element of risk. Any system set up for the
purpose of staff accountability would take these factors into account and has
necessarily to be transparent and objective.

2. COVERAGE

i. Applies to Whom?
This Staff Accountability Framework is applicable to all employees of the Company.
Acts of Wrongdoings as illustrated below may also include but not necessarily be
limited to:
• Forgery or alteration of documents
• Misbehavior with customer
• Delay in resolving customer related compliant
• Unauthorized alteration or manipulation of files
• Fraudulent financial reporting
• Pursuit of a benefit or advantage in violation of the company's interest
• Misappropriation/misuse of Company's resources, like funds, supplies, or
other assets including business assets

19
 Authorizing/receiving compensation for goods not received/services not
performed
Authorizing or receiving compensation for hours not worked
Improper use of authority for personal gain
Unauthorized commissions
Giving and taking bribes
Theft of Cash/Assets
Theft of Goods/Services
Unauthorized Discounts/approvals/sanctions/ guarantee/ assurance including to
clients/ inventors
Falsification/Destruction of Company Records
Fraudulent Insurance Claims
Work Place Harassment

2. APPROACH :
The approach to be followed while examining staff accountability will be based on the
following guidelines:
i. What was/were the cause/causes that led to loss or likely loss to the company?
ii. Whether the loss or likely loss to the company was caused due to any negligence /
omission / commission on the part of the staff or was it due to reasons beyond
their control.
iii. The basic criteria are to find out whether non-compliance with instructions /
systems/ procedures is observed.
a) What was the nature of negligence?
b) What were they supposed to do which they did not do? c)What did they do
which they were not supposed to do?
iv. It will be critically examined whether the loss would have been avoided had the
above- mentioned omission/commission not occurred.
v. Staff accountability report will specify whether the action on part of official was
bonafide /malafide and whether there was any gain to the official himself or
somebody else through his actions.
vi. The report will comment upon the extenuating/ accentuating circumstances under
which the official / staff was working at the material time.
vii. The report needs to cover the details of efforts made for regularization / recovery
and quantification of recovery made.

4. AUTHORITY: Officer Authorized - The Company Secretary of HFFC will act as an

Ombudsman:
Responsibilities of Ombudsman
• Receiving and acknowledging complaints
• Sorting / Screening / Short listing
• Interim communication to Audit Committee/Managing Director /
Whole-time Director/

20
• Whistle Blower Investigation Committee
• Investigation through appropriate delegation / agencies
• Recommend course of action based on investigation to management
• Prevention of harassment to and redressal of complaints of Vigilant
Person/Whistleblower/Tipster
• Ensuring safety of the Vigilant Person from being persecuted within the organization
• Any other related responsibility as decided by the management
• The decision on the course of action on the whistleblower's complaint as taken by the
Ombudsman will be final.

Meetings and Records

The Ombudsman will maintain its records such as Agenda, Minutes of the Meeting,
Complaint Reports and Action initiated etc.

PROCEDURE
The report shall be submitted to the controlling authority, who in turn shall put up to the
approving authority i.e. the next higher authority along with his comments. Approving
authority will decide as to the need for further investigation.
If the authority that is approving the staff accountability report is of the view that lapses
like gross negligence or malafide may have contributed to the asset slippage, he may
arrange to advise the appropriate authority to investigate the matter further. c) The
authority approving the Staff accountability report will keep a record of findings with
respective functional team and with company secretary .

21
 ANNEXURE I

CUSTOMER IDENTIFICATION PROCEDURE FEATURES TO BE

VERIFIED AND DOCUMENTS THAT MAY BE OBTAINED FROM
CUSTOMERS

Features Documents ( Certified copy)

Individuals (i) Passport (ii) PAN card. In case a Customer
does not have a PAN, Form 60, duly signed by
the Customer along with a valid identity proof
and signature proof, should be accepted (iii)
Voter’s
-Legal name and any other names used Identity Card (iv) Driving license
- Correct permanent address (v) Identity card (subject to the HFC’s
satisfaction) (vi) Letter from a recognized
public authority or public servant verifying
the identity and residence of the customer to
the satisfaction of HFC.
(i) Telephone bill (ii) Bank Account
statement (iii) Letter from any recognized
public authority
(iv) Electricity bill (v) Ration card
(vi) Letter from employer (subject to
satisfaction of the HFC)
( any one document which provides
customer information to the satisfaction of
the HFC will suffice)
One recent passport size photograph except
in case of transactions referred to in Rule
9(1)(b) of the PML Rules.

Companies (i) Certificate of

- Name of the company incorporation (ii) Memorandum &
- Principal place of business Articles of Association (iii) Resolution from
- Mailing address of the company the Board of Directors and Power of
- Telephone/Fax Number Attorney granted to its managers, officers or
employees to transact business on its
behalf (iv) an officially valid document in
respect of managers, officers or employees
holding an attorney to transact on its behalf.
(v) Telephone Bill.

22
Partnership Firms (i) Registration certificate, if registered (ii)
- Legal name Partnership deed (iii) Power of Attorney
- Address granted to a partner or an employee of the
-Names of all partners and their firm to transact business on its behalf (iv)
addresses Any officially valid document identifying
-Telephone numbers of the firm and the partners and the persons holding the
partners Power of Attorney and their addresses. (v)
Telephone Bill in the name of firm/partners.
Trusts & Foundations
- Names of trustees, settlers, (i) Certificate of registration, if registered(ii)
beneficiaries and signatories trust deed (iii) Power of Attorney granted
- Names and addresses of theto transact business on its behalf (iii) Any
founder, the managers/directors and the officially valid document to identify the
beneficiaries trustees, settlers, beneficiaries and those
- Telephone/fax numbers holding Power of Attorney,
founders/managers/ directors and their
addresses (iv) Resolution of the managing
body of the foundation/association. (v)
Telephone Bill.
Unincorporated association or a body (i)resolution of the managing body of such
of individuals association or body of individuals (ii) power
of attorney granted to him to transact on its
behalf (iii) an officially valid document in
respect of the person holding an attorney to
transact on its behalf (iv) and such other
information as may be required by HFC to
collectively establish the legal existence of
such as association or body of individuals.

23
 ANNEXURE II

LIST OF SUSPICIOUS TRANSACTIONS PERTAINING TO HOUSING

LOANS:

a. Customer is reluctant to provide information, data, documents;

b. Submission of false documents, data, purpose of loan, details of accounts;

c. Refuses to furnish details of source of funds by which initial contribution is made,

sources of funds are doubtful etc;

d. Reluctant to meet in person, represents through a third party/Power of Attorney

holder without sufficient reasons;

e. Approaches a branch/office of a HFC, which is away from the customer‟s

residential or business address provided in the loan application, when there is
HFC branch/office nearer to the given address;

f. Unable to explain or satisfy the numerous transfers in the statement of account/

multiple accounts;

g. Initial contribution made through unrelated third party accounts without proper
justification;

h. Availing a top-up loan and/or equity loan, without proper justification of the end
use of the loan amount;

i. Suggesting dubious means for the sanction of loan;

j. Where transactions do not make economic sense;

k. There are reasonable doubts over the real beneficiary of the loan and the flat to be
purchased;

l. Encashment of loan amount by opening a fictitious bank account;

24
m. Applying for a loan knowing fully well that the property/dwelling unit to be
financed has been funded earlier and that the same is outstanding;

n. Sale consideration stated in the agreement for sale is abnormally higher/lower

than what is prevailing in the area of purchase;

o. Multiple funding of the same property/dwelling unit;

p. Request for payment made in favour of a third party who has no relation to the
transaction;

q. Usage of loan amount by the customer in connivance with the

vendor/builder/developer/broker/agent etc. and using the same for a purpose other
than what has been stipulated.

r. Multiple funding / financing involving NGO / Charitable Organization / Small /

Medium Establishments (SMEs) / Self Help Groups (SHGs) / Micro Finance
Groups (MFGs)

s. Frequent requests for change of address;

t. Overpayment of installments with a request to refund the overpaid amount

*********************

25