Decoding the Aadhaar (Amendment) Bill – PMLA Amendment

The amendment made by way of the Aadhaar and Other Laws (Amendment) Bill, 2018 to the Prevention of Money Laundering Act,2002 gives true effect to the intention of the Hon’ble Supreme Court as set out in their judgment of September 2018.

It is clear from the judgment that the objective was to empower the individual and allow for the resident to be able to uniquely identify herself to avail of every service of her choice while ensuring that there are adequate protections for such use under the force of law.

Aadhaar Act Amendment

This is clearly set out in the now amended Section 4(3) of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 (the “Aadhaar Act”) as follows:

Section 4(3) – Every Aadhaar number holder to establish his identity, may voluntarily use his Aadhaar number in physical or electronic form by way of authentication or offline verification, or in such other form as may be notified, in such manner as may be specified by regulations.

Explanation-For the purposes of this Section, voluntary use of the Aadhaar number by way of authentication means the use of such Aadhaar number only with the informed consent of the Aadhaar number holder.

And further in Section 4(4)-

An entity may be allowed to perform authentication if the Authority is satisfied that the requesting entity is-

  1. Compliant with such standards of privacy and security as may be specified by regulations; and
  2. (i) permitted to offer authentication services under the provisions of any other law made by Parliament; or

(ii) seeking authentication for such purpose, as the Central Government in consultation with the Authority and in the interest of the State may prescribe.

With the above amended provisions, it is clarified that (a) the objective is to ensure that the Aadhaar number holder is empowered to establish her identity voluntarily with informed consent (b) Entities that may be permitted to offer authentication services will do so pursuant to a law made by Parliament or by way of Central Government direction in consultation with the UIDAI and in the interest of the State.

PMLA Amendment

The amendment to the Prevention of Money Laundering Act,2002 (the “PMLA”) seeks to give clear direction to the above-enunciated ideas.

The newly inserted Section 11A of the PMLA provides for the manner in which a Reporting Entity may verify the identity of its clients and beneficial owner (conduct KYC). This is by way of offline verification of Aadhaar or where the Reporting Entity is a banking company- online verification of Aadhaar.

However, it is further clarified (in tandem with the aforesaid amendments to the Aadhaar Act) that upon satisfaction of standards of privacy and security, the Central Government may, in consultation with the UIDAI and appropriate regulator provide for online authentication for Reporting Entities other than banking companies.

And it is further explicitly clarified that in the scenarios as contemplated in this provision, nobody will be denied services for not having an Aadhaar number, i.e: ensuring that the presence of Aadhaar number is not mandatory but purely enables and eases the availing of services.

As next steps on this front, distinct Reporting Entities, including NBFCs, Mutual Fund Houses and other financial institutions need to approach the Central Government with requests for access to online Aadhaar authentication services.

Organisations such as DICE would be useful in mobilising groups of different financial institutions in approaching the relevant regulators and Central Government authorities for Aadhaar authentication access.

Saranya Gopinath is the co-founder of DICE (Digital India Collective for Empowerment)- an industry body representation across emerging technology sectors.

She can be reached on [email protected]

Build On IndiaStack – Venture Pitch Competition

Announcing ‘Venture Pitch Competition: #BuildOnIndiaStack’

Dalberg and iSPIRT invite applications from early-stage ventures that are tech-
based solutions leveraging the India Stack platform at the core of their business
model to bring financial or transactional services to the underserved in India.
Pitch to some of the leading investors and thinkers in the Indian start-up ecosystem,
including the Bharat Innovations Fund, Omidyar Network and Unitus Seed Fund.
Winners will spend an hour of 'Think Time' – a mentorship session with
technology evangelist Nandan Nilekani.

Who are we looking for?

We are open to all innovations that use the India Stack to unlock new business
models or reach previously underserved new customer segments across sectors
such as financial services, education, healthcare and others. Some core focus areas
for the competition may include digital lending and supporting activities, such as
alternative credit scoring; sector specific affordable digital finance services such as
health insurance or education loans; sector specific digital services such as skilling
and certification, property registration agreements, patient-centric healthcare
management; and SaaS platforms “as a service” that support the development of
other India Stack based innovations such as Digi-locker or e-sign providers.

 

Who is eligible?
All applicants should:
1. Meet the 3-point criteria: tech enabled, leveraging India Stack Platform and
serving the underservedBe

2. Be a part of two (minimum) to four (maximum) members team including the
founder of the companyBe early stage start-ups that have received only seed (or limited angel)

3. Be early stage start-ups that have received only seed (or limited angel)
funding, if at all

 
What is in it for you?
The investor group, comprising of Bharat Innovations Fund, Omidyar Network and
Unitus Seed Fund, is a network of investors and operators, entrepreneurs and
technologists, designers and engineers, academicians and policy makers, with the
singular mission to solve some of India’s toughest problems.

Through this event you have an opportunity to receive:

-Exclusive focus on tech innovations that leverage the India Stack platform
and have the potential to address the underservedFlexible

-Flexible, insight driven, funding of up to Rs. 8 lakhs for early stage, innovative
modelsStrategic

-Strategic business support, through their specialists to support investees in
their strategy and growthA chance to be a part of the India Stack ecosystem through partnerships,

-A chance to be a part of the India Stack ecosystem through partnerships,
pilots, workshops, conferences and network building exercises

Visit www.buildonindiastack.in and send your pitch now.

BHIM (Android/*99#) & AadhaarPay

bhim-aadhaarpay

This afternoon the Prime Minister unveiled BHIM – an Android app from NPCI with an equivalent USSD-based *99# service.

Additionally, recently one of the banks launched AadhaarPay – a capability that allows merchants to collect payments from consumers with their Aadhaar# and fingerprint.

There has been a bit of confusion about the role of Aadhaar in BHIM – so this blog clarifies.

BHIM/SmartPhone – the Android and soon iOS app – is a UPI app – no different from PhonePe or any other bank applications. It has been developed by NPCI and is a common application across all banks. As with ALL UPI apps, BHIM has NO connection to Aadhaar – the customer is authenticated by his issuing bank using his Mobile# and MPIN and nothing else. Of course this app conforms to all the security-standards of any UPI application and has gone through the rigorous certification process.

*99# is merely a USSD front-end to the same capabilities. It does exactly what BHIM does but can be accessed on all phones – SmartPhones and Feature-Phones.

Aadhaar itself has NO direct role to play in BHIM – whether on Android or USSD/*99#.

So what is AadhaarPay?

AadhaarPay – leverages the Aadhaar-linked bank accounts to allow payments to a retailer. The payer need not provide anything more than an Aadhaar number and their biometric to the payee. The retailer receiving a payment needs to have a SmartPhone with an Aadhaar-approved secure Biometric Sensor and a certified AadhaarPay application. In this case the security-standards for customer data and biometric must comply both with UPI’s transaction level security and Aadhaar’s biometric security. In the case of AadhaarPay – ONLY Authentication is performed by Aadhaar/UIDAI – the transaction details are never sent to Aadhaar. Think of it as Authentication is done by Aadhaar and Authorization by NPCI/Banks.

One instance of AadhaarPay was released last week by IDFCBank and over time one may see a common AadhaarPay app that at the front-end uses Aadhaar for authentication and the BHIM/UPI back-end for authorization for users who don’t have a mobile phone.

National Pride Moment

The UPI platform, BHIM, *99# and AadhaarPay are great state-of-the-art platforms and applications that are a boon to all Indians. 2016 has been a great year in Payments progress worldwide – and India is leading the way!

With BHIM, *99# and AadhaarPay, the entire 1Billion plus population is now covered with a state-of-the-art real-time payments system. Those who have Smartphones will get the rich-app experience, those who have feature phones will use the USSD interface and the rest will merely need Aadhaar# and their fingerprint/IRIS biometric for to make payments.

3-Cheers to NPCI and the government for blazing such a fabulous trail! The new Twitter handle @NPCI_BHIM is a great way to stay informed about future developments regarding BHIM!

Guest Post by Sanjay Swamy, Entrepreneur & Early-Stage VC! IndiaStack Evangelist

I wish all readers a happy end of 2016 and an awesome year in 2017 – Payments geeks will indeed have a lot of fun working on UPI and the new world of interoperable, secure and universal payments!