• Prevention of Money‑Laundering Act, 2002 (PMLA) and the Prevention of Money‑Laundering (Maintenance of Records) Rules, 2005 ("PML Rules").
• SEBI Master Circular on AML/CFT (most recently updated on June 06, 2024) applicable to all intermediaries registered under Section 12 of the SEBI Act, including Investment Advisers.
• UAPA, 1967 — Section 51A (UN sanctions implementation) and allied Government Orders / Corrigenda.
• WMD Act, 2005 — Section 12A (Targeted financial sanctions on proliferation financing).
• FIU‑IND directions, FINnet 2.0 reporting formats, and guidance.
• FIU‑IND directions, FINnet 2.0 reporting formats, and guidance.
• FATF Recommendations and public statements (including jurisdictions under increased monitoring).

• Prevention of Money‑Laundering Act, 2002 (PMLA) and the Prevention of Money‑Laundering (Maintenance of Records) Rules, 2005 ("PML Rules").
• Partnerships/LLPs: >10% of capital/profits or control through other means.
• Unincorporated associations/body of individuals: >15% of property/capital/profits.
• Trusts: identify author, trustees, beneficiaries with ≥10% interest, settlor, protector, and any natural person exercising ultimate effective control.
• If no natural person is identified by the above, treat the senior managing official as BO.

• Board/Partners
• Approve the AML/CFT framework and review annually.
• Ensure adequate resources, independence of Compliance, and effectiveness of internal controls.
• Designated Director (PMLA)
• Overall accountability for PMLA compliance.
• Ensure group‑wide AML/CFT standards, information sharing and oversight.
• Principal Officer (FIU‑IND)
• Central point for STR/CTR/NTR/CBWTR filings and FIU‑IND correspondence.
• Maintain confidentiality and “no tipping‑off”.
• Ensure timely internal escalations and regulatory reporting.
• Compliance Function
• Maintain this Policy and related SOPs; conduct risk assessment; test controls; oversee training.
• All Employees
• Follow client acceptance/KYC procedures; promptly escalate red flags; complete training.

• Maintain a documented ML/TF/PF enterprise risk assessment at least annually, covering: client types, geographies, delivery channels (e.g., non‑face‑to‑face), products/services (advisory only vs. facilitation), payment flows/fee models, and new technologies.
• Classify clients into Low/Medium/High risk. Apply enhanced due diligence (EDD) to high‑risk clients (e.g., PEPs, complex structures, high‑risk jurisdictions, adverse media, unusual fee patterns, crypto exposure, third‑party payments).
• Conduct product/channel risk assessments before launching new services or delivery mechanisms.

• Refuse to provide KYC/BO information or provide forged/insufficient documents.
• Are matched (true positive) to sanctions/terror lists (UNSC/UAPA/other applicable lists).
• Seek anonymity or use fictitious/benami identities.
• Present funding/fee flows inconsistent with their profile without satisfactory explanation.

• When CDD is Required
• At onboarding (including re‑onboarding after relationship lapse), when there is doubt about authenticity/adequacy of KYC data, when there is suspicion of ML/TF, or upon material change in client/BO information.
• Individual Clients — Minimum KYC
• PAN (or Form 60/61 where permitted), officially valid document (Passport/Driving Licence/Voter ID/NREGA/Aadhaar as per law), recent photograph where applicable, current/permanent address, contact details.
• Occupation and source of funds/income reasonableness check.
• Non‑Individuals — Minimum KYC
• Companies: Certificate of incorporation, PAN, Memorandum/Articles, board resolution, list of directors with DIN, proof of address, BO identification & verification.
• Partnerships/LLPs: Registration certificate/LLP agreement, PAN, list of partners/designated partners, proof of address, BO identification & verification.
• Trusts: Trust deed, registration certificate (if applicable), PAN, details of author/trustees/beneficiaries (≥10%), protector, BO identification & verification.
• BO Identification & Verification
• Identify per thresholds in §3; obtain ownership/control charts and declarations; verify through reliable independent sources (e.g., MCA filings/beneficial ownership registers) where feasible.
• PEPs
• Obtain senior management approval to onboard/continue.
• Establish source of funds/wealth of client and BO; conduct enhanced ongoing monitoring.
• Reliance on Third Parties
• May rely on regulated third parties for CDD subject to written arrangement, immediate access to KYC data, confirmation of records’ availability, and that the third party is not based in a high‑risk jurisdiction. Responsibility remains with the firm.
• Non‑Face‑to‑Face / Digital Onboarding
• Use secure verification methods (e.g., video‑KYC where law permits), stronger liveness/forgery checks, additional EDD, and first payment from client’s own bank account.
• Ongoing Due Diligence
• Keep KYC data current (periodic refresh based on risk, at least every 2 years for High, 3 years for Medium, 5 years for Low).
• Scrutinize transactions/fee inflows to ensure consistency with client profile and advisory services.
• Promptly update material changes (address, ownership, control, PEP status, authorized signatories).

• Before onboarding and periodically thereafter, screen clients, BOs, authorized signatories against: UNSC (1267/1989/2253 etc.), UAPA lists, WMD‑12A designations, SEBI/Exchange/Debarred lists, and other applicable domestic/international sanctions.
• Maintain electronic lists and automated/fuzzy‑matching where feasible; document all matches, dispositions, and overrides. True matches lead to refusal/exit and immediate escalation.
• Follow Government Orders and SEBI directions for freezing funds/assets and notifications to the Central Nodal Officer (CNO), SEBI, and FIU‑IND, as applicable.

• Unusual fee structures or third‑party fee payments without clear rationale.
• Clients from/high exposure to high‑risk jurisdictions; frequent cross‑border transfers unrelated to advisory scope.
• Complex ownership without economic purpose; frequent changes to BOs/authorized signatories.
• PEPs using proxies; negative/adverse media; disputes over source of funds/wealth.
• Attempts to evade KYC; request for anonymity; inconsistent documents.

• STR (Suspicious Transaction Report): File within 7 days of establishing suspicion; includes attempted transactions. Maintain strict confidentiality; no tipping‑off.
• CTR (Cash Transaction Report): Where applicable, file monthly by the 15th of the succeeding month.
• NTR (Non‑Profit Organisation Transaction Report): Where applicable, file monthly by the 15th.
• CBWTR (Cross‑Border Wire Transfer Report): Where applicable as per thresholds.
• The Principal Officer is responsible for registrations on FINnet 2.0, data quality, secure transmission, and timely filings.

• Maintain KYC records, account files, business correspondence for 5 years after account closure/end of relationship (whichever is later).
• Maintain transaction records (including those reported to FIU‑IND, whether executed or attempted) for 5 years from the date of transaction/reporting.
• Where investigations/litigation are ongoing, retain records until closure is confirmed.
• Ensure records are retrievable promptly (including for name‑screening and sanctions audits).

• Accept fees only via banking channels traceable to the client (or disclosed payer with documented rationale). No cash payments above legal thresholds.
• For cross‑border payments, retain originator/beneficiary information, purpose, and supporting documents; monitor for structuring/smurfing.

• Limit access to KYC/AML data on a need‑to‑know basis; encrypt data at rest/in transit; use secure storage with audit trails.
• Share client information only as required by law/regulators (FIU‑IND, SEBI, law enforcement) or with client’s consent.

• Induction training for all staff; annual refresher tailored by role (front‑office, operations, compliance, management).
• Scenario‑based case studies (STR drafting, sanctions hits handling, PEP EDD) and assessments with minimum pass criteria.

• Conduct due diligence on service providers; include AML/CFT obligations, audit/access rights, confidentiality, and termination rights in contracts.
• The firm retains responsibility for compliance.

• Maintain 1st line (business), 2nd line (Compliance), 3rd line (Internal Audit/Independent Review) segregation.
• Compliance performs risk‑based monitoring, sample testing of KYC files, sanctions screening quality, STR case management, and reporting timeliness.
• Internal Audit/Independent Review at least annually; report findings to the Board/Partners with corrective action plans and timelines.

• Provide clear disclosures on KYC/AML requirements and data use; publish a client‑facing AML summary on the website.

• Frontline staff escalate red flags immediately to Compliance/PO using the STR Triage Form (Annex B). PO decides on reporting, account continuation/suspension, and interactions with authorities. Maintain an Incident Register.

• Implement group‑wide AML/CFT policies, information‑sharing, and consolidated risk oversight across branches/majority‑owned subsidiaries; apply additional measures where host‑country standards are weaker.

• This Policy is reviewed at least annually or upon material legal/regulatory changes, audit findings, or risk assessment outcomes. Changes require Board/Partner approval.

• Individuals: PAN; OVD (Passport/Driving Licence/Voter ID/NREGA/Aadhaar per law); recent photograph; proof of address; bank proof.
• Non‑Individuals: As per §7.3; include BO declarations, ownership charts, board/partner resolutions, lists of authorized signatories with IDs.

• Client identifiers; relationship start date; products/services; narrative of suspicion; transaction/attempt details; value/date/time; red flags triggered; documents reviewed; decision & rationale; timeline; confidentiality reminders.

• Screening at onboarding and periodic cycles; daily list updates; fuzzy match thresholds; documented dispositions; watchlist governance; freezing steps; regulatory notification list (CNO/SEBI/FIU‑IND); maker‑checker controls; audit trails.

• Client risk: residency, PEP/RCAs, sector, BO complexity, adverse media.
• Geographic risk: exposure to high‑risk/FATF‑listed or sanctioned geographies.
• Service risk: discretionary vs. non‑discretionary advice, add‑on services.
• Channel risk: non‑face‑to‑face/digital onboarding, introducers/third‑party reliance.
• Behavioral risk: payment patterns, unusual document changes, frequent structure changes.