In September of 2018, the Supreme Court upheld the Aadhaar Act but struck down portions of Section 57 of the Act that was the basis on which the banks, NBFCs, and other lenders organized the e-KYC element of their digital lending process-flows. Legal and tech-policy experts have interpreted the breadth of the judgment differently, but the total effect on which there seems to be no disagreement is that, after the verdict, it is no longer possible for banks, NBFC, and other lenders to rely on the e-KYC services offered by the UIDAI for fulfilling the KYC mandate under anti-money laundering laws.
Since the verdict, the industry, regulators, and policymakers have worked towards evolving alternate ways through which Aadhaar can be leveraged to reduce the time taken to run the onboarding leg of the digital lending process-flow. These ways include reliance on so-called “offline” Aadhaar verification mechanisms that involves zero recourse (“hit”/“ping”) to the Aadhaar database. However, as the following section will show, these alternatives achieve compliance with the verdict at the expense of efficiency. Furthermore, by doubling down on Aadhaar number as the authenticating mechanism again, the industry risks facing uncertainty again given the likelihood of fresh round of litigation challenging these alternate forms of reliance as well. In the light of this, this article will suggest that the industry and the regulators should work together to evolve KYC processes agnostic of the ID document offered by the user and embed authentication/verification of the user in the process-flows so that the integrity of the customer journey is affected as little as possible. Furthermore, the regulators should consider recognizing/notifying these alternate ways for compliance with anti-money laundering laws.
