The Reserve Bank of India’s (RBI) January 31 action directing Paytm Payments Bank Ltd. (PPBL) to cease all new business transactions by February 29 and settle all pipeline transactions by March 15, was triggered by major irregularities in the bank’s compliance with Know Your Customer (KYC) norms, thus exposing customers, depositors and wallet holders to serious risk, according to people aware of the developments.

RBI supervisors and external auditors are learnt to have found: KYC details missing for a very large number of customers (running into lakhs); PAN validation failures in lakhs of accounts; a single PAN used for multiple customers (in thousands of cases, the same PAN was linked to more than 100 customers and in some cases to more than 1,000 customers), the people, who spoke on condition of anonymity said.

The bank was also found to be involved in facilitating transactions running into crores of rupees and well beyond regulatory limits in prepaid instruments with minimal KYC requirements, raising money laundering concerns, according to these people.

An unusually high number of dormant accounts had also been found to have been used as ‘mule accounts’ to facilitate transactions.

When contacted, a Paytm Payments Bank spokesperson said: “The recent direction from RBI is a part of the ongoing supervisory engagement and compliance process. The bank always upheld compliance with supervisory instructions in its interactions with regulator from time to time.”

“We therefore request you to be guided by the press release of RBI dated January 31 and refrain from any further speculation,” the spokesperson added.

The concerns relating to money laundering at the Paytm unit also arose from deficiencies in the KYC processes and lack of transaction monitoring system at the bank. In lakhs of cases, accounts and wallets had been frozen by various Law Enforcement Authorities across the country, because such accounts were used for committing digital frauds, the people in the know asserted.

“The Comprehensive System Audit report and subsequent compliance validation report of the external auditors revealed persistent non-compliances and continued material supervisory concerns in the bank, warranting further supervisory action,” the RBI had said in its January 31 statement, announcing the action against Paytm Payments Bank.

The payments bank is accused of not adhering to the ‘arm’s length policy’ while dealing with the Promoter Group Entities. Its financial and non-financial business were co-mingled with its promoter group companies in violation of licensing conditions and RBI directions on the matter, the people contended.

Auditors found that the bank’s dependence on the IT infrastructure of OCL (One97 Communications Ltd. – Paytm’s listed parent entity) remained absolute and there was no operational segregation. Many transactions were routed through the parent-entity owned apps, raising serious concerns on data privacy and data sharing.

On several occasions, compliance details submitted by the bank were found to be false upon verification, both by RBI supervisors as well as external auditors, the people added.

The bank also allegedly did not disclose significant intra-group transactions and related party transactions. Its payables to OCL were substantial, which were not disclosed in the financial statements of the bank. Further, agreements were being often revised to benefit OCL or its group companies, which was detrimental to the bank and its customers, the people asserted.