Digital KYC for Research Analysts in India (2026)
Paper KYC made sense when you onboarded one client a quarter. At 5 to 25 clients a month, the same flow eats a working day a week. Digital KYC, built on PAN verification, KRA lookup, and Aadhaar eSign, compresses the whole process to under five minutes per client at a per-onboarding cost of roughly ₹30.
The Indian KYC stack for capital markets has four moving parts: PAN, KRA, CKYC, and eSign. Each is a separate regulator-blessed service with its own API. Independent RAs do not need to integrate against each one directly; the aggregators (Digio, Karza, Signzy, Surepass, Leegality) wrap all four behind a single REST API and a single prepaid wallet.
The four-layer stack
The flow, end to end
The client opens a link or fills a form. PAN is verified in two seconds. KRA returns either a verified record or a no-match. On a hit, the address, contact, and bank-linked KYC fields are pre-filled into your records. On a no-match, the client uploads Aadhaar (with the option to mask digits), an address proof, and a selfie; the system runs face match and submits a fresh KYC. The agreement PDF is generated from a template with the client's details merged in, and the client signs via Aadhaar eSign by entering an OTP sent to the Aadhaar-linked mobile.
Total elapsed time for a KRA-verified client is about three minutes. For a fresh KYC client, expect ten to fifteen, mostly because of the face capture and Aadhaar OTP wait. All artefacts, PAN response, KRA payload, eSign certificate, are stored in your compliance folder with the date and the API request ID.
Picking an aggregator
Cost model for a 25-client-a-year RA
25 onboardings a year at roughly ₹30 each is ₹750. Add re-KYC every two years on roughly half the book at ₹15 each, another ₹190. Total under ₹1,000 a year in API cost. The break-even versus paper KYC arrives in the first quarter once you account for the time saved at your billable rate.
Records to keep for SEBI inspection
For each onboarded client, keep the PAN verification response, the KRA payload (or the fresh KYC submission proof), the signed agreement PDF with the embedded eSign certificate, and the consent record for delivery channels. Five-year retention is the minimum. Storage in an Indian-region cloud bucket is the simplest path; the audit trail in Aktai keeps the same record set tied to the client ID.
FAQ
Can a SEBI Research Analyst rely on KRA-verified KYC?
Yes. If a client has KYC already with another SEBI intermediary (broker, mutual fund, depository), you can fetch the verified KYC record from the KYC Registration Agencies (CDSL Ventures, CVL, KARVY, NSE KYC). This satisfies the KYC requirement without re-collecting documents. The lookup costs about ₹5 to ₹15 per query through an aggregator.
What is the difference between KRA and CKYC?
KRA (KYC Registration Agency) is the legacy securities-market KYC system, used by SEBI intermediaries. CKYC (Central KYC) is a wider Indian KYC database covering banking, insurance, and capital markets. For a Research Analyst onboarding equity clients, KRA lookup is the primary path. CKYC is the fallback when the client is not in any KRA record but has bank or insurance KYC.
Is Aadhaar eSign legally valid for the RA-client agreement?
Yes. Aadhaar eSign is a valid digital signature under Section 3A of the Information Technology Act 2000. Documents signed with Aadhaar eSign carry the same legal weight as wet-ink signatures. Most legal aggregators (Digio, SignDesk, Zoho Sign, Leegality) wrap the NSDL e-Sign service and provide developer APIs.
How much does digital KYC cost an independent RA?
For a small practice, expect ₹15 to ₹40 per client onboarded: ₹2 to ₹5 for PAN verification, ₹5 to ₹15 for KRA lookup, ₹5 to ₹25 for Aadhaar eSign on the agreement. Aggregators bundle these and offer prepaid wallets so you do not need separate vendor accounts. At 25 clients per year, this is roughly ₹500 to ₹1,000 a year, well below the staff cost of paper KYC.
Do I need to repeat KYC every year?
Periodic re-KYC is required under the SEBI master circular. The cadence depends on the client risk category: high-risk clients are re-verified more frequently, low-risk every several years. In practice, an RA serving retail equity clients does a re-confirmation every two years and triggers a fresh KYC on any material change (address, PAN, contact).