AML & KYC policy.

The Prevention of Money Laundering Act, 2002 (PMLA) places obligations on every institution that handles investor money to verify the identity of its customers, to monitor transactions for unusual patterns, and to report suspicious activity to the relevant authorities. We take those obligations seriously — they protect honest investors from being mixed up with bad actors.

This policy explains, in plain language, how we comply. It covers customer onboarding, ongoing monitoring, record retention, and the limited circumstances under which we may need to escalate to law enforcement.

Before any investor can book a plot on Paylap Invest, they complete a verified KYC flow consisting of:

• Aadhaar e-KYC via DigiLocker. We receive a cryptographically signed Aadhaar XML directly from UIDAI. The masked Aadhaar number and the unmasked number are stored separately, with different access controls.
• PAN cross-verification. The PAN entered is matched against the NSDL/CBDT database, and the name on PAN is compared against the name returned by Aadhaar. Mismatches block the investment until resolved.
• Independent address proof for investments above defined thresholds. Recent utility bills, voter ID, or registered rental agreements are accepted.
• Bank account verification via a small penny-drop reverse-credit, confirming the name on the bank account matches KYC.

As required by PMLA, each customer is categorised as low, medium or high risk based on factors including profession, source of funds, geographic location, and any publicly available adverse information.

High-risk customers are subject to enhanced due diligence and may be asked for additional documentation, including source-of-funds evidence, before any transaction is processed.

We monitor transactions on the platform on an ongoing basis for unusual patterns — for instance, repeated cash-equivalent inflows from inconsistent sources, rapid investment-and-redemption cycles, or transactions that don't align with the investor's stated profile.

Where a pattern raises questions, we will reach out to the investor for clarification before taking any action. Most flags are resolved with a simple explanation.

Under PMLA, certain categories of transactions must be reported to the Financial Intelligence Unit – India (FIU-IND), specifically suspicious transactions and cash transactions above defined thresholds. These reports are confidential by law and we do not disclose to the investor that a report has been filed.

Reports are made only when required by law. We do not over-report. Our policy balances the legitimate need to support investigations against the privacy of honest investors.

We retain customer identification records and transaction records for a minimum of five years from the date the customer relationship ends or the transaction was executed, whichever is later, as required by PMLA. Records may be retained longer where required by other applicable law.

Every team member with access to investor data or transaction systems is trained on AML obligations at induction and at least annually thereafter. The training covers identification of red flags, escalation paths, and the legal consequences of breaching confidentiality requirements.

As required under PMLA, we have designated a Principal Officer and a Designated Director for AML matters. Their contact details are filed with FIU-IND and updated as required.

For investor-side queries about KYC or AML matters, the right channel is our grievance officer — see the grievance redressal page.

This policy is reviewed annually and after any material change in PMLA, FIU-IND guidelines, or our own operations. The last review date appears on this page.

Questions about the policy can be sent to info@paylaprealestate.com and will be routed to the Principal Officer.