MUMBAI: Banks have expressed concern over their liability to customers if the Aadhaar database is compromised or if there is a mistake in identifying a person. The trigger has been their agreement with the Unique Identification Authority of India ( UIDAI ) for acceptance of electronic documents stored by the authority as proof of identity and address where the blame for any false identification lies with banks.

The matter has been referred to the law ministry and, according to sources, it has decided in favour of the banks. The government is therefore looking at ways to address concerns of banks by altering the agreement to state that banks will not bear any loss.

The crux of the issue has been the approval of Aadhaar for eKYC , or ‘electronic know your customer’ norms. Traditionally, it is the responsibility of the banks to ensure that the customer is indeed who he claims to be. His identity is ascertained by going through original documents such as telephone bills, passports or PAN cards and retaining a copy.

Under eKYC, a customer can walk up to a bank without any documents but offer his fingerprints. These will be matched with the Aadhaar database which, in turn, would be used for ascertaining identity and address.

“UIDAI has said that the process is fool proof and the systems cannot be compromised. But if that is the case, why should banks bear the liability if the system throws up a ‘false positive’?” said a banker. False positive is jargon used in health and technology industry to refer to a test that has come up with wrong results.

Last week, RBI approved UIDAI’s eKYC service as a valid process for KYC verification under its prevention of money laundering rules, 2005. In terms of the procedure outlined by RBI, banks have to obtain an express consent from the customer before accessing his database and obtaining his Aadhaar number. According to bankers, eKYC would make the process of acquiring new customers extremely easy. Also, banks will be spared a huge costs of scanning and retaining KYC documents.