What the MAS / Central Bank V-CIP guidelines actually require
The MAS Notice on KYC / CDD / AML, updated progressively since 2020, specifies the Video-Based Customer Identification Process in detail. The requirements cover five broad categories: identity verification (the right documents, the right checks), liveness and presence confirmation, geolocation validation, session recording and retention, and the authorised official requirement. Each category has specific sub-requirements — and each sub-requirement has a documentation obligation attached to it.
In a manual V-CIP operation, the application of these requirements depends on the agent's recall, attention, and training on any given day. The Video KYC / CDD Moderator AI converts each requirement into an automated check that runs at the appropriate moment in the session, generates a pass/fail result with evidence, and logs that result in the session record — so that the checklist is not something the agent remembers to apply, but something the system applies and the agent certifies.
The complete V-CIP compliance checklist — automated and logged
Section 1 — Identity Document Verification
MAS / Central Bank KYC / CDD MD 16(c)(i) and 16(c)(ii)MyKad / SingPass / national ID shown live on camera — not a photograph of MyKad / SingPass / national ID
The AI detects whether the MyKad / SingPass / national ID presented is a physical card, a print, or a screen photograph rather than a live card held in front of the camera. Depth estimation and glare pattern analysis distinguish a physical card from a screenshotted or printed replica. Result logged with confidence score.
→ Automated · Passive optical analysis · No user action requiredMyKad / SingPass / national ID last 4 digits verbally confirmed by borrower on video
The MAS / Central Bank guidelines require the customer to verbally state their MyKad / SingPass / national ID last 4 digits on video — this cannot be pre-typed or shown on a card alone. The AI's speech-to-text module transcribes the verbal confirmation and cross-checks it against the OCR-extracted digits from the card. Mismatch triggers an immediate flag.
→ Automated · Speech-to-text + OCR cross-check · Logged with transcriptPAN presented and OCR extracted — number cross-checked against application
national ID / tax identification number captured on video, OCR performed in real time, extracted tax ID number compared against the PAN entered at application. Any mismatch — even a single character — is flagged immediately for agent review. The PAN image frame is extracted and stored in the session record as documentary evidence.
→ Automated · OCR + application cross-check · Document frame storedDocument clarity threshold — all four corners visible, text legible, no glare occlusion
The AI assesses document image quality at the moment of presentation: are all four corners visible (confirming full card capture), is the text zone at the resolution required for reliable OCR, and is there specular glare occluding any information zone? If quality falls below threshold, the borrower is prompted in real time to reposition the card — before the session progresses.
→ Automated · Real-time quality gate · Borrower prompted if below thresholdSection 2 — Liveness and Presence Confirmation
MAS / Central Bank KYC / CDD MD 16(c)(iii) and 16(c)(iv)Liveness detection — passive analysis confirms live person, not photograph or deepfake
Passive liveness analysis runs from session start — skin texture, micro-movement patterns, and depth estimation confirm a live human is present. This check runs continuously throughout the session, not just at a single verification moment, ensuring that a live feed is not replaced with a recorded video mid-session.
→ Automated · Continuous passive analysis · Alert if confidence drops below threshold at any pointFace match — live face matched against MyKad / SingPass / national ID photograph (128-point geometry)
The face captured in the live video session is matched against the photograph extracted from the presented MyKad / SingPass / national ID card using 128-point facial landmark mapping. An ageing adjustment is applied based on MyKad / SingPass / national ID issue date. Match confidence score recorded in session log. Sessions below threshold threshold are referred for agent decision, not auto-rejected.
→ Automated · 128-point geometry · Score and threshold loggedAuthorised official confirms customer's identity visually — required by MAS / Central Bank
The MAS / Central Bank guidelines require the authorised official to visually confirm that the person on screen matches the presented identity documents. This is a human judgment — the AI provides the quantified face match score and flags any anomaly, but the official's visual confirmation is a separate, non-delegable regulatory step that must be recorded.
→ Human agent · Logged as agent confirmation with timestamp · Cannot be automatedSection 3 — Geolocation and SEA Presence Confirmation
MAS / Central Bank KYC / CDD MD 16(c)(v)Geolocation confirmed as withacross SEA at session initiation
The borrower's device geolocation is captured at session start and at session end. GPS coordinates are validated against the SEA territorial boundary (including Andaman and Nicobar Islands, Lakshadweep, and other territories). VPN or location spoofing is detected and flagged — a session where GPS shows SEA but IP geolocation shows a foreign country is a compliance failure, not a technical anomaly.
→ Automated · GPS + IP geolocation cross-check · Both coordinates stored in session recordLocation spoofing detection — GPS and IP geolocation consistent
GPS can be spoofed on rooted devices. The AI cross-references GPS coordinates with IP geolocation (ISP-reported), device network type, and ambient background characteristics (time zone consistency, background audio language, visible background environment). Inconsistency across these signals is a location spoofing indicator.
→ Automated · Multi-signal cross-reference · Any inconsistency → agent review requiredSection 4 — Session Recording and Retention
MAS / Central Bank KYC / CDD MD 16(c)(vi) and 16(c)(vii)End-to-end session recording — initiated at session start, terminated at agent sign-off
Recording begins automatically when the session is initiated and cannot be paused or terminated before the agent's final sign-off. The recording includes both video streams (borrower and agent), all audio, and a timestamp-synchronised overlay showing the compliance check results as they occur in real time.
→ Automated · Cannot be interrupted · Timestamp-synchronised overlaySession record encrypted and stored — minimum 5 years from session date
Completed session recordings are AES-256 encrypted, stored in a write-once archive, and tagged with a retention expiry date set to 5 years from session date per MAS / Central Bank requirements. The session record includes: the full video recording, the compliance check log with every result and timestamp, the agent sign-off with employee ID, and the SHA-256 hash of the complete record for tamper detection.
→ Automated · Write-once · Hash-sealed · 5-year retention enforced automaticallySession retrievable within 48 hours of any regulatory or audit request
Every session record is indexed by borrower PAN, application ID, session date, agent ID, and session outcome — enabling retrieval by any of these dimensions within minutes. MAS / Central Bank inspection requests specifying a date range or borrower set are fulfilled automatically with no manual file assembly required.
→ Automated · Indexed by 5 dimensions · 48-hour retrieval SLA maintainedSection 5 — Authorised Official Requirements
MAS / Central Bank KYC / CDD MD 16(c)(viii) and 16(c)(ix)Authorised official identified at session start — name and employee ID logged
The agent's identity is logged at session initiation using their authenticated session credentials. The MAS / Central Bank requires that the authorised official be a KYC / CDD-certified employee of the reporting entity — the system verifies active certification status before allowing the agent to open any session.
→ Human + Automated · Employee authentication + KYC / CDD certification validationAgent's final pass/refer/fail decision — signed and timestamped
The final outcome of every V-CIP session is a human decision by the authorised official. The AI provides the compliance summary, the flag summary, and a recommendation — but the determination is entered by the agent, signed with their employee credentials, and timestamped in the session record. This decision cannot be automated and is the regulatory basis for the KYC / CDD completion.
→ Human only · Sole decision authority · Cannot be delegated to AI · Signed in session recordThe session audit trail: what the record shows
Compliance is not what you intend to check — it is what you can prove you checked
A V-CIP session that was conducted correctly but whose session record does not prove each compliance step was executed is not a compliant session — it is an unverifiable one. The MAS / Central Bank inspector reviewing your V-CIP operation is not asking whether your agents try to follow the guidelines. They are asking whether your session records demonstrate that every step of the guidelines was followed, for every session, with evidence. The Video KYC / CDD Moderator AI makes that demonstration automatic — the session record is the compliance proof, generated in real time, for every session, without exception.