What is 2FA? How Does It Matter to Your MF Transactions
June 8, 2022 Mutual Fund
Are you investing in Mutual Funds online? If yes, then here is some important news for you.
Mutual fund investors who invest using online platforms such as fund house web portals, fintech apps dedicated to mutual funds, etc., will have to fulfil a crucial step from now onwards. You will be able to perform online mutual fund transactions such as redemptions, investing via Systematic Transfer Plan (STP), opting for Systematic Withdrawal Plan (SWP), making switch requests, etc., only if you have Two-factor Authentication (2FA) enabled.
On 31 March 2022, SEBI issued the circular on the extension of the timeline for discontinuation of usage of pool accounts for transactions in the units of Mutual Funds, Two-factor Authentication (‘2FA’) for redemption, and other related requirements. The primary intent behind the SEBI’s move for Two-factor Authentication (2FA) for redemption is to ensure the safety of investors’ money and prevent its possible misuse by intermediaries involved in such transactions.
SEBI, the market regulator, has issued clarifications on transactions involving mutual fund units, as well as guidelines for authentication in the event of redemption of units. Two-factor Authentication (2FA) for online transactions and signature method for offline transactions shall be used for authentication. This means that every investor conducting online mutual fund transactions must use Two-factor Authentication (2FA).
What is Two-factor Authentication (2FA)?
As per SEBI guidelines, Two-factor Authentication (2FA) is mandated in order to increase the security of all digital transactions related to mutual funds, effective from June 01, 2022.
Two-factor Authentication (2FA) is a two-step security process for verification in which users verify themselves using two different authentication factors. The authentication factors can be a username, password, security questions, OTP, Fingerprint, or Face ID.
Two-factor Authentication provides a higher level of security than authentication methods that depend on Single-factor Authentication (SFA), in which the user provides only one factor typically, a password. 2FA is an extra layer of security that protects your account from hackers and unauthorised access. Even if the victim’s password has been hacked, 2FA requires more than just a password to complete the authentication. This secures your investor’s sensitive data and prevents any misuse of data.
How does the 2FA in Mutual Funds work?
2FA requires a one-time registration from your side. Two-factor Authentication method relies on a user giving a password as the first factor and a second factor as a distinct element, commonly a security token like an OTP or a biometric factor like a fingerprint.
For the redemption of mutual fund units, a One-Time Password (OTP) will be given to unit holders at their email/phone number registered with the AMC; this is one of the factors for the Two-factor Authentication (2FA) process.
Here are the steps to be followed for 2FA:
Step #1 – After you log in to your preferred online platforms, select the mutual fund scheme on which you will conduct your transactions.
Step #2 – Select the plan of action on your mutual fund scheme, such as redemption, STP, SWP, switch request, etc.
Step# 3 – After you select the desired option, a One-Time Password (OTP) will be sent to the investor’s registered mobile number/email ID, and you will be required to enter that OTP online before the transaction is processed.
SEBI’s Two-factor Authentication rule ensures that an additional One-Time Password (OTP) is sent to you for mutual fund redemptions and that the redemption transactions cannot be initiated without the consent of the investor/unitholder.
However, to enable the 2FA on your online mutual fund investments, you must ensure that your mobile number and email id are registered and updated with the AMC. The transaction will not be performed if the OTP verification fails.
In case you have not registered, follow these steps to update your phone number and email id:
- Register with physical application to fund houseAn individual can apply to each mutual fund house where they have mutual fund investments. The fund house/AMC will update their records with the new mobile number and email id. Following the update, the investor will be able to initiate online transactions using 2FA.
- Update your KYC recordsKYC records store an investor’s identification information; updating your mobile number and email in KYC records will update your information across your mutual fund investments. Keep in mind that it’s a more time-consuming and lengthy process than updating directly with the mutual fund house.
- Submit an updated request in CAMSCAMS is the Registrar and Transfer Agents (RTA) of Mutual Fund Houses, who manage the investors’ records on behalf of the Fund House. If you want to update your phone number or email using CAMS, you’ll need to provide your PAN number as proof of KYC verification. One can also submit a request to update mobile numbers either offline or online through CAMS.
Link: https://www.camsonline.com/Investors/Service-requests/GoGreen/PAN-based-service-request
As a result, several mutual fund houses, such as Motilal Oswal Mutual Fund, Mirae Asset Mutual Fund, Franklin Templeton, etc., have sent emails to investors informing them about the SEBI’s guidelines for Two-factor Authentication. In addition, urging the investors with reminder emails to update their mobile numbers in their folios. So that they can use SEBI’s Two-factor Authentication to successfully perform online mutual fund transactions.
To ensure the safety of your online mutual fund transactions for all your investments, the fund houses will soon enable a request for the input of an additional One-Time Password (OTP) for the following online transactions:
- Redemption
- Switch
- Systematic Transfer Plan (STP) Registration
- Systematic Withdrawal Plan (SWP) Registration
The OTP will be sent to the contact details (mobile number and/or email ID) registered in the respective customer folio with the fund house as an additional second factor of authentication process. However, in case there is a mismatch between your mobile number and the email on which the OTP is sent and the AMC records, the online mutual fund transaction will be rejected.
Therefore, investors are requested to update their mobile numbers and email ID in order to use the two-factor authentication method mandated by SEBI.
This article first appeared on PersonalFN here
