Maintaining client identity records is a core compliance obligation for banks and financial institutions under the Prevention of Money Laundering Act (PMLA). This requirement is designed to promote transparency, accountability, and support for law enforcement in the fight against money laundering and financial crimes.
What Records Must Be Maintained
Banks and financial institutions must maintain comprehensive documentation that evidences the identity of each client and beneficial owner. These records include:
* Officially Valid Documents (OVDs): Aadhaar, PAN, passport, voter ID, and proof of address.
* Account files and business correspondence.
* Transaction records: covering both account-based and non-account-based relationships.
Types of Records and Retention Periods
* Identity and KYC records: Retained for at least five years after the account relationship ends or is closed.
* Transaction records:
* Cash transactions exceeding ₹10 lakh.
* Cross-border wire transfers above ₹5 lakh.
* Purchase/sale of immovable property valued at ₹50 lakh or more.
These must be preserved for five years from the date of the transaction.
* Special cases:For certain regulated entities (e.g., NBFCs), records may be retained for up to ten years, as directed by regulatory notifications.
Ensuring Accessibility and Security
* Records may be stored in physical or electronic form, but must be:
* Well-organized for quick retrieval.
* Securely maintained with encryption, access controls, and periodic audits.
* Institutions must ensure that records are readily available to regulators and enforcement authorities upon request.
Consequences of Non-Compliance
Non-compliance with PMLA record-keeping obligations can attract:
* Penalties or monetary fines.
* Regulatory warnings and restrictions.
* Severe enforcement actions under Section 13 of the PMLA.
This highlights the critical importance of meticulous record management as part of a bank’s anti-money laundering (AML) framework.
📋 Quick Compliance Checklist: Maintenance of Records under PMLA
| Compliance Area | Requirement | Action Point ✅ |
| Client Identity Records | Maintain OVDs, account files, business correspondence | ⬜ Collect & store securely |
| Retention (KYC) | Keep for 5 years after closure/termination | ⬜ Track closure & retention |
| Transaction Records | Retain large cash (₹10L+), cross-border (₹5L+), immovable property (₹50L+) for 5 years | ⬜ Flag & archive transactions |
| NBFC / Special Entities | Retain up to 10 years as per regulatory directions | ⬜ Extend retention if applicable |
| Accessibility | Records must be retrievable and audit-ready | ⬜ Organize digital/physical files |
| Security Controls | Use encryption, restricted access, and regular audits | ⬜ Implement IT & audit safeguards |
| Non-Compliance Risk | Penalties, Section 13 enforcement | ⬜ Monitor & review regularly |
✅ Conclusion:
By maintaining client identity and transaction records in line with PMLA, banks not only fulfil regulatory mandates but also strengthen the integrity of India’s financial system, enabling effective investigations and deterring illicit financial activity.
Related Posts:
