Record-Keeping Requirements under the PMLA


The Prevention of Money Laundering Act (PMLA), 2002 and (PML Rules) act as the main legal framework for prosecuting money laundering in India. The Department of Revenue under the Finance Ministry recently introduced the Prevention of Money Laundering (Maintenance of Records) Amendment Rules, 2023 ( Rules 2023), in the notification dated 07.03.23. These rules mandate reporting entities like financial institutions, banking companies or intermediaries for disclosing beneficial owners along with the current KYC requirements through documents like registration certificates and PAN (Permanent Account Number). The present article shall discuss the Record- Keeping Requirements under the PMLA as well as the recent amendment regarding the PML Rules. 

Which Records must be maintained as per the PML Rules?

 In order to understand the Record- Keeping Requirements under the PMLA, it should be noted that as per the provisions of PMLA and the Maintenance of Records Rules, every reporting entity (RE) (which includes intermediaries registered under section 12 of the SEBI Act)must ensure the availability of all client and transaction records and information to the competent investigating authorities on a timely basis. The investigating authority can retain some records, e.g.  Account files, client identification, and business correspondence if required by them, for periods not exceeding those required under the SEBI Act, Regulations and Rules framed thereunder PMLA, other relevant legislations, or circulars or Exchange bye-laws

More specifically, all the Registered Intermediaries  (RI)  must devise a system  for the proper maintenance  of records of the nature and value of transactions  as  specified  under Rule 3 of PML Rules as mentioned below:

  1. All cash transactions  having a value >Rs 10,00000 or it’s equivalent in foreign currency;
  2. All series of cash transactions  having an integral connection with each other  whose individual value < 10,00000 or its equivalent in foreign currency wherein  such series of transactions have  occurred  within a  time span of 1 month, and the monthly aggregate exceeds an amount of  Rs 10,0000 or its equivalent in foreign currency;

It is important to clarify that for the purpose of suspicious transactions reporting, apart from ‘transactions integrally connected’, ‘transactions remotely connected or related’ must also be taken into consideration.

  1. All cash transactions wherein the forged or counterfeit currency notes or bank notes  are used as genuine or where for the purpose of facilitating the transaction, any forgery of a valuable security or a document has taken place;
  2. All suspicious transactions, irrespective of being carried out in cash along with including inter-alia, credits or debits into or from any non-monetary account such as a security account or demat account maintained by the registered intermediary.

Retention of Records

Registered intermediaries must take appropriate steps for evolving an internal mechanism for the proper maintenance and preservation of such records and information in a way which permits quick and easy retrieval of data upon the request of the competent authorities. Further, the maintenance and preservation of the records mentioned in Rule 3 of PML Rules should be done for a period of 5 years from the transaction date between the client and intermediary.

READ  Undisclosed Foreign Asset and Undisclosed Foreign Income as per the Black Money Act, 2015

The RI must be formulating and implementing the CIP, i.e. Client Identification Procedure containing the requirements as prescribed in Rule 9 of the PML Rules, and such other additional requirements are considered appropriate. The maintenance and preservation of the records which provide the evidence of the client’s identity and beneficial owners, along with the account files and business correspondence, must be done for a period of 5 yrs after the end of the business relationship between a client and intermediary or the closure of the, whichever is later.

In circumstances where the records relate to ongoing investigations or transactions which have been in respect to a suspicious transaction reporting,  the retention of such records should be until it the confirmation of the closure of the case.

Registered Intermediaries shall maintain and preserve the records of information related to transactions, whether attempted or executed, which are reported to the Director, FIU – IND, as required under Rules 7 and 8 of the PML Rules, for a period of 5 years from the date of the transaction between the client and the intermediary.

Key Amendments in the Prevention of Money Laundering (Maintenance of Records) Amendment Rules, 2023

Certain amendments were made in the Rules of 2023; with regard to Record- Keeping Requirements under the PMLA. The key amendments in the same are discussed herein under

Introduction of the definition of “Group.”

 The Rules of 2023 introduced a new definition of “Group, ” including the entities which belong to a multinational enterprise group or a group for the preparation of consolidated financial statements as per any regulation or law. This definition is consistent with Sec-  286(9) (e) of the ITA 1961. The inclusion of this definition is essential as it provides clarification on entities considered part of a group for anti-money laundering efforts.

It must be noted that the earlier version of the PMLA obligated the parent entities for the preparation of a consolidated financial statement if any of its companies had equity shares listed on a stock exchange in the territory or country wherein the parent entity is resident. This requirement is not changed in the present amendment rules issued by the Finance Ministry, Department of Revenue, GOI, i.e. the Government of India.

However, it is important for parent entities to know their obligations and Record-Keeping Requirements under the PMLA, along with other relevant laws and regulations relating to financial reporting. Compliance with these regulations not only leads to the promotion of transparency and accountability in financial reporting practices but also helps in contributing towards the efforts of preventing money laundering and terrorist financing.

 Revised Definition of Politically Exposed Persons

The Rules 2023 also introduced a revised definition of “PEPs” or politically exposed persons, which provides clarification for the individuals qualifying as PEPs, inclusive of foreign PEPs. PEPs are individuals holding significant public positions or having close associations with such individuals. Such individuals are considered high-risk clients owing to their susceptibility to corruption or bribery.

READ  Offences Triable by Special Courts under PMLA: SCs Recent Judgement

The identification and monitoring of PEPs is an essential element of the overall Anti-Money Laundering (AML) and Combating Financing of Terrorism (CFT) framework. The amended provisions shall facilitate reporting entities for the evaluation of the risk associated with PEPs and the implementation of necessary measures for the prevention of money laundering and terrorist financing.

For the effective identification and monitoring of the PEPs, the reporting entities can undertake the below-mentioned practical measures.

  • Conducting a Risk Assessment

Reporting entities must conduct a risk assessment for the identification of the level of risk associated with a customer. PEPs are considered high-risk customers and need additional scrutiny.

  • Enhanced Due Diligence

RE should carry out enhanced due diligence (EDD) measures for PEPs. This includes the obtainment of additional information about the customer, such as the nature of the business relationship,the source of funds and the purpose of the transaction.

  • Screening

RE should be screening their customers against a PEP list. This list can be taken from regulatory authorities or other reliable sources. Any matches should be investigated further.

  • Ongoing Monitoring:

RE must monitor the transactions and activities of PEPs on an ongoing basis. This includes the review of the customer’s account activity, transactions, and source of funds.

  • Training

RE must offer regular training to their staff to enhance their understanding of PEPs and the risks associated with them.

Client Due Diligence:

The documentation required for client due diligence (CDD) has been extended beyond basic KYCs, such as registration certificates and PAN copies, which also expands the record- Keeping Requirements under the PMLA. The clients must now furnish more elaborated information, such as the names of persons having senior management positions, beneficiaries, partners, trustees, and settlers,  authors, depending on the legal form of the organization. Clients must also furnish details on their address of the registered office and the principal place of business to banking companies,  financial institutions or intermediaries.

Development and implementation of the written policies and procedures establishing guidelines for CDD could be a thoughtful step. This includes the identification of the types of required information and documentation, the process for customer identity verification, and the frequency of updates. Assignment of responsibility for CDD to a specific team or individual within the firm, which can help ensure that CDD is conducted consistently and as per the firm’s policies and procedures.

Darpan Portal

According to the Rules 2023, reporting entities must be uploading the KYC data and other related documents of their customers on the DARPAN portal within a period of 3 days of establishing the business relationship or conducting a transaction. This requirement will facilitate the secure and efficient exchange of KYC data between RE  and the Department of Posts,  along with the reduction in the burden of paperwork, thereby streamlining the KYC process and compliance with the Record- Keeping Requirements under the PMLA.

Additionally, the new provisions facilitate the sharing of KYC data with customer consent by reporting entities only if it is done securely, complying with the laws of data protection. The digitization of the KYC process by using the DARPAN portal[1] will help in the prevention of money laundering and terrorist financing by allowing RE  to better assess customer risk and conduct enhanced due diligence measures when necessary.

READ  All You Need to Know About Hawala Transactions

Crypto and Other Digital Assets Service Providers

 According to the recent amendments to the rules in India, digital asset service providers are considered Reporting Entities and are liable to comply with all anti-money laundering and counter-terrorist financing measures prescribed by relevant authorities.

Since digital asset service providers have now been classified as reporting entities, it is important to take the required steps to ensure compliance with the amended rules. This includes the appointment of a principal officer and the designation of a director to oversee overall compliance. The name,  address and designation of the designated director and principal officer must be communicated to the Financial Intelligence Unit – India (“FIU-IND”).

The principal officer of the reporting entity has the responsibility of compliance with specific requirements under the PML Rules, including furnishing monthly information on all cross-border wire transfers the value of which is more than INR 5,00,000 (Five lakhs), or its equivalent in foreign currency to the FIU-IND and retain a copy of the same.

 All the information regarding the suspicious transactions must be promptly provided by the principal officer to the FIU-IND within 7 working days of being satisfied regarding the transaction being suspicious in nature. Such transactions include withdrawals into or from any accounts in any currency, deposits and credits, money transfers or remittances favouring their own clients or non-clients from abroad or India and to third-party beneficiaries in India or abroad, credits or debits into or from any non-monetary accounts, loans and advances including credit or loan substitutes, contingent liability, investments, and collection services in any currency.


The Rules 2023 introduces crucial changes for reinforcing anti-money laundering efforts in India by providing a better clarification on definitions and documentation requirements. With the requirement of more detailed information from clients during the process of due diligence, financial institutions can help in the better identification of the high-risk clients being involved in money laundering.

These changes signify an important step forward in tackling money laundering and terrorist financing in India. Moreover, implementing the DARPAN portal is a crucial step towards the modernization of the process of KYC and the efficient exchange of data between RE  and the Department of Posts.  It will not only lead to the reduction of the burden of paperwork but also help in the prevention of financial crimes by allowing the reporting entities in making an informed risk assessment and take appropriate measures, which can also help in fulfilling the Record- Keeping Requirements under the PMLA.

Read our Article: An Overview of Adjudication under PMLA, 2002

Trending Posted

Get Started Live Chat