Bankpulse
BanksHomeSearchLatestCo-pilotRankingsCrosswalkHistoryWithdrawnDashboardsRBI UniverseMethodologyGlossaryCircularsAskAnswersChangelogReviewsAbout
HomeCirculars › RBI/2009-10/224

UCBs: KYC/AML Record Retention & PEP Rules Updated

Live · in forceNo withdrawal recorded as of 20 Jun 2026. Reviewed by Vikram Jain; always verify against the official RBI source below.
Issued by RBI: 16 Nov 2009  ·  Decoded by BankPulse: 20 Jun 2026, 17:46 IST
⏱ ~2 min read
📄 Official RBI source ↗
Quick answerRBI mandates urban co-op banks to keep transaction records for 10 years from transaction date and customer ID records for 10 years after account closure, per PMLA 2009 amendments. Senior management approval is now required for existing customers who become PEPs.

What changed

The Prevention of Money Laundering (Amendment) Act, 2009, effective June 1, 2009, changed record retention periods. Transaction records must now be kept for 10 years from the transaction date, and customer identification records for 10 years after the business relationship ends. Additionally, if an existing customer becomes a Politically Exposed Person (PEP), banks must obtain senior management approval to continue the relationship and apply enhanced CDD measures.

What it means for you

Urban co-operative banks must update their record-keeping systems to comply with the new 10-year retention periods, which are longer than previous requirements. Banks also need to implement processes to identify when existing customers become PEPs and escalate such cases for senior management approval. This increases compliance burden but strengthens anti-money laundering efforts.

What you must do

Who it affects

Primary (Urban) Co-operative Banks, Compliance officers and Principal Officers at UCBs, Senior management at UCBs handling PEP relationships

What is the new record retention period for transaction records under PMLA 2009?

Transaction records must be maintained for at least 10 years from the date of the transaction between the bank and the client.

How should banks handle an existing customer who becomes a Politically Exposed Person (PEP)?

Banks must obtain senior management approval to continue the business relationship and subject the account to enhanced CDD measures and ongoing monitoring.

What access should the Principal Officer have to comply with these rules?

The Principal Officer and appropriate staff must have timely access to customer identification data, CDD information, transaction records, and other relevant information to discharge their responsibilities.

Track this rule
⏳ How this rule evolved — History Map →Full RBI rulebook crosswalk →
AI-drafted · 3-model AI consensus fact-check · under the editorial review of Vikram Jain · decoded & published by BankPulse · 20 Jun 2026, 17:46 IST
Official RBI source: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=5372&Mode=0 — Plain-English summary by BankPulse (bankpulse.ai), reviewed by Vikram Jain. Independent platform, not affiliated with the Reserve Bank of India; never reproduces RBI text verbatim.