Bankpulse
BanksHomeSearchLatestCo-pilotRankingsCrosswalkHistoryWithdrawnDashboardsRBI UniverseMethodologyGlossaryCircularsAskAnswersChangelogReviewsAbout
HomeCirculars › RBI/2009-10/285

PMLA Rules Amended: New KYC & NPO Reporting Norms

Live · in forceNo withdrawal recorded as of 20 Jun 2026. Reviewed by Vikram Jain; always verify against the official RBI source below.
Issued by RBI: 12 Jan 2010  ·  Decoded by BankPulse: 20 Jun 2026, 17:09 IST
⏱ ~2 min read
📄 Official RBI source ↗
Quick answerRBI mandates banks to maintain records of NPO receipts over ₹10 lakh, report monthly to FIU-IND, verify walk-in customer identity for transactions ≥₹50,000, and keep STR confidentiality. Record retention extended to 10 years.

What changed

The PMLA Rules 2005 were amended effective November 12, 2009. Key changes include: a definition for 'non-profit organization' added; banks must record all NPO receipts exceeding ₹10 lakh and report monthly to FIU-IND; record retention period extended to 10 years; confidentiality mandated for suspicious transaction reports; identity verification required for walk-in customers for transactions of ₹50,000 or more; and the proviso allowing delayed verification of identity was deleted.

What it means for you

Banks must now closely monitor NPO transactions above ₹10 lakh and submit monthly reports, increasing compliance burden. Walk-in customer KYC for transactions ≥₹50,000 becomes mandatory, and structuring transactions below this threshold may trigger STR filing. The 10-year record retention and strict confidentiality rules require robust data management and training.

What you must do

Who it affects

All scheduled commercial banks (excluding RRBs), Financial institutions, Local area banks, Compliance and AML teams, Branch staff handling cash transactions

What is the new reporting requirement for non-profit organizations?

Banks must maintain records of all transactions involving receipts by non-profit organizations exceeding ₹10 lakh (or equivalent in foreign currency) and report these to FIU-IND every month by the 15th of the succeeding month.

How should we handle walk-in customers under the amended rules?

For any transaction by a walk-in customer of ₹50,000 or more, whether single or connected, you must verify their identity and address. If you suspect structuring below this threshold, verify identity and consider filing a suspicious transaction report.

What is the new record retention period?

Records referred to in Rule 3 must be maintained for ten years from the date of the transaction between the client and the bank or financial institution.

Track this rule
⏳ How this rule evolved — History Map →Full RBI rulebook crosswalk →
AI-drafted · 3-model AI consensus fact-check · under the editorial review of Vikram Jain · decoded & published by BankPulse · 20 Jun 2026, 17:09 IST
Official RBI source: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=5457&Mode=0 — Plain-English summary by BankPulse (bankpulse.ai), reviewed by Vikram Jain. Independent platform, not affiliated with the Reserve Bank of India; never reproduces RBI text verbatim.