• AMLG Part 7.1 AMLG Part 7.1 General record-keeping obligations

    • AMLG 7.1.1 Records about compliance

      (1) A firm must make the records necessary:
      (a) to enable it to comply with the AML/CFT Law and these rules; and
      (b) to demonstrate at any time whether the firm has complied with the AML/CFT Law and these rules.
      (2) Without limiting rule (1) (b), the firm must make the records necessary to demonstrate how:
      (a) the key AML/CFT principles in Part 1.2 have been complied with;
      (b) the firm's senior management has complied with responsibilities under the AML/CFT Law and these rules;
      (c) the firm's risk-based approach has been designed and implemented;
      (d) each of the firm's risks have been mitigated;
      (e) CDD and ongoing reviews were conducted for each customer; and
      (f) CDD and ongoing monitoring were enhanced where required by the AML/CFT Law or these rules.
      Examples of records that must be kept
      1 documents and data obtained while conducting CDD
      2 account files
      3 business correspondence
      4 results of analysis of suspicious transaction reports
      Note See also rule 5.1.10 for reporting records to be made by MLRO.
      Derived by QFCRA RM/2019-9 (as from 1st February 2020)

    • AMLG 7.1.2 How long records must be kept

      (1) All records made by a firm for the AML/CFT Law or these rules must be kept for at least 10 years after the day they are made.
      (2) All records made by a firm in relation to a customer for the purposes of AML/CFT Law or these rules must be kept for at least the longer of the following:
      (a) if the firm has (or has had) a business relationship with the customer — 10 years after the day the business relationship with the customer ends;
      (b) if the firm has not had a business relationship with the customer or had a business relationship with the customer and carried out a one-off transaction for the customer after the relationship ended — 10 years after the day the firm last completed a transaction with or for the customer.
      (3) If the day the business relationship with the customer ended is unclear, it is taken to have ended on the day the firm last completed a transaction for or with the customer.
      (4) This rule is subject to rule 5.1.8 (Obligation not to destroy records relating to customer under investigation).
      Derived by QFCRA RM/2019-9 (as from 1st February 2020)

    • AMLG 7.1.3 Retrieval of records

      (1) A firm must ensure that all types of records kept for the AML/CFT Law and these rules can be retrieved without undue delay.
      (2) Without limiting subrule (1), a firm must establish and maintain systems that enable it to respond fully and quickly to inquiries from the FIU and law enforcement authorities about:
      (a) whether it maintains, or has maintained during the previous 10 years, a business relationship with any person; and
      (b) the nature of the relationship.
      Derived by QFCRA RM/2019-9 (as from 1st February 2020)