AML/CFT for crypto service providers

What are the record keeping requirements for customer due diligence (CDD) in the UK?

"You need to keep a record of all customer due diligence measures that you carry out, including:

  • customer identification documents that you’ve obtained
  • risk assessments
  • your policies, controls and procedures
  • training records

By keeping comprehensive records you’ll be able to show that your business has complied with the Money Laundering Regulations. This is crucial to protect your business if there’s an investigation into one of your customers.

The types of record you keep may include:

  • daily records of transactions
  • receipts
  • cheques
  • paying-in books
  • customer correspondence

The formats that you can keep your records in are:

  • originals
  • photocopies
  • microfiche
  • scanned
  • computerised or electronic

You must keep your records for five years beginning from:

  • the date a business relationship ends
  • the date a transaction is completed"

Source: GOV.UK, last revised 4 August 2021